Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YvOh3Pzrw7nd6cP49hIiaAVwuKQ.roa
File: YvOh3Pzrw7nd6cP49hIiaAVwuKQ.roa (raw, json)
Hash identifier: /16G8FYlVH4D0XSny4/xhwueBWVMWlJFPvV2cqzDxEQ=
Subject key identifier: 62:F3:A1:DC:FC:EB:C3:B9:DD:E9:C3:F8:F6:12:22:68:05:70:B8:A4
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019266F424F7AD037DC22B2C96991E874BC1
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YvOh3Pzrw7nd6cP49hIiaAVwuKQ.roa
Signing time: Mon 07 Oct 2024 12:28:49 +0000
ROA not before: Mon 07 Oct 2024 12:28:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214943
IP address blocks: 87.120.84.0/24 maxlen: 24
94.156.177.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
185.216.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Oct 2024 09:03:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:66:f4:24:f7:ad:03:7d:c2:2b:2c:96:99:1e:87:4b:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 7 12:28:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62f3a1dcfcebc3b9dde9c3f8f61222680570b8a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d5:05:63:22:28:b3:8f:cf:59:3b:22:59:9d:
87:c3:f2:20:a7:9d:62:6a:18:27:bb:ea:d1:b1:57:
fc:50:00:2b:18:88:0c:3a:85:f8:07:05:4e:ee:7d:
73:cf:1e:a8:e5:73:32:79:c9:b7:17:ea:c0:fb:31:
24:04:60:f4:86:a0:c6:8c:86:d6:d3:9f:4b:9d:48:
cb:00:24:5a:dd:36:b1:e3:5f:9e:e7:c9:3d:cc:64:
53:fd:8d:1a:3c:07:92:9d:3e:4d:3e:a2:5e:0b:48:
30:04:f2:1e:87:e0:a3:cc:49:a6:d2:d9:db:36:af:
ad:fa:23:ed:1a:06:69:d4:45:ff:07:03:60:d3:b8:
fb:d8:88:9f:6f:cd:95:a3:48:3d:c9:a4:7b:df:2a:
12:5c:61:da:72:b2:c5:d0:b1:54:a0:57:ce:81:37:
51:f6:c1:db:50:63:f7:7b:0c:b8:79:37:92:6e:26:
87:ce:e1:62:00:75:1c:be:74:1a:45:0e:52:58:12:
24:e9:c2:54:75:e0:ff:1c:a4:37:98:7e:3c:11:22:
74:5e:4e:dc:68:f1:e5:4a:1f:89:af:ae:7d:d5:b0:
4e:20:1b:b9:42:ba:df:db:79:1b:3b:d5:56:a2:a5:
0f:3e:ec:8c:df:ff:ab:13:9d:f3:04:ee:4b:bd:2d:
3d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:F3:A1:DC:FC:EB:C3:B9:DD:E9:C3:F8:F6:12:22:68:05:70:B8:A4
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YvOh3Pzrw7nd6cP49hIiaAVwuKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.84.0/24
94.156.177.0/24
178.215.236.0/24
185.216.71.0/24
Signature Algorithm: sha256WithRSAEncryption
48:ce:2e:98:da:da:a8:02:24:5f:a6:a4:5c:d2:3a:b7:9f:50:
d5:ae:42:f0:f5:59:de:61:e8:bc:cf:ec:99:d2:6c:fe:68:de:
dd:31:f9:f2:28:be:8c:e4:55:2c:45:1e:c6:2a:0f:71:14:d9:
14:23:e4:d3:b8:04:07:e7:14:dd:b4:17:25:5b:33:e8:58:53:
fe:71:93:5f:94:85:ad:ef:8c:cd:54:d8:7d:e6:e4:30:e8:0f:
20:a2:e6:24:91:a8:ef:e7:0b:9f:83:49:40:96:e7:e1:a2:c9:
4d:ad:85:eb:63:56:7e:88:1b:38:73:87:0b:da:25:be:21:eb:
70:ca:73:78:09:2e:00:3a:6c:4e:e5:ae:8f:3f:df:ed:23:a5:
cb:78:9a:38:45:0d:49:f9:a2:42:37:24:5d:36:84:53:bf:2e:
4d:d5:a0:58:82:9c:8e:e4:9a:f3:dc:76:02:61:fa:8e:52:7e:
47:d6:99:e4:5f:cb:5b:ac:97:e2:d9:0c:a0:0a:75:88:ce:2b:
41:9c:cf:bc:92:b9:7a:61:8e:c0:48:2b:68:b8:76:45:76:d5:
54:d2:f0:43:8b:66:c7:da:12:02:21:83:2b:94:21:3d:42:2c:
73:30:2a:d0:00:85:82:e3:0d:90:42:2e:30:17:1e:a2:db:e5:
c1:f1:b3:cf
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZJm9CT3rQN9wisslpkeh0vBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMDA3MTIyODQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmYzYTFkY2ZjZWJjM2I5ZGRlOWMzZjhmNjEyMjI2ODA1NzBiOGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtUFYyIos4/PWTsiWZ2Hw/Igp51i
ahgnu+rRsVf8UAArGIgMOoX4BwVO7n1zzx6o5XMyecm3F+rA+zEkBGD0hqDGjIbW
059LnUjLACRa3Tax41+e58k9zGRT/Y0aPAeSnT5NPqJeC0gwBPIeh+CjzEmm0tnb
Nq+t+iPtGgZp1EX/BwNg07j72Iifb82Vo0g9yaR73yoSXGHacrLF0LFUoFfOgTdR
9sHbUGP3ewy4eTeSbiaHzuFiAHUcvnQaRQ5SWBIk6cJUdeD/HKQ3mH48ESJ0Xk7c
aPHlSh+Jr6591bBOIBu5Qrrf23kbO9VWoqUPPuyM3/+rE53zBO5LvS09BQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGLzodz868O53enD+PYSImgFcLikMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWXZPaDNQenJ3N25kNmNQNDloSWlhQVZ3dUtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAV3hUAwQA
XpyxAwQAstfsAwQAudhHMA0GCSqGSIb3DQEBCwUAA4IBAQBIzi6Y2tqoAiRfpqRc
0jq3n1DVrkLw9VneYei8z+yZ0mz+aN7dMfnyKL6M5FUsRR7GKg9xFNkUI+TTuAQH
5xTdtBclWzPoWFP+cZNflIWt74zNVNh95uQw6A8gouYkkajv5wufg0lAlufhoslN
rYXrY1Z+iBs4c4cL2iW+IetwynN4CS4AOmxO5a6PP9/tI6XLeJo4RQ1J+aJCNyRd
NoRTvy5N1aBYgpyO5Jrz3HYCYfqOUn5H1pnkX8tbrJfi2QygCnWIzitBnM+8krl6
YY7ASCtouHZFdtVU0vBDi2bH2hICIYMrlCE9QixzMCrQAIWC4w2QQi4wFx6i2+XB
8bPP
-----END CERTIFICATE-----
Generated at Tue Oct 29 11:58:33 2024 by rpki-client on console-ams.rpki-client.org