Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xqh-nBA2PtVuzq9j6NHqqubelGI.roa
File: xqh-nBA2PtVuzq9j6NHqqubelGI.roa (raw, json)
Hash identifier: pn7MDdx23beRNXxt28VcdMew44Sobi4ZyCTqTrNoSZE=
Subject key identifier: C6:A8:7E:9C:10:36:3E:D5:6E:CE:AF:63:E8:D1:EA:AA:E6:DE:94:62
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0187EBE23F6336AAC4BCED713338D852ECF7
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xqh-nBA2PtVuzq9j6NHqqubelGI.roa
Signing time: Fri 05 May 2023 12:28:05 +0000
ROA not before: Fri 05 May 2023 12:28:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 87.120.64.0/23 maxlen: 24
87.120.89.0/24 maxlen: 24
87.121.57.0/24 maxlen: 24
87.121.56.0/24 maxlen: 24
45.66.229.0/24 maxlen: 24
87.120.220.0/23 maxlen: 24
87.120.32.0/24 maxlen: 24
87.121.100.0/24 maxlen: 24
87.120.35.0/24 maxlen: 24
87.121.101.0/24 maxlen: 24
87.120.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 May 2023 05:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:eb:e2:3f:63:36:aa:c4:bc:ed:71:33:38:d8:52:ec:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 5 12:28:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c6a87e9c10363ed56eceaf63e8d1eaaae6de9462
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:65:8c:b6:4a:1c:cd:52:68:c0:5b:c6:78:da:
c4:f7:d4:f1:28:f4:5e:b4:ea:db:dd:5c:bd:61:5e:
aa:4c:5f:53:b2:d4:9d:26:4b:50:34:a1:1b:c6:65:
45:d8:af:45:0f:98:49:94:c9:c3:2b:ba:e5:8e:42:
92:03:40:39:bd:fa:ce:c5:98:75:69:ae:24:95:d7:
af:64:f5:e3:5d:f4:92:84:bb:1b:74:b2:7a:1c:f8:
75:54:dd:a1:8c:e0:8e:3c:d6:a6:e4:57:36:51:c6:
83:e9:27:66:1b:c3:e7:50:5c:e0:55:a0:f9:14:11:
3a:bc:76:d7:34:c0:7b:15:3d:a2:fd:ef:fc:9d:40:
af:d1:9d:61:be:be:b4:2f:2b:96:99:83:81:16:65:
91:00:98:41:68:15:50:39:d0:aa:fa:2c:fc:24:ba:
44:c4:63:c2:fc:64:82:bc:2d:f0:51:a7:42:84:ff:
cc:c8:4a:b2:77:53:37:48:03:ea:36:8b:ed:45:48:
7b:9b:8a:94:cc:59:8f:db:a6:bc:a5:63:ec:fe:81:
4c:c0:ff:d0:cd:53:a4:38:5d:59:36:f2:1b:7d:f1:
14:cc:59:82:84:08:38:7d:15:f4:67:72:48:ec:0f:
b7:f0:72:60:e2:e5:38:4d:ce:68:3c:17:3f:80:2c:
7c:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:A8:7E:9C:10:36:3E:D5:6E:CE:AF:63:E8:D1:EA:AA:E6:DE:94:62
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xqh-nBA2PtVuzq9j6NHqqubelGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.229.0/24
87.120.32.0/24
87.120.34.0/23
87.120.64.0/23
87.120.89.0/24
87.120.220.0/23
87.121.56.0/23
87.121.100.0/23
Signature Algorithm: sha256WithRSAEncryption
01:6e:30:4f:04:34:d1:7b:ab:7c:04:31:75:14:58:2f:d1:8c:
da:f6:14:df:c5:95:0c:56:26:e9:69:ec:59:04:0a:70:62:21:
91:c1:d5:94:a6:db:05:05:e0:f5:bb:25:b7:71:0e:6e:c2:89:
c9:c8:10:b1:f8:8b:08:a1:4c:f6:af:5d:95:4f:e1:63:97:e4:
2c:e4:73:84:52:90:a4:a2:db:af:b0:2a:fe:86:96:4d:11:39:
e9:8e:33:ab:cc:2b:22:f9:1e:99:cb:e9:3f:14:5c:57:0d:ad:
46:a7:07:0a:97:72:b3:b3:34:e8:74:0e:a1:4c:d7:6a:34:69:
71:66:a7:80:44:07:fb:ff:5e:2e:f1:85:08:cf:e9:bc:00:9f:
d7:c8:c2:f4:b0:47:80:11:ae:36:ab:a2:7e:78:29:70:55:dd:
c5:e6:5e:3e:85:f8:53:d3:7f:d5:30:02:3f:37:20:fe:c5:6e:
b3:85:ef:86:d9:d6:69:b9:fe:de:af:74:c3:b2:39:79:93:e5:
be:f8:4f:46:05:54:12:c6:66:f6:32:74:15:db:04:3c:e3:bc:
27:22:4d:03:17:32:b9:9b:25:01:13:67:df:de:01:0a:62:eb:
d2:23:59:f0:b5:72:20:dd:54:7d:91:17:b6:05:b7:43:ed:71:
6e:79:44:ce
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYfr4j9jNqrEvO1xMzjYUuz3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTA1MTIyODA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmE4N2U5YzEwMzYzZWQ1NmVjZWFmNjNlOGQxZWFhYWU2ZGU5NDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2WMtkoczVJowFvGeNrE99TxKPRe
tOrb3Vy9YV6qTF9TstSdJktQNKEbxmVF2K9FD5hJlMnDK7rljkKSA0A5vfrOxZh1
aa4kldevZPXjXfSShLsbdLJ6HPh1VN2hjOCOPNam5Fc2UcaD6SdmG8PnUFzgVaD5
FBE6vHbXNMB7FT2i/e/8nUCv0Z1hvr60LyuWmYOBFmWRAJhBaBVQOdCq+iz8JLpE
xGPC/GSCvC3wUadChP/MyEqyd1M3SAPqNovtRUh7m4qUzFmP26a8pWPs/oFMwP/Q
zVOkOF1ZNvIbffEUzFmChAg4fRX0Z3JI7A+38HJg4uU4Tc5oPBc/gCx8ZwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFMaofpwQNj7Vbs6vY+jR6qrm3pRiMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEveHFoLW5CQTJQdFZ1enE5ajZOSHFxdWJlbEdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALULlAwQA
V3ggAwQBV3giAwQBV3hAAwQAV3hZAwQBV3jcAwQBV3k4AwQBV3lkMA0GCSqGSIb3
DQEBCwUAA4IBAQABbjBPBDTRe6t8BDF1FFgv0Yza9hTfxZUMVibpaexZBApwYiGR
wdWUptsFBeD1uyW3cQ5uwonJyBCx+IsIoUz2r12VT+Fjl+Qs5HOEUpCkotuvsCr+
hpZNETnpjjOrzCsi+R6Zy+k/FFxXDa1GpwcKl3KzszTodA6hTNdqNGlxZqeARAf7
/14u8YUIz+m8AJ/XyML0sEeAEa42q6J+eClwVd3F5l4+hfhT03/VMAI/NyD+xW6z
he+G2dZpuf7er3TDsjl5k+W++E9GBVQSxmb2MnQV2wQ847wnIk0DFzK5myUBE2ff
3gEKYuvSI1nwtXIg3VR9kRe2BbdD7XFueUTO
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:46 2024 by rpki-client on console-ams.rpki-client.org