Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/nZmUqdbKQchQ4HYS3ZOatQcmgP0.roa
File: nZmUqdbKQchQ4HYS3ZOatQcmgP0.roa (raw, json)
Hash identifier: RuHTMYSDo5FppYgPXmIzp1GsLEENALv3IZ/9eJ0py3k=
Subject key identifier: 9D:99:94:A9:D6:CA:41:C8:50:E0:76:12:DD:93:9A:B5:07:26:80:FD
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01937780CF02C42C97DEDE034CBC39C53010
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/nZmUqdbKQchQ4HYS3ZOatQcmgP0.roa
Signing time: Fri 29 Nov 2024 10:39:10 +0000
ROA not before: Fri 29 Nov 2024 10:39:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215590
IP address blocks: 87.121.98.0/24 maxlen: 24
87.121.217.0/24 maxlen: 24
87.121.218.0/24 maxlen: 24
185.246.222.0/24 maxlen: 24
193.168.196.0/24 maxlen: 24
193.168.197.0/24 maxlen: 24
193.168.198.0/24 maxlen: 24
193.168.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 01 Dec 2024 06:24:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:77:80:cf:02:c4:2c:97:de:de:03:4c:bc:39:c5:30:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 29 10:39:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d9994a9d6ca41c850e07612dd939ab5072680fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:96:07:c8:a9:5a:21:46:73:17:6b:07:cd:1e:
62:ca:16:69:46:24:cd:c9:3d:e6:9b:e8:0a:1d:0d:
74:fb:c1:e9:e3:07:05:d5:a1:6b:9f:ac:97:ae:d8:
b3:7c:33:ac:0d:01:2f:c4:d5:28:43:16:0c:83:97:
30:5d:d7:ea:91:8f:f2:74:55:cf:7e:34:4d:4b:b1:
c5:cf:2f:9a:34:f8:fb:cf:9d:b2:18:bb:38:ec:21:
4f:c4:1b:f7:0f:49:02:88:e0:00:56:9f:2f:fa:5f:
52:75:54:e4:bf:a9:da:40:f1:9c:7d:0c:2f:52:1f:
a9:d3:8a:3e:fd:28:3e:b2:06:65:f8:cc:52:be:05:
64:22:a2:0a:ab:e5:1a:3a:02:43:91:a1:a0:6c:98:
c0:fa:02:4f:33:2a:f3:d7:ac:d0:cf:4a:38:7f:7a:
15:33:7b:91:ab:9e:61:10:24:cd:af:9d:b7:80:4e:
45:f0:a3:73:ab:e2:90:20:59:a1:b9:4a:d5:f0:67:
6d:4d:ce:8c:66:9d:a6:49:45:81:65:32:c1:d5:ff:
35:b1:77:dd:b2:ae:13:48:08:15:83:b3:91:5d:9e:
a3:c0:29:01:d9:81:bc:0c:e0:d6:03:55:31:ce:8a:
d6:f6:a3:54:85:64:6d:65:45:18:3a:47:88:47:df:
28:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:99:94:A9:D6:CA:41:C8:50:E0:76:12:DD:93:9A:B5:07:26:80:FD
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/nZmUqdbKQchQ4HYS3ZOatQcmgP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.121.98.0/24
87.121.217.0-87.121.218.255
185.246.222.0/24
193.168.196.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:74:fd:f0:4d:1f:17:c4:cc:ba:86:f1:89:d0:4f:59:1f:a7:
a6:0c:6b:b7:ca:20:68:1a:19:31:28:c2:77:5f:b9:f0:42:9c:
83:df:30:8c:15:b2:75:22:33:61:e3:a0:7e:c6:77:b9:42:94:
a4:6f:4a:bc:9d:b2:cd:49:f7:af:2f:de:39:76:81:e4:42:82:
34:8d:f6:93:ee:06:de:d4:88:e4:bc:91:1d:78:e6:22:3a:94:
d5:54:ef:cf:dd:7a:1a:b1:fa:c8:66:e6:27:a6:20:68:8b:27:
c6:21:b7:f7:5d:6c:67:bf:93:ad:57:00:ae:d2:4c:85:15:a6:
c5:d0:79:a3:41:35:c6:f8:b9:8f:56:3d:55:14:0d:77:54:2c:
61:43:d0:4f:bb:1c:ab:eb:eb:3b:85:17:ff:d0:7b:73:a3:a0:
72:7f:56:16:1f:d0:c8:a1:9a:75:74:a4:53:a4:dc:6d:51:fd:
9e:59:52:85:9c:eb:b0:ce:22:cd:6d:1f:14:ea:3a:23:61:e4:
05:20:e1:1a:cc:ed:b9:cd:24:2f:bb:eb:11:03:93:28:31:8f:
c1:a1:e5:a2:05:58:be:b4:fe:71:9d:6d:ed:11:46:0e:53:52:
2a:df:0b:94:67:73:13:97:2c:c9:fb:5a:39:0b:70:84:9f:38:
47:ba:de:30
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZN3gM8CxCyX3t4DTLw5xTAQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMTI5MTAzOTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDk5OTRhOWQ2Y2E0MWM4NTBlMDc2MTJkZDkzOWFiNTA3MjY4MGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZYHyKlaIUZzF2sHzR5iyhZpRiTN
yT3mm+gKHQ10+8Hp4wcF1aFrn6yXrtizfDOsDQEvxNUoQxYMg5cwXdfqkY/ydFXP
fjRNS7HFzy+aNPj7z52yGLs47CFPxBv3D0kCiOAAVp8v+l9SdVTkv6naQPGcfQwv
Uh+p04o+/Sg+sgZl+MxSvgVkIqIKq+UaOgJDkaGgbJjA+gJPMyrz16zQz0o4f3oV
M3uRq55hECTNr523gE5F8KNzq+KQIFmhuUrV8GdtTc6MZp2mSUWBZTLB1f81sXfd
sq4TSAgVg7ORXZ6jwCkB2YG8DODWA1UxzorW9qNUhWRtZUUYOkeIR98olwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJ2ZlKnWykHIUOB2Et2TmrUHJoD9MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvblptVXFkYktRY2hRNEhZUzNaT2F0UWNtZ1AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAV3liMAwD
BABXedkDBABXedoDBAC59t4DBALBqMQwDQYJKoZIhvcNAQELBQADggEBAKl0/fBN
HxfEzLqG8YnQT1kfp6YMa7fKIGgaGTEowndfufBCnIPfMIwVsnUiM2HjoH7Gd7lC
lKRvSrydss1J968v3jl2geRCgjSN9pPuBt7UiOS8kR145iI6lNVU78/dehqx+shm
5iemIGiLJ8Yht/ddbGe/k61XAK7STIUVpsXQeaNBNcb4uY9WPVUUDXdULGFD0E+7
HKvr6zuFF//Qe3OjoHJ/VhYf0MihmnV0pFOk3G1R/Z5ZUoWc67DOIs1tHxTqOiNh
5AUg4RrM7bnNJC+76xEDkygxj8Gh5aIFWL60/nGdbe0RRg5TUirfC5RncxOXLMn7
WjkLcISfOEe63jA=
-----END CERTIFICATE-----
Generated at Tue Apr 29 00:33:29 2025 by rpki-client