Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dPTstmfw08-3ZJMH1KckKwv9nCQ.roa
File: dPTstmfw08-3ZJMH1KckKwv9nCQ.roa (raw, json)
Hash identifier: rbCoiDbDAkKkizLEJafU4F26wK7ekmG9A3wft4awStM=
Subject key identifier: 74:F4:EC:B6:67:F0:D3:CF:B7:64:93:07:D4:A7:24:2B:0B:FD:9C:24
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DCDC7FC5A530A6495DD86A36C37321
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dPTstmfw08-3ZJMH1KckKwv9nCQ.roa
Signing time: Tue 02 Jan 2024 06:29:26 +0000
ROA not before: Tue 02 Jan 2024 06:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34569
IP address blocks: 87.121.20.0/23 maxlen: 23
87.121.22.0/24 maxlen: 24
87.121.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 25 Oct 2024 12:03:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:dc:7f:c5:a5:30:a6:49:5d:d8:6a:36:c3:73:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=74f4ecb667f0d3cfb7649307d4a7242b0bfd9c24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:cd:3b:fb:f2:e8:4f:24:e4:ac:99:50:55:18:
72:f0:1a:98:cf:5e:62:0f:64:c7:55:d9:40:3c:e0:
8e:40:29:f7:a6:d4:4e:53:67:e5:25:2e:dc:67:dd:
7b:37:4b:c0:3a:db:68:94:94:15:95:d2:e4:43:43:
e2:ea:04:68:aa:03:fa:8d:3c:c6:a5:94:40:1d:9f:
3e:71:da:59:e2:ab:c2:5b:2e:a6:1c:b3:cd:13:1e:
06:b9:20:39:24:10:c9:d5:58:03:30:f0:ad:0b:cd:
94:18:99:55:8e:80:07:3c:ac:ff:15:01:e2:88:de:
0d:7c:9c:42:b3:35:12:44:fd:fb:76:3a:4f:a8:d1:
a5:72:79:3d:10:41:55:cf:1e:27:c0:c2:23:86:2c:
25:d2:b5:19:33:ed:ed:18:bf:b1:d4:17:31:a4:f4:
8b:b0:4a:43:ed:46:6b:8d:01:e0:02:a8:ed:cd:22:
51:bf:34:7a:34:02:33:86:50:dd:9b:71:24:35:a1:
c6:04:c4:a1:34:42:d4:e0:80:92:6a:2c:c0:d0:e2:
ae:52:11:0a:76:bb:34:cc:ba:56:be:d1:79:7b:59:
2a:47:e7:59:6c:d4:81:66:cc:f8:43:ab:40:24:52:
f4:af:9b:1e:4e:38:8e:a4:ae:44:f1:97:ad:d1:5a:
a1:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:F4:EC:B6:67:F0:D3:CF:B7:64:93:07:D4:A7:24:2B:0B:FD:9C:24
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dPTstmfw08-3ZJMH1KckKwv9nCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.121.18.0/24
87.121.20.0-87.121.22.255
Signature Algorithm: sha256WithRSAEncryption
48:5c:54:bd:e1:46:86:e2:13:68:64:0a:2d:73:6f:2c:fc:66:
d2:28:6f:80:37:bf:d5:92:24:e2:2d:4b:d7:fe:b3:1d:99:0f:
08:fa:3d:3c:80:f3:21:54:41:d0:04:84:16:20:dd:c9:6c:a3:
8e:69:35:56:86:79:e7:07:c3:79:b3:75:17:6c:b1:db:28:91:
f3:72:56:6f:cd:22:74:54:ba:87:d9:c2:a6:1e:b0:4a:09:d6:
e3:4a:61:f8:6d:14:30:e0:d1:a3:49:4a:4f:40:5a:8c:ce:cb:
1a:ca:23:4c:38:ef:68:0e:2c:be:76:65:ca:5e:8a:9a:ba:00:
84:b1:42:a0:8d:33:e0:20:da:1f:ba:8d:77:c1:e8:c7:d9:2e:
8a:80:85:51:18:45:08:b0:f8:15:c0:0d:db:63:67:be:06:05:
a7:4c:5c:08:6d:ac:ac:4a:b2:c2:72:ef:50:6a:50:d3:fd:d5:
52:79:91:6e:54:44:7e:82:31:9a:dd:cc:c9:37:e9:09:c5:aa:
00:fc:28:3e:46:d6:d0:ec:24:96:8f:00:ab:d5:ec:c7:9e:26:
24:b2:24:77:cf:55:d0:dc:38:fb:be:02:25:d2:55:e8:6d:4e:
a3:cf:7b:a8:38:20:1e:a7:a0:ca:5a:1a:21:3a:d0:ea:95:2a:
15:b1:5b:d5
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzI3Nx/xaUwpkld2Go2w3MhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGY0ZWNiNjY3ZjBkM2NmYjc2NDkzMDdkNGE3MjQyYjBiZmQ5YzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArc07+/LoTyTkrJlQVRhy8BqYz15i
D2THVdlAPOCOQCn3ptROU2flJS7cZ917N0vAOttolJQVldLkQ0Pi6gRoqgP6jTzG
pZRAHZ8+cdpZ4qvCWy6mHLPNEx4GuSA5JBDJ1VgDMPCtC82UGJlVjoAHPKz/FQHi
iN4NfJxCszUSRP37djpPqNGlcnk9EEFVzx4nwMIjhiwl0rUZM+3tGL+x1BcxpPSL
sEpD7UZrjQHgAqjtzSJRvzR6NAIzhlDdm3EkNaHGBMShNELU4ICSaizA0OKuUhEK
drs0zLpWvtF5e1kqR+dZbNSBZsz4Q6tAJFL0r5seTjiOpK5E8Zet0VqhJQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFHT07LZn8NPPt2STB9SnJCsL/ZwkMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZFBUc3RtZncwOC0zWkpNSDFLY2tLd3Y5bkNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAV3kSMAwD
BAJXeRQDBABXeRYwDQYJKoZIhvcNAQELBQADggEBAEhcVL3hRobiE2hkCi1zbyz8
ZtIob4A3v9WSJOItS9f+sx2ZDwj6PTyA8yFUQdAEhBYg3clso45pNVaGeecHw3mz
dRdssdsokfNyVm/NInRUuofZwqYesEoJ1uNKYfhtFDDg0aNJSk9AWozOyxrKI0w4
72gOLL52Zcpeipq6AISxQqCNM+Ag2h+6jXfB6MfZLoqAhVEYRQiw+BXADdtjZ74G
BadMXAhtrKxKssJy71BqUNP91VJ5kW5URH6CMZrdzMk36QnFqgD8KD5G1tDsJJaP
AKvV7MeeJiSyJHfPVdDcOPu+AiXSVehtTqPPe6g4IB6noMpaGiE60OqVKhWxW9U=
-----END CERTIFICATE-----
Generated at Fri Oct 25 15:00:20 2024 by rpki-client on console-ams.rpki-client.org