Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iQ-uNzH3DeEB5UJnkSK_PEJjU-U.roa
File: iQ-uNzH3DeEB5UJnkSK_PEJjU-U.roa (raw, json)
Hash identifier: IPtMVIg12He0nN1O1sd9uLRJXRcVKvuWbSCK3cDZ48g=
Subject key identifier: 89:0F:AE:37:31:F7:0D:E1:01:E5:42:67:91:22:BF:3C:42:63:53:E5
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0187BCEBBDD62D1E96EF56548DE226F5E30F
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iQ-uNzH3DeEB5UJnkSK_PEJjU-U.roa
Signing time: Wed 26 Apr 2023 09:36:18 +0000
ROA not before: Wed 26 Apr 2023 09:36:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 87.120.89.0/24 maxlen: 24
87.121.57.0/24 maxlen: 24
87.121.56.0/24 maxlen: 24
45.66.229.0/24 maxlen: 24
87.121.100.0/24 maxlen: 24
87.121.101.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:bc:eb:bd:d6:2d:1e:96:ef:56:54:8d:e2:26:f5:e3:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 26 09:36:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=890fae3731f70de101e542679122bf3c426353e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:57:6b:7c:89:24:e2:e2:88:b6:01:a5:0f:48:
c1:3f:3a:4c:e1:51:16:47:81:56:0d:31:dd:8a:78:
c2:e6:21:90:68:1b:66:7f:bd:70:4d:82:e7:58:f6:
20:16:4f:d2:4c:a1:1e:23:49:45:24:ee:92:b9:69:
00:5f:f9:c7:82:12:7d:2f:36:73:cb:2d:3f:1b:0b:
e7:2a:fb:61:1c:76:b0:1a:bd:5c:62:cd:e1:49:41:
1f:be:fa:16:67:e0:4c:07:4d:f5:a1:22:a8:90:5b:
11:e7:35:fd:fe:11:76:b2:df:f1:12:ea:fc:6e:8a:
77:21:13:b6:78:fa:4f:e3:73:83:6f:e7:dc:00:a9:
1e:89:2a:92:19:c5:84:8b:63:77:34:8c:cc:e2:0b:
28:80:9c:2f:14:9d:eb:fa:ed:d6:18:21:3e:ab:0c:
a2:8d:36:67:95:4e:25:09:16:cc:51:3e:9b:38:51:
38:95:92:a2:f6:41:2d:63:e5:c9:e1:89:a2:f5:2d:
66:03:03:cb:b6:ec:c9:fb:49:17:37:e5:3a:4d:c8:
1b:03:cb:47:48:99:72:e4:be:24:6f:17:44:3f:f4:
4a:b2:00:46:5c:72:52:88:8e:82:69:38:9a:39:e4:
bc:3b:6e:ba:07:c6:2b:6b:b8:7a:2f:f1:c1:05:4d:
d7:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:0F:AE:37:31:F7:0D:E1:01:E5:42:67:91:22:BF:3C:42:63:53:E5
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iQ-uNzH3DeEB5UJnkSK_PEJjU-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.229.0/24
87.120.89.0/24
87.121.56.0/23
87.121.100.0/23
Signature Algorithm: sha256WithRSAEncryption
51:6b:09:d8:2c:70:82:e0:4f:18:87:05:f4:82:c2:00:4e:22:
bc:93:2e:bd:5b:72:1c:95:be:85:2e:ac:07:8c:2b:4c:f7:da:
f6:eb:35:39:16:07:0b:45:ab:7f:40:6a:6e:7a:5d:9b:04:76:
e0:6d:af:03:23:b0:30:8a:d2:35:b2:67:9d:bd:35:d6:8c:3c:
57:4c:95:ce:96:87:d5:c7:12:04:4e:a2:c5:5f:63:ed:c8:f8:
e6:38:ef:99:d5:e2:41:5a:a4:c9:1e:fa:3f:f1:0c:10:5f:04:
1e:a8:43:26:fa:8b:65:78:4a:79:d8:4a:47:0a:b3:b3:1a:3d:
10:e1:30:fc:e7:89:93:0d:5e:24:66:a2:25:60:39:5b:f1:38:
0d:71:15:b9:4b:d2:71:d4:93:c7:d2:73:d4:82:a8:9c:7f:20:
97:ee:e8:95:aa:95:a9:89:85:b6:cd:3b:67:71:b5:75:dd:0d:
7e:54:c2:af:58:35:89:b7:e9:fb:2b:f0:25:5d:65:5b:53:81:
8e:03:64:0e:25:ac:e9:7d:a2:11:a6:66:13:cc:6a:e4:f1:89:
44:1d:64:63:72:27:81:85:8e:67:cb:d5:fd:1b:bd:db:e5:28:
5a:75:e0:71:55:6d:56:c1:7a:a9:b0:52:b3:c9:d7:44:e8:ba:
26:a5:5c:9c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYe8673WLR6W71ZUjeIm9eMPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDI2MDkzNjE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTBmYWUzNzMxZjcwZGUxMDFlNTQyNjc5MTIyYmYzYzQyNjM1M2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFdrfIkk4uKItgGlD0jBPzpM4VEW
R4FWDTHdinjC5iGQaBtmf71wTYLnWPYgFk/STKEeI0lFJO6SuWkAX/nHghJ9LzZz
yy0/GwvnKvthHHawGr1cYs3hSUEfvvoWZ+BMB031oSKokFsR5zX9/hF2st/xEur8
bop3IRO2ePpP43ODb+fcAKkeiSqSGcWEi2N3NIzM4gsogJwvFJ3r+u3WGCE+qwyi
jTZnlU4lCRbMUT6bOFE4lZKi9kEtY+XJ4Ymi9S1mAwPLtuzJ+0kXN+U6TcgbA8tH
SJly5L4kbxdEP/RKsgBGXHJSiI6CaTiaOeS8O266B8Yra7h6L/HBBU3X1wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIkPrjcx9w3hAeVCZ5EivzxCY1PlMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaVEtdU56SDNEZUVCNVVKbmtTS19QRUpqVS1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALULlAwQA
V3hZAwQBV3k4AwQBV3lkMA0GCSqGSIb3DQEBCwUAA4IBAQBRawnYLHCC4E8YhwX0
gsIATiK8ky69W3Iclb6FLqwHjCtM99r26zU5FgcLRat/QGpuel2bBHbgba8DI7Aw
itI1smedvTXWjDxXTJXOlofVxxIETqLFX2PtyPjmOO+Z1eJBWqTJHvo/8QwQXwQe
qEMm+otleEp52EpHCrOzGj0Q4TD854mTDV4kZqIlYDlb8TgNcRW5S9Jx1JPH0nPU
gqicfyCX7uiVqpWpiYW2zTtncbV13Q1+VMKvWDWJt+n7K/AlXWVbU4GOA2QOJazp
faIRpmYTzGrk8YlEHWRjcieBhY5ny9X9G73b5ShadeBxVW1WwXqpsFKzyddE6Lom
pVyc
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:41 2023 by rpki-client on console-ams.rpki-client.org