Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qRWgaBHvVi7ONy-aBvWRimrxPqQ.roa
File: qRWgaBHvVi7ONy-aBvWRimrxPqQ.roa (raw, json)
Hash identifier: 2JT1dGF9cC8WJpB/r8/zRqTuteAXgy2gTd8zaaIGZSM=
Subject key identifier: A9:15:A0:68:11:EF:56:2E:CE:37:2F:9A:06:F5:91:8A:6A:F1:3E:A4
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018B24EA97F53B4EFA763405031832B31B21
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qRWgaBHvVi7ONy-aBvWRimrxPqQ.roa
Signing time: Thu 12 Oct 2023 17:23:55 +0000
ROA not before: Thu 12 Oct 2023 17:23:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 87.120.68.0/23 maxlen: 24
164.40.185.0/24 maxlen: 24
93.123.74.0/23 maxlen: 23
194.180.37.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:24:ea:97:f5:3b:4e:fa:76:34:05:03:18:32:b3:1b:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 12 17:23:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a915a06811ef562ece372f9a06f5918a6af13ea4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:23:17:70:e5:06:ad:01:cb:ce:3d:e5:6d:81:
ee:16:e0:5f:fe:e7:07:fb:6c:7c:55:43:c9:28:94:
b5:b5:03:d8:bb:a4:80:f9:ff:28:53:ff:96:06:33:
16:8c:6b:2e:c5:42:07:45:bd:a5:17:c2:ba:c5:3c:
df:84:32:22:85:11:5a:d4:ec:34:2d:0f:bf:9f:5a:
5f:e0:2b:dd:c3:f0:bd:04:b0:a3:74:46:5c:fe:39:
69:fb:d5:f3:e0:79:da:54:9f:9a:3c:4c:93:4c:fc:
ab:14:9c:06:9e:73:c8:a9:32:77:81:af:6f:e6:7e:
92:28:22:17:b5:70:48:3a:2a:34:3e:f3:a8:64:54:
4d:e3:4b:68:1e:eb:07:8b:e0:d1:57:5a:5b:a7:d6:
4c:7b:aa:62:10:c1:89:09:17:55:de:82:a9:98:5c:
84:11:a5:5b:18:54:ed:ac:c3:14:66:4e:80:bb:f4:
3f:d6:9f:df:a7:05:cf:79:7d:03:1b:16:56:6e:41:
96:d5:ae:66:b8:cd:de:ab:25:b3:f4:16:c0:d6:6b:
91:e3:20:f3:d9:2e:60:58:67:2b:cb:ec:db:6f:73:
cb:55:51:15:8d:cf:93:25:9d:93:72:8c:df:6b:27:
89:d3:4d:38:17:fd:24:1c:2e:3a:b3:e2:15:80:62:
da:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:15:A0:68:11:EF:56:2E:CE:37:2F:9A:06:F5:91:8A:6A:F1:3E:A4
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qRWgaBHvVi7ONy-aBvWRimrxPqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.68.0/23
93.123.74.0/23
164.40.185.0/24
194.180.37.0/24
Signature Algorithm: sha256WithRSAEncryption
94:4b:18:63:db:3b:bf:33:6f:62:1b:76:2a:21:d5:03:49:b9:
91:5c:e7:2d:11:e4:2a:bb:78:5c:c7:ac:23:f1:ff:6c:c2:df:
82:fc:44:ee:2c:76:ea:45:66:72:fb:b0:91:14:69:78:b9:00:
a1:26:42:ae:72:6c:93:e2:f7:ef:83:fd:56:39:dd:62:de:9c:
ad:f7:fb:43:4b:e6:88:06:dc:96:e8:01:de:01:37:20:d4:c0:
02:2a:4a:71:23:b9:3c:f0:3d:9c:81:0d:03:69:2c:c6:2f:f0:
ab:95:25:45:01:2d:73:55:ec:cc:6d:e8:50:b1:1a:b6:d9:07:
17:c6:67:a9:af:a0:a7:c1:bb:10:fb:94:7a:e4:bf:e4:27:60:
bb:cc:6a:a2:f0:28:f8:a8:ba:01:b3:bc:75:59:8a:7e:a3:ac:
65:77:3c:91:e6:b4:ea:b5:f7:9e:f4:50:e8:56:ea:f0:5e:92:
e3:51:19:93:0a:ae:4c:a0:db:68:a8:b0:c7:cb:ec:6b:8c:60:
f7:cf:84:d0:ff:da:05:9e:2f:2c:b9:12:33:13:aa:3e:a9:2b:
b3:2b:67:6d:61:67:6b:63:bc:77:4e:95:3c:8c:ee:c1:a9:d7:
06:7b:c6:92:ae:87:27:8b:c5:5f:f9:56:90:79:fb:d7:95:de:
69:d8:d0:9a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYsk6pf1O076djQFAxgysxshMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMDEyMTcyMzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTE1YTA2ODExZWY1NjJlY2UzNzJmOWEwNmY1OTE4YTZhZjEzZWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAniMXcOUGrQHLzj3lbYHuFuBf/ucH
+2x8VUPJKJS1tQPYu6SA+f8oU/+WBjMWjGsuxUIHRb2lF8K6xTzfhDIihRFa1Ow0
LQ+/n1pf4Cvdw/C9BLCjdEZc/jlp+9Xz4HnaVJ+aPEyTTPyrFJwGnnPIqTJ3ga9v
5n6SKCIXtXBIOio0PvOoZFRN40toHusHi+DRV1pbp9ZMe6piEMGJCRdV3oKpmFyE
EaVbGFTtrMMUZk6Au/Q/1p/fpwXPeX0DGxZWbkGW1a5muM3eqyWz9BbA1muR4yDz
2S5gWGcry+zbb3PLVVEVjc+TJZ2TcozfayeJ0004F/0kHC46s+IVgGLazQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKkVoGgR71Yuzjcvmgb1kYpq8T6kMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcVJXZ2FCSHZWaTdPTnktYUJ2V1JpbXJ4UHFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBV3hEAwQB
XXtKAwQApCi5AwQAwrQlMA0GCSqGSIb3DQEBCwUAA4IBAQCUSxhj2zu/M29iG3Yq
IdUDSbmRXOctEeQqu3hcx6wj8f9swt+C/ETuLHbqRWZy+7CRFGl4uQChJkKucmyT
4vfvg/1WOd1i3pyt9/tDS+aIBtyW6AHeATcg1MACKkpxI7k88D2cgQ0DaSzGL/Cr
lSVFAS1zVezMbehQsRq22QcXxmepr6CnwbsQ+5R65L/kJ2C7zGqi8Cj4qLoBs7x1
WYp+o6xldzyR5rTqtfee9FDoVurwXpLjURmTCq5MoNtoqLDHy+xrjGD3z4TQ/9oF
ni8suRIzE6o+qSuzK2dtYWdrY7x3TpU8jO7BqdcGe8aSrocni8Vf+VaQefvXld5p
2NCa
-----END CERTIFICATE-----
Generated at Mon Oct 16 21:26:56 2023 by rpki-client on console-ams.rpki-client.org