Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/l8n76fK3PbbbHF8kAD8M3HWAaRw.roa
File: l8n76fK3PbbbHF8kAD8M3HWAaRw.roa (raw, json)
Hash identifier: Si7zdP6If/NjtTi2Kzslj7M+2LfpwNi5t4BpKN0oz/E=
Subject key identifier: 97:C9:FB:E9:F2:B7:3D:B6:DB:1C:5F:24:00:3F:0C:DC:75:80:69:1C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01856D82044B10A9F5D24083AE53A049D5F3
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/l8n76fK3PbbbHF8kAD8M3HWAaRw.roa
Signing time: Sun 01 Jan 2023 13:25:15 +0000
ROA not before: Sun 01 Jan 2023 13:25:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202129
IP address blocks: 93.123.105.0/24 maxlen: 24
93.123.104.0/22 maxlen: 22
93.123.104.0/24 maxlen: 24
93.123.107.0/24 maxlen: 24
93.123.106.0/24 maxlen: 24
2a00:1728:1e::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:82:04:4b:10:a9:f5:d2:40:83:ae:53:a0:49:d5:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 1 13:25:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=97c9fbe9f2b73db6db1c5f24003f0cdc7580691c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c0:04:c4:ff:3d:84:a7:d6:f7:c2:2a:b6:4c:
04:07:28:fa:fb:ea:c9:af:25:0e:29:31:62:ac:ca:
c8:4b:ce:b7:f6:fe:b5:86:55:51:36:3b:7d:0b:a2:
28:64:01:6d:41:48:72:e1:a2:84:82:79:4f:10:e2:
5e:4a:23:6c:35:f3:10:52:c4:30:62:96:d4:54:e1:
de:51:d8:9e:3f:bc:9f:2c:04:aa:17:d6:7e:a6:95:
13:18:3e:c3:99:82:fc:12:7f:c2:8c:a3:e5:99:b4:
4b:64:8c:bf:ff:48:29:fa:e1:eb:9b:f7:86:61:1f:
99:81:42:bb:27:4f:d3:48:99:d8:69:69:e3:d7:59:
cc:5d:0d:15:0f:ed:05:58:40:62:51:af:8e:16:71:
ce:da:8f:ee:57:f5:11:d2:42:d2:0c:8b:6c:ec:4a:
24:5c:1d:7f:00:81:f4:ef:64:05:8c:72:7b:2d:20:
02:f1:e7:4a:17:f7:56:c4:db:20:38:58:37:2b:22:
7c:db:d8:e8:5d:14:7a:3c:38:8a:e2:23:b7:10:f3:
9b:ba:5b:aa:5e:e0:6e:3f:e5:4c:7b:12:75:ed:c3:
3e:3b:3f:52:bb:2a:4a:8c:f5:31:ab:eb:18:39:6f:
48:fd:b3:b1:6b:fa:da:89:c0:8e:99:65:82:70:35:
12:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:C9:FB:E9:F2:B7:3D:B6:DB:1C:5F:24:00:3F:0C:DC:75:80:69:1C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/l8n76fK3PbbbHF8kAD8M3HWAaRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.123.104.0/22
IPv6:
2a00:1728:1e::/48
Signature Algorithm: sha256WithRSAEncryption
82:ba:4f:04:3a:28:c9:81:9d:f8:7e:f0:63:45:b2:f3:93:f8:
59:02:a8:dd:eb:9c:d5:e5:9a:e6:d5:80:25:36:b9:32:56:cb:
d4:46:35:1a:66:b1:dd:9f:d4:7a:22:ce:b0:85:7b:d3:d0:23:
89:95:da:11:d4:02:43:d8:0b:09:d1:8c:c0:43:a5:fd:f9:e9:
92:6b:05:46:07:df:0f:28:ad:75:58:dc:5b:f3:c2:70:ab:6d:
8c:bf:6d:aa:48:7e:9b:09:62:3d:89:3f:28:0e:5b:3b:88:36:
a8:cd:cc:78:9f:a8:3e:f7:9c:45:39:9a:e7:88:cc:33:20:06:
1b:28:9f:30:82:fc:d4:55:35:bc:53:4f:51:d0:10:e3:e8:7e:
8a:ea:35:6f:e5:f5:ac:96:95:f7:c8:98:31:eb:80:8c:e5:1c:
e7:6e:a3:7f:24:d3:0b:a4:5a:5e:61:ab:e8:d8:68:2c:ce:c8:
0f:7c:10:b5:7b:9d:28:ee:fe:20:df:db:8e:76:12:2d:f5:24:
5c:22:71:5a:4c:a3:47:fd:fc:53:fc:3a:b6:68:a3:e6:5a:a5:
65:fe:f2:a6:1e:a0:06:b4:35:53:57:19:19:c9:83:c2:bd:a4:
12:f9:92:9d:11:e6:bb:74:c7:fc:8f:3f:bc:3c:9c:69:08:61:
9c:0c:40:d8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVtggRLEKn10kCDrlOgSdXzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAxMTMyNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2M5ZmJlOWYyYjczZGI2ZGIxYzVmMjQwMDNmMGNkYzc1ODA2OTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucAExP89hKfW98IqtkwEByj6++rJ
ryUOKTFirMrIS8639v61hlVRNjt9C6IoZAFtQUhy4aKEgnlPEOJeSiNsNfMQUsQw
YpbUVOHeUdieP7yfLASqF9Z+ppUTGD7DmYL8En/CjKPlmbRLZIy//0gp+uHrm/eG
YR+ZgUK7J0/TSJnYaWnj11nMXQ0VD+0FWEBiUa+OFnHO2o/uV/UR0kLSDIts7Eok
XB1/AIH072QFjHJ7LSAC8edKF/dWxNsgOFg3KyJ829joXRR6PDiK4iO3EPObuluq
XuBuP+VMexJ17cM+Oz9SuypKjPUxq+sYOW9I/bOxa/raicCOmWWCcDUSJQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJfJ++nytz222xxfJAA/DNx1gGkcMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbDhuNzZmSzNQYmJiSEY4a0FEOE0zSFdBYVJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCXXtoMA8E
AgACMAkDBwAqABcoAB4wDQYJKoZIhvcNAQELBQADggEBAIK6TwQ6KMmBnfh+8GNF
svOT+FkCqN3rnNXlmubVgCU2uTJWy9RGNRpmsd2f1HoizrCFe9PQI4mV2hHUAkPY
CwnRjMBDpf356ZJrBUYH3w8orXVY3FvzwnCrbYy/bapIfpsJYj2JPygOWzuINqjN
zHifqD73nEU5mueIzDMgBhsonzCC/NRVNbxTT1HQEOPoforqNW/l9ayWlffImDHr
gIzlHOduo38k0wukWl5hq+jYaCzOyA98ELV7nSju/iDf2452Ei31JFwicVpMo0f9
/FP8OrZoo+ZapWX+8qYeoAa0NVNXGRnJg8K9pBL5kp0R5rt0x/yPP7w8nGkIYZwM
QNg=
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:18:48 2024 by rpki-client on console-fra.rpki-client.org