Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/9CNz8NTAMu0_3THwfEgZ4eoff88.roa
File: 9CNz8NTAMu0_3THwfEgZ4eoff88.roa (raw, json)
Hash identifier: quh+So4NdkVrzWXSUfrMjxA2bKcsGJ/lvUYT2gw748Q=
Subject key identifier: F4:23:73:F0:D4:C0:32:ED:3F:DD:31:F0:7C:48:19:E1:EA:1F:7F:CF
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01857095A52F0A133BB090A79C90A3C33540
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/9CNz8NTAMu0_3THwfEgZ4eoff88.roa
Signing time: Mon 02 Jan 2023 03:45:33 +0000
ROA not before: Mon 02 Jan 2023 03:45:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208038
IP address blocks: 93.170.122.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:a5:2f:0a:13:3b:b0:90:a7:9c:90:a3:c3:35:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f42373f0d4c032ed3fdd31f07c4819e1ea1f7fcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:c5:b9:37:fb:07:72:aa:30:3e:65:c8:c9:ad:
84:0d:d6:78:b0:ef:13:0d:f0:9a:05:a9:81:ab:ee:
eb:f0:80:b8:25:d9:77:d8:c5:2a:28:ee:3c:8f:21:
dd:69:21:2d:fe:3f:66:43:9f:d8:85:41:47:bf:5d:
08:76:bb:f8:08:51:0d:2c:b2:67:9f:f4:b6:d0:d7:
c5:3e:14:d3:34:99:27:31:89:7f:92:e6:39:05:a3:
db:a5:2c:2b:43:0c:0e:b5:f7:98:79:72:5d:6b:60:
e4:5d:91:91:f2:7a:8a:eb:a3:e3:1f:af:72:ef:dc:
84:03:a8:ca:84:c7:ab:9a:fa:5c:a4:2d:34:d4:63:
39:6b:88:fe:03:e6:36:b5:43:2e:0e:3f:f4:b2:72:
4e:c9:0b:f6:20:ab:b7:4c:c4:5f:8e:21:82:1b:43:
c0:0a:31:4e:74:a9:17:66:89:8a:16:b7:cb:b8:a0:
94:93:1b:ff:6d:f6:5b:c7:71:14:f2:1d:54:0d:ff:
73:33:85:e8:2a:b4:6f:02:49:f6:e8:41:67:f7:81:
6c:b3:47:17:b6:8d:a8:bd:a1:63:f2:5e:fb:ed:97:
c4:5a:82:b9:c9:ed:16:19:1d:ff:8f:09:05:62:07:
de:09:9c:f5:4f:ea:a1:89:af:91:6c:60:ab:3b:40:
12:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:23:73:F0:D4:C0:32:ED:3F:DD:31:F0:7C:48:19:E1:EA:1F:7F:CF
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/9CNz8NTAMu0_3THwfEgZ4eoff88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.122.0/24
Signature Algorithm: sha256WithRSAEncryption
58:fb:9e:a5:84:ee:11:45:17:47:2f:95:c1:4f:c4:4f:54:ce:
6b:c9:41:91:24:9f:ed:1b:27:9e:ec:4a:46:3a:61:0c:45:c6:
a3:14:8a:42:68:65:1d:c7:e8:63:91:c6:b6:81:94:4d:25:2f:
c2:1e:9a:51:74:1d:00:d1:e4:c6:83:a3:08:3d:c2:5b:e7:a1:
15:16:a5:b3:c5:77:90:3c:af:b5:4d:10:8c:b9:fb:6b:a5:6a:
ef:71:5a:14:b4:1a:46:8b:66:2b:b6:a7:aa:61:eb:f1:44:0e:
f3:4d:d8:ad:21:c2:41:7b:41:9e:a2:b7:d4:c8:c2:0b:5d:89:
f1:94:3b:00:90:10:78:6d:d4:de:6a:e7:ec:5b:0b:93:08:ed:
03:9f:ed:ae:68:be:c8:28:0b:e7:fd:c7:23:be:c6:c9:b0:96:
69:48:ce:5f:22:04:3a:25:8a:4f:25:a3:72:06:9f:07:a5:89:
5a:12:69:c6:6e:d5:cc:e2:f4:fc:bc:c3:24:f6:4a:88:e0:0c:
ff:e1:69:59:84:a8:b1:02:f7:df:11:b4:70:60:51:19:e1:c6:
9b:c0:8d:57:47:2a:f8:ce:ea:79:58:28:6b:63:1c:8d:0d:77:
ad:80:81:ac:2d:23:5a:b0:70:17:99:e5:64:f9:1e:c1:f9:3d:
6f:d1:bb:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwlaUvChM7sJCnnJCjwzVAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDIzNzNmMGQ0YzAzMmVkM2ZkZDMxZjA3YzQ4MTllMWVhMWY3ZmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcW5N/sHcqowPmXIya2EDdZ4sO8T
DfCaBamBq+7r8IC4Jdl32MUqKO48jyHdaSEt/j9mQ5/YhUFHv10Idrv4CFENLLJn
n/S20NfFPhTTNJknMYl/kuY5BaPbpSwrQwwOtfeYeXJda2DkXZGR8nqK66PjH69y
79yEA6jKhMermvpcpC001GM5a4j+A+Y2tUMuDj/0snJOyQv2IKu3TMRfjiGCG0PA
CjFOdKkXZomKFrfLuKCUkxv/bfZbx3EU8h1UDf9zM4XoKrRvAkn26EFn94Fss0cX
to2ovaFj8l777ZfEWoK5ye0WGR3/jwkFYgfeCZz1T+qhia+RbGCrO0ASHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPQjc/DUwDLtP90x8HxIGeHqH3/PMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvOUNOejhOVEFNdTBfM1RId2ZFZ1o0ZW9mZjg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXap6MA0G
CSqGSIb3DQEBCwUAA4IBAQBY+56lhO4RRRdHL5XBT8RPVM5ryUGRJJ/tGyee7EpG
OmEMRcajFIpCaGUdx+hjkca2gZRNJS/CHppRdB0A0eTGg6MIPcJb56EVFqWzxXeQ
PK+1TRCMuftrpWrvcVoUtBpGi2YrtqeqYevxRA7zTditIcJBe0GeorfUyMILXYnx
lDsAkBB4bdTeaufsWwuTCO0Dn+2uaL7IKAvn/ccjvsbJsJZpSM5fIgQ6JYpPJaNy
Bp8HpYlaEmnGbtXM4vT8vMMk9kqI4Az/4WlZhKixAvffEbRwYFEZ4cabwI1XRyr4
zup5WChrYxyNDXetgIGsLSNasHAXmeVk+R7B+T1v0btw
-----END CERTIFICATE-----
Generated at Fri Oct 27 10:21:10 2023 by rpki-client on console-ams.rpki-client.org