Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/46916e-e86c-44a8-8ab9-53849baf1b45/1/FVxu6-nKlZcqAFBmfC-KXBPro4s.roa
File: FVxu6-nKlZcqAFBmfC-KXBPro4s.roa (raw, json)
Hash identifier: dRicxB9UJeR6ABiPfk52Ciux/vE1Kp6EDBEpLxXY2lo=
Subject key identifier: 15:5C:6E:EB:E9:CA:95:97:2A:00:50:66:7C:2F:8A:5C:13:EB:A3:8B
Certificate issuer: /CN=0c2d7c238e89dcd52f6fb2296dfa4758c61c97be
Certificate serial: 018CC86F3AB4BBE436E6D9779F0881F42C4E
Authority key identifier: 0C:2D:7C:23:8E:89:DC:D5:2F:6F:B2:29:6D:FA:47:58:C6:1C:97:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DC18I46J3NUvb7IpbfpHWMYcl74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/46916e-e86c-44a8-8ab9-53849baf1b45/1/FVxu6-nKlZcqAFBmfC-KXBPro4s.roa
Signing time: Tue 02 Jan 2024 04:29:41 +0000
ROA not before: Tue 02 Jan 2024 04:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35258
IP address blocks: 185.93.58.0/23 maxlen: 23
185.93.56.0/24 maxlen: 24
2a03:8fa0::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:3a:b4:bb:e4:36:e6:d9:77:9f:08:81:f4:2c:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c2d7c238e89dcd52f6fb2296dfa4758c61c97be
Validity
Not Before: Jan 2 04:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=155c6eebe9ca95972a0050667c2f8a5c13eba38b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:d0:88:41:67:95:69:58:e8:ac:ce:37:39:94:
e8:5a:d9:58:75:5f:0f:5f:b0:0d:ae:56:8a:9d:99:
8a:9a:47:56:94:11:46:45:65:3b:84:c1:8d:37:e8:
0d:ec:82:e9:b5:45:13:4f:7d:f0:e2:f9:1a:57:c8:
f9:76:c8:2d:f1:e9:c6:59:60:bc:82:90:b0:06:2e:
3f:46:c7:f5:2b:67:d0:f0:03:c6:08:d5:ba:85:92:
9e:e3:03:b9:5e:cc:56:20:01:51:6c:8f:09:27:e2:
4f:50:dc:8c:5f:0d:f5:04:c7:fe:22:06:70:29:3d:
0b:d5:5c:76:cc:d6:ca:70:a9:84:65:ba:71:72:4d:
de:16:62:c2:50:6c:9f:03:24:1b:ed:bf:e3:82:b6:
f4:93:b7:a9:e3:ef:33:98:b9:3a:f5:5c:c3:67:61:
79:e1:dc:c9:66:f2:1e:db:42:a0:bd:59:e1:57:e1:
41:f7:12:15:31:8b:ab:f0:cb:e4:37:24:cc:7e:a7:
71:0e:8b:e1:3b:22:ab:7b:ad:5c:12:9c:48:d6:43:
ab:b3:7a:a6:8d:1d:cf:38:70:99:d8:87:ed:37:3b:
7c:fa:c8:3c:15:6c:78:5f:b1:ab:5f:46:c5:f0:99:
66:46:95:18:37:1f:e5:6b:f3:ab:33:d9:cf:08:6a:
3c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:5C:6E:EB:E9:CA:95:97:2A:00:50:66:7C:2F:8A:5C:13:EB:A3:8B
X509v3 Authority Key Identifier:
keyid:0C:2D:7C:23:8E:89:DC:D5:2F:6F:B2:29:6D:FA:47:58:C6:1C:97:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DC18I46J3NUvb7IpbfpHWMYcl74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/46916e-e86c-44a8-8ab9-53849baf1b45/1/FVxu6-nKlZcqAFBmfC-KXBPro4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/46916e-e86c-44a8-8ab9-53849baf1b45/1/DC18I46J3NUvb7IpbfpHWMYcl74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.56.0/24
