Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Xu15I1HJItXPAn6ZQH8eMYiiXQw.roa
File: Xu15I1HJItXPAn6ZQH8eMYiiXQw.roa (raw, json)
Hash identifier: Qt6rrG/pRLu54bwTpuUU8qszGQvEwYo4EKK8gfjZMjs=
Subject key identifier: 5E:ED:79:23:51:C9:22:D5:CF:02:7E:99:40:7F:1E:31:88:A2:5D:0C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0191279A8A19BDBF5A50F8021C853E730276
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Xu15I1HJItXPAn6ZQH8eMYiiXQw.roa
Signing time: Tue 06 Aug 2024 12:12:04 +0000
ROA not before: Tue 06 Aug 2024 12:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57043
IP address blocks: 87.120.33.0/24 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
91.92.16.0/24 maxlen: 24
94.103.127.0/24 maxlen: 24
94.156.2.0/24 maxlen: 24
94.156.113.0/24 maxlen: 24
193.58.120.0/24 maxlen: 24
194.31.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 Aug 2024 08:56:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:27:9a:8a:19:bd:bf:5a:50:f8:02:1c:85:3e:73:02:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 6 12:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5eed792351c922d5cf027e99407f1e3188a25d0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:3f:85:72:65:cd:f5:b6:93:b8:d6:69:c0:4e:
9e:c8:39:6f:aa:d3:76:d3:c0:b6:c8:b6:5d:29:1f:
7b:fb:6a:22:60:32:6c:40:90:a3:24:a5:c5:bf:dd:
3e:42:3e:44:15:03:01:a9:ab:a6:2d:85:a2:d1:1f:
63:fe:67:e9:7f:38:c7:95:f5:92:d2:1c:c8:c0:93:
4a:02:c5:da:b3:e4:12:75:1d:f8:f7:f1:d7:5c:09:
9f:84:16:0f:d1:49:b7:f8:1a:f8:30:ce:fc:b8:a2:
79:b0:b9:06:30:6c:b3:a1:91:d3:cc:c0:02:b2:33:
f1:ac:57:ed:20:b2:b4:4d:32:f8:94:23:8e:11:14:
b8:8c:51:4a:1d:30:c3:a0:26:01:dc:e7:41:e6:4c:
0f:47:f6:ee:ba:4a:f1:24:08:4d:2b:39:f4:c8:b1:
f0:68:16:12:9d:15:73:bc:35:a4:df:1d:80:49:fe:
6e:29:6e:60:5e:36:e5:d9:be:34:e5:d8:23:5b:84:
9d:bf:6b:5b:6a:9f:77:6e:e2:41:d5:3e:18:e1:4a:
be:37:60:d1:40:bc:23:db:53:c4:9c:42:35:d0:c2:
75:a5:02:ed:d8:1c:66:42:1d:0b:27:1d:c8:51:94:
12:ac:d6:f5:98:bd:2d:df:bd:05:25:0b:88:e0:4f:
20:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:ED:79:23:51:C9:22:D5:CF:02:7E:99:40:7F:1E:31:88:A2:5D:0C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Xu15I1HJItXPAn6ZQH8eMYiiXQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.33.0/24
87.121.38.0/24
87.121.45.0/24
91.92.16.0/24
94.103.127.0/24
94.156.2.0/24
94.156.113.0/24
193.58.120.0/24
194.31.204.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:96:82:06:37:26:09:51:79:82:c0:4e:ae:ef:a8:a8:16:12:
6d:67:6e:9d:db:1a:b2:a6:a1:ba:e5:a8:1c:9d:12:36:25:63:
6e:f8:15:59:65:55:fd:82:d7:84:f8:16:53:57:72:dd:32:b3:
6d:df:11:b3:e6:99:e8:93:7a:3b:ac:f8:bf:71:92:38:70:33:
af:b5:88:a5:ae:18:96:c3:a1:b7:d8:92:a0:61:cb:b6:b4:6a:
57:7f:bf:cf:ab:5b:94:fe:f2:df:ce:dd:f0:61:3e:ca:77:45:
82:2d:6f:f7:e2:78:5e:ea:c8:34:51:59:fa:47:eb:ee:1f:2b:
9f:2c:e1:dd:b7:58:b2:89:98:7f:79:83:01:c2:a1:e6:1f:6b:
10:2d:02:8b:e7:0e:c4:cb:64:56:bf:0c:04:e4:6b:d2:03:67:
4d:2b:da:c8:22:cb:3b:60:85:f8:df:2f:1e:2d:7b:e7:12:a6:
c5:de:6c:15:46:e2:0b:c2:c4:59:df:23:cc:d4:c3:54:69:68:
b8:16:02:dc:5e:68:c4:e8:57:5a:3f:b9:31:75:40:ae:5e:6b:
16:4d:e1:d8:89:c5:4d:5d:4d:d9:ab:33:e8:85:ba:6b:a7:7a:
cf:88:31:25:4f:dd:d6:ef:28:f2:d6:dd:c5:a9:07:cd:95:27:
61:82:fc:23
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZEnmooZvb9aUPgCHIU+cwJ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwODA2MTIxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWVkNzkyMzUxYzkyMmQ1Y2YwMjdlOTk0MDdmMWUzMTg4YTI1ZDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjT+FcmXN9baTuNZpwE6eyDlvqtN2
08C2yLZdKR97+2oiYDJsQJCjJKXFv90+Qj5EFQMBqaumLYWi0R9j/mfpfzjHlfWS
0hzIwJNKAsXas+QSdR349/HXXAmfhBYP0Um3+Br4MM78uKJ5sLkGMGyzoZHTzMAC
sjPxrFftILK0TTL4lCOOERS4jFFKHTDDoCYB3OdB5kwPR/buukrxJAhNKzn0yLHw
aBYSnRVzvDWk3x2ASf5uKW5gXjbl2b405dgjW4Sdv2tbap93buJB1T4Y4Uq+N2DR
QLwj21PEnEI10MJ1pQLt2BxmQh0LJx3IUZQSrNb1mL0t370FJQuI4E8gOQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFF7teSNRySLVzwJ+mUB/HjGIol0MMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWHUxNUkxSEpJdFhQQW42WlFIOGVNWWlpWFF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAV3ghAwQA
V3kmAwQAV3ktAwQAW1wQAwQAXmd/AwQAXpwCAwQAXpxxAwQAwTp4AwQAwh/MMA0G
CSqGSIb3DQEBCwUAA4IBAQA6loIGNyYJUXmCwE6u76ioFhJtZ26d2xqypqG65agc
nRI2JWNu+BVZZVX9gteE+BZTV3LdMrNt3xGz5pnok3o7rPi/cZI4cDOvtYilrhiW
w6G32JKgYcu2tGpXf7/Pq1uU/vLfzt3wYT7Kd0WCLW/34nhe6sg0UVn6R+vuHyuf
LOHdt1iyiZh/eYMBwqHmH2sQLQKL5w7Ey2RWvwwE5GvSA2dNK9rIIss7YIX43y8e
LXvnEqbF3mwVRuILwsRZ3yPM1MNUaWi4FgLcXmjE6FdaP7kxdUCuXmsWTeHYicVN
XU3ZqzPohbprp3rPiDElT93W7yjy1t3FqQfNlSdhgvwj
-----END CERTIFICATE-----
Generated at Fri Aug 9 12:13:07 2024 by rpki-client on console-fra.rpki-client.org