Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/60ed2d-16d5-4d0c-a947-bde6448b786c/1/irERtg25dhDwt5qH1lIKuMtxbfk.roa
File: irERtg25dhDwt5qH1lIKuMtxbfk.roa (raw, json)
Hash identifier: erCX82sdx/WMHJiqugPEGhquFNSPEmNiwRpr701zQe8=
Subject key identifier: 8A:B1:11:B6:0D:B9:76:10:F0:B7:9A:87:D6:52:0A:B8:CB:71:6D:F9
Certificate issuer: /CN=23ba1ec4f035a72dfa39e930ad8ec54368eb7af4
Certificate serial: 019420D5AB0856DE94BA740513C6BBA6BF01
Authority key identifier: 23:BA:1E:C4:F0:35:A7:2D:FA:39:E9:30:AD:8E:C5:43:68:EB:7A:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I7oexPA1py36OekwrY7FQ2jrevQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/60ed2d-16d5-4d0c-a947-bde6448b786c/1/irERtg25dhDwt5qH1lIKuMtxbfk.roa
Signing time: Wed 01 Jan 2025 07:47:41 +0000
ROA not before: Wed 01 Jan 2025 07:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31234
IP address blocks: 93.157.30.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 21:19:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:ab:08:56:de:94:ba:74:05:13:c6:bb:a6:bf:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23ba1ec4f035a72dfa39e930ad8ec54368eb7af4
Validity
Not Before: Jan 1 07:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ab111b60db97610f0b79a87d6520ab8cb716df9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:05:a6:c0:18:3d:7c:b9:12:87:6f:92:8b:bd:
6e:f0:7a:19:47:8b:36:09:54:bd:8a:14:a5:b2:59:
49:c7:a8:b0:9d:e3:f2:81:d4:a3:1b:65:ab:e9:13:
58:da:f1:9c:49:90:b7:86:c8:7e:6a:ff:d7:39:76:
66:59:94:2f:b6:a0:b7:b9:18:81:27:e4:b9:60:f6:
48:2c:d6:a0:69:e5:6f:a7:9f:3a:10:4c:e1:1b:c3:
8a:f8:85:29:31:c4:af:2f:05:8c:bc:22:d1:67:08:
ea:5b:42:05:72:13:a0:58:e6:ef:22:f8:f9:2a:1e:
91:0f:59:ad:41:d1:ac:30:d7:17:ca:93:5e:22:d0:
35:e8:35:d8:ab:a8:a4:48:65:16:1f:f1:35:84:66:
d0:9c:b0:0e:41:a7:d3:7e:4e:7d:a9:e0:09:b9:40:
76:f2:8e:c8:3d:a2:74:ca:ca:39:c9:cd:f2:9d:56:
36:37:36:5c:06:21:36:ab:24:21:40:7c:f1:cf:23:
81:e6:0d:24:34:9d:0d:3c:d2:5a:9d:0e:b4:f5:0a:
91:3c:aa:08:eb:53:77:e6:e3:a8:6a:08:af:bf:ad:
a7:4f:e3:b4:62:15:20:13:60:ef:17:ca:14:3b:77:
bb:26:31:f5:b4:e1:f1:53:f8:eb:07:5f:97:d3:21:
db:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:B1:11:B6:0D:B9:76:10:F0:B7:9A:87:D6:52:0A:B8:CB:71:6D:F9
X509v3 Authority Key Identifier:
keyid:23:BA:1E:C4:F0:35:A7:2D:FA:39:E9:30:AD:8E:C5:43:68:EB:7A:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I7oexPA1py36OekwrY7FQ2jrevQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/60ed2d-16d5-4d0c-a947-bde6448b786c/1/irERtg25dhDwt5qH1lIKuMtxbfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/60ed2d-16d5-4d0c-a947-bde6448b786c/1/I7oexPA1py36OekwrY7FQ2jrevQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.157.30.0/23
