Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jVMw6HTlUlSZnodg-Nt2OS6OZQc.roa
File: jVMw6HTlUlSZnodg-Nt2OS6OZQc.roa (raw, json)
Hash identifier: +YJcOd7X4eZbkjmKkm4AnzA18yE0Y2F6YdegAz5J1iA=
Subject key identifier: 8D:53:30:E8:74:E5:52:54:99:9E:87:60:F8:DB:76:39:2E:8E:65:07
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0191688F893A4436D6DF825AC81945DC7DFE
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jVMw6HTlUlSZnodg-Nt2OS6OZQc.roa
Signing time: Mon 19 Aug 2024 02:55:22 +0000
ROA not before: Mon 19 Aug 2024 02:55:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 87.120.68.0/23 maxlen: 24
87.121.147.0/24 maxlen: 24
93.123.74.0/23 maxlen: 24
185.222.161.0/24 maxlen: 24
185.252.160.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Aug 2024 12:24:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:68:8f:89:3a:44:36:d6:df:82:5a:c8:19:45:dc:7d:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 19 02:55:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8d5330e874e55254999e8760f8db76392e8e6507
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:37:74:15:11:55:d1:9e:c6:0f:4f:c1:09:7b:
61:fa:13:a1:27:d9:f9:48:b3:61:10:ec:f4:fb:88:
59:f8:51:19:c9:04:d5:1e:fd:bc:e1:a0:24:ce:00:
f6:05:6e:67:c4:d9:de:d3:a1:fa:8d:fa:55:72:46:
fd:e5:0e:3c:f7:3e:99:56:16:ec:23:32:40:96:27:
ed:49:8c:11:34:43:d0:77:c6:53:44:e9:11:ea:79:
d9:21:b0:d4:c3:47:60:10:0c:a8:65:f3:a1:2a:54:
e8:f8:19:a9:5e:69:95:0b:a8:71:2d:fd:4b:e0:eb:
34:6e:e6:46:f6:32:21:12:cd:f3:9d:9e:15:04:9f:
2a:6a:79:40:db:ac:fd:51:b1:e5:01:b7:36:cc:11:
5c:5c:95:8e:a2:35:30:b9:7f:59:da:3f:c4:a3:4d:
3f:9d:fe:2d:46:75:d8:15:dd:51:77:5e:cd:f7:81:
4d:96:71:08:b1:9a:4c:05:24:4f:20:48:d8:b9:6f:
7d:56:62:3a:af:57:1a:5c:6b:f3:9b:27:74:48:23:
1e:6c:a4:48:7e:b1:45:b4:35:7e:a5:31:dc:4f:5a:
27:02:f4:a4:9d:d6:f6:3c:1e:d3:28:74:09:99:7b:
24:6f:71:64:fc:76:d7:e1:c8:d8:e5:9d:e7:75:b0:
ba:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:53:30:E8:74:E5:52:54:99:9E:87:60:F8:DB:76:39:2E:8E:65:07
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jVMw6HTlUlSZnodg-Nt2OS6OZQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.68.0/23
87.121.147.0/24
93.123.74.0/23
185.222.161.0/24
185.252.160.0/23
Signature Algorithm: sha256WithRSAEncryption
94:2b:64:59:40:ee:32:85:55:c5:27:78:b2:ed:2f:7a:d1:31:
93:23:94:af:6b:1f:03:40:67:88:76:20:bb:ce:ee:aa:de:9a:
51:69:0a:bd:9c:51:e6:82:40:4c:5e:73:53:1b:d0:e6:be:5f:
95:b1:ae:43:3b:3c:a5:91:5f:30:a6:ec:82:36:74:3b:f6:ab:
f2:1d:8f:2e:47:09:25:30:30:96:5e:6d:3d:91:cf:a6:e2:af:
8f:10:df:b6:d9:f3:5e:d5:d3:c3:bd:3b:e5:a4:d4:36:36:f2:
f8:b4:57:7b:43:ef:16:5a:06:0a:d2:45:d4:05:74:f2:06:a0:
1d:0d:ec:d0:2b:48:fa:59:03:ef:b1:1e:d6:f3:48:96:2e:c4:
cd:f6:9d:64:54:53:5a:54:c7:15:fa:59:ad:31:91:15:be:23:
b6:b0:bc:36:f5:eb:a8:df:49:a7:81:c8:bb:59:42:7c:59:86:
da:dd:57:c1:b8:27:e7:3d:db:34:b9:eb:42:d2:da:a8:8c:e7:
8f:1b:c8:b2:77:e1:3e:a3:e9:b8:3a:05:ae:ff:e7:b6:54:ad:
53:69:33:4a:8f:db:7f:4e:a7:5b:21:7c:15:2e:8b:0a:06:e1:
78:f9:ed:c5:ec:58:99:26:06:a9:aa:c2:7d:1e:f4:74:12:fa:
81:ad:82:bf
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZFoj4k6RDbW34JayBlF3H3+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwODE5MDI1NTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDUzMzBlODc0ZTU1MjU0OTk5ZTg3NjBmOGRiNzYzOTJlOGU2NTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDd0FRFV0Z7GD0/BCXth+hOhJ9n5
SLNhEOz0+4hZ+FEZyQTVHv284aAkzgD2BW5nxNne06H6jfpVckb95Q489z6ZVhbs
IzJAliftSYwRNEPQd8ZTROkR6nnZIbDUw0dgEAyoZfOhKlTo+BmpXmmVC6hxLf1L
4Os0buZG9jIhEs3znZ4VBJ8qanlA26z9UbHlAbc2zBFcXJWOojUwuX9Z2j/Eo00/
nf4tRnXYFd1Rd17N94FNlnEIsZpMBSRPIEjYuW99VmI6r1caXGvzmyd0SCMebKRI
frFFtDV+pTHcT1onAvSkndb2PB7TKHQJmXskb3Fk/HbX4cjY5Z3ndbC6nwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFI1TMOh05VJUmZ6HYPjbdjkujmUHMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvalZNdzZIVGxVbFNabm9kZy1OdDJPUzZPWlFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBV3hEAwQA
V3mTAwQBXXtKAwQAud6hAwQBufygMA0GCSqGSIb3DQEBCwUAA4IBAQCUK2RZQO4y
hVXFJ3iy7S960TGTI5Svax8DQGeIdiC7zu6q3ppRaQq9nFHmgkBMXnNTG9Dmvl+V
sa5DOzylkV8wpuyCNnQ79qvyHY8uRwklMDCWXm09kc+m4q+PEN+22fNe1dPDvTvl
pNQ2NvL4tFd7Q+8WWgYK0kXUBXTyBqAdDezQK0j6WQPvsR7W80iWLsTN9p1kVFNa
VMcV+lmtMZEVviO2sLw29euo30mngci7WUJ8WYba3VfBuCfnPds0uetC0tqojOeP
G8iyd+E+o+m4OgWu/+e2VK1TaTNKj9t/TqdbIXwVLosKBuF4+e3F7FiZJgapqsJ9
HvR0EvqBrYK/
-----END CERTIFICATE-----
Generated at Tue Aug 20 17:10:12 2024 by rpki-client on console-ams.rpki-client.org