Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/60ed2d-16d5-4d0c-a947-bde6448b786c/1/l9kg5fH6e2gJMAXSt38BUGQyqp8.roa
File: l9kg5fH6e2gJMAXSt38BUGQyqp8.roa (raw, json)
Hash identifier: kg16tx8whtSaSMdkjlI2fad9rOXciqUfTNpw7V0+U5o=
Subject key identifier: 97:D9:20:E5:F1:FA:7B:68:09:30:05:D2:B7:7F:01:50:64:32:AA:9F
Certificate issuer: /CN=23ba1ec4f035a72dfa39e930ad8ec54368eb7af4
Certificate serial: 0193D6944911BA01C4F80E99438576159B2A
Authority key identifier: 23:BA:1E:C4:F0:35:A7:2D:FA:39:E9:30:AD:8E:C5:43:68:EB:7A:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I7oexPA1py36OekwrY7FQ2jrevQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/60ed2d-16d5-4d0c-a947-bde6448b786c/1/l9kg5fH6e2gJMAXSt38BUGQyqp8.roa
Signing time: Tue 17 Dec 2024 21:44:22 +0000
ROA not before: Tue 17 Dec 2024 21:44:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31234
IP address blocks: 93.157.30.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d6:94:49:11:ba:01:c4:f8:0e:99:43:85:76:15:9b:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23ba1ec4f035a72dfa39e930ad8ec54368eb7af4
Validity
Not Before: Dec 17 21:44:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97d920e5f1fa7b68093005d2b77f01506432aa9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:34:b6:6e:e9:d3:3b:f9:84:5b:73:82:ff:07:
f5:da:a4:14:96:87:ab:d1:ca:d3:f0:7b:ec:26:eb:
ac:4d:a6:9c:ad:d8:3e:9c:dd:35:49:35:8b:cf:1b:
cf:9d:3f:ae:a3:61:6f:48:42:46:7f:a2:40:0e:a4:
33:de:c7:cf:4f:e8:5e:12:7d:a3:ce:16:f3:25:8e:
96:40:59:e1:8d:61:88:f9:27:1c:48:cb:57:18:21:
08:86:68:23:a9:9c:d2:c6:34:c6:9e:4c:d0:ae:58:
70:b6:f6:1f:00:17:73:46:bd:d3:ae:49:61:47:46:
ac:e0:a5:9f:e9:e7:e3:92:b2:28:49:89:82:08:c1:
b7:b3:2b:68:ee:94:64:2b:2c:31:35:46:63:dc:61:
6e:5c:5b:ae:70:cc:c6:1f:7c:54:60:30:27:ac:d1:
54:08:01:18:f2:09:38:6d:22:89:e8:c7:e3:3c:c0:
21:50:f4:fd:3c:d6:7a:c2:bb:46:1d:b9:10:4a:f2:
8f:ed:02:1c:ed:36:b7:ef:7a:a9:69:3c:b9:2e:5c:
8f:e0:77:47:4f:96:15:50:3a:98:8b:8c:45:a1:09:
9b:10:a5:35:6a:b5:06:0b:ba:b0:07:8a:dc:42:cb:
30:0c:d6:b2:28:79:81:a1:01:59:c4:17:55:0f:5a:
98:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:D9:20:E5:F1:FA:7B:68:09:30:05:D2:B7:7F:01:50:64:32:AA:9F
X509v3 Authority Key Identifier:
keyid:23:BA:1E:C4:F0:35:A7:2D:FA:39:E9:30:AD:8E:C5:43:68:EB:7A:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I7oexPA1py36OekwrY7FQ2jrevQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/60ed2d-16d5-4d0c-a947-bde6448b786c/1/l9kg5fH6e2gJMAXSt38BUGQyqp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/60ed2d-16d5-4d0c-a947-bde6448b786c/1/I7oexPA1py36OekwrY7FQ2jrevQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.157.30.0/23