Signature Algorithm: sha256WithRSAEncryption
91:04:8c:33:db:be:a1:30:33:2b:af:7d:04:b0:03:25:e7:48:
f8:bc:82:2d:61:42:fc:f9:d7:e0:d4:53:61:85:e1:0f:9d:28:
28:1b:9d:27:61:f1:02:a4:23:bf:c3:cc:59:26:d7:08:7b:8e:
3f:0f:5c:21:f6:1d:28:b5:b0:70:39:81:63:51:e8:f5:b7:a7:
37:4b:86:db:79:ba:ee:60:13:fe:92:0f:c2:c9:a2:02:1e:c1:
4f:fe:62:ba:c0:2a:6f:70:0e:22:40:70:ed:28:53:34:f7:b1:
24:ed:9d:d3:65:e8:8a:cf:19:d0:75:65:23:18:ce:b3:2b:03:
f2:c2:7b:3f:d4:b2:be:44:27:28:dd:af:ae:23:e4:a5:aa:f3:
43:93:48:59:ce:9b:d8:8f:24:54:7a:bb:4f:79:5d:0d:7d:88:
79:fa:5a:9b:19:a3:8e:0e:dd:8a:c1:16:4d:c3:b6:f7:c6:d9:
87:ee:6c:3b:e6:f1:d1:54:1d:c6:2f:df:36:ff:87:a8:72:92:
a3:70:88:ea:c7:b4:89:92:2a:63:f4:5d:31:d1:8c:a4:f6:37:
76:c1:cf:7c:97:35:0d:50:5f:b9:69:f2:f8:32:ad:fc:61:52:
0c:fc:08:99:21:a7:83:93:56:06:f6:e3:e4:2b:aa:dc:c1:67:
33:5b:09:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1asIVt6UunQFE8a7pr8BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzYmExZWM0ZjAzNWE3MmRmYTM5ZTkzMGFkOGVjNTQzNjhl
YjdhZjQwHhcNMjUwMTAxMDc0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWIxMTFiNjBkYjk3NjEwZjBiNzlhODdkNjUyMGFiOGNiNzE2ZGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQWmwBg9fLkSh2+Si71u8HoZR4s2
CVS9ihSlsllJx6iwnePygdSjG2Wr6RNY2vGcSZC3hsh+av/XOXZmWZQvtqC3uRiB
J+S5YPZILNagaeVvp586EEzhG8OK+IUpMcSvLwWMvCLRZwjqW0IFchOgWObvIvj5
Kh6RD1mtQdGsMNcXypNeItA16DXYq6ikSGUWH/E1hGbQnLAOQafTfk59qeAJuUB2
8o7IPaJ0yso5yc3ynVY2NzZcBiE2qyQhQHzxzyOB5g0kNJ0NPNJanQ609QqRPKoI
61N35uOoagivv62nT+O0YhUgE2DvF8oUO3e7JjH1tOHxU/jrB1+X0yHb1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIqxEbYNuXYQ8Leah9ZSCrjLcW35MB8GA1UdIwQY
MBaAFCO6HsTwNact+jnpMK2OxUNo63r0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTdvZXhQQTFweTM2T2Vrd3JZN0ZRMmpyZXZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC82MGVkMmQtMTZkNS00ZDBjLWE5NDct
YmRlNjQ0OGI3ODZjLzEvaXJFUnRnMjVkaER3dDVxSDFsSUt1TXR4YmZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC82MGVkMmQtMTZkNS00ZDBjLWE5NDctYmRlNjQ0OGI3ODZj
LzEvSTdvZXhQQTFweTM2T2Vrd3JZN0ZRMmpyZXZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXZ0eMA0G
CSqGSIb3DQEBCwUAA4IBAQCRBIwz276hMDMrr30EsAMl50j4vIItYUL8+dfg1FNh
heEPnSgoG50nYfECpCO/w8xZJtcIe44/D1wh9h0otbBwOYFjUej1t6c3S4bbebru
YBP+kg/CyaICHsFP/mK6wCpvcA4iQHDtKFM097Ek7Z3TZeiKzxnQdWUjGM6zKwPy
wns/1LK+RCco3a+uI+SlqvNDk0hZzpvYjyRUertPeV0NfYh5+lqbGaOODt2KwRZN
w7b3xtmH7mw75vHRVB3GL982/4eocpKjcIjqx7SJkipj9F0x0Yyk9jd2wc98lzUN
UF+5afL4Mq38YVIM/AiZIaeDk1YG9uPkK6rcwWczWwk+
-----END CERTIFICATE-----
Generated at Thu Apr 17 20:01:42 2025 by rpki-client