Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yzVoBVKI9wF5JwbkMeqg8qm0uZE.roa
File: yzVoBVKI9wF5JwbkMeqg8qm0uZE.roa (raw, json)
Hash identifier: wbXrOhQmuFTwuW/3vuLTex1CIOl9AivCnXF6Q4AHmuQ=
Subject key identifier: CB:35:68:05:52:88:F7:01:79:27:06:E4:31:EA:A0:F2:A9:B4:B9:91
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018C7D45F86DDB1766A3C869C48055E253EC
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yzVoBVKI9wF5JwbkMeqg8qm0uZE.roa
Signing time: Mon 18 Dec 2023 14:13:06 +0000
ROA not before: Mon 18 Dec 2023 14:13:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1
IP address blocks: 87.120.89.0/24 maxlen: 24
45.66.229.0/24 maxlen: 24
87.120.35.0/24 maxlen: 24
87.120.34.0/24 maxlen: 24
87.120.32.0/24 maxlen: 24
88.218.76.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Dec 2023 07:18:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7d:45:f8:6d:db:17:66:a3:c8:69:c4:80:55:e2:53:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 18 14:13:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb3568055288f701792706e431eaa0f2a9b4b991
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:36:11:4a:d9:1a:47:88:03:c7:a2:6c:2f:d4:
0f:fa:49:a7:46:c4:d5:98:d7:4e:7d:73:ee:a9:b5:
bb:36:32:9a:57:81:4b:01:c1:62:99:b0:fd:dd:59:
af:7d:b4:27:0b:71:81:27:03:a9:a1:14:41:7c:92:
7e:02:c0:7f:c8:80:9e:51:6f:c6:a5:f8:25:8b:d4:
5a:03:6f:b1:f2:e5:6d:c0:d1:14:3c:dd:78:b6:40:
f7:7e:ab:f5:c8:b8:0a:03:e3:65:d4:01:0d:8d:19:
f1:77:06:a1:99:f9:c0:b9:3f:3d:3d:7f:89:0d:41:
e9:72:05:94:56:94:84:e4:f8:ff:2d:e7:df:31:74:
97:ae:1c:85:ee:31:a3:ba:e4:4b:a7:92:8d:86:e4:
9d:54:ef:0b:be:f6:a0:55:30:c2:8d:1d:25:8b:92:
94:64:c1:f8:fc:2c:55:d8:e9:57:e7:86:db:88:79:
67:7e:3c:f6:91:88:a2:b5:21:e4:29:fa:9a:ab:03:
28:7e:57:bf:e6:39:2d:67:65:e5:d3:00:7a:e8:8f:
31:9c:d1:2f:02:0b:e5:02:aa:89:39:d2:c2:9c:ea:
08:0c:20:ef:83:56:4b:68:ed:27:3b:ca:06:a0:19:
12:77:9d:c4:17:0f:5a:ba:9d:d3:1d:3f:76:6d:73:
e6:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:35:68:05:52:88:F7:01:79:27:06:E4:31:EA:A0:F2:A9:B4:B9:91
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yzVoBVKI9wF5JwbkMeqg8qm0uZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.229.0/24
87.120.32.0/24
87.120.34.0/23
87.120.89.0/24
88.218.76.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:76:4f:2e:d5:79:e4:ac:46:10:13:2c:8a:81:46:0f:39:d2:
71:7a:57:e0:22:e9:1f:e3:96:f2:67:4c:64:14:b2:0e:96:c3:
56:74:30:ef:48:8d:d6:2d:a8:6b:32:72:24:d7:0b:4e:42:1d:
03:a9:43:33:a6:a0:7f:99:4c:f0:c1:f0:be:fa:c3:9d:59:d1:
3f:54:32:7f:7a:b7:69:11:88:76:fd:bd:01:e4:8f:20:0d:21:
33:57:3c:9f:42:00:79:d2:3b:f7:39:7b:bb:b3:38:35:42:23:
3c:88:59:12:4c:81:e7:03:c5:58:bf:37:77:af:82:a7:b3:e2:
c9:2f:a2:ee:b6:46:04:0f:70:77:e2:76:d3:ed:85:c9:1a:20:
a8:4c:ea:3f:81:a3:78:6b:33:6d:66:b9:36:76:99:4a:a7:30:
01:86:d8:f1:80:5f:2d:97:e8:b1:e4:32:3f:9f:f2:94:cf:91:
b0:b0:6d:75:9e:58:ab:e8:24:f2:14:4b:58:f0:6f:d8:e5:57:
aa:97:5e:4b:02:e0:5d:9d:a3:1f:3f:b6:34:a8:45:db:cc:10:
cf:22:47:3c:93:2c:d3:e4:7c:8d:8a:78:9e:64:2c:bd:77:b7:
fb:09:e3:ed:2c:96:c1:3a:14:71:c8:66:07:20:d5:e2:17:23:
ed:18:ce:3e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYx9Rfht2xdmo8hpxIBV4lPsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjE4MTQxMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjM1NjgwNTUyODhmNzAxNzkyNzA2ZTQzMWVhYTBmMmE5YjRiOTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTYRStkaR4gDx6JsL9QP+kmnRsTV
mNdOfXPuqbW7NjKaV4FLAcFimbD93VmvfbQnC3GBJwOpoRRBfJJ+AsB/yICeUW/G
pfgli9RaA2+x8uVtwNEUPN14tkD3fqv1yLgKA+Nl1AENjRnxdwahmfnAuT89PX+J
DUHpcgWUVpSE5Pj/LeffMXSXrhyF7jGjuuRLp5KNhuSdVO8LvvagVTDCjR0li5KU
ZMH4/CxV2OlX54bbiHlnfjz2kYiitSHkKfqaqwMofle/5jktZ2Xl0wB66I8xnNEv
AgvlAqqJOdLCnOoIDCDvg1ZLaO0nO8oGoBkSd53EFw9aup3THT92bXPmpQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMs1aAVSiPcBeScG5DHqoPKptLmRMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEveXpWb0JWS0k5d0Y1Sndia01lcWc4cW0wdVpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALULlAwQA
V3ggAwQBV3giAwQAV3hZAwQCWNpMMA0GCSqGSIb3DQEBCwUAA4IBAQCfdk8u1Xnk
rEYQEyyKgUYPOdJxelfgIukf45byZ0xkFLIOlsNWdDDvSI3WLahrMnIk1wtOQh0D
qUMzpqB/mUzwwfC++sOdWdE/VDJ/erdpEYh2/b0B5I8gDSEzVzyfQgB50jv3OXu7
szg1QiM8iFkSTIHnA8VYvzd3r4Kns+LJL6LutkYED3B34nbT7YXJGiCoTOo/gaN4
azNtZrk2dplKpzABhtjxgF8tl+ix5DI/n/KUz5GwsG11nlir6CTyFEtY8G/Y5Veq
l15LAuBdnaMfP7Y0qEXbzBDPIkc8kyzT5HyNinieZCy9d7f7CePtLJbBOhRxyGYH
INXiFyPtGM4+
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:47 2024 by rpki-client on console-ams.rpki-client.org