Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vzmu2VSIHi59ciAeTc5CEbYJf_0.roa
File: vzmu2VSIHi59ciAeTc5CEbYJf_0.roa (raw, json)
Hash identifier: f4rzTRBJqz/HNQjyARXuQE2zOrJjrK/jbQkAxoLwV2Y=
Subject key identifier: BF:39:AE:D9:54:88:1E:2E:7D:72:20:1E:4D:CE:42:11:B6:09:7F:FD
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0189731C0684F667D9451237F13D61161C44
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vzmu2VSIHi59ciAeTc5CEbYJf_0.roa
Signing time: Thu 20 Jul 2023 11:42:43 +0000
ROA not before: Thu 20 Jul 2023 11:42:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1
IP address blocks: 87.121.98.0/24 maxlen: 24
87.120.36.0/24 maxlen: 24
88.218.76.0/22 maxlen: 24
185.221.64.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:73:1c:06:84:f6:67:d9:45:12:37:f1:3d:61:16:1c:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 20 11:42:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf39aed954881e2e7d72201e4dce4211b6097ffd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:8c:12:f7:be:21:02:01:e3:ce:77:07:0a:da:
f2:03:3f:9c:4b:f0:78:e0:ed:fc:4c:d3:da:be:dc:
a9:8b:31:fa:57:f8:b8:20:d6:af:ca:13:be:98:ae:
2a:71:15:24:de:0d:d4:91:1b:9b:c4:00:3a:6e:c2:
d5:69:bb:a7:5d:bc:e3:f5:59:d7:1b:17:79:04:b1:
71:5d:68:cf:2c:c2:e4:c8:3d:e1:92:4e:08:64:ab:
73:e9:67:52:c3:a1:d5:9a:5b:92:eb:af:be:f2:94:
7f:56:ce:6c:f8:89:ec:a0:0f:f7:ea:fd:a0:24:10:
75:dd:7d:b0:04:23:27:00:fa:60:42:9b:2f:fd:2b:
2b:fa:cc:78:c2:a3:67:7e:61:24:c7:cf:b3:39:79:
1c:25:7f:75:41:3f:bc:23:69:76:06:9d:03:50:f2:
6a:49:2d:e1:49:00:68:2e:23:4f:cd:98:6e:d9:27:
88:84:59:7e:c5:e1:e4:6a:15:5f:52:75:95:eb:e7:
e7:22:a3:47:84:1e:01:ee:58:83:cf:7e:97:7c:fe:
6a:ac:fa:5e:96:ce:1a:ec:eb:f1:35:5f:f0:2e:d3:
06:f8:ca:ee:07:5b:b6:7e:5a:99:ee:c1:8b:08:80:
28:1c:49:ee:b5:14:22:81:fa:9e:13:8c:1e:54:09:
47:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:39:AE:D9:54:88:1E:2E:7D:72:20:1E:4D:CE:42:11:B6:09:7F:FD
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vzmu2VSIHi59ciAeTc5CEbYJf_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.36.0/24
87.121.98.0/24
88.218.76.0/22
185.221.64.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:2e:1d:a3:4e:93:fe:12:48:9a:85:ab:e6:69:c6:3f:87:21:
33:8e:8b:42:54:f0:f1:c5:a9:63:3f:67:9a:f3:21:85:7d:42:
68:6c:1f:a5:74:72:19:aa:9b:68:56:09:e8:10:97:fe:62:ca:
e6:db:d0:aa:bf:05:ad:71:22:b2:e0:ba:c8:90:34:64:21:fb:
23:64:75:43:2e:55:bb:ac:48:bf:fd:f1:0a:57:d3:36:61:13:
ac:c4:b8:5b:e9:43:c1:58:98:2a:fc:7c:1b:5a:0c:4b:5f:01:
7e:e5:a4:74:f7:8e:a7:54:17:65:ce:8f:d7:4c:c3:c7:bf:06:
a6:ce:e3:4d:6c:c8:92:17:c7:b9:0e:2e:37:7b:81:bc:85:97:
88:e9:5a:4c:27:45:1c:23:20:0e:22:17:9d:af:2c:5f:7e:6d:
8a:5a:75:43:5b:07:f2:0a:66:b5:73:f2:06:92:e0:4f:fe:91:
21:be:11:e3:01:cb:8b:29:32:91:ca:eb:09:6e:12:fc:a9:d1:
f9:78:26:11:cb:4f:6b:f8:b1:d4:63:ae:af:05:ac:09:ab:4d:
bc:b4:87:5b:db:80:d2:fb:52:55:55:22:a9:e3:3d:dd:44:ff:
e7:cb:69:08:e8:dd:d0:a9:f3:d4:0b:ab:a5:45:90:f7:24:c6:
75:32:37:d0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYlzHAaE9mfZRRI38T1hFhxEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNzIwMTE0MjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjM5YWVkOTU0ODgxZTJlN2Q3MjIwMWU0ZGNlNDIxMWI2MDk3ZmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4wS974hAgHjzncHCtryAz+cS/B4
4O38TNPavtypizH6V/i4INavyhO+mK4qcRUk3g3UkRubxAA6bsLVabunXbzj9VnX
Gxd5BLFxXWjPLMLkyD3hkk4IZKtz6WdSw6HVmluS66++8pR/Vs5s+InsoA/36v2g
JBB13X2wBCMnAPpgQpsv/Ssr+sx4wqNnfmEkx8+zOXkcJX91QT+8I2l2Bp0DUPJq
SS3hSQBoLiNPzZhu2SeIhFl+xeHkahVfUnWV6+fnIqNHhB4B7liDz36XfP5qrPpe
ls4a7OvxNV/wLtMG+MruB1u2flqZ7sGLCIAoHEnutRQigfqeE4weVAlH2wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFL85rtlUiB4ufXIgHk3OQhG2CX/9MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdnptdTJWU0lIaTU5Y2lBZVRjNUNFYllKZl8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAV3gkAwQA
V3liAwQCWNpMAwQAud1AMA0GCSqGSIb3DQEBCwUAA4IBAQAKLh2jTpP+Ekiahavm
acY/hyEzjotCVPDxxaljP2ea8yGFfUJobB+ldHIZqptoVgnoEJf+Ysrm29CqvwWt
cSKy4LrIkDRkIfsjZHVDLlW7rEi//fEKV9M2YROsxLhb6UPBWJgq/HwbWgxLXwF+
5aR0946nVBdlzo/XTMPHvwamzuNNbMiSF8e5Di43e4G8hZeI6VpMJ0UcIyAOIhed
ryxffm2KWnVDWwfyCma1c/IGkuBP/pEhvhHjAcuLKTKRyusJbhL8qdH5eCYRy09r
+LHUY66vBawJq028tIdb24DS+1JVVSKp4z3dRP/ny2kI6N3QqfPUC6ulRZD3JMZ1
MjfQ
-----END CERTIFICATE-----
Generated at Thu Jul 27 11:43:30 2023 by rpki-client on console-ams.rpki-client.org