Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/700164-89d1-404f-af35-4ef47fc4bd7f/1/SXZ4OC3uEKLZlrHZHhNw8-yQgxA.roa
File: SXZ4OC3uEKLZlrHZHhNw8-yQgxA.roa (raw, json)
Hash identifier: vNMGO/V+wM2poBogoxX0G2VxJUoeVSJS0RUp9B01dCc=
Subject key identifier: 49:76:78:38:2D:EE:10:A2:D9:96:B1:D9:1E:13:70:F3:EC:90:83:10
Certificate issuer: /CN=af6eaeff123ca67446d0e49401e495057078e174
Certificate serial: 01949331DEFCAD22B120A7AB42BF4C3603E2
Authority key identifier: AF:6E:AE:FF:12:3C:A6:74:46:D0:E4:94:01:E4:95:05:70:78:E1:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r26u_xI8pnRG0OSUAeSVBXB44XQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/700164-89d1-404f-af35-4ef47fc4bd7f/1/SXZ4OC3uEKLZlrHZHhNw8-yQgxA.roa
Signing time: Thu 23 Jan 2025 12:45:06 +0000
ROA not before: Thu 23 Jan 2025 12:45:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30962
IP address blocks: 93.89.4.0/22 maxlen: 22
93.89.4.0/24 maxlen: 24
93.89.5.0/24 maxlen: 24
93.89.6.0/24 maxlen: 24
93.89.7.0/24 maxlen: 24
2a0b:2300::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 28 Mar 2025 09:41:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:93:31:de:fc:ad:22:b1:20:a7:ab:42:bf:4c:36:03:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af6eaeff123ca67446d0e49401e495057078e174
Validity
Not Before: Jan 23 12:45:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=497678382dee10a2d996b1d91e1370f3ec908310
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ad:41:44:e5:c7:e4:35:43:95:f2:26:23:71:
21:23:a1:5a:60:e7:41:5c:33:50:b7:1e:4b:25:d4:
c1:04:34:aa:e5:89:6b:10:51:31:b5:5f:e0:4e:ba:
83:f5:95:66:1c:2d:6f:17:5e:f9:87:39:c7:ca:49:
84:60:4c:ef:f4:b7:14:37:b0:99:62:30:b6:35:a1:
c8:14:79:64:69:43:6b:e0:61:fd:19:bb:ef:23:10:
5b:42:e8:e1:8f:63:f6:d2:ec:b6:bb:5a:5d:eb:47:
11:de:1d:ed:0e:76:6b:57:98:1c:dc:1a:80:84:34:
d8:14:ca:12:d2:58:e0:28:99:7f:6a:50:69:cc:1b:
6a:a1:3f:f2:95:3b:39:47:0b:55:36:9d:a1:37:18:
07:b0:72:02:c8:2b:af:31:54:62:88:de:53:98:b7:
15:80:e5:d7:4a:10:71:66:cd:37:88:e7:d9:15:ca:
bf:9b:75:f8:a0:b4:0d:6b:44:29:cd:2b:79:62:01:
e2:65:cd:28:e6:1e:47:cc:9c:f6:a1:f6:51:b3:f3:
34:0f:6d:f6:f6:9e:72:82:34:05:f2:6d:fd:5a:fe:
98:5b:b1:f2:54:37:4a:e0:ae:9a:04:77:59:04:b5:
81:25:70:ff:dd:8c:09:bb:ab:c8:da:ec:ff:2b:87:
e6:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:76:78:38:2D:EE:10:A2:D9:96:B1:D9:1E:13:70:F3:EC:90:83:10
X509v3 Authority Key Identifier:
keyid:AF:6E:AE:FF:12:3C:A6:74:46:D0:E4:94:01:E4:95:05:70:78:E1:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r26u_xI8pnRG0OSUAeSVBXB44XQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/700164-89d1-404f-af35-4ef47fc4bd7f/1/SXZ4OC3uEKLZlrHZHhNw8-yQgxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/700164-89d1-404f-af35-4ef47fc4bd7f/1/r26u_xI8pnRG0OSUAeSVBXB44XQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.89.4.0/22
