Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/k0PAzXf6Hmzah2oD2wt1stmqRKw.roa
File: k0PAzXf6Hmzah2oD2wt1stmqRKw.roa (raw, json)
Hash identifier: cRKGRvDyD21D8yqyRsxZKdpv5RMxNhxYEUMWrWVnbYo=
Subject key identifier: 93:43:C0:CD:77:FA:1E:6C:DA:87:6A:03:DB:0B:75:B2:D9:AA:44:AC
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01936CF140E4A66E32847794CEDE36EAF19E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/k0PAzXf6Hmzah2oD2wt1stmqRKw.roa
Signing time: Wed 27 Nov 2024 09:26:10 +0000
ROA not before: Wed 27 Nov 2024 09:26:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51396
IP address blocks: 87.120.88.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 30 Nov 2024 18:44:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6c:f1:40:e4:a6:6e:32:84:77:94:ce:de:36:ea:f1:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 27 09:26:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9343c0cd77fa1e6cda876a03db0b75b2d9aa44ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b5:b2:d0:c4:29:87:3e:fb:91:e1:ef:a5:f0:
7e:4b:8f:84:a7:19:93:3a:b5:0f:17:0c:15:8e:2c:
79:26:c7:44:c8:33:ce:2b:06:47:52:71:36:7b:90:
af:38:3e:37:4e:ef:f5:b7:a5:e9:d9:c1:0d:6e:59:
7d:71:d0:0b:0e:88:a0:b4:f4:f6:6e:f5:fc:a4:1a:
0f:8f:d0:58:97:16:e7:a2:9c:2d:ee:75:3d:29:ea:
66:a9:26:41:7d:26:df:ae:7a:40:bf:7c:88:92:3d:
79:57:80:7a:60:ba:b9:0d:9a:7c:11:76:43:62:5e:
06:bd:8f:79:76:2f:12:6f:1e:4c:2e:4c:a2:5f:5f:
03:37:9e:05:9d:db:bb:49:98:7f:57:a5:47:95:0b:
47:5e:33:78:12:73:71:8d:b6:95:40:75:dc:5b:16:
f2:13:fb:07:5b:94:02:5a:27:97:16:ed:30:5d:0f:
a4:04:3b:99:fd:a2:15:8c:85:9c:c8:e1:10:ba:84:
b3:f8:e3:7b:65:3d:55:e7:f4:ce:d3:82:bb:22:d7:
26:68:0d:ed:30:fe:c0:e7:84:27:d6:1f:ff:b5:be:
ca:d0:a8:28:b6:b3:d8:4c:70:2b:f1:0e:d9:43:8d:
b7:31:92:bc:25:c6:92:5b:72:d3:32:a8:d6:07:99:
80:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:43:C0:CD:77:FA:1E:6C:DA:87:6A:03:DB:0B:75:B2:D9:AA:44:AC
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/k0PAzXf6Hmzah2oD2wt1stmqRKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.88.0/24
Signature Algorithm: sha256WithRSAEncryption
92:fc:33:f9:a4:33:5c:b1:a3:2f:b5:20:c0:11:57:15:cb:3c:
15:ce:9c:ac:e1:91:0c:1d:f8:1c:32:53:41:c6:26:fa:1d:9a:
91:95:38:3e:b0:9f:f4:d3:a7:d4:3c:0b:4a:55:f0:44:5e:b5:
9d:0a:f6:ae:79:0d:32:e2:9e:63:3a:fb:2f:57:a4:47:51:bd:
99:7b:8e:8e:9c:90:9f:11:3d:ef:dd:26:6d:8d:48:bc:90:3e:
48:32:3b:d5:77:be:59:d5:84:99:8d:d4:56:b3:78:20:3d:3f:
43:cc:92:13:36:fe:e9:03:63:dd:84:f1:fa:5d:5c:3f:08:81:
ff:7d:0d:99:39:ed:f7:77:db:eb:11:e1:2f:2c:6b:b6:73:c6:
f5:90:61:a0:f3:0e:fc:bc:08:57:29:04:5a:4d:70:c2:a4:09:
b0:15:3d:fa:5a:25:b1:18:5d:96:d1:a1:c1:b8:89:8a:e3:87:
5d:69:1c:a2:6a:d1:df:e7:09:21:bf:46:62:fe:59:b7:09:0e:
60:10:d0:25:d6:5a:f2:64:23:a0:1f:f1:aa:64:68:b4:68:84:
b2:c3:00:d7:62:72:ed:0d:fc:6d:1e:ff:1e:bb:75:ff:1f:b3:
ea:42:4b:48:b4:7c:f9:8b:1b:98:72:f5:a1:4d:7f:4a:fa:a0:
9c:a9:4a:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZNs8UDkpm4yhHeUzt426vGeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMTI3MDkyNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzQzYzBjZDc3ZmExZTZjZGE4NzZhMDNkYjBiNzViMmQ5YWE0NGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbWy0MQphz77keHvpfB+S4+EpxmT
OrUPFwwVjix5JsdEyDPOKwZHUnE2e5CvOD43Tu/1t6Xp2cENbll9cdALDoigtPT2
bvX8pBoPj9BYlxbnopwt7nU9KepmqSZBfSbfrnpAv3yIkj15V4B6YLq5DZp8EXZD
Yl4GvY95di8Sbx5MLkyiX18DN54Fndu7SZh/V6VHlQtHXjN4EnNxjbaVQHXcWxby
E/sHW5QCWieXFu0wXQ+kBDuZ/aIVjIWcyOEQuoSz+ON7ZT1V5/TO04K7ItcmaA3t
MP7A54Qn1h//tb7K0KgotrPYTHAr8Q7ZQ423MZK8JcaSW3LTMqjWB5mAbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJNDwM13+h5s2odqA9sLdbLZqkSsMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvazBQQXpYZjZIbXphaDJvRDJ3dDFzdG1xUkt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV3hYMA0G
CSqGSIb3DQEBCwUAA4IBAQCS/DP5pDNcsaMvtSDAEVcVyzwVzpys4ZEMHfgcMlNB
xib6HZqRlTg+sJ/006fUPAtKVfBEXrWdCvaueQ0y4p5jOvsvV6RHUb2Ze46OnJCf
ET3v3SZtjUi8kD5IMjvVd75Z1YSZjdRWs3ggPT9DzJITNv7pA2PdhPH6XVw/CIH/
fQ2ZOe33d9vrEeEvLGu2c8b1kGGg8w78vAhXKQRaTXDCpAmwFT36WiWxGF2W0aHB
uImK44ddaRyiatHf5wkhv0Zi/lm3CQ5gENAl1lryZCOgH/GqZGi0aISywwDXYnLt
DfxtHv8eu3X/H7PqQktItHz5ixuYcvWhTX9K+qCcqUq3
-----END CERTIFICATE-----
Generated at Sun Apr 27 08:37:56 2025 by rpki-client