185.93.58.0/23
IPv6:
2a03:8fa0::/36
Signature Algorithm: sha256WithRSAEncryption
b0:2b:91:8f:ae:76:f0:06:7a:23:a6:3d:48:dc:59:bd:83:fe:
73:1c:e2:62:1f:d3:ad:f5:5e:58:79:db:d1:3c:2d:32:19:dc:
83:e2:9f:69:f8:3a:fc:23:6e:ae:89:d2:96:5b:1c:7a:f7:ad:
02:62:cc:54:90:1b:1e:65:7b:d1:e7:e0:f2:54:d4:51:e1:39:
2e:cb:e3:3a:b1:9d:78:b2:5a:bd:ff:db:ed:df:5e:8c:bd:d7:
f1:9c:8e:a1:9c:a4:85:91:ef:df:f8:b5:80:12:7b:c2:52:82:
a3:7c:bd:15:4a:1c:4b:54:45:b5:dd:cb:bf:4e:3f:0b:50:75:
eb:5b:3e:a8:fd:df:39:e9:0b:d8:ff:c2:94:5a:f1:2b:08:33:
f8:27:ba:8b:89:96:aa:09:95:9e:47:f2:09:05:c6:ca:79:cd:
bf:5e:36:09:04:60:86:39:21:f6:b0:b8:48:54:4e:77:b2:ea:
c5:99:d8:85:43:f0:30:c9:a8:45:c4:c4:db:a3:74:29:ee:32:
af:b0:b4:b5:42:b7:c2:eb:db:cb:d9:09:da:11:b8:94:17:19:
23:5d:3a:ef:0a:95:2e:c9:e8:fe:8d:6c:5c:63:b9:fd:12:99:
29:9d:92:b1:50:b5:36:5f:7e:aa:07:ca:d7:c2:37:10:3d:ba:
c5:85:31:42
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzIbzq0u+Q25tl3nwiB9CxOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMmQ3YzIzOGU4OWRjZDUyZjZmYjIyOTZkZmE0NzU4YzYx
Yzk3YmUwHhcNMjQwMTAyMDQyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTVjNmVlYmU5Y2E5NTk3MmEwMDUwNjY3YzJmOGE1YzEzZWJhMzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNCIQWeVaVjorM43OZToWtlYdV8P
X7ANrlaKnZmKmkdWlBFGRWU7hMGNN+gN7ILptUUTT33w4vkaV8j5dsgt8enGWWC8
gpCwBi4/Rsf1K2fQ8APGCNW6hZKe4wO5XsxWIAFRbI8JJ+JPUNyMXw31BMf+IgZw
KT0L1Vx2zNbKcKmEZbpxck3eFmLCUGyfAyQb7b/jgrb0k7ep4+8zmLk69VzDZ2F5
4dzJZvIe20KgvVnhV+FB9xIVMYur8MvkNyTMfqdxDovhOyKre61cEpxI1kOrs3qm
jR3POHCZ2IftNzt8+sg8FWx4X7GrX0bF8JlmRpUYNx/la/OrM9nPCGo8tQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFBVcbuvpypWXKgBQZnwvilwT66OLMB8GA1UdIwQY
MBaAFAwtfCOOidzVL2+yKW36R1jGHJe+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREMxOEk0NkozTlV2YjdJcGJmcEhXTVljbDc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC80NjkxNmUtZTg2Yy00NGE4LThhYjkt
NTM4NDliYWYxYjQ1LzEvRlZ4dTYtbktsWmNxQUZCbWZDLUtYQlBybzRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC80NjkxNmUtZTg2Yy00NGE4LThhYjktNTM4NDliYWYxYjQ1
LzEvREMxOEk0NkozTlV2YjdJcGJmcEhXTVljbDc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQAuV04AwQB
uV06MA4EAgACMAgDBgQqA4+gADANBgkqhkiG9w0BAQsFAAOCAQEAsCuRj6528AZ6
I6Y9SNxZvYP+cxziYh/TrfVeWHnb0TwtMhncg+Kfafg6/CNuronSllscevetAmLM
VJAbHmV70efg8lTUUeE5LsvjOrGdeLJavf/b7d9ejL3X8ZyOoZykhZHv3/i1gBJ7
wlKCo3y9FUocS1RFtd3Lv04/C1B161s+qP3fOekL2P/ClFrxKwgz+Ce6i4mWqgmV
nkfyCQXGynnNv142CQRghjkh9rC4SFROd7LqxZnYhUPwMMmoRcTE26N0Ke4yr7C0
tUK3wuvby9kJ2hG4lBcZI1067wqVLsno/o1sXGO5/RKZKZ2SsVC1Nl9+qgfK18I3
ED26xYUxQg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:01:03 2025 by rpki-client