Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/8c83fd-52b5-40bb-9963-48873baa69a7/1/0onnrr7KV2jtKR6geuPf6ofrN3o.roa
File: 0onnrr7KV2jtKR6geuPf6ofrN3o.roa (raw, json)
Hash identifier: kfX2N7uefjnEpx25gvr8bTRq9fA32G/zXfC7nyus5Kc=
Subject key identifier: D2:89:E7:AE:BE:CA:57:68:ED:29:1E:A0:7A:E3:DF:EA:87:EB:37:7A
Certificate issuer: /CN=881721281ffba5713e9d052af6fe6d1b040a2a39
Certificate serial: 019468B3A66726A6903310A323F64A0CB8FB
Authority key identifier: 88:17:21:28:1F:FB:A5:71:3E:9D:05:2A:F6:FE:6D:1B:04:0A:2A:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBchKB_7pXE-nQUq9v5tGwQKKjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/8c83fd-52b5-40bb-9963-48873baa69a7/1/0onnrr7KV2jtKR6geuPf6ofrN3o.roa
Signing time: Wed 15 Jan 2025 06:43:11 +0000
ROA not before: Wed 15 Jan 2025 06:43:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34655
IP address blocks: 93.93.54.0/24 maxlen: 24
95.128.122.0/24 maxlen: 24
95.128.123.0/24 maxlen: 24
95.128.124.0/24 maxlen: 24
95.128.125.0/24 maxlen: 24
95.128.126.0/24 maxlen: 24
109.71.163.0/24 maxlen: 24
109.71.165.0/24 maxlen: 24
109.71.166.0/24 maxlen: 24
109.71.167.0/24 maxlen: 24
185.13.89.0/24 maxlen: 24
2a03:9c40::/48 maxlen: 48
2a03:9c40:200::/48 maxlen: 48
2a03:9c40:400::/48 maxlen: 48
2a03:9c40:600::/48 maxlen: 48
2a03:9c40:800::/48 maxlen: 48
2a03:9c40:1000::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 15 Jan 2025 07:56:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:68:b3:a6:67:26:a6:90:33:10:a3:23:f6:4a:0c:b8:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=881721281ffba5713e9d052af6fe6d1b040a2a39
Validity
Not Before: Jan 15 06:43:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d289e7aebeca5768ed291ea07ae3dfea87eb377a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:2b:08:dd:a4:8b:77:2d:fa:54:2a:cf:0d:f1:
e7:53:44:1a:90:f1:44:cc:73:2c:df:b3:47:27:f2:
8d:41:ce:a0:e0:d1:da:07:d7:68:f6:59:d7:c6:2c:
67:a7:82:c3:34:d1:b0:60:4c:60:ae:61:1b:9a:26:
54:23:f0:52:af:8e:1d:c1:c1:70:bc:73:ff:2f:ab:
3d:49:fb:17:6a:75:7e:6c:fd:59:c5:41:1a:31:1d:
cc:48:99:aa:de:b2:af:2d:30:6f:10:e0:4d:43:bb:
09:1e:94:12:6f:4e:54:38:da:82:57:ed:34:93:a7:
62:79:e2:c8:35:85:b1:21:5c:c4:9f:4a:69:f9:22:
96:ea:9e:85:63:8c:0e:7f:f9:e6:42:49:56:88:f9:
cb:e4:f2:d7:6f:60:53:35:f7:e1:42:03:cf:d0:24:
5b:f9:b4:79:24:6b:10:16:e2:44:b4:5f:c6:c2:b1:
ff:46:01:36:05:74:ef:2c:0c:fb:8c:75:18:6c:38:
9b:44:5a:d0:ca:c3:22:0e:e0:8c:2f:e4:12:97:0f:
e1:66:6c:73:6c:cf:85:0c:2c:57:b4:25:25:f2:70:
41:b8:20:0f:fd:50:60:b2:50:66:c4:eb:4d:cc:25:
4e:ba:f9:d4:a6:41:e1:b5:9c:4f:a7:1a:e3:e9:bb:
6e:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:89:E7:AE:BE:CA:57:68:ED:29:1E:A0:7A:E3:DF:EA:87:EB:37:7A
X509v3 Authority Key Identifier:
keyid:88:17:21:28:1F:FB:A5:71:3E:9D:05:2A:F6:FE:6D:1B:04:0A:2A:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBchKB_7pXE-nQUq9v5tGwQKKjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/8c83fd-52b5-40bb-9963-48873baa69a7/1/0onnrr7KV2jtKR6geuPf6ofrN3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/8c83fd-52b5-40bb-9963-48873baa69a7/1/iBchKB_7pXE-nQUq9v5tGwQKKjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.93.54.0/24
