Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VtZ0AXz18yVZ7l0pMi2ZiKUtziY.roa
File: VtZ0AXz18yVZ7l0pMi2ZiKUtziY.roa (raw, json)
Hash identifier: 8rs1svnfFw6ZMnRLx45NmIaiOmkfHM98g4EO8QYxyz0=
Subject key identifier: 56:D6:74:01:7C:F5:F3:25:59:EE:5D:29:32:2D:99:88:A5:2D:CE:26
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0192E6DA57AA7E0BC060665ADE516EC246B8
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VtZ0AXz18yVZ7l0pMi2ZiKUtziY.roa
Signing time: Fri 01 Nov 2024 08:32:01 +0000
ROA not before: Fri 01 Nov 2024 08:32:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 87.120.68.0/23 maxlen: 24
93.123.74.0/23 maxlen: 24
94.156.10.0/24 maxlen: 24
185.252.160.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 02 Nov 2024 03:55:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e6:da:57:aa:7e:0b:c0:60:66:5a:de:51:6e:c2:46:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 1 08:32:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=56d674017cf5f32559ee5d29322d9988a52dce26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:57:be:9a:ba:b9:2d:d4:ab:6e:c2:25:e5:5f:
4a:62:2a:94:dc:b8:64:08:03:ae:56:02:a9:a6:30:
1b:12:be:34:3c:63:3f:a7:00:69:98:b3:cf:55:13:
37:3f:4d:4a:43:1e:eb:3a:7d:5a:a0:da:35:5b:16:
50:f4:72:b5:73:57:6f:7f:7b:52:9d:2a:58:d6:77:
62:9a:9e:af:35:82:44:af:52:f5:74:a0:44:a8:df:
b6:30:94:b8:65:01:63:7c:40:b7:bf:63:48:a3:0d:
f4:e5:83:9f:53:6c:f6:ab:35:16:ea:2b:b5:a6:53:
60:f0:bb:33:c3:df:2a:5b:97:83:96:f9:96:76:35:
1a:57:5f:12:05:42:08:e5:c1:dd:dc:cb:17:e2:72:
97:b4:be:61:c5:29:6f:eb:75:c5:74:e2:06:c3:46:
94:2b:45:53:bb:37:ea:26:ff:6d:b1:a5:3b:b8:5c:
1e:88:29:2e:ef:18:fa:e5:d2:72:d6:72:13:1d:3e:
5b:9b:a6:6d:31:24:2d:f8:40:a0:1f:20:4a:83:20:
09:21:28:0b:01:81:f7:f8:8d:bb:2d:67:d3:e2:c9:
5b:58:dc:6d:8d:e9:ac:6d:b4:b5:2b:7a:82:cc:66:
0b:44:76:23:28:e5:7e:20:0d:d5:5d:66:53:91:53:
89:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:D6:74:01:7C:F5:F3:25:59:EE:5D:29:32:2D:99:88:A5:2D:CE:26
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/VtZ0AXz18yVZ7l0pMi2ZiKUtziY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.68.0/23
93.123.74.0/23
94.156.10.0/24
185.252.160.0/23
Signature Algorithm: sha256WithRSAEncryption
89:37:b2:86:a4:f5:82:e9:79:cc:50:c2:70:24:82:a2:f7:9c:
a1:14:1b:6a:45:4e:1f:6b:70:f5:06:55:f5:dd:14:6e:18:c9:
b5:76:80:67:3b:8e:f4:df:b0:e1:0b:f6:e5:3c:35:8b:c6:90:
ee:5f:67:fe:b1:26:10:07:4a:29:69:06:60:67:ab:03:0f:a8:
9c:86:8a:a8:ef:01:ea:45:84:dd:b1:f6:5e:71:3d:25:dc:b3:
5d:59:c1:5a:31:89:2e:e9:45:54:65:9f:94:66:e1:cf:ce:b2:
a2:d3:64:d7:e3:fc:59:62:f0:65:d2:02:d9:5d:fc:7c:bf:ba:
db:01:78:fe:fe:0f:a8:c9:35:b8:31:d4:6a:7e:0c:09:6a:10:
86:0c:e0:ab:7f:9a:29:b6:fc:21:75:2a:f9:2e:e6:1c:c8:a7:
91:a6:58:ef:9d:c2:bb:74:1b:5e:39:c5:af:65:d9:62:76:6e:
7a:df:57:f7:c9:90:19:4b:b5:b0:0f:37:04:52:fd:b8:67:e9:
37:d1:23:73:f1:2f:1f:4c:de:16:c5:48:b5:3a:93:ca:ae:57:
30:ae:50:c5:51:a5:fe:03:97:68:ff:f2:2c:dd:6a:c7:6e:6c:
9a:93:78:7e:75:8c:08:28:c5:8e:87:6d:89:3b:9c:6b:c3:9f:
3a:6d:97:2f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZLm2leqfgvAYGZa3lFuwka4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMTAxMDgzMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmQ2NzQwMTdjZjVmMzI1NTllZTVkMjkzMjJkOTk4OGE1MmRjZTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnle+mrq5LdSrbsIl5V9KYiqU3Lhk
CAOuVgKppjAbEr40PGM/pwBpmLPPVRM3P01KQx7rOn1aoNo1WxZQ9HK1c1dvf3tS
nSpY1ndimp6vNYJEr1L1dKBEqN+2MJS4ZQFjfEC3v2NIow305YOfU2z2qzUW6iu1
plNg8Lszw98qW5eDlvmWdjUaV18SBUII5cHd3MsX4nKXtL5hxSlv63XFdOIGw0aU
K0VTuzfqJv9tsaU7uFweiCku7xj65dJy1nITHT5bm6ZtMSQt+ECgHyBKgyAJISgL
AYH3+I27LWfT4slbWNxtjemsbbS1K3qCzGYLRHYjKOV+IA3VXWZTkVOJ8QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFbWdAF89fMlWe5dKTItmYilLc4mMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVnRaMEFYejE4eVZaN2wwcE1pMlppS1V0emlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBV3hEAwQB
XXtKAwQAXpwKAwQBufygMA0GCSqGSIb3DQEBCwUAA4IBAQCJN7KGpPWC6XnMUMJw
JIKi95yhFBtqRU4fa3D1BlX13RRuGMm1doBnO47037DhC/blPDWLxpDuX2f+sSYQ
B0opaQZgZ6sDD6ichoqo7wHqRYTdsfZecT0l3LNdWcFaMYku6UVUZZ+UZuHPzrKi
02TX4/xZYvBl0gLZXfx8v7rbAXj+/g+oyTW4MdRqfgwJahCGDOCrf5optvwhdSr5
LuYcyKeRpljvncK7dBteOcWvZdlidm5631f3yZAZS7WwDzcEUv24Z+k30SNz8S8f
TN4WxUi1OpPKrlcwrlDFUaX+A5do//Is3WrHbmyak3h+dYwIKMWOh22JO5xrw586
bZcv
-----END CERTIFICATE-----
Generated at Sat Nov 2 05:46:12 2024 by rpki-client on console-ams.rpki-client.org