Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jYvcqv9smbCPlhorB7G9bYIq5pY.roa
File: jYvcqv9smbCPlhorB7G9bYIq5pY.roa (raw, json)
Hash identifier: y07gaHXvTVYOC/T6ZVNqNMGvGJ1BfTTAQcx41fb2cUc=
Subject key identifier: 8D:8B:DC:AA:FF:6C:99:B0:8F:96:1A:2B:07:B1:BD:6D:82:2A:E6:96
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018C24524903BBB0E4CBC5B2D205300BDF96
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jYvcqv9smbCPlhorB7G9bYIq5pY.roa
Signing time: Fri 01 Dec 2023 07:40:21 +0000
ROA not before: Fri 01 Dec 2023 07:40:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 87.121.220.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:24:52:49:03:bb:b0:e4:cb:c5:b2:d2:05:30:0b:df:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 1 07:40:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d8bdcaaff6c99b08f961a2b07b1bd6d822ae696
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:63:1b:d3:50:c4:cd:87:a5:f2:8a:be:c2:4c:
8c:d2:65:e7:43:f1:2b:2b:d3:cf:30:e1:c7:b7:f8:
4a:69:1b:77:d1:63:41:c7:13:31:98:0c:74:d8:c4:
c9:f6:98:15:0c:c7:b2:40:4e:c6:ff:90:73:e5:c2:
28:9d:fe:74:ad:af:c7:4c:d0:66:d4:bc:4e:20:71:
87:8a:51:76:2b:73:86:ab:45:ce:b3:1b:30:e5:5d:
44:7c:06:62:b0:ae:0d:9f:35:aa:7a:dd:82:53:9c:
98:1b:e8:39:f6:e7:0e:b8:37:f0:e7:a6:ae:1d:fe:
15:5f:70:a0:7a:30:e9:51:70:17:b0:f1:e5:32:3d:
a9:5d:35:59:de:3a:f7:70:81:3f:24:7e:20:87:d9:
6b:f8:c4:c4:42:9b:dc:04:9e:ff:05:df:91:3d:46:
17:f6:cd:27:c2:b4:f7:fa:3e:21:bd:3a:12:da:ed:
44:8d:ad:ca:9c:e3:28:47:b1:bf:f8:3a:85:fb:e3:
e6:a7:6d:b2:9c:90:0a:07:8e:bd:74:43:2f:f7:a3:
4a:05:c4:53:c6:ac:5d:3e:5f:e2:ae:74:a0:04:06:
16:7e:25:09:54:d8:6b:d3:3a:5c:6c:ed:9a:6a:06:
8e:e5:0e:08:8c:18:eb:33:e7:06:73:20:a3:4b:c1:
3d:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:8B:DC:AA:FF:6C:99:B0:8F:96:1A:2B:07:B1:BD:6D:82:2A:E6:96
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/jYvcqv9smbCPlhorB7G9bYIq5pY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.121.220.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:cf:07:79:37:95:bf:51:0d:b5:1c:47:dc:01:13:1d:53:fe:
6d:cf:fc:16:6e:f8:e3:6a:5a:1e:2b:7b:72:ac:06:e2:34:ef:
31:86:e0:83:bb:aa:ba:0f:db:1f:bd:07:a0:e0:83:bf:16:36:
81:e2:17:37:81:1a:2b:33:4f:15:76:3a:7f:a0:1e:d5:cd:5e:
d4:8c:31:5d:10:ac:2f:32:d2:d6:17:c0:53:ca:09:9f:8a:84:
b4:5b:2c:12:aa:22:65:fc:c6:3e:7b:e4:29:4a:d4:73:9f:e5:
b2:6d:b0:c5:74:0d:89:7f:2f:fd:b7:7e:db:4f:fa:08:47:21:
24:d0:2e:7e:27:ec:33:fb:33:bd:7f:ee:26:94:d8:67:82:87:
f8:47:be:49:a4:b3:08:2a:77:d5:4b:9f:38:7d:d2:e4:28:2e:
6c:a3:4f:22:04:79:79:ab:74:f0:3e:dd:1a:32:9e:3e:31:f1:
a5:56:56:92:5e:aa:a6:01:61:70:6e:a8:13:2d:c3:64:66:0a:
d6:da:5d:a7:6c:0e:13:29:6c:10:8b:75:70:f9:c8:c2:df:fb:
04:98:f3:4c:9d:92:98:87:31:21:ba:65:04:79:55:75:3c:0c:
5a:1a:04:4c:5a:9c:47:90:eb:9d:ee:46:6b:30:c4:e8:bd:ed:
5a:0f:ba:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwkUkkDu7Dky8Wy0gUwC9+WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjAxMDc0MDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDhiZGNhYWZmNmM5OWIwOGY5NjFhMmIwN2IxYmQ2ZDgyMmFlNjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGMb01DEzYel8oq+wkyM0mXnQ/Er
K9PPMOHHt/hKaRt30WNBxxMxmAx02MTJ9pgVDMeyQE7G/5Bz5cIonf50ra/HTNBm
1LxOIHGHilF2K3OGq0XOsxsw5V1EfAZisK4NnzWqet2CU5yYG+g59ucOuDfw56au
Hf4VX3CgejDpUXAXsPHlMj2pXTVZ3jr3cIE/JH4gh9lr+MTEQpvcBJ7/Bd+RPUYX
9s0nwrT3+j4hvToS2u1Eja3KnOMoR7G/+DqF++Pmp22ynJAKB469dEMv96NKBcRT
xqxdPl/irnSgBAYWfiUJVNhr0zpcbO2aagaO5Q4IjBjrM+cGcyCjS8E97wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI2L3Kr/bJmwj5YaKwexvW2CKuaWMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvall2Y3F2OXNtYkNQbGhvckI3RzliWUlxNXBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV3ncMA0G
CSqGSIb3DQEBCwUAA4IBAQCbzwd5N5W/UQ21HEfcARMdU/5tz/wWbvjjaloeK3ty
rAbiNO8xhuCDu6q6D9sfvQeg4IO/FjaB4hc3gRorM08Vdjp/oB7VzV7UjDFdEKwv
MtLWF8BTygmfioS0WywSqiJl/MY+e+QpStRzn+WybbDFdA2Jfy/9t37bT/oIRyEk
0C5+J+wz+zO9f+4mlNhngof4R75JpLMIKnfVS584fdLkKC5so08iBHl5q3TwPt0a
Mp4+MfGlVlaSXqqmAWFwbqgTLcNkZgrW2l2nbA4TKWwQi3Vw+cjC3/sEmPNMnZKY
hzEhumUEeVV1PAxaGgRMWpxHkOud7kZrMMTove1aD7ol
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:18:48 2024 by rpki-client on console-fra.rpki-client.org