Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/92c1cf-5a22-453c-907f-eb1f8715eec0/1/87C3ZXwgsxrG5H7H1wEoEwv2xwg.roa
File: 87C3ZXwgsxrG5H7H1wEoEwv2xwg.roa (raw, json)
Hash identifier: QoJiBN31+W+/8hR241Bo4I1/a2EsZXZIQflUFpjP3wE=
Subject key identifier: F3:B0:B7:65:7C:20:B3:1A:C6:E4:7E:C7:D7:01:28:13:0B:F6:C7:08
Certificate issuer: /CN=b3d66297c5cdbd36d86849ddeae7985979f450ca
Certificate serial: 0185711544FDE42BA8A5038B956EAC949D63
Authority key identifier: B3:D6:62:97:C5:CD:BD:36:D8:68:49:DD:EA:E7:98:59:79:F4:50:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s9Zil8XNvTbYaEnd6ueYWXn0UMo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/92c1cf-5a22-453c-907f-eb1f8715eec0/1/87C3ZXwgsxrG5H7H1wEoEwv2xwg.roa
Signing time: Mon 02 Jan 2023 06:04:57 +0000
ROA not before: Mon 02 Jan 2023 06:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44567
IP address blocks: 93.92.152.0/21 maxlen: 21
91.240.214.0/23 maxlen: 23
2a01:9c00::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:15:44:fd:e4:2b:a8:a5:03:8b:95:6e:ac:94:9d:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3d66297c5cdbd36d86849ddeae7985979f450ca
Validity
Not Before: Jan 2 06:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f3b0b7657c20b31ac6e47ec7d70128130bf6c708
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:81:43:52:e4:7f:c3:f1:4e:4d:df:ee:8b:e4:
7e:51:56:61:ff:1c:09:27:85:0a:66:ec:c9:71:b5:
28:bf:44:0c:4c:96:1d:38:4a:41:a2:a7:02:1e:df:
2f:4a:f5:b8:3a:0d:bc:bb:ed:33:f0:ba:b1:4b:ec:
96:c7:d2:4e:29:f7:e7:87:9d:71:b6:d6:fa:14:13:
d4:21:7e:bb:a1:a4:a5:13:e0:5b:f8:08:ff:6b:6b:
64:e4:da:26:6c:9b:3f:a6:70:56:9e:9d:3b:15:ee:
24:8c:47:9c:a1:32:45:76:e2:5e:cc:59:0c:d6:ae:
63:fd:d1:5f:7f:6e:cb:4b:27:d0:03:09:f0:d0:2e:
e9:fa:01:67:6f:65:55:2a:c0:40:d4:71:2e:45:4c:
ba:a2:3d:ac:4b:9f:19:47:e6:30:d6:85:9f:3f:4b:
f8:0b:32:81:94:0d:bc:2f:87:84:66:98:af:90:d5:
7f:67:2c:79:3c:5f:72:0f:f1:99:e7:f8:fe:2a:1d:
1e:16:50:7d:17:ac:da:fd:7b:e5:b4:e3:cb:50:90:
3a:6c:08:47:98:a9:65:80:3f:f0:e1:3f:35:d8:e0:
b9:13:1c:e4:96:6f:31:66:94:b0:1c:53:b2:65:6a:
a9:43:a2:2a:1d:6b:ea:aa:aa:67:fb:17:d4:a9:f9:
61:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:B0:B7:65:7C:20:B3:1A:C6:E4:7E:C7:D7:01:28:13:0B:F6:C7:08
X509v3 Authority Key Identifier:
keyid:B3:D6:62:97:C5:CD:BD:36:D8:68:49:DD:EA:E7:98:59:79:F4:50:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9Zil8XNvTbYaEnd6ueYWXn0UMo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/92c1cf-5a22-453c-907f-eb1f8715eec0/1/87C3ZXwgsxrG5H7H1wEoEwv2xwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/92c1cf-5a22-453c-907f-eb1f8715eec0/1/s9Zil8XNvTbYaEnd6ueYWXn0UMo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.214.0/23
