Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZjAqRbqE6TM6Uq3g0fRRp4j7htw.roa
File: ZjAqRbqE6TM6Uq3g0fRRp4j7htw.roa (raw, json)
Hash identifier: aBUSTERx+rSrsGOdiN9tMFWcY89KJVzq9Ydk58cJ8vs=
Subject key identifier: 66:30:2A:45:BA:84:E9:33:3A:52:AD:E0:D1:F4:51:A7:88:FB:86:DC
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DCD6B70981EC46049DA5F3B6804539
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZjAqRbqE6TM6Uq3g0fRRp4j7htw.roa
Signing time: Tue 02 Jan 2024 06:29:25 +0000
ROA not before: Tue 02 Jan 2024 06:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25374
IP address blocks: 87.120.244.0/23 maxlen: 23
87.120.244.0/24 maxlen: 24
87.120.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:50:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:d6:b7:09:81:ec:46:04:9d:a5:f3:b6:80:45:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66302a45ba84e9333a52ade0d1f451a788fb86dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c2:13:3a:e4:8a:4c:04:42:0b:ab:d0:0a:24:
9a:e8:70:46:d5:3b:a3:32:cd:70:65:49:2f:a8:07:
09:a7:b1:65:f5:08:87:66:93:3d:42:58:2d:9a:eb:
d2:7d:56:70:2c:2d:a0:76:2d:fa:c9:e7:fe:12:86:
ae:90:21:b0:22:e1:3c:58:2e:12:4e:0b:8e:61:b5:
ee:36:97:3e:1b:9f:52:b3:d1:cf:26:4b:bc:ab:b8:
80:c6:77:ce:a9:7c:8d:d4:a7:8a:a4:13:1e:54:8b:
67:95:7b:9a:8e:42:c8:07:03:df:99:0a:d1:12:df:
d2:3d:86:5c:8c:38:15:1f:bf:8a:0b:09:f0:32:16:
69:23:c3:56:06:cb:23:fa:57:dd:77:c8:40:ee:e1:
f4:2e:b3:4e:1c:63:d7:fb:00:b5:f3:94:97:0c:ac:
c6:9e:c8:7f:f3:3a:ca:65:6b:e9:28:09:e7:10:86:
da:f3:23:bd:55:ec:0e:1f:d2:7c:31:7d:6a:04:c0:
85:11:b0:bc:ef:5d:cd:6a:2d:d2:72:99:dd:3a:8a:
2a:b6:4a:23:fe:be:60:ae:e5:c7:54:18:37:1f:ab:
57:af:6f:1e:fd:bd:b0:f7:89:b5:11:e4:11:53:8c:
7b:01:e6:08:2c:8e:96:f5:f7:95:c7:88:0b:25:47:
50:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:30:2A:45:BA:84:E9:33:3A:52:AD:E0:D1:F4:51:A7:88:FB:86:DC
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZjAqRbqE6TM6Uq3g0fRRp4j7htw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.244.0/23
Signature Algorithm: sha256WithRSAEncryption
83:1d:0e:24:02:6a:2c:3b:e8:4e:b9:97:a5:c8:10:76:a4:31:
c5:71:23:39:87:4c:d2:b0:0a:d4:81:be:dc:73:de:51:71:4c:
13:21:ca:09:f0:8f:ab:03:16:b9:c1:0c:f0:7c:11:99:d1:1f:
b4:c4:c0:74:99:48:fc:12:3b:e0:43:43:db:c0:a8:42:7f:5b:
64:95:98:f6:27:6e:42:cc:88:e6:d8:7f:bb:b7:97:55:74:db:
8d:df:ec:73:df:10:c6:68:58:8d:d3:c6:e4:73:7e:be:35:1e:
dd:26:cf:4f:5d:b8:8f:35:28:a5:12:05:8a:7f:6e:15:8e:66:
0f:b7:e9:c9:a8:bd:03:3d:62:60:36:ea:5c:e3:dd:1a:d1:6e:
99:ac:77:bc:f1:81:52:2f:7e:71:e9:0f:77:fc:9d:13:5b:bb:
89:75:5d:2c:ae:3d:cd:66:fc:98:7b:28:38:a0:bc:7d:68:43:
38:69:ae:8d:3c:5e:ff:3b:91:d5:bb:b5:d0:c8:c0:65:54:d4:
c8:c4:2b:78:f3:bc:96:44:49:be:2b:0d:91:ae:60:7d:7f:63:
1b:6f:f7:83:42:2d:d8:21:6e:24:0d:40:2d:e8:07:b2:3c:2e:
72:43:b2:22:9c:1e:44:51:19:ab:4e:c3:3d:56:62:46:cd:37:
a0:e8:33:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3Na3CYHsRgSdpfO2gEU5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjMwMmE0NWJhODRlOTMzM2E1MmFkZTBkMWY0NTFhNzg4ZmI4NmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsITOuSKTARCC6vQCiSa6HBG1Tuj
Ms1wZUkvqAcJp7Fl9QiHZpM9QlgtmuvSfVZwLC2gdi36yef+EoaukCGwIuE8WC4S
TguOYbXuNpc+G59Ss9HPJku8q7iAxnfOqXyN1KeKpBMeVItnlXuajkLIBwPfmQrR
Et/SPYZcjDgVH7+KCwnwMhZpI8NWBssj+lfdd8hA7uH0LrNOHGPX+wC185SXDKzG
nsh/8zrKZWvpKAnnEIba8yO9VewOH9J8MX1qBMCFEbC8713Nai3ScpndOooqtkoj
/r5gruXHVBg3H6tXr28e/b2w94m1EeQRU4x7AeYILI6W9feVx4gLJUdQ9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGYwKkW6hOkzOlKt4NH0UaeI+4bcMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWmpBcVJicUU2VE02VXEzZzBmUlJwNGo3aHR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBV3j0MA0G
CSqGSIb3DQEBCwUAA4IBAQCDHQ4kAmosO+hOuZelyBB2pDHFcSM5h0zSsArUgb7c
c95RcUwTIcoJ8I+rAxa5wQzwfBGZ0R+0xMB0mUj8EjvgQ0PbwKhCf1tklZj2J25C
zIjm2H+7t5dVdNuN3+xz3xDGaFiN08bkc36+NR7dJs9PXbiPNSilEgWKf24VjmYP
t+nJqL0DPWJgNupc490a0W6ZrHe88YFSL35x6Q93/J0TW7uJdV0srj3NZvyYeyg4
oLx9aEM4aa6NPF7/O5HVu7XQyMBlVNTIxCt487yWREm+Kw2RrmB9f2Mbb/eDQi3Y
IW4kDUAt6AeyPC5yQ7IinB5EURmrTsM9VmJGzTeg6DPq
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:25:43 2025 by rpki-client