Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/9536f5-f566-4c80-a7d9-bc1522789d3b/1/4PpSqgCdk3ev53LX-6nPYRlxov8.roa
File: 4PpSqgCdk3ev53LX-6nPYRlxov8.roa (raw, json)
Hash identifier: o3KldnJ/3VUQnetx43vZBw2bMnOg9vlvFPPX8/zQq64=
Subject key identifier: E0:FA:52:AA:00:9D:93:77:AF:E7:72:D7:FB:A9:CF:61:19:71:A2:FF
Certificate issuer: /CN=764928a97be955377013d382c62940e950dd212b
Certificate serial: 018573685485248546D3DBA712DFF0FDFA06
Authority key identifier: 76:49:28:A9:7B:E9:55:37:70:13:D3:82:C6:29:40:E9:50:DD:21:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dkkoqXvpVTdwE9OCxilA6VDdISs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/9536f5-f566-4c80-a7d9-bc1522789d3b/1/4PpSqgCdk3ev53LX-6nPYRlxov8.roa
Signing time: Mon 02 Jan 2023 16:54:55 +0000
ROA not before: Mon 02 Jan 2023 16:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9211
IP address blocks: 87.253.190.0/24 maxlen: 24
185.205.216.0/22 maxlen: 24
31.24.96.0/21 maxlen: 24
87.253.160.0/20 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:68:54:85:24:85:46:d3:db:a7:12:df:f0:fd:fa:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=764928a97be955377013d382c62940e950dd212b
Validity
Not Before: Jan 2 16:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0fa52aa009d9377afe772d7fba9cf611971a2ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:23:8a:b9:7c:cd:37:c1:84:6c:c9:02:b7:aa:
1c:09:4c:81:99:1a:fc:5a:a0:4d:de:5c:59:61:72:
6c:51:84:01:7f:3b:21:8a:ef:ee:35:e0:ea:f6:73:
8a:7a:87:1f:65:41:05:73:96:a8:a6:09:d9:cf:2c:
4c:36:45:00:cb:12:27:0f:83:ec:1a:9d:4c:25:fd:
56:be:60:18:61:b5:10:54:c8:b3:51:2e:d8:49:58:
24:89:01:ce:96:58:64:7d:24:c5:49:0c:15:71:3a:
e2:09:43:d0:a8:22:7a:98:0d:7d:f5:56:df:0d:67:
46:9c:eb:e5:cc:e4:1e:22:ec:70:f5:1e:4c:0e:53:
4e:56:42:7a:2d:89:d3:dc:89:f5:93:d5:5f:83:98:
2b:6f:e1:4d:20:d6:87:eb:80:0f:7b:ab:a4:7a:58:
70:6b:61:6b:d7:0e:1d:22:4a:2f:95:45:a0:36:8f:
0d:da:24:34:75:68:ec:1c:2b:f1:49:e4:1a:2d:a9:
0c:8b:86:eb:df:2c:1a:25:95:41:0c:e9:6d:3c:1b:
a0:e5:fb:dc:42:05:ac:19:2d:06:30:26:72:68:92:
f9:c1:5a:44:c2:24:34:a8:d0:ea:4a:8b:97:9f:30:
8d:09:66:1d:5c:6e:b7:f3:5b:31:b6:2d:fd:9b:8a:
94:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:FA:52:AA:00:9D:93:77:AF:E7:72:D7:FB:A9:CF:61:19:71:A2:FF
X509v3 Authority Key Identifier:
keyid:76:49:28:A9:7B:E9:55:37:70:13:D3:82:C6:29:40:E9:50:DD:21:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dkkoqXvpVTdwE9OCxilA6VDdISs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/9536f5-f566-4c80-a7d9-bc1522789d3b/1/4PpSqgCdk3ev53LX-6nPYRlxov8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/9536f5-f566-4c80-a7d9-bc1522789d3b/1/dkkoqXvpVTdwE9OCxilA6VDdISs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.96.0/21