93.92.152.0/21
IPv6:
2a01:9c00::/32
Signature Algorithm: sha256WithRSAEncryption
77:1e:4d:4c:28:e6:34:e0:9c:7c:e2:23:26:a1:d9:3d:81:38:
cc:6f:a6:f9:0a:90:2e:6f:da:54:28:50:b4:35:14:5f:2b:45:
25:d7:5a:cc:30:af:7b:eb:31:d3:23:ed:2f:d0:96:4b:d1:78:
7b:02:c0:b1:c5:48:31:3d:87:70:d8:63:e3:47:8c:a5:0b:ba:
db:7f:52:d7:ff:8b:28:84:e9:9b:a5:76:1b:2b:26:2f:86:b5:
b0:fc:20:27:70:d9:94:42:ab:90:52:92:a4:af:78:8f:5e:ac:
b6:9c:08:7c:b0:dd:f9:7b:95:12:e7:11:d7:63:8e:05:3b:b6:
53:52:06:92:db:4f:c3:9e:a2:1d:c8:0b:70:07:dd:4e:3e:e1:
c5:77:32:d9:63:4c:25:49:71:8e:8f:f5:aa:1e:cb:c1:89:82:
ff:d7:31:c6:48:cf:03:75:c9:fd:f2:d0:1a:98:e6:2e:a9:e7:
68:0f:12:79:66:80:85:2d:1d:e7:77:88:a2:b0:50:ed:ea:aa:
8a:5d:db:82:81:d0:b2:a4:67:f4:72:9d:0e:51:09:ba:e6:f6:
2d:40:8d:41:aa:ba:74:36:b7:b3:57:f4:9f:d8:9a:ac:98:ee:
43:d7:0b:f2:ab:9b:af:c2:b3:49:e7:f7:78:da:6f:00:91:23:
93:96:35:c1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxFUT95CuopQOLlW6slJ1jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZDY2Mjk3YzVjZGJkMzZkODY4NDlkZGVhZTc5ODU5Nzlm
NDUwY2EwHhcNMjMwMTAyMDYwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2IwYjc2NTdjMjBiMzFhYzZlNDdlYzdkNzAxMjgxMzBiZjZjNzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYFDUuR/w/FOTd/ui+R+UVZh/xwJ
J4UKZuzJcbUov0QMTJYdOEpBoqcCHt8vSvW4Og28u+0z8LqxS+yWx9JOKffnh51x
ttb6FBPUIX67oaSlE+Bb+Aj/a2tk5NombJs/pnBWnp07Fe4kjEecoTJFduJezFkM
1q5j/dFff27LSyfQAwnw0C7p+gFnb2VVKsBA1HEuRUy6oj2sS58ZR+Yw1oWfP0v4
CzKBlA28L4eEZpivkNV/Zyx5PF9yD/GZ5/j+Kh0eFlB9F6za/XvltOPLUJA6bAhH
mKllgD/w4T812OC5Exzklm8xZpSwHFOyZWqpQ6IqHWvqqqpn+xfUqflhSQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPOwt2V8ILMaxuR+x9cBKBML9scIMB8GA1UdIwQY
MBaAFLPWYpfFzb022GhJ3ernmFl59FDKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczlaaWw4WE52VGJZYUVuZDZ1ZVlXWG4wVU1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS85MmMxY2YtNWEyMi00NTNjLTkwN2Yt
ZWIxZjg3MTVlZWMwLzEvODdDM1pYd2dzeHJHNUg3SDF3RW9Fd3YyeHdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS85MmMxY2YtNWEyMi00NTNjLTkwN2YtZWIxZjg3MTVlZWMw
LzEvczlaaWw4WE52VGJZYUVuZDZ1ZVlXWG4wVU1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBW/DWAwQD
XVyYMA0EAgACMAcDBQAqAZwAMA0GCSqGSIb3DQEBCwUAA4IBAQB3Hk1MKOY04Jx8
4iMmodk9gTjMb6b5CpAub9pUKFC0NRRfK0Ul11rMMK976zHTI+0v0JZL0Xh7AsCx
xUgxPYdw2GPjR4ylC7rbf1LX/4sohOmbpXYbKyYvhrWw/CAncNmUQquQUpKkr3iP
Xqy2nAh8sN35e5US5xHXY44FO7ZTUgaS20/DnqIdyAtwB91OPuHFdzLZY0wlSXGO
j/WqHsvBiYL/1zHGSM8Ddcn98tAamOYuqedoDxJ5ZoCFLR3nd4iisFDt6qqKXduC
gdCypGf0cp0OUQm65vYtQI1Bqrp0NrezV/Sf2JqsmO5D1wvyq5uvwrNJ5/d42m8A
kSOTljXB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:56 2024 by rpki-client on console-ams.rpki-client.org