Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/4CDEcaXUc5wfwVjnUidoimQmmKI.roa
File: 4CDEcaXUc5wfwVjnUidoimQmmKI.roa (raw, json)
Hash identifier: /2ueyaea14PiNXSjbXDOqHw4VhQ9O6cxYasB7Jfgvsg=
Subject key identifier: E0:20:C4:71:A5:D4:73:9C:1F:C1:58:E7:52:27:68:8A:64:26:98:A2
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019309715433A6EC3E5990E87F5F3A03933E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/4CDEcaXUc5wfwVjnUidoimQmmKI.roa
Signing time: Fri 08 Nov 2024 01:44:02 +0000
ROA not before: Fri 08 Nov 2024 01:44:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 93.88.203.0/24 maxlen: 24
2a0e:97c0:411::/48 maxlen: 48
2a0e:97c0:8e0::/48 maxlen: 48
2a0e:b107:19a0::/48 maxlen: 48
2a0e:b107:1a63::/48 maxlen: 48
2a0e:b107:1a64::/48 maxlen: 48
2a0e:b107:2880::/46 maxlen: 48
Validation: Failed, certificate revoked on Sun 10 Nov 2024 07:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:09:71:54:33:a6:ec:3e:59:90:e8:7f:5f:3a:03:93:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 8 01:44:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e020c471a5d4739c1fc158e75227688a642698a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:4f:ee:09:70:cd:61:3a:8d:1c:5d:cd:ee:52:
0c:56:60:3a:0d:91:53:60:bd:b6:65:59:2f:c8:16:
12:c4:d6:6b:09:12:3f:c0:2a:81:a7:ba:af:75:a6:
51:aa:9d:31:43:ea:5a:af:97:f6:34:31:e5:4b:2f:
6a:8a:ba:75:7d:6e:8e:47:63:37:a0:7c:9d:6f:24:
46:d5:81:f0:ff:f3:dd:b6:04:6d:3c:9b:64:87:78:
4a:2b:c5:8d:76:aa:e8:94:b5:a0:75:29:15:36:18:
e8:70:0c:16:ee:ec:b2:19:ba:fb:54:68:0c:24:5c:
a1:9c:33:46:9a:20:de:c9:5e:c2:62:59:91:07:b1:
0f:a6:2c:ea:cf:db:9b:4b:80:a1:86:bd:a5:7b:0c:
0a:05:f9:30:e6:ba:c0:56:7a:70:7e:a3:4f:d0:f6:
e0:67:e9:e9:b8:bc:9a:72:86:3c:da:7c:30:b6:4c:
ab:82:44:49:02:64:08:1f:9f:d0:44:aa:eb:be:36:
3e:d9:25:7f:42:b9:42:a0:20:a8:74:83:8a:06:9a:
d7:3b:27:d8:2d:f2:fc:f5:93:34:d2:e8:2c:5a:1b:
47:d9:05:72:01:4c:f4:48:95:e6:89:c6:7f:4a:bd:
36:c5:38:0e:a0:95:6f:0d:70:0c:2c:ff:de:3f:40:
1a:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:20:C4:71:A5:D4:73:9C:1F:C1:58:E7:52:27:68:8A:64:26:98:A2
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/4CDEcaXUc5wfwVjnUidoimQmmKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.88.203.0/24
IPv6:
2a0e:97c0:411::/48
2a0e:97c0:8e0::/48
2a0e:b107:19a0::/48
2a0e:b107:1a63::-2a0e:b107:1a64:ffff:ffff:ffff:ffff:ffff
