Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/nJCIwhrjY49EmMCGiUC0XDOC0wc.roa
File: nJCIwhrjY49EmMCGiUC0XDOC0wc.roa (raw, json)
Hash identifier: 2dHJOzR0vh9fJYNbVELQAX7mQlRJamJfmOXKMRLYNoU=
Subject key identifier: 9C:90:88:C2:1A:E3:63:8F:44:98:C0:86:89:40:B4:5C:33:82:D3:07
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018D8679F47C6CC7730DD4D9AAD562C0D8B8
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/nJCIwhrjY49EmMCGiUC0XDOC0wc.roa
Signing time: Thu 08 Feb 2024 02:09:15 +0000
ROA not before: Thu 08 Feb 2024 02:09:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 31.13.211.0/24 maxlen: 24
45.8.94.0/24 maxlen: 24
87.120.68.0/23 maxlen: 24
87.120.192.0/23 maxlen: 24
87.121.146.0/24 maxlen: 24
87.121.147.0/24 maxlen: 24
91.92.26.0/24 maxlen: 24
93.123.74.0/23 maxlen: 23
93.123.100.0/24 maxlen: 24
93.123.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 Feb 2024 20:43:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:86:79:f4:7c:6c:c7:73:0d:d4:d9:aa:d5:62:c0:d8:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 8 02:09:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c9088c21ae3638f4498c0868940b45c3382d307
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ca:fa:c9:1e:a9:d4:43:38:fb:eb:8d:ac:44:
02:97:47:63:52:b3:a8:df:18:ae:c2:12:ea:7f:ff:
4d:23:a7:e5:ea:ac:1e:4c:89:8f:2e:52:07:6a:a7:
7e:dc:d2:ee:a4:ff:db:37:87:bf:a4:e9:3b:cd:53:
d1:2a:64:b2:34:9e:9b:73:45:42:2b:1d:a1:ad:a2:
3f:9a:3c:eb:ed:47:e0:c3:d4:7d:58:c3:6f:30:68:
e0:ff:3e:06:8f:b7:cb:9b:41:c2:66:97:31:03:db:
0a:13:5d:0f:85:f8:eb:28:82:6f:73:e3:2c:d6:b1:
7c:5c:02:28:80:0f:69:03:03:e7:9c:4b:da:6d:93:
8d:3e:21:d2:98:49:27:39:fb:64:38:19:68:c8:ca:
68:72:a2:91:7f:e9:3a:dd:92:d3:f2:ac:79:2d:c0:
c1:79:0b:94:4f:d9:7e:3e:60:e5:4f:b5:97:72:9b:
b8:70:01:57:93:05:90:04:0f:b0:41:32:87:bc:0d:
a1:67:b3:6a:01:0b:15:aa:f4:0f:45:06:86:6e:89:
38:0f:8e:c1:e0:79:b2:c2:13:5c:2b:45:1d:f6:2e:
59:ed:5f:40:2a:da:f3:c7:d1:24:3b:b5:b1:ed:0c:
e3:a4:05:ff:a5:69:9f:f3:f9:c4:95:b7:ff:ee:b6:
7c:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:90:88:C2:1A:E3:63:8F:44:98:C0:86:89:40:B4:5C:33:82:D3:07
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/nJCIwhrjY49EmMCGiUC0XDOC0wc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.211.0/24
45.8.94.0/24
87.120.68.0/23
87.120.192.0/23
87.121.146.0/23
91.92.26.0/24
93.123.74.0/23
93.123.100.0/23
Signature Algorithm: sha256WithRSAEncryption
a2:c2:44:a6:d5:70:08:14:42:2f:98:65:67:d8:d5:21:0d:d3:
16:9d:90:50:39:27:82:ad:45:25:6c:14:c2:2b:d4:5d:3d:e5:
f3:4f:bc:9c:ac:12:24:8b:8b:4d:7a:05:5b:d3:14:2c:ed:8a:
81:4b:62:73:aa:22:1c:e6:44:ea:dd:1f:9c:99:c7:18:3d:6c:
3c:05:31:30:a3:9e:7e:67:16:6c:33:3c:8d:73:c6:da:91:68:
a3:bf:00:ce:87:41:52:e1:ff:d8:1e:86:43:ea:2a:35:59:ca:
da:74:ad:3b:48:8e:98:68:17:d1:39:ab:3e:7f:33:ff:a6:bb:
e7:b6:05:4c:c5:88:8d:8f:11:d2:98:8c:4c:d7:37:41:c8:08:
b0:a8:54:54:b5:59:d4:da:b5:eb:a3:0e:fa:f6:55:bb:27:bb:
59:73:b8:8a:73:a2:3c:44:48:fc:4a:5a:81:0d:05:b6:dd:fd:
08:a0:3b:d0:35:9b:81:0b:6c:4b:d5:ed:4f:d6:df:9a:33:11:
25:75:1b:21:7e:a3:fc:66:75:18:11:c5:63:8c:6e:81:45:f9:
c6:d1:92:fe:91:19:06:cf:cd:b8:a0:af:b0:14:c7:71:2e:c2:
6b:cc:89:51:7d:6a:2b:76:8e:0f:ba:1a:ee:7f:c2:fe:0e:97:
a6:82:b5:50
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY2GefR8bMdzDdTZqtViwNi4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjA4MDIwOTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzkwODhjMjFhZTM2MzhmNDQ5OGMwODY4OTQwYjQ1YzMzODJkMzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocr6yR6p1EM4++uNrEQCl0djUrOo
3xiuwhLqf/9NI6fl6qweTImPLlIHaqd+3NLupP/bN4e/pOk7zVPRKmSyNJ6bc0VC
Kx2hraI/mjzr7Ufgw9R9WMNvMGjg/z4Gj7fLm0HCZpcxA9sKE10PhfjrKIJvc+Ms
1rF8XAIogA9pAwPnnEvabZONPiHSmEknOftkOBloyMpocqKRf+k63ZLT8qx5LcDB
eQuUT9l+PmDlT7WXcpu4cAFXkwWQBA+wQTKHvA2hZ7NqAQsVqvQPRQaGbok4D47B
4HmywhNcK0Ud9i5Z7V9AKtrzx9EkO7Wx7QzjpAX/pWmf8/nElbf/7rZ8iQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFJyQiMIa42OPRJjAholAtFwzgtMHMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbkpDSXdocmpZNDlFbU1DR2lVQzBYRE9DMHdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAHw3TAwQA
LQheAwQBV3hEAwQBV3jAAwQBV3mSAwQAW1waAwQBXXtKAwQBXXtkMA0GCSqGSIb3
DQEBCwUAA4IBAQCiwkSm1XAIFEIvmGVn2NUhDdMWnZBQOSeCrUUlbBTCK9RdPeXz
T7ycrBIki4tNegVb0xQs7YqBS2JzqiIc5kTq3R+cmccYPWw8BTEwo55+ZxZsMzyN
c8bakWijvwDOh0FS4f/YHoZD6io1WcradK07SI6YaBfROas+fzP/prvntgVMxYiN
jxHSmIxM1zdByAiwqFRUtVnU2rXrow769lW7J7tZc7iKc6I8REj8SlqBDQW23f0I
oDvQNZuBC2xL1e1P1t+aMxEldRshfqP8ZnUYEcVjjG6BRfnG0ZL+kRkGz824oK+w
FMdxLsJrzIlRfWordo4Puhruf8L+DpemgrVQ
-----END CERTIFICATE-----
Generated at Thu Feb 8 21:57:30 2024 by rpki-client on console-ams.rpki-client.org