Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Z5-b2MVQr7u-UDM496wFsrzGhEk.roa
File: Z5-b2MVQr7u-UDM496wFsrzGhEk.roa (raw, json)
Hash identifier: oQlj7RrApTeCsvqsAkBZQkjMhjEOFHZH6QphiX7s2SQ=
Subject key identifier: 67:9F:9B:D8:C5:50:AF:BB:BE:50:33:38:F7:AC:05:B2:BC:C6:84:49
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0190777D9B424C8FBA2A649B784DD0F015F4
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Z5-b2MVQr7u-UDM496wFsrzGhEk.roa
Signing time: Wed 03 Jul 2024 07:27:18 +0000
ROA not before: Wed 03 Jul 2024 07:27:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 87.120.68.0/23 maxlen: 24
93.123.74.0/23 maxlen: 24
93.123.119.0/24 maxlen: 24
185.252.160.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 06 Jul 2024 06:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:77:7d:9b:42:4c:8f:ba:2a:64:9b:78:4d:d0:f0:15:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 3 07:27:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=679f9bd8c550afbbbe503338f7ac05b2bcc68449
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:9d:4a:01:8c:ec:5c:ae:e5:17:4d:c2:b2:b3:
36:e0:7b:9f:64:0a:9f:79:0d:f3:61:9b:fc:85:e4:
1c:e9:42:bb:28:a3:85:45:cc:8e:15:93:d9:c0:4d:
2d:09:66:29:a9:74:b1:79:01:6a:1e:fc:28:bf:23:
73:5f:d8:e0:46:7f:80:3f:a6:d5:fe:58:68:26:95:
c4:fc:3d:9b:23:72:a2:59:f6:3c:a1:b8:ac:08:d6:
81:0a:35:69:4f:72:20:5b:ce:3f:55:c5:f8:8f:f6:
1c:5e:df:70:22:2f:b3:b5:29:d0:c6:ef:db:2c:66:
c7:c5:43:ac:b8:e4:ef:f7:5c:0d:a7:c1:ab:7d:49:
b1:fd:ef:3a:87:0d:54:5e:45:1e:ce:e2:80:2d:66:
09:03:b6:08:1d:80:c4:b0:a1:90:b4:39:17:df:ab:
48:97:cc:f8:73:07:37:67:f7:da:a6:7d:64:bd:b5:
17:c7:ff:f8:5a:95:66:ac:5c:d6:d7:66:db:e0:c1:
6e:fa:a0:23:a0:66:ef:72:3b:e2:5e:51:63:eb:9d:
cf:8f:21:37:3c:b0:5d:d4:a5:27:7b:29:e2:c4:00:
cf:8e:e8:7b:6f:fc:51:06:bd:a8:6f:49:58:20:cf:
8a:24:e8:6a:a7:6c:ba:f0:33:d7:36:9c:d0:80:62:
2a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:9F:9B:D8:C5:50:AF:BB:BE:50:33:38:F7:AC:05:B2:BC:C6:84:49
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Z5-b2MVQr7u-UDM496wFsrzGhEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.68.0/23
93.123.74.0/23
93.123.119.0/24
185.252.160.0/23
Signature Algorithm: sha256WithRSAEncryption
9c:7e:f9:5e:61:bc:5c:5d:cf:7a:77:39:44:f9:21:7d:2b:55:
2f:69:01:c1:7c:64:5c:b8:c7:0e:9a:9e:4c:18:08:fb:ec:7c:
90:ff:7d:f4:38:68:8f:25:1c:77:12:c0:9e:c7:aa:95:5a:9b:
c5:06:39:6e:a0:a9:2e:eb:ca:ce:40:b1:eb:dc:9b:90:8a:4d:
98:be:67:13:5e:3c:7e:02:0f:6e:6d:36:76:70:51:e5:57:72:
b3:0a:ac:d8:d7:30:bb:48:f1:66:09:2d:30:11:4f:55:c0:25:
b3:1b:3e:3b:48:c6:63:73:21:55:04:ac:43:51:29:f3:b9:89:
e3:17:a6:bd:92:b5:84:34:11:4d:eb:94:d6:65:52:47:f8:38:
c2:fd:ce:fd:f2:3c:10:42:bb:11:51:3f:b8:76:7b:ee:54:90:
1f:a1:ae:c4:90:a0:70:e4:e2:31:cc:a0:41:11:7e:15:46:d2:
fb:8f:cd:be:61:43:44:34:a8:32:5a:23:4e:09:4d:1d:bd:02:
72:65:bf:6c:83:0a:1e:f4:68:5a:c5:87:f7:e2:53:b5:1d:71:
92:f2:41:fa:1b:f6:e1:54:6c:ce:2b:45:7f:09:67:2b:f2:de:
28:b5:b3:0b:68:3c:67:32:05:22:a0:46:59:d4:d6:17:e7:c4:
e5:bb:24:c7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZB3fZtCTI+6KmSbeE3Q8BX0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNzAzMDcyNzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzlmOWJkOGM1NTBhZmJiYmU1MDMzMzhmN2FjMDViMmJjYzY4NDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwp1KAYzsXK7lF03CsrM24HufZAqf
eQ3zYZv8heQc6UK7KKOFRcyOFZPZwE0tCWYpqXSxeQFqHvwovyNzX9jgRn+AP6bV
/lhoJpXE/D2bI3KiWfY8obisCNaBCjVpT3IgW84/VcX4j/YcXt9wIi+ztSnQxu/b
LGbHxUOsuOTv91wNp8GrfUmx/e86hw1UXkUezuKALWYJA7YIHYDEsKGQtDkX36tI
l8z4cwc3Z/fapn1kvbUXx//4WpVmrFzW12bb4MFu+qAjoGbvcjviXlFj653PjyE3
PLBd1KUneynixADPjuh7b/xRBr2ob0lYIM+KJOhqp2y68DPXNpzQgGIqLQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGefm9jFUK+7vlAzOPesBbK8xoRJMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWjUtYjJNVlFyN3UtVURNNDk2d0ZzcnpHaEVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBV3hEAwQB
XXtKAwQAXXt3AwQBufygMA0GCSqGSIb3DQEBCwUAA4IBAQCcfvleYbxcXc96dzlE
+SF9K1UvaQHBfGRcuMcOmp5MGAj77HyQ/330OGiPJRx3EsCex6qVWpvFBjluoKku
68rOQLHr3JuQik2YvmcTXjx+Ag9ubTZ2cFHlV3KzCqzY1zC7SPFmCS0wEU9VwCWz
Gz47SMZjcyFVBKxDUSnzuYnjF6a9krWENBFN65TWZVJH+DjC/c798jwQQrsRUT+4
dnvuVJAfoa7EkKBw5OIxzKBBEX4VRtL7j82+YUNENKgyWiNOCU0dvQJyZb9sgwoe
9GhaxYf34lO1HXGS8kH6G/bhVGzOK0V/CWcr8t4otbMLaDxnMgUioEZZ1NYX58Tl
uyTH
-----END CERTIFICATE-----
Generated at Sat Jul 6 07:02:52 2024 by rpki-client on console-fra.rpki-client.org