Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/a4qd7cSKXq-Se3DfUKvkBy6l4HU.roa
File: a4qd7cSKXq-Se3DfUKvkBy6l4HU.roa (raw, json)
Hash identifier: 5cYZEqFPmfdwbhZak9BdersFCBTltP+jSwe39uJTTJE=
Subject key identifier: 6B:8A:9D:ED:C4:8A:5E:AF:92:7B:70:DF:50:AB:E4:07:2E:A5:E0:75
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01942824D9D5E77A97FFA73DC84A6177AD40
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/a4qd7cSKXq-Se3DfUKvkBy6l4HU.roa
Signing time: Thu 02 Jan 2025 17:51:31 +0000
ROA not before: Thu 02 Jan 2025 17:51:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 401109
IP address blocks: 87.120.120.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Feb 2025 15:32:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:d9:d5:e7:7a:97:ff:a7:3d:c8:4a:61:77:ad:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 17:51:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b8a9dedc48a5eaf927b70df50abe4072ea5e075
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:72:b0:2c:2e:73:86:ec:e0:95:7f:55:6a:a4:
e5:83:34:ac:78:61:3f:25:0f:0d:62:86:ac:19:74:
9f:33:42:8a:84:94:ab:a9:3f:2d:87:c5:82:9e:7d:
69:77:82:cc:57:09:8d:dd:67:bb:1a:14:6b:da:ef:
17:93:4e:55:84:1f:a0:2d:f5:2c:fa:95:58:1d:53:
28:9f:41:92:91:05:6f:81:b0:2f:16:f3:34:81:12:
a1:83:4f:56:61:b9:81:39:20:ce:45:c8:7a:da:91:
42:06:55:c4:36:c1:fb:12:e9:a9:c4:c8:4e:de:8e:
49:68:bd:37:78:e7:be:a6:03:b8:15:69:9e:6f:c6:
e6:95:2d:bd:17:ee:9a:ea:2f:10:34:0d:56:e1:18:
ca:fe:d2:f5:a4:19:4b:fb:af:00:5d:a1:f8:04:00:
bd:86:78:6f:11:7a:7e:74:29:72:b5:3b:1f:39:85:
15:59:98:ba:aa:a9:29:e4:22:26:99:44:d3:e9:36:
9f:90:53:c2:85:e6:e5:4d:5d:bb:12:34:e8:6d:04:
37:e2:6e:d9:52:03:6c:5f:87:79:67:72:72:f2:db:
4d:d0:b5:c7:b0:c6:ea:57:c6:26:42:de:08:42:82:
ab:67:17:95:26:72:30:9e:43:d5:1e:a3:d7:9b:ca:
33:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:8A:9D:ED:C4:8A:5E:AF:92:7B:70:DF:50:AB:E4:07:2E:A5:E0:75
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/a4qd7cSKXq-Se3DfUKvkBy6l4HU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.120.0/23
Signature Algorithm: sha256WithRSAEncryption
04:91:17:28:3f:4e:8d:56:0a:dd:77:b2:a9:06:9e:1a:ee:5f:
a9:54:49:87:ad:80:29:a7:13:44:e2:40:c0:03:1d:6e:b5:bc:
ae:e1:13:f7:54:98:e4:5d:6b:10:66:f4:68:58:1c:9b:a6:4a:
a8:f4:b2:1f:c0:98:5a:94:2e:77:cc:8a:9e:88:f5:c4:f7:03:
1d:69:7a:d0:d5:83:47:2f:43:e0:f7:45:02:e7:71:ed:de:51:
aa:30:4d:0c:ac:89:7d:7c:a0:65:10:89:33:6c:63:b5:60:de:
53:f4:2d:3f:84:6f:07:69:f5:c9:83:88:ba:db:c6:9b:1d:c4:
39:c4:7e:19:8e:e0:a1:52:d2:6f:77:8a:87:38:eb:3f:13:1c:
05:eb:cd:8a:c0:20:a9:71:06:0e:ff:ba:43:d9:ba:ac:1f:76:
ff:ab:91:b1:ba:2a:88:25:cc:03:9a:cc:77:ed:ab:cf:fe:04:
4c:85:84:02:02:6e:21:8d:29:c5:31:50:03:1d:c0:f3:7b:94:
8d:42:e5:34:3c:1c:cb:52:ce:7e:4e:84:0d:d5:7c:95:c8:50:
7a:0b:75:33:d8:fb:b0:83:3a:e7:30:f6:f1:70:c3:10:fe:22:
d4:17:19:b9:d1:b9:38:af:30:21:7c:da:06:06:ae:24:7c:1b:
a6:2a:f5:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJNnV53qX/6c9yEphd61AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTAyMTc1MTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjhhOWRlZGM0OGE1ZWFmOTI3YjcwZGY1MGFiZTQwNzJlYTVlMDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnKwLC5zhuzglX9VaqTlgzSseGE/
JQ8NYoasGXSfM0KKhJSrqT8th8WCnn1pd4LMVwmN3We7GhRr2u8Xk05VhB+gLfUs
+pVYHVMon0GSkQVvgbAvFvM0gRKhg09WYbmBOSDORch62pFCBlXENsH7EumpxMhO
3o5JaL03eOe+pgO4FWmeb8bmlS29F+6a6i8QNA1W4RjK/tL1pBlL+68AXaH4BAC9
hnhvEXp+dClytTsfOYUVWZi6qqkp5CImmUTT6TafkFPCheblTV27EjTobQQ34m7Z
UgNsX4d5Z3Jy8ttN0LXHsMbqV8YmQt4IQoKrZxeVJnIwnkPVHqPXm8ozuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGuKne3Eil6vkntw31Cr5AcupeB1MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvYTRxZDdjU0tYcS1TZTNEZlVLdmtCeTZsNEhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBV3h4MA0G
CSqGSIb3DQEBCwUAA4IBAQAEkRcoP06NVgrdd7KpBp4a7l+pVEmHrYAppxNE4kDA
Ax1utbyu4RP3VJjkXWsQZvRoWBybpkqo9LIfwJhalC53zIqeiPXE9wMdaXrQ1YNH
L0Pg90UC53Ht3lGqME0MrIl9fKBlEIkzbGO1YN5T9C0/hG8HafXJg4i628abHcQ5
xH4ZjuChUtJvd4qHOOs/ExwF682KwCCpcQYO/7pD2bqsH3b/q5GxuiqIJcwDmsx3
7avP/gRMhYQCAm4hjSnFMVADHcDze5SNQuU0PBzLUs5+ToQN1XyVyFB6C3Uz2Puw
gzrnMPbxcMMQ/iLUFxm50bk4rzAhfNoGBq4kfBumKvX/
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:40:51 2025 by rpki-client