IPv6:
2a0b:2300::/32
Signature Algorithm: sha256WithRSAEncryption
ad:f8:2d:24:42:2e:99:c6:d7:40:e7:0c:8d:8e:3e:bf:88:de:
31:77:36:ea:a4:58:08:7f:b3:d3:ec:af:38:1c:04:aa:af:63:
a5:b1:8a:a6:38:d5:b3:bc:17:76:ac:f8:78:31:15:b7:9e:00:
da:dd:c9:78:1f:e4:89:fb:1e:ff:88:73:3b:30:72:d6:c6:f1:
b5:6e:43:04:91:dc:a5:d4:e4:58:45:ba:eb:8e:f3:13:a2:2d:
58:09:da:09:f7:98:71:d6:45:29:b4:8d:3e:bd:74:d4:24:01:
93:14:5e:ad:3a:0e:b7:92:b9:db:0d:b4:59:96:b1:53:44:f3:
40:a2:94:c3:5a:7d:24:2b:bf:5e:b1:27:69:7e:55:c8:b9:6c:
b3:58:24:39:85:d9:c2:51:d5:c5:1d:84:50:19:c9:15:c2:9a:
40:6f:33:d4:3c:b0:d9:4a:ab:ba:bd:d6:0a:8f:9b:5d:c8:e4:
f5:a4:26:dc:81:a8:40:e0:49:73:63:70:3c:aa:ec:6c:58:9e:
40:85:b4:c6:d8:5e:ad:c9:c3:e3:76:da:35:e1:f4:f5:e2:9e:
d4:73:78:24:6b:ea:b2:59:b3:2e:14:4f:89:47:5c:ef:78:2e:
18:a5:4b:1e:ad:70:d5:f3:60:21:c8:e1:e4:83:f1:16:91:21:
95:51:1f:ed
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZSTMd78rSKxIKerQr9MNgPiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNmVhZWZmMTIzY2E2NzQ0NmQwZTQ5NDAxZTQ5NTA1NzA3
OGUxNzQwHhcNMjUwMTIzMTI0NTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTc2NzgzODJkZWUxMGEyZDk5NmIxZDkxZTEzNzBmM2VjOTA4MzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArq1BROXH5DVDlfImI3EhI6FaYOdB
XDNQtx5LJdTBBDSq5YlrEFExtV/gTrqD9ZVmHC1vF175hznHykmEYEzv9LcUN7CZ
YjC2NaHIFHlkaUNr4GH9GbvvIxBbQujhj2P20uy2u1pd60cR3h3tDnZrV5gc3BqA
hDTYFMoS0ljgKJl/alBpzBtqoT/ylTs5RwtVNp2hNxgHsHICyCuvMVRiiN5TmLcV
gOXXShBxZs03iOfZFcq/m3X4oLQNa0QpzSt5YgHiZc0o5h5HzJz2ofZRs/M0D232
9p5ygjQF8m39Wv6YW7HyVDdK4K6aBHdZBLWBJXD/3YwJu6vI2uz/K4fmWQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEl2eDgt7hCi2Zax2R4TcPPskIMQMB8GA1UdIwQY
MBaAFK9urv8SPKZ0RtDklAHklQVweOF0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjI2dV94SThwblJHME9TVUFlU1ZCWEI0NFhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy83MDAxNjQtODlkMS00MDRmLWFmMzUt
NGVmNDdmYzRiZDdmLzEvU1haNE9DM3VFS0xabHJIWkhoTnc4LXlRZ3hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy83MDAxNjQtODlkMS00MDRmLWFmMzUtNGVmNDdmYzRiZDdm
LzEvcjI2dV94SThwblJHME9TVUFlU1ZCWEI0NFhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCXVkEMA0E
AgACMAcDBQAqCyMAMA0GCSqGSIb3DQEBCwUAA4IBAQCt+C0kQi6ZxtdA5wyNjj6/
iN4xdzbqpFgIf7PT7K84HASqr2OlsYqmONWzvBd2rPh4MRW3ngDa3cl4H+SJ+x7/
iHM7MHLWxvG1bkMEkdyl1ORYRbrrjvMToi1YCdoJ95hx1kUptI0+vXTUJAGTFF6t
Og63krnbDbRZlrFTRPNAopTDWn0kK79esSdpflXIuWyzWCQ5hdnCUdXFHYRQGckV
wppAbzPUPLDZSqu6vdYKj5tdyOT1pCbcgahA4ElzY3A8quxsWJ5AhbTG2F6tycPj
dto14fT14p7Uc3gka+qyWbMuFE+JR1zveC4YpUserXDV82AhyOHkg/EWkSGVUR/t
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:15:39 2025 by rpki-client