Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZBFsjAzzZ9nGTk9-6uPRepTiD5s.roa
File: ZBFsjAzzZ9nGTk9-6uPRepTiD5s.roa (raw, json)
Hash identifier: BZH3CcmGTIeEQ4BQHk5coG446Nnn7iYqkFyMjvzISOE=
Subject key identifier: 64:11:6C:8C:0C:F3:67:D9:C6:4E:4F:7E:EA:E3:D1:7A:94:E2:0F:9B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019125A87EA6E3BF39D2FC5DE5710336A40B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZBFsjAzzZ9nGTk9-6uPRepTiD5s.roa
Signing time: Tue 06 Aug 2024 03:08:05 +0000
ROA not before: Tue 06 Aug 2024 03:08:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 87.120.68.0/23 maxlen: 24
93.123.74.0/23 maxlen: 24
185.252.160.0/23 maxlen: 24
212.87.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Aug 2024 00:05:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:25:a8:7e:a6:e3:bf:39:d2:fc:5d:e5:71:03:36:a4:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 6 03:08:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=64116c8c0cf367d9c64e4f7eeae3d17a94e20f9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0f:9c:1d:41:2e:f4:b1:1b:a9:59:8b:ab:8a:
ea:30:5f:0e:d5:3e:66:c5:ea:bc:9b:7d:ed:18:bc:
67:41:fa:34:03:98:f7:7a:38:d8:89:ae:2c:d4:e2:
df:9b:cb:c2:33:78:b1:d0:7c:ff:df:f2:2c:ff:a7:
48:58:ea:80:d6:03:d4:51:23:8c:dc:0d:b8:cc:ad:
15:41:0c:75:ee:c2:f8:e0:b6:c6:82:54:69:15:3e:
e3:27:d6:0c:8d:0d:e0:84:df:a0:e8:8e:c4:79:a7:
cf:34:5d:05:af:75:c3:cd:98:67:60:ee:b8:db:af:
9a:9a:89:b1:5b:5c:3f:bf:ab:e7:c6:79:a6:b4:ee:
d4:ca:4f:b4:52:d5:91:30:14:1c:f8:4c:cb:5d:91:
2a:a1:de:61:5a:62:c5:67:40:d3:f9:c8:54:2c:c1:
09:ac:3a:76:5e:b9:09:b7:6c:29:1e:8e:b5:ef:6a:
24:27:5f:e4:a1:65:ec:9d:e2:0f:88:07:bc:b1:93:
c2:9a:a8:c0:6c:a4:19:e9:d8:94:70:7a:a2:e3:a4:
02:26:59:c4:3b:e5:51:1f:f6:f9:dc:1b:b1:ae:36:
e5:fc:6d:27:28:81:35:d1:ca:b2:cb:0a:6d:c3:a3:
81:61:5f:ce:22:09:c6:36:ce:a5:f0:da:f7:e7:cb:
24:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:11:6C:8C:0C:F3:67:D9:C6:4E:4F:7E:EA:E3:D1:7A:94:E2:0F:9B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZBFsjAzzZ9nGTk9-6uPRepTiD5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.68.0/23
93.123.74.0/23
185.252.160.0/23
212.87.204.0/24
Signature Algorithm: sha256WithRSAEncryption
74:57:18:7a:c2:88:7e:05:5c:f8:ce:45:3d:87:86:9c:7e:41:
9e:0c:dc:97:91:11:1a:3f:9d:69:8c:8c:67:89:68:48:ba:4f:
a0:ad:fe:ed:af:d6:f7:ec:2d:1d:39:0c:71:f1:bc:80:2d:b2:
84:e1:38:56:7a:d2:0a:c5:9c:cc:bf:89:03:c9:c3:d0:5b:23:
63:94:1a:ce:d1:fb:09:6d:85:86:de:cc:c3:f3:12:05:7e:0d:
98:0f:c0:12:d0:77:05:5e:6e:35:e8:2a:3a:0a:52:f0:3a:de:
1f:94:64:03:8b:c3:d9:2d:01:85:ad:ca:4f:bc:8f:ff:49:51:
41:69:28:99:7a:d6:d4:ee:39:51:a3:96:19:76:78:d8:d1:ae:
d2:46:b8:98:7b:cb:57:ff:70:14:49:bb:d9:49:75:e2:59:80:
2d:7b:fa:a6:a0:69:ce:d2:87:ed:40:0e:1b:f4:b1:b8:7e:55:
97:43:d1:27:52:54:2f:97:c5:49:92:ec:45:98:90:be:3b:36:
d5:f1:21:3c:df:f2:f6:5b:b8:26:c3:e2:19:02:18:f0:1d:1d:
2b:d6:0a:a8:b0:2a:0c:54:cb:ab:eb:f3:df:53:41:d7:e2:7a:
24:dd:e0:33:e0:86:b9:6f:6f:37:50:38:83:65:e2:54:9c:34:
41:d3:2a:70
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZElqH6m47850vxd5XEDNqQLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwODA2MDMwODA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDExNmM4YzBjZjM2N2Q5YzY0ZTRmN2VlYWUzZDE3YTk0ZTIwZjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxw+cHUEu9LEbqVmLq4rqMF8O1T5m
xeq8m33tGLxnQfo0A5j3ejjYia4s1OLfm8vCM3ix0Hz/3/Is/6dIWOqA1gPUUSOM
3A24zK0VQQx17sL44LbGglRpFT7jJ9YMjQ3ghN+g6I7EeafPNF0Fr3XDzZhnYO64
26+amomxW1w/v6vnxnmmtO7Uyk+0UtWRMBQc+EzLXZEqod5hWmLFZ0DT+chULMEJ
rDp2XrkJt2wpHo6172okJ1/koWXsneIPiAe8sZPCmqjAbKQZ6diUcHqi46QCJlnE
O+VRH/b53Buxrjbl/G0nKIE10cqyywptw6OBYV/OIgnGNs6l8Nr358sk3QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGQRbIwM82fZxk5Pfurj0XqU4g+bMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWkJGc2pBenpaOW5HVGs5LTZ1UFJlcFRpRDVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBV3hEAwQB
XXtKAwQBufygAwQA1FfMMA0GCSqGSIb3DQEBCwUAA4IBAQB0Vxh6woh+BVz4zkU9
h4acfkGeDNyXkREaP51pjIxniWhIuk+grf7tr9b37C0dOQxx8byALbKE4ThWetIK
xZzMv4kDycPQWyNjlBrO0fsJbYWG3szD8xIFfg2YD8AS0HcFXm416Co6ClLwOt4f
lGQDi8PZLQGFrcpPvI//SVFBaSiZetbU7jlRo5YZdnjY0a7SRriYe8tX/3AUSbvZ
SXXiWYAte/qmoGnO0oftQA4b9LG4flWXQ9EnUlQvl8VJkuxFmJC+OzbV8SE83/L2
W7gmw+IZAhjwHR0r1gqosCoMVMur6/PfU0HX4nok3eAz4Ia5b283UDiDZeJUnDRB
0ypw
-----END CERTIFICATE-----
Generated at Mon Aug 12 03:06:33 2024 by rpki-client on console-ams.rpki-client.org