Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/sIQfhGpLfawTBQje8LQKBvjlwkA.roa
File: sIQfhGpLfawTBQje8LQKBvjlwkA.roa (raw, json)
Hash identifier: Kp+NQzHOcXJdh+Q7MFoe/IbQ24DDo3q1Ch4avfHippE=
Subject key identifier: B0:84:1F:84:6A:4B:7D:AC:13:05:08:DE:F0:B4:0A:06:F8:E5:C2:40
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0189ABC65010CEF1F6B81EA5FE25F8082B56
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/sIQfhGpLfawTBQje8LQKBvjlwkA.roa
Signing time: Mon 31 Jul 2023 11:47:27 +0000
ROA not before: Mon 31 Jul 2023 11:47:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211256
IP address blocks: 2.59.254.0/24 maxlen: 24
87.120.84.0/24 maxlen: 24
147.78.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 31 Jul 2023 11:49:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ab:c6:50:10:ce:f1:f6:b8:1e:a5:fe:25:f8:08:2b:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 31 11:47:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0841f846a4b7dac130508def0b40a06f8e5c240
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:90:6b:80:6c:6e:d6:56:36:d7:8d:3d:67:0c:
2a:53:29:79:2e:ce:e9:5e:f2:ed:f5:22:77:2f:fb:
40:91:5d:a2:78:2b:80:9d:7a:c6:2c:c7:b1:3c:10:
a2:53:d4:97:94:e4:dc:15:d9:29:98:73:ec:bd:50:
e0:9a:f7:cf:e7:f7:c8:84:f3:4d:02:ef:8f:90:03:
f8:c1:16:d8:ae:49:05:41:52:d9:f8:eb:66:b5:3c:
37:08:39:13:4b:c8:a8:e4:44:3e:29:75:50:52:c8:
bd:a2:ba:c4:49:fe:16:8f:02:08:48:f6:50:de:e9:
e6:bd:64:3c:4a:f3:62:db:ab:7d:99:f7:d7:c5:fa:
42:51:f8:7c:f6:6d:d4:3c:f6:88:c3:17:48:85:13:
d8:e4:dc:9a:8d:23:63:93:52:dc:3d:7e:cf:ab:16:
24:ec:74:50:cc:08:e0:cd:be:56:12:61:d2:5a:78:
1d:46:c3:ac:92:b6:38:58:42:42:75:78:f1:55:a6:
39:3c:34:bf:78:e4:b1:30:39:e4:08:1c:7b:e1:fc:
56:bb:ad:c0:05:5c:ea:49:56:a0:c7:9b:c9:3e:5f:
2d:7f:a3:ce:b3:a6:b7:9c:2b:28:91:ac:e0:c5:d3:
b1:78:d5:61:c1:0c:e3:c0:53:a8:90:92:48:b7:8f:
1e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:84:1F:84:6A:4B:7D:AC:13:05:08:DE:F0:B4:0A:06:F8:E5:C2:40
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/sIQfhGpLfawTBQje8LQKBvjlwkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.254.0/24
87.120.84.0/24
147.78.103.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:ba:65:d7:6c:a3:19:11:db:59:64:85:c6:16:a9:d2:76:d0:
5b:7d:58:75:5a:bf:ca:67:39:fc:1b:f7:b6:c7:01:bc:38:64:
03:8f:36:2c:b0:30:a2:dc:04:c4:fc:a6:f6:80:bf:b7:23:d6:
30:6d:29:38:9c:79:b8:c5:1c:89:dc:ab:01:0f:6b:8f:f1:41:
ef:04:88:38:aa:f7:1b:8e:6a:de:b0:f0:b1:9a:f6:be:2e:47:
58:ea:da:df:89:c2:47:d0:1f:43:3a:57:e0:10:1c:61:60:6b:
4c:d7:99:8a:0f:47:19:50:58:0a:bd:fe:d0:00:88:e1:c7:1e:
95:23:17:eb:1d:60:76:71:c3:72:b4:12:4f:65:5b:77:94:19:
2e:26:ad:12:9e:ae:64:7a:0c:02:54:a4:7e:e1:84:84:72:30:
8b:50:f7:65:9b:b7:59:3c:5f:19:37:25:d6:40:ba:a2:ad:d6:
7d:0d:78:77:33:02:72:9f:02:be:6b:17:4b:c9:fb:34:21:48:
37:7b:b9:98:f6:41:c7:6f:4d:6b:9b:92:d1:01:50:79:3d:f0:
e2:3e:6a:dc:82:66:ee:81:92:b3:da:05:37:d1:97:a7:27:c6:
a8:9c:9c:0d:34:34:28:2c:09:26:50:58:fc:30:61:72:a3:5c:
7e:28:e6:b3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYmrxlAQzvH2uB6l/iX4CCtWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNzMxMTE0NzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDg0MWY4NDZhNGI3ZGFjMTMwNTA4ZGVmMGI0MGEwNmY4ZTVjMjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJBrgGxu1lY21409ZwwqUyl5Ls7p
XvLt9SJ3L/tAkV2ieCuAnXrGLMexPBCiU9SXlOTcFdkpmHPsvVDgmvfP5/fIhPNN
Au+PkAP4wRbYrkkFQVLZ+OtmtTw3CDkTS8io5EQ+KXVQUsi9orrESf4WjwIISPZQ
3unmvWQ8SvNi26t9mffXxfpCUfh89m3UPPaIwxdIhRPY5NyajSNjk1LcPX7PqxYk
7HRQzAjgzb5WEmHSWngdRsOskrY4WEJCdXjxVaY5PDS/eOSxMDnkCBx74fxWu63A
BVzqSVagx5vJPl8tf6POs6a3nCsokazgxdOxeNVhwQzjwFOokJJIt48eYQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLCEH4RqS32sEwUI3vC0Cgb45cJAMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvc0lRZmhHcExmYXdUQlFqZThMUUtCdmpsd2tBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjv+AwQA
V3hUAwQAk05nMA0GCSqGSIb3DQEBCwUAA4IBAQBaumXXbKMZEdtZZIXGFqnSdtBb
fVh1Wr/KZzn8G/e2xwG8OGQDjzYssDCi3ATE/Kb2gL+3I9YwbSk4nHm4xRyJ3KsB
D2uP8UHvBIg4qvcbjmresPCxmva+LkdY6trficJH0B9DOlfgEBxhYGtM15mKD0cZ
UFgKvf7QAIjhxx6VIxfrHWB2ccNytBJPZVt3lBkuJq0Snq5kegwCVKR+4YSEcjCL
UPdlm7dZPF8ZNyXWQLqirdZ9DXh3MwJynwK+axdLyfs0IUg3e7mY9kHHb01rm5LR
AVB5PfDiPmrcgmbugZKz2gU30ZenJ8aonJwNNDQoLAkmUFj8MGFyo1x+KOaz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:20 2024 by rpki-client on console-fra.rpki-client.org