Signature Algorithm: sha256WithRSAEncryption
a6:83:3b:2a:69:2a:66:49:d3:90:52:31:de:ee:1f:b9:c6:e3:
aa:6c:b4:01:00:b3:2b:08:87:3d:1c:f8:05:33:53:48:0c:4e:
25:09:7a:f0:9b:bd:32:16:b8:06:56:71:9a:b2:cc:3a:b3:ee:
69:e0:46:d9:01:bf:e1:a4:a2:b3:03:ef:6c:25:32:07:c0:fc:
4a:91:fc:e2:c9:29:a6:f5:44:ea:a7:d2:ae:bc:1d:4f:9d:c4:
17:a3:5c:ff:ec:df:37:1c:9c:c3:ef:98:53:9e:97:ae:b6:11:
c2:41:43:c6:06:fd:43:13:9e:43:c7:2c:5b:5d:f8:69:ba:82:
af:67:57:a4:6f:d1:5f:51:0f:87:6b:52:5f:7d:39:bc:52:e4:
74:60:1e:9e:73:7f:f6:04:64:e4:d8:1d:71:03:1e:6e:a1:bb:
44:ab:62:37:ab:04:0f:b8:7a:7f:1d:5d:79:d0:0b:48:f1:66:
09:36:ea:3d:90:a9:6b:7b:5d:cc:90:11:67:a8:64:ec:ff:73:
cd:ec:4f:c7:f4:5e:e2:35:f0:df:f4:ee:a0:d1:c8:06:14:6b:
2d:7a:5f:09:0f:39:c3:00:34:72:ca:8b:f2:c2:0b:b4:b6:8d:
0b:b5:82:f9:f8:0c:d2:97:bb:4b:e6:24:fd:5e:a9:86:fe:71:
d6:ee:00:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPWlEkRugHE+A6ZQ4V2FZsqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzYmExZWM0ZjAzNWE3MmRmYTM5ZTkzMGFkOGVjNTQzNjhl
YjdhZjQwHhcNMjQxMjE3MjE0NDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2Q5MjBlNWYxZmE3YjY4MDkzMDA1ZDJiNzdmMDE1MDY0MzJhYTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjS2bunTO/mEW3OC/wf12qQUloer
0crT8HvsJuusTaacrdg+nN01STWLzxvPnT+uo2FvSEJGf6JADqQz3sfPT+heEn2j
zhbzJY6WQFnhjWGI+SccSMtXGCEIhmgjqZzSxjTGnkzQrlhwtvYfABdzRr3Trklh
R0as4KWf6efjkrIoSYmCCMG3syto7pRkKywxNUZj3GFuXFuucMzGH3xUYDAnrNFU
CAEY8gk4bSKJ6MfjPMAhUPT9PNZ6wrtGHbkQSvKP7QIc7Ta373qpaTy5LlyP4HdH
T5YVUDqYi4xFoQmbEKU1arUGC7qwB4rcQsswDNayKHmBoQFZxBdVD1qYRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJfZIOXx+ntoCTAF0rd/AVBkMqqfMB8GA1UdIwQY
MBaAFCO6HsTwNact+jnpMK2OxUNo63r0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTdvZXhQQTFweTM2T2Vrd3JZN0ZRMmpyZXZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC82MGVkMmQtMTZkNS00ZDBjLWE5NDct
YmRlNjQ0OGI3ODZjLzEvbDlrZzVmSDZlMmdKTUFYU3QzOEJVR1F5cXA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC82MGVkMmQtMTZkNS00ZDBjLWE5NDctYmRlNjQ0OGI3ODZj
LzEvSTdvZXhQQTFweTM2T2Vrd3JZN0ZRMmpyZXZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXZ0eMA0G
CSqGSIb3DQEBCwUAA4IBAQCmgzsqaSpmSdOQUjHe7h+5xuOqbLQBALMrCIc9HPgF
M1NIDE4lCXrwm70yFrgGVnGassw6s+5p4EbZAb/hpKKzA+9sJTIHwPxKkfziySmm
9UTqp9KuvB1PncQXo1z/7N83HJzD75hTnpeuthHCQUPGBv1DE55DxyxbXfhpuoKv
Z1ekb9FfUQ+Ha1JffTm8UuR0YB6ec3/2BGTk2B1xAx5uobtEq2I3qwQPuHp/HV15
0AtI8WYJNuo9kKlre13MkBFnqGTs/3PN7E/H9F7iNfDf9O6g0cgGFGstel8JDznD
ADRyyovywgu0to0LtYL5+AzSl7tL5iT9XqmG/nHW7gBT
-----END CERTIFICATE-----
Generated at Fri Apr 18 14:59:24 2025 by rpki-client