Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yYPuJrGJhtHkI70EizYduCP-0XQ.roa
File: yYPuJrGJhtHkI70EizYduCP-0XQ.roa (raw, json)
Hash identifier: BGSO2xS0pa/q4WQx6JCiPyhLWngXDLB+qP6r5titN/g=
Subject key identifier: C9:83:EE:26:B1:89:86:D1:E4:23:BD:04:8B:36:1D:B8:23:FE:D1:74
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0192002CCE4A3139C94CD19FCBCC2E119ED2
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yYPuJrGJhtHkI70EizYduCP-0XQ.roa
Signing time: Tue 17 Sep 2024 13:29:49 +0000
ROA not before: Tue 17 Sep 2024 13:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208389
IP address blocks: 93.123.0.0/24 maxlen: 24
93.123.1.0/24 maxlen: 24
93.123.2.0/24 maxlen: 24
93.123.3.0/24 maxlen: 24
93.123.4.0/24 maxlen: 24
93.123.5.0/24 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:50:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:00:2c:ce:4a:31:39:c9:4c:d1:9f:cb:cc:2e:11:9e:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 17 13:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c983ee26b18986d1e423bd048b361db823fed174
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:05:ad:5a:fd:ff:c9:4c:51:0c:63:1a:45:7b:
39:5d:fa:7d:7e:21:ae:d4:f7:0c:1c:14:e4:05:e0:
8d:87:ae:9c:ec:74:06:66:47:c1:cf:20:00:e3:3f:
5b:06:7f:33:db:fd:7e:f8:41:f7:5c:d7:40:1a:22:
5f:12:14:2a:b9:d7:88:ea:b6:34:22:fc:ed:95:68:
2c:00:fb:19:02:b3:0c:eb:ef:21:3c:cb:1d:ab:96:
3d:d0:09:45:4f:91:18:ea:55:b5:2c:58:01:49:ef:
3e:8e:67:e5:03:c0:76:e8:6c:68:ab:07:5c:d8:f1:
a9:d0:d3:ca:dd:1b:cf:88:48:ac:31:4b:ca:5d:4a:
b5:59:40:83:55:fa:e5:30:73:4a:ec:6e:6e:a3:2e:
df:5b:59:8c:16:d8:0e:a5:ec:69:df:a9:79:b1:e2:
c9:7d:63:ac:6a:59:57:fa:45:1f:9b:ef:76:34:00:
78:af:08:cd:8d:4d:7a:40:43:20:39:f7:e3:16:4e:
78:0d:75:ed:2d:33:0e:96:96:bd:b3:ea:a9:4d:62:
43:43:14:b8:6f:77:25:54:83:34:7e:d8:71:ef:f4:
38:8d:6d:c5:88:0d:99:7b:2d:54:f3:92:bb:8a:8e:
ad:7a:67:14:9a:64:91:fa:78:82:2a:a4:57:d0:62:
ba:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:83:EE:26:B1:89:86:D1:E4:23:BD:04:8B:36:1D:B8:23:FE:D1:74
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yYPuJrGJhtHkI70EizYduCP-0XQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.123.0.0-93.123.5.255
Signature Algorithm: sha256WithRSAEncryption
26:c7:49:e0:f3:ad:54:a9:eb:a5:19:73:7a:32:cd:55:04:93:
09:22:c7:27:16:46:a5:ee:68:24:67:13:08:53:ae:6a:0e:e5:
55:50:f2:a5:b8:8e:97:22:99:86:a9:1d:10:55:38:2a:7b:0c:
b0:16:4f:09:79:83:04:2b:76:28:dc:cd:6b:e2:fc:b2:78:58:
41:eb:6f:a3:b9:89:d3:0a:38:07:24:76:e1:c1:37:89:75:2e:
df:c6:89:7c:5b:c0:f4:11:8b:4d:a3:33:25:f6:17:27:e7:59:
60:a6:0c:20:96:96:06:89:2b:6c:94:10:d6:4e:77:e2:ef:4b:
1c:ff:fa:3e:29:6e:ba:ad:a2:f5:36:36:ea:f0:65:32:09:d3:
93:22:47:f0:20:41:b1:0b:b6:2e:2a:3f:18:5b:f9:bf:40:a8:
51:3f:d2:a5:75:bd:34:7f:d0:65:8d:2d:2f:db:02:0b:72:82:
fa:9c:1e:08:03:11:27:dc:a4:d6:41:94:e6:be:40:f3:26:32:
0a:95:07:d5:62:35:ba:1b:36:d2:21:76:a8:bf:50:41:26:f0:
4f:37:96:81:93:d4:13:8c:d1:be:ec:73:f7:0e:d1:db:2a:d6:
18:8f:fe:a3:a3:95:3e:56:56:ce:50:8b:dd:a9:5f:b2:c4:44:
b2:92:6f:00
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZIALM5KMTnJTNGfy8wuEZ7SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwOTE3MTMyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTgzZWUyNmIxODk4NmQxZTQyM2JkMDQ4YjM2MWRiODIzZmVkMTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQWtWv3/yUxRDGMaRXs5Xfp9fiGu
1PcMHBTkBeCNh66c7HQGZkfBzyAA4z9bBn8z2/1++EH3XNdAGiJfEhQqudeI6rY0
IvztlWgsAPsZArMM6+8hPMsdq5Y90AlFT5EY6lW1LFgBSe8+jmflA8B26Gxoqwdc
2PGp0NPK3RvPiEisMUvKXUq1WUCDVfrlMHNK7G5uoy7fW1mMFtgOpexp36l5seLJ
fWOsallX+kUfm+92NAB4rwjNjU16QEMgOffjFk54DXXtLTMOlpa9s+qpTWJDQxS4
b3clVIM0fthx7/Q4jW3FiA2Zey1U85K7io6temcUmmSR+niCKqRX0GK6WQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFMmD7iaxiYbR5CO9BIs2Hbgj/tF0MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEveVlQdUpyR0podEhrSTcwRWl6WWR1Q1AtMFhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDAwBdewME
AV17BDANBgkqhkiG9w0BAQsFAAOCAQEAJsdJ4POtVKnrpRlzejLNVQSTCSLHJxZG
pe5oJGcTCFOuag7lVVDypbiOlyKZhqkdEFU4KnsMsBZPCXmDBCt2KNzNa+L8snhY
Qetvo7mJ0wo4ByR24cE3iXUu38aJfFvA9BGLTaMzJfYXJ+dZYKYMIJaWBokrbJQQ
1k534u9LHP/6Piluuq2i9TY26vBlMgnTkyJH8CBBsQu2Lio/GFv5v0CoUT/SpXW9
NH/QZY0tL9sCC3KC+pweCAMRJ9yk1kGU5r5A8yYyCpUH1WI1uhs20iF2qL9QQSbw
TzeWgZPUE4zRvuxz9w7R2yrWGI/+o6OVPlZWzlCL3alfssREspJvAA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:37:48 2025 by rpki-client