87.253.160.0/20
87.253.190.0/24
185.205.216.0/22
Signature Algorithm: sha256WithRSAEncryption
47:94:48:e6:32:ba:8b:d7:c0:46:f5:86:82:1f:29:e3:e9:dc:
3f:c7:9a:23:da:d6:f7:2a:68:f1:a0:f2:1e:aa:69:02:f5:55:
9e:d8:f0:e3:e1:48:a9:45:16:19:ea:2f:dc:2f:55:6b:16:12:
2c:3d:63:81:6b:8b:4f:e8:f8:49:98:88:5c:ae:18:29:3f:e0:
5d:fa:af:57:28:4b:cc:3a:92:23:cf:f0:ae:7e:0a:cf:cf:ee:
30:d8:9a:f9:15:2d:79:c2:90:5f:f6:78:e3:a9:c6:d4:f2:0e:
8d:72:80:fd:3f:59:eb:e9:a3:22:39:18:85:69:81:34:c3:16:
9c:dd:24:5f:e5:e4:30:f2:ba:65:48:0e:6d:0b:c7:fc:c7:4f:
69:9c:dd:b2:e9:69:a4:09:56:30:63:9f:04:69:e5:ae:3b:0d:
6a:7d:23:4b:7a:c4:73:6a:8f:2d:21:d9:14:5a:6f:25:58:11:
6a:f6:80:36:08:88:2e:04:2e:af:43:45:09:28:ad:5a:0b:74:
20:9a:ec:e2:b1:37:32:42:f8:69:8f:d3:49:e9:f8:13:2e:ac:
60:0f:e5:d4:b3:5e:72:05:1b:3c:43:38:a6:e5:bd:4e:22:1a:
dc:0d:da:21:a6:13:f1:fb:9a:9c:7e:cd:d0:59:a0:76:e8:2b:
cc:ee:1c:3a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVzaFSFJIVG09unEt/w/foGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NDkyOGE5N2JlOTU1Mzc3MDEzZDM4MmM2Mjk0MGU5NTBk
ZDIxMmIwHhcNMjMwMTAyMTY1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGZhNTJhYTAwOWQ5Mzc3YWZlNzcyZDdmYmE5Y2Y2MTE5NzFhMmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSOKuXzNN8GEbMkCt6ocCUyBmRr8
WqBN3lxZYXJsUYQBfzshiu/uNeDq9nOKeocfZUEFc5aopgnZzyxMNkUAyxInD4Ps
Gp1MJf1WvmAYYbUQVMizUS7YSVgkiQHOllhkfSTFSQwVcTriCUPQqCJ6mA199Vbf
DWdGnOvlzOQeIuxw9R5MDlNOVkJ6LYnT3In1k9Vfg5grb+FNINaH64APe6ukelhw
a2Fr1w4dIkovlUWgNo8N2iQ0dWjsHCvxSeQaLakMi4br3ywaJZVBDOltPBug5fvc
QgWsGS0GMCZyaJL5wVpEwiQ0qNDqSouXnzCNCWYdXG6381sxti39m4qUgQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOD6UqoAnZN3r+dy1/upz2EZcaL/MB8GA1UdIwQY
MBaAFHZJKKl76VU3cBPTgsYpQOlQ3SErMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGtrb3FYdnBWVGR3RTlPQ3hpbEE2VkRkSVNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My85NTM2ZjUtZjU2Ni00YzgwLWE3ZDkt
YmMxNTIyNzg5ZDNiLzEvNFBwU3FnQ2RrM2V2NTNMWC02blBZUmx4b3Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My85NTM2ZjUtZjU2Ni00YzgwLWE3ZDktYmMxNTIyNzg5ZDNi
LzEvZGtrb3FYdnBWVGR3RTlPQ3hpbEE2VkRkSVNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDHxhgAwQE
V/2gAwQAV/2+AwQCuc3YMA0GCSqGSIb3DQEBCwUAA4IBAQBHlEjmMrqL18BG9YaC
Hynj6dw/x5oj2tb3KmjxoPIeqmkC9VWe2PDj4UipRRYZ6i/cL1VrFhIsPWOBa4tP
6PhJmIhcrhgpP+Bd+q9XKEvMOpIjz/CufgrPz+4w2Jr5FS15wpBf9njjqcbU8g6N
coD9P1nr6aMiORiFaYE0wxac3SRf5eQw8rplSA5tC8f8x09pnN2y6WmkCVYwY58E
aeWuOw1qfSNLesRzao8tIdkUWm8lWBFq9oA2CIguBC6vQ0UJKK1aC3QgmuzisTcy
Qvhpj9NJ6fgTLqxgD+XUs15yBRs8Qzim5b1OIhrcDdohphPx+5qcfs3QWaB26CvM
7hw6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:41 2024 by rpki-client on console-fra.rpki-client.org