Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VqJEQXvzjsPp-Bq16x0ebVWuccc.roa
File: VqJEQXvzjsPp-Bq16x0ebVWuccc.roa (raw, json)
Hash identifier: cFh2/xwhsPlJGIYRoWl7MhkSSMeHjUbeYH+ibrgVeJM=
Subject key identifier: 56:A2:44:41:7B:F3:8E:C3:E9:F8:1A:B5:EB:1D:1E:6D:55:AE:71:C7
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018DF431EB8682BAB753CBFAD2CFA8B630CA
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VqJEQXvzjsPp-Bq16x0ebVWuccc.roa
Signing time: Thu 29 Feb 2024 09:28:48 +0000
ROA not before: Thu 29 Feb 2024 09:28:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200105
IP address blocks: 87.121.124.0/23 maxlen: 24
91.200.192.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 15:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f4:31:eb:86:82:ba:b7:53:cb:fa:d2:cf:a8:b6:30:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 29 09:28:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=56a244417bf38ec3e9f81ab5eb1d1e6d55ae71c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:2d:84:04:a9:30:1b:2e:60:c9:a0:60:d4:8b:
d1:f3:42:62:ed:f2:4f:23:05:42:1b:71:82:75:f3:
ff:99:c8:3d:87:b9:74:e2:7b:5d:99:ea:60:6b:ae:
5c:66:3d:4f:2d:51:e8:e4:bb:08:d6:83:68:8d:48:
4a:48:d0:fb:85:90:7e:ec:76:6c:01:25:3c:ce:97:
90:4e:e1:98:c4:89:bb:7b:58:9a:33:3b:bc:af:10:
e8:f5:65:18:53:86:d2:6f:fd:f9:ac:38:01:bd:0b:
c5:ff:82:ca:4b:96:59:3f:c8:d1:b7:71:92:cd:47:
d7:5d:3c:13:53:57:1d:a3:fa:c0:ad:8d:3e:cb:99:
37:66:aa:e0:24:39:29:c1:5c:a8:6a:69:98:64:8d:
8a:08:61:6b:1b:41:47:4b:f0:30:93:d7:aa:12:33:
fa:05:c0:d3:9f:85:12:95:92:f9:35:eb:3d:a4:3a:
bd:4b:99:82:fe:76:43:a3:78:93:73:41:b2:c0:f7:
08:87:d6:7c:b2:4a:75:66:cc:e4:30:78:9f:ba:39:
37:b0:fc:75:9b:06:8f:b0:3c:00:64:37:d4:ae:e6:
3c:58:dc:4c:97:9b:52:60:70:13:03:75:f0:cc:4d:
6e:be:e2:0d:fd:5f:f7:33:d6:fd:b8:a9:50:e1:be:
fd:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:A2:44:41:7B:F3:8E:C3:E9:F8:1A:B5:EB:1D:1E:6D:55:AE:71:C7
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VqJEQXvzjsPp-Bq16x0ebVWuccc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.121.124.0/23
91.200.192.0/22
Signature Algorithm: sha256WithRSAEncryption
82:f4:07:83:76:67:8e:24:d7:53:bf:da:71:ad:ca:b7:7d:27:
02:e9:12:c2:73:8d:b4:6c:8e:9c:3e:a8:87:ce:21:06:1b:0f:
a8:3c:1d:19:72:48:d5:c6:58:98:e4:57:71:d0:78:8e:a7:ce:
f3:58:0a:3f:a8:52:f5:07:cc:85:51:8b:69:f2:e4:f5:1d:92:
37:21:e9:a3:22:82:b8:af:be:ae:54:04:aa:50:01:e2:03:4d:
b5:23:bc:90:d3:d7:b2:6a:b3:74:92:6d:56:3b:5d:aa:14:f8:
64:93:10:42:16:59:0b:8a:4f:2b:d2:cc:8a:1d:ae:d1:8c:a9:
cf:ed:c1:b3:bb:2b:27:59:68:87:0d:77:35:ef:6d:44:21:95:
5b:5f:ae:86:04:41:83:0a:a2:da:5a:11:0b:0a:4e:58:29:20:
cb:ab:d8:f8:94:96:ba:90:03:0b:0c:fe:b1:58:2b:b4:a5:b0:
4c:69:b4:d9:19:d8:61:a6:5a:b4:97:bb:11:27:81:cb:d0:d7:
c2:d0:5e:f9:5c:5f:c6:1d:52:4e:b3:a4:da:bf:41:58:9e:7b:
f7:6a:65:0b:cc:70:5c:e5:4a:8b:9f:83:b0:83:14:6d:d1:12:
9a:23:2f:82:6b:73:14:79:66:fa:b1:d9:9a:f2:2c:21:31:0e:
ea:87:3d:91
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY30MeuGgrq3U8v60s+otjDKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjI5MDkyODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmEyNDQ0MTdiZjM4ZWMzZTlmODFhYjVlYjFkMWU2ZDU1YWU3MWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyi2EBKkwGy5gyaBg1IvR80Ji7fJP
IwVCG3GCdfP/mcg9h7l04ntdmepga65cZj1PLVHo5LsI1oNojUhKSND7hZB+7HZs
ASU8zpeQTuGYxIm7e1iaMzu8rxDo9WUYU4bSb/35rDgBvQvF/4LKS5ZZP8jRt3GS
zUfXXTwTU1cdo/rArY0+y5k3ZqrgJDkpwVyoammYZI2KCGFrG0FHS/Awk9eqEjP6
BcDTn4USlZL5Nes9pDq9S5mC/nZDo3iTc0GywPcIh9Z8skp1ZszkMHifujk3sPx1
mwaPsDwAZDfUruY8WNxMl5tSYHATA3XwzE1uvuIN/V/3M9b9uKlQ4b79IwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFaiREF7847D6fgatesdHm1VrnHHMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVnFKRVFYdnpqc1BwLUJxMTZ4MGViVld1Y2NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBV3l8AwQC
W8jAMA0GCSqGSIb3DQEBCwUAA4IBAQCC9AeDdmeOJNdTv9pxrcq3fScC6RLCc420
bI6cPqiHziEGGw+oPB0ZckjVxliY5Fdx0HiOp87zWAo/qFL1B8yFUYtp8uT1HZI3
IemjIoK4r76uVASqUAHiA021I7yQ09eyarN0km1WO12qFPhkkxBCFlkLik8r0syK
Ha7RjKnP7cGzuysnWWiHDXc1721EIZVbX66GBEGDCqLaWhELCk5YKSDLq9j4lJa6
kAMLDP6xWCu0pbBMabTZGdhhplq0l7sRJ4HL0NfC0F75XF/GHVJOs6Tav0FYnnv3
amULzHBc5UqLn4OwgxRt0RKaIy+Ca3MUeWb6sdma8iwhMQ7qhz2R
-----END CERTIFICATE-----
Generated at Thu Feb 29 19:07:31 2024 by rpki-client on console-ams.rpki-client.org