Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dk7qmLh42f2Vt8GfxZ6WfhBn-qE.roa
File: dk7qmLh42f2Vt8GfxZ6WfhBn-qE.roa (raw, json)
Hash identifier: NtADCb9PbwLAX0N7LK4RN/iCGGPX94ww2hj4XI5tVQE=
Subject key identifier: 76:4E:EA:98:B8:78:D9:FD:95:B7:C1:9F:C5:9E:96:7E:10:67:FA:A1
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01856D81E123D58EEE50968700C22C5030C8
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dk7qmLh42f2Vt8GfxZ6WfhBn-qE.roa
Signing time: Sun 01 Jan 2023 13:25:06 +0000
ROA not before: Sun 01 Jan 2023 13:25:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34569
IP address blocks: 87.121.20.0/23 maxlen: 23
87.121.22.0/24 maxlen: 24
87.121.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:e1:23:d5:8e:ee:50:96:87:00:c2:2c:50:30:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 1 13:25:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=764eea98b878d9fd95b7c19fc59e967e1067faa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:2b:3b:0a:b4:06:a7:1d:79:6a:f1:7d:55:fc:
a4:21:30:fe:68:f4:4e:01:2b:cd:87:63:15:26:db:
78:3d:5b:d9:53:a8:74:52:08:47:e7:36:d6:81:a5:
64:0d:1b:5d:61:47:2f:51:3b:08:d6:c3:c1:49:1b:
2e:d2:27:a6:ac:56:0b:79:f4:05:85:39:ab:7e:a5:
21:24:79:bb:dd:90:31:b1:d3:60:af:67:8b:e3:99:
ac:ea:c7:bc:38:e3:ad:d5:ce:03:78:b2:cf:f3:c7:
b4:fc:66:e2:fc:c4:13:74:d1:d2:e0:e4:08:0b:aa:
5b:59:82:b1:03:a6:4a:d1:a2:53:1c:f7:61:76:45:
4c:c9:bd:d7:12:c5:0f:00:33:61:b1:b9:9d:68:17:
16:39:a6:71:cb:c7:1a:5e:1e:e7:7b:4d:ab:cf:30:
0f:05:e5:21:75:34:7a:11:07:22:59:6d:7e:cc:64:
6f:c7:01:92:7f:7a:dc:69:e2:8b:66:10:a4:a9:b3:
53:06:ac:24:59:c7:5a:d4:af:f7:03:33:ac:6d:81:
e1:89:51:47:c3:f5:ac:ad:ce:c5:b1:78:a5:ba:3c:
0b:f6:58:d7:0d:b0:10:c8:89:75:8b:47:17:97:39:
66:30:0f:26:6c:ef:2d:91:f7:2e:6d:4d:3d:e3:a4:
3b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:4E:EA:98:B8:78:D9:FD:95:B7:C1:9F:C5:9E:96:7E:10:67:FA:A1
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dk7qmLh42f2Vt8GfxZ6WfhBn-qE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.121.18.0/24
87.121.20.0-87.121.22.255
Signature Algorithm: sha256WithRSAEncryption
1c:d1:71:04:13:2e:83:4c:04:9d:59:ac:25:0c:dc:26:f8:5b:
0a:76:06:c1:0a:8c:70:59:dc:a9:f4:f4:19:b5:11:23:17:67:
00:83:85:84:04:dc:c7:9c:07:bd:4a:97:66:72:db:91:d2:2f:
6c:b1:ac:bd:08:5e:32:7a:d6:b7:da:18:45:ce:c2:4e:fe:d2:
7d:21:87:12:cf:c5:b1:08:e6:75:93:2a:ce:05:4e:fb:85:2f:
c7:5e:26:c5:76:45:2e:b3:90:70:b6:d3:82:91:41:bf:fc:de:
80:43:94:3b:8d:8f:56:1b:75:92:17:0e:d3:b0:df:c1:62:39:
34:e9:45:d2:2c:ac:07:3c:7c:17:82:4c:8e:b7:a7:96:f6:a9:
e4:f1:be:25:9b:9c:c5:fb:64:d0:63:1d:ae:7a:db:41:ed:f3:
ab:dd:23:46:07:63:d3:65:e3:b9:1b:d3:a1:bd:40:bd:13:95:
6e:91:0d:39:10:06:99:b2:71:16:bb:27:8e:1c:63:6c:64:fd:
b6:f9:3e:11:e1:13:35:00:a2:f6:a0:66:b4:e5:90:e0:2f:03:
e3:32:8f:50:bb:7d:9e:d0:47:60:2d:fd:4d:34:5b:04:02:4a:
a9:d7:91:53:bc:1d:2f:0f:9c:6d:41:5c:8e:3d:eb:66:88:9e:
45:f9:0a:73
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVtgeEj1Y7uUJaHAMIsUDDIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAxMTMyNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjRlZWE5OGI4NzhkOWZkOTViN2MxOWZjNTllOTY3ZTEwNjdmYWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAris7CrQGpx15avF9VfykITD+aPRO
ASvNh2MVJtt4PVvZU6h0UghH5zbWgaVkDRtdYUcvUTsI1sPBSRsu0iemrFYLefQF
hTmrfqUhJHm73ZAxsdNgr2eL45ms6se8OOOt1c4DeLLP88e0/Gbi/MQTdNHS4OQI
C6pbWYKxA6ZK0aJTHPdhdkVMyb3XEsUPADNhsbmdaBcWOaZxy8caXh7ne02rzzAP
BeUhdTR6EQciWW1+zGRvxwGSf3rcaeKLZhCkqbNTBqwkWcda1K/3AzOsbYHhiVFH
w/Wsrc7FsXilujwL9ljXDbAQyIl1i0cXlzlmMA8mbO8tkfcubU0946Q7swIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFHZO6pi4eNn9lbfBn8Weln4QZ/qhMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZGs3cW1MaDQyZjJWdDhHZnhaNldmaEJuLXFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAV3kSMAwD
BAJXeRQDBABXeRYwDQYJKoZIhvcNAQELBQADggEBABzRcQQTLoNMBJ1ZrCUM3Cb4
Wwp2BsEKjHBZ3Kn09Bm1ESMXZwCDhYQE3MecB71Kl2Zy25HSL2yxrL0IXjJ61rfa
GEXOwk7+0n0hhxLPxbEI5nWTKs4FTvuFL8deJsV2RS6zkHC204KRQb/83oBDlDuN
j1YbdZIXDtOw38FiOTTpRdIsrAc8fBeCTI63p5b2qeTxviWbnMX7ZNBjHa5620Ht
86vdI0YHY9Nl47kb06G9QL0TlW6RDTkQBpmycRa7J44cY2xk/bb5PhHhEzUAovag
ZrTlkOAvA+Myj1C7fZ7QR2At/U00WwQCSqnXkVO8HS8PnG1BXI4962aInkX5CnM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:15 2024 by rpki-client on console-fra.rpki-client.org