Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ptxxR3XuqnnUS_d87zYhwhd7osc.roa
File: ptxxR3XuqnnUS_d87zYhwhd7osc.roa (raw, json)
Hash identifier: 8+EyoZ2POAWFMuusceIlGPcpiPK6ALhAKUm/vaQ8leU=
Subject key identifier: A6:DC:71:47:75:EE:AA:79:D4:4B:F7:7C:EF:36:21:C2:17:7B:A2:C7
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018E8983E306A6EE3FDD8633DD2FF0817953
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ptxxR3XuqnnUS_d87zYhwhd7osc.roa
Signing time: Fri 29 Mar 2024 09:21:45 +0000
ROA not before: Fri 29 Mar 2024 09:21:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201133
IP address blocks: 85.217.222.0/24 maxlen: 24
85.217.223.0/24 maxlen: 24
93.123.10.0/24 maxlen: 24
93.123.73.0/24 maxlen: 24
93.123.73.207/32 maxlen: 32
94.156.175.0/24 maxlen: 24
212.73.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 May 2024 08:18:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:89:83:e3:06:a6:ee:3f:dd:86:33:dd:2f:f0:81:79:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 29 09:21:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6dc714775eeaa79d44bf77cef3621c2177ba2c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:fa:80:10:5d:7c:c2:25:89:0b:51:7d:e3:64:
4a:24:03:6d:09:6e:21:c1:76:19:a5:05:54:98:ab:
68:90:34:da:69:70:d8:94:3a:e8:6c:35:21:b6:84:
eb:e1:2b:63:92:4f:24:15:a6:a4:c5:83:18:9f:86:
7d:2b:95:dc:95:52:29:91:1d:9c:6e:61:87:c6:88:
3b:f2:a0:b6:eb:d6:b1:92:13:09:8d:71:c8:62:ca:
5f:88:83:3e:ec:f5:9f:c1:92:e2:46:ba:70:49:45:
9b:c9:01:7c:da:34:32:24:b1:a3:df:91:1c:81:ca:
d7:58:4d:fd:ca:7f:86:1a:07:2b:84:14:54:ef:83:
78:30:d1:ed:33:f4:b1:a4:00:f2:e9:e1:c3:29:a5:
64:b8:88:24:e4:cf:14:31:99:3a:13:3c:00:2c:11:
3b:da:93:fb:a5:fd:3e:c8:20:59:3a:80:9e:93:aa:
6f:ac:1d:dc:96:5f:50:a1:ad:af:d1:18:37:ea:97:
3d:75:59:42:4e:d8:1b:85:3c:18:6f:0e:6d:1d:22:
9d:c7:4e:18:2e:4c:83:cf:6c:a3:e5:87:47:f3:58:
01:91:10:54:9e:34:9d:46:64:6c:30:57:95:d0:3d:
30:98:a7:0c:76:02:59:71:29:fe:26:0b:7e:7f:a2:
47:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:DC:71:47:75:EE:AA:79:D4:4B:F7:7C:EF:36:21:C2:17:7B:A2:C7
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ptxxR3XuqnnUS_d87zYhwhd7osc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.222.0/23
93.123.10.0/24
93.123.73.0/24
94.156.175.0/24
212.73.137.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:9a:f2:35:b5:98:eb:f0:6b:c3:bd:e6:e2:75:b5:39:99:a5:
7b:0a:07:7e:ab:80:6c:d8:e7:04:4e:2a:c6:de:ac:bf:ac:3f:
ec:1f:8c:de:0a:7f:fe:3e:3d:af:c4:60:85:35:2d:20:32:9a:
25:7b:cd:76:0f:52:f5:8f:8d:61:7c:01:22:4f:a6:50:57:1e:
5f:9f:24:a2:9d:c4:47:0c:f7:e2:eb:d8:25:7a:b9:f7:70:f8:
b7:95:d4:f2:74:23:f2:53:77:bd:bd:5f:8b:8e:69:ee:16:4c:
af:a4:4b:9f:58:8e:ae:cc:1c:a1:3b:fc:65:7a:2b:b5:b5:1f:
74:ee:50:20:23:d3:52:1e:47:f6:15:bb:ea:06:7f:25:0b:f5:
2e:4e:9c:9d:b2:de:87:1a:27:5d:63:36:a2:1b:8a:b2:c0:8b:
1d:b9:e0:a5:30:0c:a2:92:f4:5a:1b:1b:5f:c0:7c:5a:cb:9d:
57:6d:2c:0e:9c:e9:73:87:06:b7:00:5b:ae:bb:3a:2d:26:56:
88:f8:ee:bf:ce:a8:78:8b:b0:79:5f:b2:8b:94:c5:4d:2b:c2:
41:d3:0d:c7:99:75:cc:4e:71:b8:ea:2c:5b:00:7d:28:8b:7e:
b5:a7:f8:cd:04:fa:81:f8:98:f4:f9:af:db:60:bd:aa:73:3e:
28:0f:88:6c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY6Jg+MGpu4/3YYz3S/wgXlTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzI5MDkyMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmRjNzE0Nzc1ZWVhYTc5ZDQ0YmY3N2NlZjM2MjFjMjE3N2JhMmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvqAEF18wiWJC1F942RKJANtCW4h
wXYZpQVUmKtokDTaaXDYlDrobDUhtoTr4Stjkk8kFaakxYMYn4Z9K5XclVIpkR2c
bmGHxog78qC269axkhMJjXHIYspfiIM+7PWfwZLiRrpwSUWbyQF82jQyJLGj35Ec
gcrXWE39yn+GGgcrhBRU74N4MNHtM/SxpADy6eHDKaVkuIgk5M8UMZk6EzwALBE7
2pP7pf0+yCBZOoCek6pvrB3cll9Qoa2v0Rg36pc9dVlCTtgbhTwYbw5tHSKdx04Y
LkyDz2yj5YdH81gBkRBUnjSdRmRsMFeV0D0wmKcMdgJZcSn+Jgt+f6JHZwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKbccUd17qp51Ev3fO82IcIXe6LHMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcHR4eFIzWHVxbm5VU19kODd6WWh3aGQ3b3NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBVdneAwQA
XXsKAwQAXXtJAwQAXpyvAwQA1EmJMA0GCSqGSIb3DQEBCwUAA4IBAQAMmvI1tZjr
8GvDvebidbU5maV7Cgd+q4Bs2OcETirG3qy/rD/sH4zeCn/+Pj2vxGCFNS0gMpol
e812D1L1j41hfAEiT6ZQVx5fnySincRHDPfi69glern3cPi3ldTydCPyU3e9vV+L
jmnuFkyvpEufWI6uzByhO/xleiu1tR907lAgI9NSHkf2FbvqBn8lC/UuTpydst6H
GiddYzaiG4qywIsdueClMAyikvRaGxtfwHxay51XbSwOnOlzhwa3AFuuuzotJlaI
+O6/zqh4i7B5X7KLlMVNK8JB0w3HmXXMTnG46ixbAH0oi361p/jNBPqB+Jj0+a/b
YL2qcz4oD4hs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:19 2024 by rpki-client on console-fra.rpki-client.org