Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/bQ3muY8p-4HdpojiiH_iCkNCMe4.roa
File: bQ3muY8p-4HdpojiiH_iCkNCMe4.roa (raw, json)
Hash identifier: JtPam64xn1w4A6EM7GYKgN+yVfTfKUrK8ziEhFvoDcg=
Subject key identifier: 6D:0D:E6:B9:8F:29:FB:81:DD:A6:88:E2:88:7F:E2:0A:43:42:31:EE
Certificate issuer: /CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Certificate serial: 01877EC08EB4894F0A249BFA7AFC0AD3B8A4
Authority key identifier: 00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/bQ3muY8p-4HdpojiiH_iCkNCMe4.roa
Signing time: Fri 14 Apr 2023 07:52:41 +0000
ROA not before: Fri 14 Apr 2023 07:52:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.81.182.0/24 maxlen: 24
185.81.183.0/24 maxlen: 24
93.114.61.0/24 maxlen: 24
93.114.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Apr 2023 07:48:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7e:c0:8e:b4:89:4f:0a:24:9b:fa:7a:fc:0a:d3:b8:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Validity
Not Before: Apr 14 07:52:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d0de6b98f29fb81dda688e2887fe20a434231ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:15:80:8e:d8:cf:3f:e0:bc:8d:29:f3:eb:81:
59:51:9d:ef:a0:aa:d1:ed:9c:a4:88:3b:5b:b1:7b:
fd:1f:37:21:70:54:9e:38:c3:28:94:e1:9d:9a:c2:
95:af:f5:f5:53:0f:33:f4:c7:c0:15:07:49:5c:7b:
56:41:26:e5:8a:16:ce:e2:c3:44:2b:88:6f:a9:c1:
cb:21:64:d4:78:11:06:32:d1:fa:a3:7c:f2:f2:ee:
f4:f6:a6:17:91:1f:a8:f3:72:40:ac:26:ea:69:61:
f8:81:74:f6:62:3b:80:87:00:c6:93:cb:32:74:94:
82:f5:b3:72:fd:cf:00:03:3d:7a:f2:b4:03:09:d2:
b5:cd:a9:64:48:1b:92:a9:9b:9d:26:7d:bd:66:a3:
53:b9:7e:cd:93:e8:03:32:87:71:6d:c3:4f:6d:8d:
b9:a5:d6:ca:94:e1:44:d5:04:81:c4:3a:4b:da:e7:
d9:fb:66:16:da:db:a4:3e:82:9c:cf:1e:1a:35:ff:
46:0f:94:d2:59:b9:1a:f1:29:a3:a9:8f:99:17:43:
7f:6f:df:db:ba:29:9a:2a:a0:d6:a1:f5:a6:62:0e:
93:28:a9:77:d8:79:6f:9e:88:3b:50:14:b8:bc:36:
32:63:4d:43:cc:e2:0c:8a:9a:19:dd:88:f4:52:0f:
f6:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:0D:E6:B9:8F:29:FB:81:DD:A6:88:E2:88:7F:E2:0A:43:42:31:EE
X509v3 Authority Key Identifier:
keyid:00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/bQ3muY8p-4HdpojiiH_iCkNCMe4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.114.60.0/23
185.81.182.0/23
Signature Algorithm: sha256WithRSAEncryption
96:ce:b0:51:23:14:d3:e6:c9:6d:ea:07:e0:95:2c:c2:af:ad:
48:9e:f4:2c:99:d5:ce:35:5a:8a:3b:32:57:c4:4f:a4:10:2f:
6a:77:f9:03:42:bd:59:0f:62:fc:8d:d9:4e:7b:95:4e:22:c7:
d0:f2:0c:65:25:c7:94:ee:53:80:f3:77:59:c2:6f:d4:01:0c:
7f:de:31:63:5f:2f:18:13:93:62:5c:50:d4:18:62:db:22:71:
e2:f2:c9:cb:36:ac:0f:62:4e:6d:0c:50:2a:14:ba:58:c8:7e:
2e:8f:be:f5:3e:44:8d:d3:25:0e:02:50:83:ec:75:a1:cd:1a:
7b:35:3d:a8:30:a6:52:b6:c9:fb:ed:62:da:b7:48:1d:fb:0f:
29:ac:c6:25:3c:90:55:a2:d7:8a:81:ef:4d:68:2e:60:7a:b5:
83:01:30:95:0a:1e:1d:5e:f4:4e:93:17:a9:92:27:c2:bc:82:
a1:21:ec:49:8a:a1:2f:aa:c2:cc:76:a8:2b:ec:f5:9d:ca:6e:
ee:aa:d0:48:4d:2a:80:60:39:54:26:37:e9:8b:c8:7e:9d:40:
ea:64:d9:33:0e:7c:e0:a5:ae:e4:94:d8:7f:51:2d:1d:4a:27:
d9:76:88:8a:de:ed:51:b0:46:f6:17:78:90:70:dc:4b:53:88:
98:4b:5c:74
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYd+wI60iU8KJJv6evwK07ikMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWZmNmI0ZWZmZTdjMzYzZWYyMDBmNmYzZTU4ODhiOTE1
YmE2ODEwHhcNMjMwNDE0MDc1MjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDBkZTZiOThmMjlmYjgxZGRhNjg4ZTI4ODdmZTIwYTQzNDIzMWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxWAjtjPP+C8jSnz64FZUZ3voKrR
7ZykiDtbsXv9HzchcFSeOMMolOGdmsKVr/X1Uw8z9MfAFQdJXHtWQSblihbO4sNE
K4hvqcHLIWTUeBEGMtH6o3zy8u709qYXkR+o83JArCbqaWH4gXT2YjuAhwDGk8sy
dJSC9bNy/c8AAz168rQDCdK1zalkSBuSqZudJn29ZqNTuX7Nk+gDModxbcNPbY25
pdbKlOFE1QSBxDpL2ufZ+2YW2tukPoKczx4aNf9GD5TSWbka8SmjqY+ZF0N/b9/b
uimaKqDWofWmYg6TKKl32Hlvnog7UBS4vDYyY01DzOIMipoZ3Yj0Ug/2YwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG0N5rmPKfuB3aaI4oh/4gpDQjHuMB8GA1UdIwQY
MBaAFACv9rTv/nw2PvIA9vPliIuRW6aBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMt
YTg3NzNkZTc2OGY3LzEvYlEzbXVZOHAtNEhkcG9qaWlIX2lDa05DTWU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMtYTg3NzNkZTc2OGY3
LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBXXI8AwQB
uVG2MA0GCSqGSIb3DQEBCwUAA4IBAQCWzrBRIxTT5slt6gfglSzCr61InvQsmdXO
NVqKOzJXxE+kEC9qd/kDQr1ZD2L8jdlOe5VOIsfQ8gxlJceU7lOA83dZwm/UAQx/
3jFjXy8YE5NiXFDUGGLbInHi8snLNqwPYk5tDFAqFLpYyH4uj771PkSN0yUOAlCD
7HWhzRp7NT2oMKZStsn77WLat0gd+w8prMYlPJBVoteKge9NaC5gerWDATCVCh4d
XvROkxepkifCvIKhIexJiqEvqsLMdqgr7PWdym7uqtBITSqAYDlUJjfpi8h+nUDq
ZNkzDnzgpa7klNh/US0dSifZdoiK3u1RsEb2F3iQcNxLU4iYS1x0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:55 2024 by rpki-client on console-fra.rpki-client.org