Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/fh4f7T7cC30sgBQJ8iqDaYV-6-A.roa
File: fh4f7T7cC30sgBQJ8iqDaYV-6-A.roa (raw, json)
Hash identifier: hZaU+USNqbhN35ptdiJ+96t+ExEDojPOW/5SMOZ2TxA=
Subject key identifier: 7E:1E:1F:ED:3E:DC:0B:7D:2C:80:14:09:F2:2A:83:69:85:7E:EB:E0
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018DE05E3BC37DF7E1293670D8F214345924
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/fh4f7T7cC30sgBQJ8iqDaYV-6-A.roa
Signing time: Sun 25 Feb 2024 13:04:48 +0000
ROA not before: Sun 25 Feb 2024 13:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 87.121.62.0/24 maxlen: 24
87.121.63.0/24 maxlen: 24
87.121.114.0/24 maxlen: 24
87.121.115.0/24 maxlen: 24
93.123.75.0/24 maxlen: 24
93.123.119.0/24 maxlen: 24
185.252.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 00:17:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e0:5e:3b:c3:7d:f7:e1:29:36:70:d8:f2:14:34:59:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 25 13:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e1e1fed3edc0b7d2c801409f22a8369857eebe0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:4c:30:b3:25:75:f7:23:11:17:3e:3f:25:46:
4c:bb:e2:98:1c:b5:ca:0d:ad:cb:d4:c3:a7:d3:3f:
8b:f6:b6:81:41:0c:8a:9f:e3:3f:b6:ea:db:33:69:
80:b3:9d:e2:3b:f3:67:4b:32:52:37:10:ed:08:b2:
87:b8:42:8b:c2:aa:c3:14:d1:07:be:47:73:24:67:
21:24:f2:a7:57:e7:9e:3d:4a:f3:89:a9:b8:40:ef:
12:d3:0d:c8:a8:1f:52:05:3d:d2:e8:62:b2:b5:ac:
40:c8:a7:21:67:14:53:c0:4f:19:2f:f1:b5:0d:26:
7f:1a:04:bf:37:5c:32:24:ec:41:2b:f5:ab:41:16:
40:23:65:d0:10:f5:c5:dd:ee:b2:9e:b3:59:85:65:
a6:c1:02:95:3d:fa:a2:f0:9f:2a:bc:17:14:97:80:
8c:0c:ce:06:0e:18:bb:f3:23:6e:01:fe:d4:1d:b3:
6d:69:13:d6:a1:8a:1e:a1:8e:e4:f8:9d:6f:3d:c7:
58:3f:d7:83:5d:d5:d5:ff:8d:fd:72:55:89:76:31:
b0:ed:84:8f:fe:b5:fb:a9:22:99:5f:84:9d:3c:a2:
a9:c9:d2:32:8d:a4:43:a9:c7:3e:34:44:8d:11:7f:
bd:64:5c:69:06:07:3d:b8:52:22:32:e9:2f:16:30:
f0:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:1E:1F:ED:3E:DC:0B:7D:2C:80:14:09:F2:2A:83:69:85:7E:EB:E0
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/fh4f7T7cC30sgBQJ8iqDaYV-6-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.121.62.0/23
87.121.114.0/23
93.123.75.0/24
93.123.119.0/24
185.252.163.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:5d:5c:43:fb:14:f8:96:04:9f:0c:84:03:a6:a7:aa:48:82:
7b:3b:50:9f:f8:63:62:38:57:28:32:5f:b8:69:54:36:2f:ae:
70:62:b3:36:e4:2b:42:f0:23:f7:f7:99:59:6b:e5:a1:e2:04:
cb:00:ce:30:60:a8:44:fe:88:0a:75:2f:a6:43:e7:bd:63:1d:
d9:18:ab:c8:28:3d:58:b3:f2:62:5c:c1:ac:1a:44:02:78:c0:
24:43:53:b9:50:24:fc:ed:32:5d:d0:10:91:4f:b5:91:9a:30:
ab:a0:19:df:f5:93:69:89:2b:f0:62:3e:c9:1c:a6:fb:df:18:
00:06:66:14:59:9f:cf:32:53:50:3e:e7:34:5d:3f:f2:a8:b4:
80:18:37:b0:ef:a6:4a:6a:e5:b0:14:eb:65:46:00:6f:6c:e3:
e0:44:31:15:92:6d:ae:11:90:76:80:50:7d:55:61:53:c5:86:
26:a3:a9:20:8a:4a:d2:bb:99:ef:0a:cb:58:2a:85:ff:70:98:
de:b9:e8:48:16:f9:59:3c:0b:e4:fe:c6:06:67:c4:a1:0a:fe:
5b:64:d4:78:81:c2:39:80:b5:07:be:d1:5b:24:b1:50:a4:b8:
2c:cc:9b:26:da:f1:03:8f:99:14:10:74:78:b5:15:5c:35:04:
0e:10:59:d5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY3gXjvDfffhKTZw2PIUNFkkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjI1MTMwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTFlMWZlZDNlZGMwYjdkMmM4MDE0MDlmMjJhODM2OTg1N2VlYmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuEwwsyV19yMRFz4/JUZMu+KYHLXK
Da3L1MOn0z+L9raBQQyKn+M/turbM2mAs53iO/NnSzJSNxDtCLKHuEKLwqrDFNEH
vkdzJGchJPKnV+eePUrziam4QO8S0w3IqB9SBT3S6GKytaxAyKchZxRTwE8ZL/G1
DSZ/GgS/N1wyJOxBK/WrQRZAI2XQEPXF3e6ynrNZhWWmwQKVPfqi8J8qvBcUl4CM
DM4GDhi78yNuAf7UHbNtaRPWoYoeoY7k+J1vPcdYP9eDXdXV/439clWJdjGw7YSP
/rX7qSKZX4SdPKKpydIyjaRDqcc+NESNEX+9ZFxpBgc9uFIiMukvFjDwzQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFH4eH+0+3At9LIAUCfIqg2mFfuvgMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZmg0ZjdUN2NDMzBzZ0JRSjhpcURhWVYtNi1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBV3k+AwQB
V3lyAwQAXXtLAwQAXXt3AwQAufyjMA0GCSqGSIb3DQEBCwUAA4IBAQCzXVxD+xT4
lgSfDIQDpqeqSIJ7O1Cf+GNiOFcoMl+4aVQ2L65wYrM25CtC8CP395lZa+Wh4gTL
AM4wYKhE/ogKdS+mQ+e9Yx3ZGKvIKD1Ys/JiXMGsGkQCeMAkQ1O5UCT87TJd0BCR
T7WRmjCroBnf9ZNpiSvwYj7JHKb73xgABmYUWZ/PMlNQPuc0XT/yqLSAGDew76ZK
auWwFOtlRgBvbOPgRDEVkm2uEZB2gFB9VWFTxYYmo6kgikrSu5nvCstYKoX/cJje
uehIFvlZPAvk/sYGZ8ShCv5bZNR4gcI5gLUHvtFbJLFQpLgszJsm2vEDj5kUEHR4
tRVcNQQOEFnV
-----END CERTIFICATE-----
Generated at Thu Feb 29 01:19:05 2024 by rpki-client on console-ams.rpki-client.org