95.128.122.0-95.128.126.255
109.71.163.0/24
109.71.165.0-109.71.167.255
185.13.89.0/24
IPv6:
2a03:9c40::/48
2a03:9c40:200::/48
2a03:9c40:400::/48
2a03:9c40:600::/48
2a03:9c40:800::/48
2a03:9c40:1000::/48
Signature Algorithm: sha256WithRSAEncryption
3f:0a:a2:95:b0:85:8a:ad:cc:5a:86:fb:2f:1c:f8:cc:43:86:
af:9c:5a:17:0e:78:58:c7:29:26:b1:b6:71:45:7c:5a:35:e3:
61:69:c8:9b:28:9f:8b:cb:79:07:b5:14:50:a3:eb:cc:18:9c:
60:a3:7e:4c:e9:f5:7b:50:97:cd:57:8b:b4:66:fe:3f:4f:3e:
48:d8:29:67:5e:f3:9a:96:88:b1:6a:ce:16:5e:76:0a:30:a3:
82:2c:c2:a8:ec:5b:41:6f:de:38:93:fc:31:6a:4f:52:af:b4:
7f:2c:5d:61:0b:26:a3:87:21:86:62:5a:38:52:d1:e2:03:55:
9d:94:f5:f8:25:e7:b2:52:0f:45:db:93:2d:1e:c4:7f:6c:7d:
ce:2d:d9:b6:56:6e:3d:55:8b:5f:89:1d:b3:42:cf:31:95:f2:
0b:81:15:10:85:0a:0d:50:39:cb:c5:56:f7:7f:77:93:50:f5:
09:5e:4b:70:cd:c7:5d:31:3e:fc:db:17:39:1f:2a:f4:9d:f8:
73:3a:2f:85:a8:80:2c:4d:9d:b3:94:ac:fd:fe:09:ce:73:bc:
0a:dc:54:79:3a:d8:4b:28:cf:fd:49:60:8b:b5:26:fa:10:82:
6d:65:15:a3:de:7a:1a:81:07:66:79:eb:55:f5:7f:09:23:ae:
b2:ba:18:93
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZRos6ZnJqaQMxCjI/ZKDLj7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MTcyMTI4MWZmYmE1NzEzZTlkMDUyYWY2ZmU2ZDFiMDQw
YTJhMzkwHhcNMjUwMTE1MDY0MzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjg5ZTdhZWJlY2E1NzY4ZWQyOTFlYTA3YWUzZGZlYTg3ZWIzNzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSsI3aSLdy36VCrPDfHnU0QakPFE
zHMs37NHJ/KNQc6g4NHaB9do9lnXxixnp4LDNNGwYExgrmEbmiZUI/BSr44dwcFw
vHP/L6s9SfsXanV+bP1ZxUEaMR3MSJmq3rKvLTBvEOBNQ7sJHpQSb05UONqCV+00
k6dieeLINYWxIVzEn0pp+SKW6p6FY4wOf/nmQklWiPnL5PLXb2BTNffhQgPP0CRb
+bR5JGsQFuJEtF/GwrH/RgE2BXTvLAz7jHUYbDibRFrQysMiDuCML+QSlw/hZmxz
bM+FDCxXtCUl8nBBuCAP/VBgslBmxOtNzCVOuvnUpkHhtZxPpxrj6btu6QIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFNKJ566+yldo7SkeoHrj3+qH6zd6MB8GA1UdIwQY
MBaAFIgXISgf+6VxPp0FKvb+bRsECio5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJjaEtCXzdwWEUtblFVcTl2NXRHd1FLS2prLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy84YzgzZmQtNTJiNS00MGJiLTk5NjMt
NDg4NzNiYWE2OWE3LzEvMG9ubnJyN0tWMmp0S1I2Z2V1UGY2b2ZyTjNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy84YzgzZmQtNTJiNS00MGJiLTk5NjMtNDg4NzNiYWE2OWE3
LzEvaUJjaEtCXzdwWEUtblFVcTl2NXRHd1FLS2prLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwNAQCAAEwLgMEAF1dNjAM
AwQBX4B6AwQAX4B+AwQAbUejMAwDBABtR6UDBANtR6ADBAC5DVkwPAQCAAIwNgMH
ACoDnEAAAAMHACoDnEACAAMHACoDnEAEAAMHACoDnEAGAAMHACoDnEAIAAMHACoD
nEAQADANBgkqhkiG9w0BAQsFAAOCAQEAPwqilbCFiq3MWob7Lxz4zEOGr5xaFw54
WMcpJrG2cUV8WjXjYWnImyifi8t5B7UUUKPrzBicYKN+TOn1e1CXzVeLtGb+P08+
SNgpZ17zmpaIsWrOFl52CjCjgizCqOxbQW/eOJP8MWpPUq+0fyxdYQsmo4chhmJa
OFLR4gNVnZT1+CXnslIPRduTLR7Ef2x9zi3ZtlZuPVWLX4kds0LPMZXyC4EVEIUK
DVA5y8VW9393k1D1CV5LcM3HXTE+/NsXOR8q9J34czovhaiALE2ds5Ss/f4JznO8
CtxUeTrYSyjP/Ulgi7Um+hCCbWUVo956GoEHZnnrVfV/CSOusroYkw==
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:04:17 2025 by rpki-client