Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ykQ23foBacuPJgRNqh5vaInPBks.roa
File: ykQ23foBacuPJgRNqh5vaInPBks.roa (raw, json)
Hash identifier: rmmwzoDulI0mHMS9k/ATSWJY2FqUVWGFgt5WZn94UXE=
Subject key identifier: CA:44:36:DD:FA:01:69:CB:8F:26:04:4D:AA:1E:6F:68:89:CF:06:4B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018C1D8FF1AA93EAD044D928C502B47DAE8E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ykQ23foBacuPJgRNqh5vaInPBks.roa
Signing time: Thu 30 Nov 2023 00:10:21 +0000
ROA not before: Thu 30 Nov 2023 00:10:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 87.120.68.0/23 maxlen: 24
164.40.185.0/24 maxlen: 24
93.123.74.0/23 maxlen: 23
93.123.75.0/24 maxlen: 24
45.8.94.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1d:8f:f1:aa:93:ea:d0:44:d9:28:c5:02:b4:7d:ae:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 30 00:10:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca4436ddfa0169cb8f26044daa1e6f6889cf064b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:8b:a9:b1:b3:1f:29:93:4c:c8:c1:9b:e2:0b:
79:3d:95:6c:32:7c:0e:b6:d4:1b:a1:f1:26:15:6e:
83:6b:ab:72:09:5a:f0:70:c7:e5:77:d0:b5:a1:82:
83:60:2e:3a:af:ca:cc:5a:74:67:1f:65:73:ea:66:
8c:0f:4d:eb:53:45:41:fb:b9:ee:1c:34:21:16:81:
8a:7c:0c:88:b1:53:f6:c1:db:ba:43:81:16:58:80:
a4:25:37:20:56:7a:81:b5:25:39:7d:77:cb:e1:eb:
6b:c1:01:ea:a3:9a:9a:5c:80:c6:53:aa:7e:5e:6e:
c2:74:bd:9a:b7:b5:c0:4e:25:d0:da:ee:fd:b5:02:
f0:5c:d7:93:fc:ac:63:13:95:8a:a4:57:8b:8c:fb:
b5:d2:d9:8f:66:ab:05:a7:df:a7:b8:57:7b:14:e1:
e4:b1:de:2e:aa:df:43:cd:43:82:32:41:a2:43:4a:
1d:24:3a:24:60:05:ea:1b:4a:01:66:81:df:a4:dd:
c6:6a:38:45:2f:d9:5d:2c:36:54:dd:91:11:59:ac:
45:20:cd:f8:ae:37:26:54:95:b5:b3:4b:f0:02:c1:
3d:f3:d0:47:2e:d9:e6:ee:da:53:6a:2b:14:76:a7:
1a:5f:13:19:38:5e:6c:df:c6:8f:bd:f6:65:f7:e6:
7a:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:44:36:DD:FA:01:69:CB:8F:26:04:4D:AA:1E:6F:68:89:CF:06:4B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ykQ23foBacuPJgRNqh5vaInPBks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.94.0/24
87.120.68.0/23
93.123.74.0/23
164.40.185.0/24
Signature Algorithm: sha256WithRSAEncryption
34:04:c8:b9:ef:e3:e3:10:53:28:4c:39:60:af:d1:82:a9:3a:
66:74:73:93:4e:81:63:fd:67:2b:61:6e:f6:22:e8:a7:e8:fa:
c4:01:a2:0c:ed:f0:b5:f2:3d:e4:2d:04:98:e0:37:62:d0:50:
4f:2f:59:d7:7b:55:0c:4b:44:6b:8f:fd:a6:bc:4a:6e:a6:a7:
4b:3e:df:8f:c1:85:f5:80:33:76:6e:b7:6f:fd:03:ba:55:7f:
eb:ef:f6:b6:bd:df:79:be:b3:d5:75:8f:89:c0:62:b0:33:ae:
22:3a:32:d0:5e:fe:eb:0d:b3:75:e0:4c:6f:05:4f:2c:bf:58:
ee:78:df:4d:ac:10:5c:c0:16:44:c0:98:60:03:2b:e8:3f:01:
d2:17:87:22:b7:dc:b6:7b:d5:47:21:7f:6a:86:cf:56:37:06:
b5:81:3b:d3:f6:17:bb:20:fc:b6:d5:37:17:48:98:b3:b0:2b:
06:42:5c:9d:b7:6b:06:a1:30:69:e0:c6:43:b6:94:51:5e:2e:
48:7d:9f:d0:f2:63:6a:35:53:8b:57:7f:b5:55:d2:99:e8:98:
4b:1e:52:0a:6e:c0:02:72:b0:81:85:ca:0f:9a:91:f2:34:4b:
d5:31:a4:fc:fe:15:29:d1:83:82:30:85:a0:b5:23:ca:6b:87:
84:32:92:73
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYwdj/Gqk+rQRNkoxQK0fa6OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTMwMDAxMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTQ0MzZkZGZhMDE2OWNiOGYyNjA0NGRhYTFlNmY2ODg5Y2YwNjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYupsbMfKZNMyMGb4gt5PZVsMnwO
ttQbofEmFW6Da6tyCVrwcMfld9C1oYKDYC46r8rMWnRnH2Vz6maMD03rU0VB+7nu
HDQhFoGKfAyIsVP2wdu6Q4EWWICkJTcgVnqBtSU5fXfL4etrwQHqo5qaXIDGU6p+
Xm7CdL2at7XATiXQ2u79tQLwXNeT/KxjE5WKpFeLjPu10tmPZqsFp9+nuFd7FOHk
sd4uqt9DzUOCMkGiQ0odJDokYAXqG0oBZoHfpN3GajhFL9ldLDZU3ZERWaxFIM34
rjcmVJW1s0vwAsE989BHLtnm7tpTaisUdqcaXxMZOF5s38aPvfZl9+Z6oQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMpENt36AWnLjyYETaoeb2iJzwZLMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEveWtRMjNmb0JhY3VQSmdSTnFoNXZhSW5QQmtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALQheAwQB
V3hEAwQBXXtKAwQApCi5MA0GCSqGSIb3DQEBCwUAA4IBAQA0BMi57+PjEFMoTDlg
r9GCqTpmdHOTToFj/WcrYW72Iuin6PrEAaIM7fC18j3kLQSY4Ddi0FBPL1nXe1UM
S0Rrj/2mvEpupqdLPt+PwYX1gDN2brdv/QO6VX/r7/a2vd95vrPVdY+JwGKwM64i
OjLQXv7rDbN14ExvBU8sv1jueN9NrBBcwBZEwJhgAyvoPwHSF4cit9y2e9VHIX9q
hs9WNwa1gTvT9he7IPy21TcXSJizsCsGQlydt2sGoTBp4MZDtpRRXi5IfZ/Q8mNq
NVOLV3+1VdKZ6JhLHlIKbsACcrCBhcoPmpHyNEvVMaT8/hUp0YOCMIWgtSPKa4eE
MpJz
-----END CERTIFICATE-----
Generated at Sun Dec 3 16:43:46 2023 by rpki-client on console-ams.rpki-client.org