Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/1-ulQDmLRYtgV682Fd6PfedSpN8o.roa
File: 1-ulQDmLRYtgV682Fd6PfedSpN8o.roa (raw, json)
Hash identifier: D5oyxPiU2J8VqPONMnlrCZx0AzzyhvedvVJitj4ABMo=
Subject key identifier: FA:E9:50:0E:62:D1:62:D8:15:EB:CD:85:77:A3:DF:79:D4:A9:37:CA
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01856BDCAB6E5631A396CC988B84FE06AF0B
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/1-ulQDmLRYtgV682Fd6PfedSpN8o.roa
Signing time: Sun 01 Jan 2023 05:45:01 +0000
ROA not before: Sun 01 Jan 2023 05:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 133296
IP address blocks: 93.120.74.0/24 maxlen: 24
93.120.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 May 2023 17:40:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:ab:6e:56:31:a3:96:cc:98:8b:84:fe:06:af:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 1 05:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fae9500e62d162d815ebcd8577a3df79d4a937ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:04:8f:48:20:ab:b1:6f:ff:2d:e3:70:8d:b2:
92:2d:56:f4:81:dc:96:83:9a:5c:93:cd:9e:85:5c:
07:08:e2:5f:13:5c:9d:4d:7f:87:67:82:4d:59:f6:
55:35:11:00:16:f2:72:9a:70:8a:3b:d2:a4:c4:43:
01:33:cc:3c:d4:81:9b:7b:2d:3f:b7:f2:f5:96:97:
2f:4e:32:5a:81:7a:dc:31:46:fc:1e:3f:3f:d6:0c:
19:13:f2:83:74:5a:c8:c5:ec:20:73:3f:01:a1:3b:
43:dd:ae:0c:27:8a:0a:51:be:83:d3:52:b8:04:14:
0d:2c:6a:8f:b0:db:55:c6:ec:84:f0:ad:d2:b5:ae:
40:60:f6:86:50:c8:6c:de:02:a3:d0:98:4d:ed:5f:
1e:7c:ef:a2:18:64:2a:6c:50:e4:6d:89:48:5d:71:
95:a3:3b:0f:98:99:45:55:42:d8:5c:ba:c3:2b:52:
00:24:b3:ff:c0:5d:47:4c:e1:e4:6f:a6:cf:0a:c0:
d9:e7:b9:f4:d9:30:7c:01:e2:c5:2e:29:c7:74:fb:
7d:38:b0:05:25:45:08:03:b8:58:a3:8d:cc:da:9b:
3b:05:c7:f3:f9:6e:eb:52:10:06:19:54:de:15:10:
b9:a6:5f:19:84:19:39:03:e4:d5:41:87:b7:f6:d6:
78:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:E9:50:0E:62:D1:62:D8:15:EB:CD:85:77:A3:DF:79:D4:A9:37:CA
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/1-ulQDmLRYtgV682Fd6PfedSpN8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.120.39.0/24
93.120.74.0/24
Signature Algorithm: sha256WithRSAEncryption
67:a2:90:9e:9f:8f:df:05:c0:8f:d4:9d:76:0a:d7:65:48:55:
91:5e:9d:e5:e9:f1:a7:7f:2b:2a:1a:07:28:dd:04:d7:6f:27:
09:ee:a3:bd:63:31:39:63:06:3d:d1:2c:4e:f6:84:62:c2:06:
e6:0c:85:96:79:99:21:da:f6:cb:f8:f5:90:4f:3b:7d:fd:5f:
42:f2:cf:c6:b3:9c:21:70:98:38:e1:ee:23:5b:0f:2b:b2:f8:
b0:5c:63:3d:20:35:3a:57:4c:a3:0d:f1:85:f0:d7:e2:bd:36:
58:38:0f:7f:3a:22:67:58:83:f2:cd:13:71:9b:aa:79:04:32:
76:7c:16:02:3b:78:4d:eb:e6:c0:1d:23:5a:cb:c5:a8:ef:ef:
45:84:dd:51:a8:1e:ef:26:b5:49:fc:2a:52:6c:26:d0:8e:a7:
ce:b5:53:51:a2:09:9f:ac:43:50:c5:cd:27:00:18:08:06:8f:
e7:9d:e3:93:03:84:63:39:cc:10:75:85:5b:32:5e:f1:9a:34:
e2:d1:30:a1:9e:a6:f0:d1:9a:83:a4:05:37:2f:77:d5:ce:80:
b7:6d:d8:db:ee:f9:03:77:cb:eb:c6:5a:08:15:63:89:a0:22:
7f:03:e4:3b:d0:fd:9a:3a:43:2e:ba:c8:9d:54:66:c8:32:a9:
00:d6:b5:15
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYVr3KtuVjGjlsyYi4T+Bq8LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwMTAxMDU0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWU5NTAwZTYyZDE2MmQ4MTVlYmNkODU3N2EzZGY3OWQ0YTkzN2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgSPSCCrsW//LeNwjbKSLVb0gdyW
g5pck82ehVwHCOJfE1ydTX+HZ4JNWfZVNREAFvJymnCKO9KkxEMBM8w81IGbey0/
t/L1lpcvTjJagXrcMUb8Hj8/1gwZE/KDdFrIxewgcz8BoTtD3a4MJ4oKUb6D01K4
BBQNLGqPsNtVxuyE8K3Sta5AYPaGUMhs3gKj0JhN7V8efO+iGGQqbFDkbYlIXXGV
ozsPmJlFVULYXLrDK1IAJLP/wF1HTOHkb6bPCsDZ57n02TB8AeLFLinHdPt9OLAF
JUUIA7hYo43M2ps7Bcfz+W7rUhAGGVTeFRC5pl8ZhBk5A+TVQYe39tZ4TQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPrpUA5i0WLYFevNhXej33nUqTfKMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvMS11bFFEbUxSWXRnVjY4MkZkNlBmZWRTcE44by5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmQvY2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2
MC8xL05KeTcxY0xQUVpYTWJzZnlIMkIxZ2FBaVRhby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAF14JwME
AF14SjANBgkqhkiG9w0BAQsFAAOCAQEAZ6KQnp+P3wXAj9SddgrXZUhVkV6d5enx
p38rKhoHKN0E128nCe6jvWMxOWMGPdEsTvaEYsIG5gyFlnmZIdr2y/j1kE87ff1f
QvLPxrOcIXCYOOHuI1sPK7L4sFxjPSA1OldMow3xhfDX4r02WDgPfzoiZ1iD8s0T
cZuqeQQydnwWAjt4TevmwB0jWsvFqO/vRYTdUage7ya1SfwqUmwm0I6nzrVTUaIJ
n6xDUMXNJwAYCAaP553jkwOEYznMEHWFWzJe8Zo04tEwoZ6m8NGag6QFNy931c6A
t23Y2+75A3fL68ZaCBVjiaAifwPkO9D9mjpDLrrInVRmyDKpANa1FQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:56 2024 by rpki-client on console-fra.rpki-client.org