Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/23f7c4-6e3b-4fda-931b-062aed51381c/1/SqxORfzrjnDlaurJrskRZgFU7EM.roa
File: SqxORfzrjnDlaurJrskRZgFU7EM.roa (raw, json)
Hash identifier: ZymDLycRuUJKgr8w77xt7EAWR6y2oQQneb9GLxu6Vns=
Subject key identifier: 4A:AC:4E:45:FC:EB:8E:70:E5:6A:EA:C9:AE:C9:11:66:01:54:EC:43
Certificate issuer: /CN=2ccb9b89bc0bc21752474e650dc34f069da5c0b3
Certificate serial: 018CCA2A2BCFDF4F0082EE7BB51EF7B03A55
Authority key identifier: 2C:CB:9B:89:BC:0B:C2:17:52:47:4E:65:0D:C3:4F:06:9D:A5:C0:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LMubibwLwhdSR05lDcNPBp2lwLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/23f7c4-6e3b-4fda-931b-062aed51381c/1/SqxORfzrjnDlaurJrskRZgFU7EM.roa
Signing time: Tue 02 Jan 2024 12:33:30 +0000
ROA not before: Tue 02 Jan 2024 12:33:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12773
IP address blocks: 93.157.13.0/24 maxlen: 24
93.157.12.0/24 maxlen: 24
93.157.15.0/24 maxlen: 24
93.157.14.0/24 maxlen: 24
193.254.232.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:49:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:2b:cf:df:4f:00:82:ee:7b:b5:1e:f7:b0:3a:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ccb9b89bc0bc21752474e650dc34f069da5c0b3
Validity
Not Before: Jan 2 12:33:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4aac4e45fceb8e70e56aeac9aec911660154ec43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ff:68:03:59:c2:a6:de:ab:2e:ce:5a:81:5c:
bb:e7:a2:71:4d:39:3a:21:19:51:75:91:c3:71:5a:
3d:37:56:3a:7a:8e:05:35:7e:9f:2b:18:20:9a:54:
a9:33:6b:da:b6:7c:56:63:e4:9f:af:88:45:d0:73:
20:be:29:07:2e:fb:46:74:66:7a:c8:ce:1d:47:fc:
bb:26:4a:1c:d9:5d:fe:b6:39:4f:2f:76:5b:7a:53:
04:e0:09:eb:2e:b3:dd:41:cd:d6:29:33:23:08:17:
d9:f1:8b:d2:49:ef:22:de:53:72:74:63:e7:e3:0c:
f9:c0:db:9a:e4:4d:7b:da:4a:5f:8d:a8:fc:7a:91:
4e:11:15:f4:40:3f:ad:45:44:9a:49:a6:e2:ce:ba:
c9:9b:dd:08:11:3a:3c:a2:fd:ff:2e:10:f5:d4:3a:
73:e1:b1:92:42:c9:d1:b6:1a:19:98:23:21:a6:e0:
2f:0b:3f:e8:5e:03:51:3a:63:86:c6:26:ce:7a:61:
0d:19:06:33:4f:eb:4e:43:83:dc:fe:0b:69:77:af:
01:00:65:b4:17:60:65:79:37:52:1a:47:39:94:a6:
f4:2c:8e:c8:5d:97:53:09:c6:a3:ba:c8:78:68:20:
8c:a2:8d:eb:02:50:c8:15:24:a0:bd:01:2e:00:fe:
28:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:AC:4E:45:FC:EB:8E:70:E5:6A:EA:C9:AE:C9:11:66:01:54:EC:43
X509v3 Authority Key Identifier:
keyid:2C:CB:9B:89:BC:0B:C2:17:52:47:4E:65:0D:C3:4F:06:9D:A5:C0:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LMubibwLwhdSR05lDcNPBp2lwLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/23f7c4-6e3b-4fda-931b-062aed51381c/1/SqxORfzrjnDlaurJrskRZgFU7EM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/23f7c4-6e3b-4fda-931b-062aed51381c/1/LMubibwLwhdSR05lDcNPBp2lwLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.157.12.0/22
