Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/fkHikzCzJ2yl3i2_PrvBb5traA8.roa
File: fkHikzCzJ2yl3i2_PrvBb5traA8.roa (raw, json)
Hash identifier: XAOnk6a+ZyYg92yzLdYGhNMC9gdKejXvbHOUcQnc/Do=
Subject key identifier: 7E:41:E2:93:30:B3:27:6C:A5:DE:2D:BF:3E:BB:C1:6F:9B:6B:68:0F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DCFF22D2F62495BC47010C0B25C283
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/fkHikzCzJ2yl3i2_PrvBb5traA8.roa
Signing time: Tue 02 Jan 2024 06:29:35 +0000
ROA not before: Tue 02 Jan 2024 06:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201133
IP address blocks: 212.73.137.0/24 maxlen: 24
93.123.73.207/32 maxlen: 32
93.123.73.0/24 maxlen: 24
94.156.175.0/24 maxlen: 24
93.123.10.0/24 maxlen: 24
87.121.110.0/24 maxlen: 24
85.217.222.0/24 maxlen: 24
85.217.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Mar 2024 09:21:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:ff:22:d2:f6:24:95:bc:47:01:0c:0b:25:c2:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e41e29330b3276ca5de2dbf3ebbc16f9b6b680f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:9e:da:86:ee:93:ce:a0:65:92:5f:ee:e5:85:
3c:de:57:f5:bb:20:ed:6b:80:8b:2c:08:0b:9f:06:
a5:16:3c:6d:62:ad:65:ac:08:93:4e:87:c9:ae:d6:
93:f1:82:a3:91:95:2f:5a:44:d9:c3:da:a0:a4:02:
7e:01:6a:e6:24:ea:57:0d:ec:7b:41:46:d2:a5:5e:
3f:23:76:4c:4c:eb:29:02:6b:16:60:fb:8f:ef:31:
ba:c3:40:f9:59:06:33:89:b1:c2:86:e4:ca:6d:eb:
04:eb:a4:02:ed:15:7b:65:18:cf:9d:f2:4b:3c:7e:
37:bd:69:1e:c8:a1:ee:d1:e7:e8:17:38:eb:3e:42:
a5:b4:5e:0b:1a:6d:6b:1f:d6:e6:23:85:81:af:7e:
16:7a:26:0f:72:82:41:31:47:66:3e:bb:3c:42:4e:
34:b9:3a:ad:e8:0f:fc:84:65:cc:14:e9:07:2d:94:
26:b3:ca:45:20:01:5e:3f:29:5a:b5:19:c3:65:26:
c1:20:e0:3c:ae:9c:7b:cc:c8:5f:d3:87:14:a9:27:
31:95:d8:ad:52:23:67:49:3e:b6:3a:37:ea:5e:cd:
7a:95:6d:ae:aa:f8:e6:a3:09:bd:17:8e:da:ad:ac:
73:71:e9:47:93:da:67:e1:55:b1:12:77:53:25:0b:
99:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:41:E2:93:30:B3:27:6C:A5:DE:2D:BF:3E:BB:C1:6F:9B:6B:68:0F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/fkHikzCzJ2yl3i2_PrvBb5traA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.222.0/23
87.121.110.0/24
93.123.10.0/24
93.123.73.0/24
94.156.175.0/24
212.73.137.0/24
Signature Algorithm: sha256WithRSAEncryption
75:43:e8:b1:8e:f1:3e:40:a0:8e:f1:8d:0b:31:70:bd:2a:17:
82:ab:09:a9:46:6f:2f:82:b9:c2:8b:51:ce:2e:c6:67:27:fc:
13:b6:90:c5:da:e8:45:a9:07:26:e3:b8:f8:10:5a:88:f4:22:
ae:e3:a9:21:df:f0:34:14:dd:0e:21:5e:61:43:9b:64:6b:9c:
65:65:33:4d:72:e0:71:91:5c:ea:6d:50:1d:26:ee:ec:ca:3e:
29:82:a0:19:6d:0f:2d:ee:2d:8f:5c:1a:0d:dd:65:85:95:c7:
0b:a0:5e:3b:23:46:91:04:d4:bc:30:76:a0:de:b7:be:52:b7:
c0:88:74:a9:b9:42:b2:20:d1:82:90:81:31:3e:32:6d:6a:b8:
bd:50:24:02:3f:67:9c:29:22:fd:05:2c:a3:7b:dc:82:54:3d:
7f:0f:4a:cc:61:40:9d:63:ae:fb:66:5a:97:2f:c6:a6:73:3b:
26:bf:cc:01:82:54:4d:4f:7a:8c:6f:6f:82:2d:e0:ea:4f:6d:
7c:3a:2d:1f:59:9d:c0:02:bd:75:d6:42:6c:7b:94:56:34:de:
8f:29:e0:0c:ce:40:80:f7:6c:70:17:0f:1f:22:18:35:0e:1e:
42:6e:48:63:9b:c5:38:25:f4:e1:99:be:22:0f:ba:e7:8f:96:
52:6e:83:5a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzI3P8i0vYklbxHAQwLJcKDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTQxZTI5MzMwYjMyNzZjYTVkZTJkYmYzZWJiYzE2ZjliNmI2ODBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJ7ahu6TzqBlkl/u5YU83lf1uyDt
a4CLLAgLnwalFjxtYq1lrAiTTofJrtaT8YKjkZUvWkTZw9qgpAJ+AWrmJOpXDex7
QUbSpV4/I3ZMTOspAmsWYPuP7zG6w0D5WQYzibHChuTKbesE66QC7RV7ZRjPnfJL
PH43vWkeyKHu0efoFzjrPkKltF4LGm1rH9bmI4WBr34WeiYPcoJBMUdmPrs8Qk40
uTqt6A/8hGXMFOkHLZQms8pFIAFePylatRnDZSbBIOA8rpx7zMhf04cUqScxldit
UiNnST62OjfqXs16lW2uqvjmowm9F47araxzcelHk9pn4VWxEndTJQuZXQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFH5B4pMwsydspd4tvz67wW+ba2gPMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZmtIaWt6Q3pKMnlsM2kyX1BydkJiNXRyYUE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBVdneAwQA
V3luAwQAXXsKAwQAXXtJAwQAXpyvAwQA1EmJMA0GCSqGSIb3DQEBCwUAA4IBAQB1
Q+ixjvE+QKCO8Y0LMXC9KheCqwmpRm8vgrnCi1HOLsZnJ/wTtpDF2uhFqQcm47j4
EFqI9CKu46kh3/A0FN0OIV5hQ5tka5xlZTNNcuBxkVzqbVAdJu7syj4pgqAZbQ8t
7i2PXBoN3WWFlccLoF47I0aRBNS8MHag3re+UrfAiHSpuUKyINGCkIExPjJtari9
UCQCP2ecKSL9BSyje9yCVD1/D0rMYUCdY677ZlqXL8amczsmv8wBglRNT3qMb2+C
LeDqT218Oi0fWZ3AAr111kJse5RWNN6PKeAMzkCA92xwFw8fIhg1Dh5Cbkhjm8U4
JfThmb4iD7rnj5ZSboNa
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:39 2024 by rpki-client on console-ams.rpki-client.org