2a0e:b107:2880::/46
Signature Algorithm: sha256WithRSAEncryption
c9:f4:26:57:5b:29:82:40:61:02:65:8d:4f:77:dd:08:34:08:
a1:17:08:79:45:f1:d0:45:07:1a:cd:43:05:6e:21:ec:b3:aa:
94:72:0e:c9:8d:07:16:74:7c:22:34:2a:45:74:0f:a2:ca:7b:
13:25:f2:60:dc:4d:71:e4:5a:c5:b1:ec:4c:37:4b:59:68:99:
8b:23:ad:c2:dd:75:d6:20:15:51:68:95:37:dc:83:7a:7b:ed:
7a:8a:82:ed:2b:61:f6:f8:c3:dc:da:18:ca:8f:42:13:09:e1:
c5:cc:56:a1:a2:2f:4a:5d:62:52:14:c7:3a:70:9d:bc:9f:75:
94:c9:90:c1:2b:0e:77:c6:24:36:c9:43:d1:6f:c1:20:63:7f:
62:a2:14:c5:1d:85:fd:60:85:84:d2:8d:b7:db:08:3e:f8:70:
5b:cf:76:b1:95:94:30:c8:25:83:91:1c:48:f7:8e:09:7c:52:
3d:dd:8b:30:70:8f:0d:05:44:16:5b:a6:43:e8:ab:11:b5:ef:
53:c3:cb:0b:22:40:d2:a7:d9:a8:f5:d1:76:76:c5:af:cd:79:
7f:54:85:10:7f:d8:99:47:10:1e:6f:3f:62:53:e0:e1:bc:78:
24:a4:87:03:49:0d:7c:4d:1b:c1:ec:00:89:d7:72:44:bc:ee:
f9:db:85:ef
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZMJcVQzpuw+WZDof186A5M+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQxMTA4MDE0NDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDIwYzQ3MWE1ZDQ3MzljMWZjMTU4ZTc1MjI3Njg4YTY0MjY5OGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0k/uCXDNYTqNHF3N7lIMVmA6DZFT
YL22ZVkvyBYSxNZrCRI/wCqBp7qvdaZRqp0xQ+par5f2NDHlSy9qirp1fW6OR2M3
oHydbyRG1YHw//PdtgRtPJtkh3hKK8WNdqrolLWgdSkVNhjocAwW7uyyGbr7VGgM
JFyhnDNGmiDeyV7CYlmRB7EPpizqz9ubS4Chhr2lewwKBfkw5rrAVnpwfqNP0Pbg
Z+npuLyacoY82nwwtkyrgkRJAmQIH5/QRKrrvjY+2SV/QrlCoCCodIOKBprXOyfY
LfL89ZM00ugsWhtH2QVyAUz0SJXmicZ/Sr02xTgOoJVvDXAMLP/eP0AafQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFOAgxHGl1HOcH8FY51InaIpkJpiiMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvNENERWNhWFVjNXdmd1ZqblVpZG9pbVFtbUtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjAMBAIAATAGAwQAXVjLMD4E
AgACMDgDBwAqDpfABBEDBwAqDpfACOADBwAqDrEHGaAwEgMHACoOsQcaYwMHACoO
sQcaZAMHAioOsQcogDANBgkqhkiG9w0BAQsFAAOCAQEAyfQmV1spgkBhAmWNT3fd
CDQIoRcIeUXx0EUHGs1DBW4h7LOqlHIOyY0HFnR8IjQqRXQPosp7EyXyYNxNceRa
xbHsTDdLWWiZiyOtwt111iAVUWiVN9yDenvteoqC7Sth9vjD3NoYyo9CEwnhxcxW
oaIvSl1iUhTHOnCdvJ91lMmQwSsOd8YkNslD0W/BIGN/YqIUxR2F/WCFhNKNt9sI
PvhwW892sZWUMMglg5EcSPeOCXxSPd2LMHCPDQVEFlumQ+irEbXvU8PLCyJA0qfZ
qPXRdnbFr815f1SFEH/YmUcQHm8/YlPg4bx4JKSHA0kNfE0bwewAiddyRLzu+duF
7w==
-----END CERTIFICATE-----
Generated at Sun Nov 10 09:36:25 2024 by rpki-client on console-fra.rpki-client.org