Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/86vZAQf0kb0ch4orXt6sdt-od7U.roa
File: 86vZAQf0kb0ch4orXt6sdt-od7U.roa (raw, json)
Hash identifier: 1CO8p1a1FjSIMlrndiYEs81buBCqcf5NIVLdAL/Pk9E=
Subject key identifier: F3:AB:D9:01:07:F4:91:BD:1C:87:8A:2B:5E:DE:AC:76:DF:A8:77:B5
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A187EA790D38C2A93923073EF5DE5
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/86vZAQf0kb0ch4orXt6sdt-od7U.roa
Signing time: Tue 02 Jan 2024 12:33:25 +0000
ROA not before: Tue 02 Jan 2024 12:33:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57562
IP address blocks: 93.171.166.0/24 maxlen: 24
93.171.166.0/23 maxlen: 24
93.171.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Aug 2024 14:38:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:18:7e:a7:90:d3:8c:2a:93:92:30:73:ef:5d:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3abd90107f491bd1c878a2b5edeac76dfa877b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:3c:fa:1d:8b:01:04:1f:ee:58:30:5f:ae:9c:
77:db:28:e6:6d:9b:bb:10:d8:1b:02:13:de:cc:93:
bb:2c:4b:3f:45:68:76:db:fe:b3:c9:ca:dc:a8:4c:
b5:6a:83:4b:a3:ec:a9:01:20:b8:71:97:d8:18:01:
7f:a6:d9:55:3d:17:70:a5:c8:f6:ac:c0:e6:9c:cc:
f7:7d:71:b0:bd:a2:5e:84:e5:91:fe:0f:b9:61:f0:
fd:d8:64:93:52:41:80:53:de:5b:2f:d6:28:d1:1c:
fc:9e:b5:da:89:bb:32:66:e3:42:26:e6:ae:31:76:
3a:62:68:76:98:18:f6:c2:1c:30:4b:5e:5b:67:46:
87:f9:a5:b2:9b:d4:3a:50:76:6b:12:ae:cd:7c:70:
11:26:71:9b:c1:ef:4c:c1:65:0d:da:6c:71:4e:d7:
69:44:73:e0:c7:ba:2f:07:2c:30:67:b1:c2:c5:a3:
5e:64:05:f5:6c:2c:f1:3b:a7:67:ad:99:5d:11:bd:
5e:81:2c:4d:9f:1d:a9:49:5f:7a:be:e9:4f:9a:73:
95:c9:51:47:58:91:0b:6e:2e:a5:5a:44:fb:54:93:
d6:f6:5d:e5:3f:5c:fe:ed:62:13:d0:79:9b:3f:9a:
7b:64:b3:99:cd:e7:b0:72:56:b8:8d:73:fc:34:a1:
7d:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:AB:D9:01:07:F4:91:BD:1C:87:8A:2B:5E:DE:AC:76:DF:A8:77:B5
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/86vZAQf0kb0ch4orXt6sdt-od7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.171.166.0/23
Signature Algorithm: sha256WithRSAEncryption
69:d7:27:cd:cc:31:20:39:39:ec:d7:95:bd:db:e3:19:1b:fd:
d4:b5:86:55:4c:8c:df:0d:44:c8:25:ff:6b:ec:bf:36:ef:a8:
18:53:1a:e6:e8:e5:04:b7:fa:02:df:b9:6b:39:b5:1d:12:7b:
c6:3c:f8:01:88:e2:78:56:77:89:65:b6:57:ae:43:6d:b5:6c:
0d:e9:7b:ff:12:4c:db:5a:4f:dd:61:33:65:bd:ff:a1:d2:95:
59:f9:fb:0b:9b:ab:e9:f2:09:0e:b4:3c:18:ae:b5:18:d5:90:
4c:b3:8e:d1:26:03:85:b5:07:61:51:6a:df:9a:8f:5f:40:2d:
64:d3:ea:eb:8b:04:2d:c1:10:d4:76:81:8f:3a:04:96:51:95:
d8:71:a4:c0:86:24:72:0d:cc:31:ff:ec:a4:a0:a0:1d:c3:8d:
da:95:86:e4:db:fd:e9:65:4d:8d:f0:bd:43:00:88:9d:39:95:
30:8c:72:66:cb:51:c2:6f:7a:d1:4c:2a:e0:36:e4:ee:23:89:
ce:04:ca:fb:67:50:fe:9b:6d:61:07:ad:3a:b1:51:a0:2b:62:
e4:8c:12:ce:84:28:ca:1f:49:45:d9:90:dc:3c:e4:cb:71:24:
8c:7a:95:38:db:eb:e6:ea:43:07:79:0c:c5:9f:94:8f:dd:2c:
97:c9:18:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKhh+p5DTjCqTkjBz713lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2FiZDkwMTA3ZjQ5MWJkMWM4NzhhMmI1ZWRlYWM3NmRmYTg3N2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDz6HYsBBB/uWDBfrpx32yjmbZu7
ENgbAhPezJO7LEs/RWh22/6zycrcqEy1aoNLo+ypASC4cZfYGAF/ptlVPRdwpcj2
rMDmnMz3fXGwvaJehOWR/g+5YfD92GSTUkGAU95bL9Yo0Rz8nrXaibsyZuNCJuau
MXY6Ymh2mBj2whwwS15bZ0aH+aWym9Q6UHZrEq7NfHARJnGbwe9MwWUN2mxxTtdp
RHPgx7ovBywwZ7HCxaNeZAX1bCzxO6dnrZldEb1egSxNnx2pSV96vulPmnOVyVFH
WJELbi6lWkT7VJPW9l3lP1z+7WIT0HmbP5p7ZLOZzeewcla4jXP8NKF9yQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPOr2QEH9JG9HIeKK17erHbfqHe1MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvODZ2WkFRZjBrYjBjaDRvclh0NnNkdC1vZDdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXaumMA0G
CSqGSIb3DQEBCwUAA4IBAQBp1yfNzDEgOTns15W92+MZG/3UtYZVTIzfDUTIJf9r
7L8276gYUxrm6OUEt/oC37lrObUdEnvGPPgBiOJ4VneJZbZXrkNttWwN6Xv/Ekzb
Wk/dYTNlvf+h0pVZ+fsLm6vp8gkOtDwYrrUY1ZBMs47RJgOFtQdhUWrfmo9fQC1k
0+rriwQtwRDUdoGPOgSWUZXYcaTAhiRyDcwx/+ykoKAdw43alYbk2/3pZU2N8L1D
AIidOZUwjHJmy1HCb3rRTCrgNuTuI4nOBMr7Z1D+m21hB606sVGgK2LkjBLOhCjK
H0lF2ZDcPOTLcSSMepU42+vm6kMHeQzFn5SP3SyXyRgw
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:58:28 2025 by rpki-client