193.254.232.0/23
Signature Algorithm: sha256WithRSAEncryption
77:4d:86:c3:9a:9b:ba:bb:ff:ea:9f:63:fc:f6:28:b1:c3:70:
3e:3e:fd:18:a3:92:6b:b3:fb:f0:96:9c:cb:a7:b1:67:10:af:
27:27:40:73:8b:19:f3:80:a2:ab:d1:a2:89:6b:99:11:2a:c8:
d4:e6:e1:a7:f9:bc:80:c6:65:39:ca:73:7f:41:ee:dc:a3:13:
ef:1d:ad:09:c8:02:fa:48:4c:b8:9c:e4:3d:c8:a2:68:9d:87:
71:b5:2e:61:86:68:f7:8e:5b:55:5b:dc:53:9c:90:9c:87:46:
32:df:5a:0a:9a:06:48:f9:9d:30:c1:f3:23:4c:4a:09:29:ef:
e7:0e:23:c2:ce:86:2a:6d:c5:85:57:69:f7:84:e1:eb:65:e3:
b2:85:fb:9b:b3:cf:82:36:82:80:4c:52:40:d0:29:03:62:6c:
cd:a7:95:da:ed:a4:bb:1b:85:8b:fe:f1:52:a3:3d:40:fa:f7:
03:b5:0f:3b:b5:47:77:c6:c5:81:cb:c1:7f:38:3d:05:39:e8:
bd:00:5c:ca:15:fb:5f:72:0d:17:a7:32:97:1e:ea:7a:99:ec:
e2:c8:6e:22:27:86:a8:12:f6:5a:77:3a:fd:61:e6:78:fa:c4:
2c:9a:d6:b5:28:31:97:f1:2b:e6:35:ac:d2:e9:71:bb:9f:ff:
09:b1:01:93
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKivP308Agu57tR73sDpVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjY2I5Yjg5YmMwYmMyMTc1MjQ3NGU2NTBkYzM0ZjA2OWRh
NWMwYjMwHhcNMjQwMTAyMTIzMzMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWFjNGU0NWZjZWI4ZTcwZTU2YWVhYzlhZWM5MTE2NjAxNTRlYzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkf9oA1nCpt6rLs5agVy756JxTTk6
IRlRdZHDcVo9N1Y6eo4FNX6fKxggmlSpM2vatnxWY+Sfr4hF0HMgvikHLvtGdGZ6
yM4dR/y7Jkoc2V3+tjlPL3ZbelME4AnrLrPdQc3WKTMjCBfZ8YvSSe8i3lNydGPn
4wz5wNua5E172kpfjaj8epFOERX0QD+tRUSaSabizrrJm90IETo8ov3/LhD11Dpz
4bGSQsnRthoZmCMhpuAvCz/oXgNROmOGxibOemENGQYzT+tOQ4Pc/gtpd68BAGW0
F2BleTdSGkc5lKb0LI7IXZdTCcajush4aCCMoo3rAlDIFSSgvQEuAP4oNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEqsTkX8645w5Wrqya7JEWYBVOxDMB8GA1UdIwQY
MBaAFCzLm4m8C8IXUkdOZQ3DTwadpcCzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTE11Ymlid0x3aGRTUjA1bERjTlBCcDJsd0xNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8yM2Y3YzQtNmUzYi00ZmRhLTkzMWIt
MDYyYWVkNTEzODFjLzEvU3F4T1JmenJqbkRsYXVySnJza1JaZ0ZVN0VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8yM2Y3YzQtNmUzYi00ZmRhLTkzMWItMDYyYWVkNTEzODFj
LzEvTE11Ymlid0x3aGRTUjA1bERjTlBCcDJsd0xNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXZ0MAwQB
wf7oMA0GCSqGSIb3DQEBCwUAA4IBAQB3TYbDmpu6u//qn2P89iixw3A+Pv0Yo5Jr
s/vwlpzLp7FnEK8nJ0BzixnzgKKr0aKJa5kRKsjU5uGn+byAxmU5ynN/Qe7coxPv
Ha0JyAL6SEy4nOQ9yKJonYdxtS5hhmj3jltVW9xTnJCch0Yy31oKmgZI+Z0wwfMj
TEoJKe/nDiPCzoYqbcWFV2n3hOHrZeOyhfubs8+CNoKATFJA0CkDYmzNp5Xa7aS7
G4WL/vFSoz1A+vcDtQ87tUd3xsWBy8F/OD0FOei9AFzKFftfcg0XpzKXHup6mezi
yG4iJ4aoEvZadzr9YeZ4+sQsmta1KDGX8SvmNazS6XG7n/8JsQGT
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:06 2025 by rpki-client