Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/s0mU5ixx3QHx5FOzqoUOT6nb2Uc.roa
File: s0mU5ixx3QHx5FOzqoUOT6nb2Uc.roa (raw, json)
Hash identifier: +P1dRg7Q5AlRoMOd39qElAT3O5RX6d+NchNY92sZltY=
Subject key identifier: B3:49:94:E6:2C:71:DD:01:F1:E4:53:B3:AA:85:0E:4F:A9:DB:D9:47
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019154DD60B8D2F8905186A99681599D6DAC
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/s0mU5ixx3QHx5FOzqoUOT6nb2Uc.roa
Signing time: Thu 15 Aug 2024 07:07:59 +0000
ROA not before: Thu 15 Aug 2024 07:07:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 87.120.68.0/23 maxlen: 24
93.123.74.0/23 maxlen: 24
185.252.160.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 17 Aug 2024 10:13:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:54:dd:60:b8:d2:f8:90:51:86:a9:96:81:59:9d:6d:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 15 07:07:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b34994e62c71dd01f1e453b3aa850e4fa9dbd947
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:fd:3c:46:ef:0c:48:c2:9e:1a:ab:61:93:d8:
dd:5c:64:3f:8c:11:8f:50:50:a4:e7:89:f7:57:cb:
66:02:9e:63:2f:00:07:c6:5f:0e:a3:49:e2:61:4b:
74:c6:e4:1b:5d:d4:36:84:a6:91:83:77:07:de:07:
8d:72:97:02:0c:4d:f8:06:63:42:10:da:36:a4:7a:
fd:aa:e9:fd:1a:0b:34:54:31:d4:28:47:2c:6e:45:
3a:ea:ab:1c:91:44:05:c9:1c:37:64:69:01:e1:f7:
b5:ef:ff:93:a7:7d:e4:da:24:4f:c2:26:59:bf:fa:
df:bb:4b:c5:82:f5:0f:c7:14:6d:ae:61:f9:ad:fa:
94:7a:2f:99:dd:78:4a:af:7b:3a:ce:ee:f5:39:76:
89:2d:69:1c:21:b8:1b:51:e6:d0:28:27:e6:6a:7c:
58:af:a0:5e:6e:35:c3:4d:a6:2e:bc:7d:b6:7d:b3:
2d:93:7b:46:0d:f9:4b:96:bc:c7:83:ef:30:ff:af:
9d:28:8a:63:b8:f4:ba:f8:31:c2:2f:d3:3f:71:6b:
4e:fe:ef:f0:3a:86:a8:57:c5:e4:3c:f1:f5:ee:fd:
22:04:e0:73:79:04:97:0e:62:87:32:a2:98:88:64:
52:dc:e8:97:87:be:8e:da:4b:74:40:54:91:96:31:
b2:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:49:94:E6:2C:71:DD:01:F1:E4:53:B3:AA:85:0E:4F:A9:DB:D9:47
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/s0mU5ixx3QHx5FOzqoUOT6nb2Uc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.68.0/23
93.123.74.0/23
185.252.160.0/23
Signature Algorithm: sha256WithRSAEncryption
8d:3e:a3:91:6f:5a:39:fc:b0:09:79:6b:e7:05:dd:b2:a7:56:
41:f0:35:e6:38:88:c1:4a:d1:38:03:ae:f7:2d:f4:82:2d:18:
62:74:7b:9c:e3:78:32:54:bf:bc:a4:56:38:f4:7d:3e:77:8e:
04:90:eb:70:e2:33:61:d5:8f:5e:ef:73:63:cf:1d:2f:41:b1:
c7:fe:d5:4d:61:02:e0:2c:64:ab:3a:ef:19:52:3b:46:74:5b:
22:2a:b7:45:a3:83:6c:49:70:2d:06:de:5d:12:bd:2b:3d:23:
30:6a:de:2f:c0:ce:05:ef:6d:be:88:95:9f:ab:25:3b:94:6d:
d9:8b:c3:90:35:3f:4e:c2:52:26:ba:bb:ec:1b:1a:86:0b:48:
ad:5d:27:15:50:3a:47:91:30:2a:cf:9e:c5:d7:3a:53:68:36:
78:2f:f8:01:46:dc:99:55:9e:76:ab:25:4f:90:bd:ed:83:a8:
cf:f0:a8:ba:61:2f:89:f2:84:9d:11:d8:1d:7e:d0:4a:b7:8f:
3c:92:a9:2d:9a:58:53:8a:ec:5c:f6:21:09:fc:21:b2:af:48:
58:39:da:a3:a0:16:e7:69:d6:d1:e4:06:fc:01:89:11:6b:6d:
bc:da:64:8b:91:dc:91:71:66:65:da:2e:e6:71:3d:96:dc:fd:
aa:74:1d:e8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZFU3WC40viQUYaploFZnW2sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwODE1MDcwNzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzQ5OTRlNjJjNzFkZDAxZjFlNDUzYjNhYTg1MGU0ZmE5ZGJkOTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6v08Ru8MSMKeGqthk9jdXGQ/jBGP
UFCk54n3V8tmAp5jLwAHxl8Oo0niYUt0xuQbXdQ2hKaRg3cH3geNcpcCDE34BmNC
ENo2pHr9qun9Ggs0VDHUKEcsbkU66qsckUQFyRw3ZGkB4fe17/+Tp33k2iRPwiZZ
v/rfu0vFgvUPxxRtrmH5rfqUei+Z3XhKr3s6zu71OXaJLWkcIbgbUebQKCfmanxY
r6BebjXDTaYuvH22fbMtk3tGDflLlrzHg+8w/6+dKIpjuPS6+DHCL9M/cWtO/u/w
OoaoV8XkPPH17v0iBOBzeQSXDmKHMqKYiGRS3OiXh76O2kt0QFSRljGyowIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLNJlOYscd0B8eRTs6qFDk+p29lHMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvczBtVTVpeHgzUUh4NUZPenFvVU9UNm5iMlVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBV3hEAwQB
XXtKAwQBufygMA0GCSqGSIb3DQEBCwUAA4IBAQCNPqORb1o5/LAJeWvnBd2yp1ZB
8DXmOIjBStE4A673LfSCLRhidHuc43gyVL+8pFY49H0+d44EkOtw4jNh1Y9e73Nj
zx0vQbHH/tVNYQLgLGSrOu8ZUjtGdFsiKrdFo4NsSXAtBt5dEr0rPSMwat4vwM4F
722+iJWfqyU7lG3Zi8OQNT9OwlImurvsGxqGC0itXScVUDpHkTAqz57F1zpTaDZ4
L/gBRtyZVZ52qyVPkL3tg6jP8Ki6YS+J8oSdEdgdftBKt488kqktmlhTiuxc9iEJ
/CGyr0hYOdqjoBbnadbR5Ab8AYkRa2282mSLkdyRcWZl2i7mcT2W3P2qdB3o
-----END CERTIFICATE-----
Generated at Sat Aug 17 15:32:58 2024 by rpki-client on console-ams.rpki-client.org