Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/KSw3eIO5Q2E3JbmwSYZaA-Oh8zQ.roa
File: KSw3eIO5Q2E3JbmwSYZaA-Oh8zQ.roa (raw, json)
Hash identifier: R8NC6sUNWRS3j/W9F4KWKHsm2gFxO5RJOPJy6YFLvYE=
Subject key identifier: 29:2C:37:78:83:B9:43:61:37:25:B9:B0:49:86:5A:03:E3:A1:F3:34
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A081A54594807E7FD4EE6EDB2E16B
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/KSw3eIO5Q2E3JbmwSYZaA-Oh8zQ.roa
Signing time: Tue 02 Jan 2024 12:33:21 +0000
ROA not before: Tue 02 Jan 2024 12:33:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50043
IP address blocks: 93.170.136.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 24 Sep 2024 14:23:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:08:1a:54:59:48:07:e7:fd:4e:e6:ed:b2:e1:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=292c377883b943613725b9b049865a03e3a1f334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:af:fd:dc:87:7b:ee:38:b5:f8:fe:83:e5:93:
36:88:62:ec:1f:93:1d:8b:86:b2:f7:68:02:8d:1b:
8d:db:bb:c0:6a:38:13:66:0d:40:71:da:6b:c3:74:
1c:a6:cd:bb:34:08:53:dc:d7:37:24:b9:77:36:4e:
a1:a2:86:e4:26:2b:4c:44:36:fa:8b:3b:79:00:2d:
c0:d5:05:88:04:09:43:33:ed:6d:6d:0e:b9:f8:af:
a1:dd:ed:e0:b5:15:2e:b0:63:d1:30:c2:b2:4c:bd:
a2:1e:1b:f9:72:75:c8:17:be:41:80:96:bc:91:a5:
0c:67:64:33:72:e2:3e:0f:5d:f7:91:ba:7b:cd:48:
54:dc:82:36:ea:a5:a9:63:1f:56:5c:b1:35:8f:b7:
ae:89:47:b6:47:e1:d2:ba:98:fd:1e:08:75:12:d1:
14:4c:17:8b:51:d4:50:b7:88:55:32:52:6c:e5:83:
33:4f:45:c9:22:e0:4a:85:ab:6d:45:48:04:12:17:
df:3a:37:36:17:7d:ab:3e:6a:7b:48:2e:35:52:88:
66:45:35:6c:4e:e1:e1:f6:6d:4c:dd:40:28:e1:e0:
e1:58:19:c2:31:13:ef:3d:ce:60:07:a3:ff:6a:c8:
2b:e1:3a:d2:6e:f2:7d:a7:e2:5a:2c:fd:54:86:64:
17:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:2C:37:78:83:B9:43:61:37:25:B9:B0:49:86:5A:03:E3:A1:F3:34
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/KSw3eIO5Q2E3JbmwSYZaA-Oh8zQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.136.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:4e:63:90:86:15:6b:41:35:fb:bf:d1:a7:a7:d1:d9:f7:7e:
48:e0:b1:56:94:a7:d8:e9:60:6c:eb:05:19:ef:62:54:36:5a:
a7:03:b0:03:8d:88:61:c8:06:2c:b3:ab:6f:30:41:9d:6b:b3:
27:58:3f:d1:1a:f6:e0:00:35:de:cc:d7:31:ea:98:e1:ae:53:
f1:cf:d1:39:de:15:74:69:1c:81:6f:e8:47:6a:61:ea:27:a9:
2c:3f:47:d4:ec:72:33:b8:25:6f:9f:01:9f:64:5d:60:b4:b8:
f3:c4:11:84:cc:d7:b6:8c:0c:10:02:8b:20:39:13:77:7a:22:
29:fb:fa:1a:e1:12:bd:0e:19:61:9e:f8:cc:2a:cf:c6:d0:30:
34:29:75:b2:d9:60:9b:54:73:0e:25:2b:c9:62:d4:10:0b:f9:
c3:c5:15:c9:bc:98:70:24:a7:2a:48:5d:06:e2:6b:40:26:5f:
ef:56:f5:36:9c:79:f7:d4:c4:17:82:ac:61:1b:a4:6d:c5:54:
86:75:6d:95:50:00:2d:17:d9:0d:0a:3b:a5:cd:35:0e:f6:e8:
ee:8a:57:9b:23:04:75:97:4e:27:9d:5b:90:47:b9:8e:9a:16:
50:70:b7:96:e2:b6:78:be:6e:e7:7e:6a:56:7b:bb:d9:51:61:
d0:c3:00:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKggaVFlIB+f9TubtsuFrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTJjMzc3ODgzYjk0MzYxMzcyNWI5YjA0OTg2NWEwM2UzYTFmMzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhK/93Id77ji1+P6D5ZM2iGLsH5Md
i4ay92gCjRuN27vAajgTZg1Acdprw3Qcps27NAhT3Nc3JLl3Nk6hoobkJitMRDb6
izt5AC3A1QWIBAlDM+1tbQ65+K+h3e3gtRUusGPRMMKyTL2iHhv5cnXIF75BgJa8
kaUMZ2QzcuI+D133kbp7zUhU3II26qWpYx9WXLE1j7euiUe2R+HSupj9Hgh1EtEU
TBeLUdRQt4hVMlJs5YMzT0XJIuBKhattRUgEEhffOjc2F32rPmp7SC41UohmRTVs
TuHh9m1M3UAo4eDhWBnCMRPvPc5gB6P/asgr4TrSbvJ9p+JaLP1UhmQX+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCksN3iDuUNhNyW5sEmGWgPjofM0MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvS1N3M2VJTzVRMkUzSmJtd1NZWmFBLU9oOHpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXaqIMA0G
CSqGSIb3DQEBCwUAA4IBAQAfTmOQhhVrQTX7v9Gnp9HZ935I4LFWlKfY6WBs6wUZ
72JUNlqnA7ADjYhhyAYss6tvMEGda7MnWD/RGvbgADXezNcx6pjhrlPxz9E53hV0
aRyBb+hHamHqJ6ksP0fU7HIzuCVvnwGfZF1gtLjzxBGEzNe2jAwQAosgORN3eiIp
+/oa4RK9DhlhnvjMKs/G0DA0KXWy2WCbVHMOJSvJYtQQC/nDxRXJvJhwJKcqSF0G
4mtAJl/vVvU2nHn31MQXgqxhG6RtxVSGdW2VUAAtF9kNCjulzTUO9ujuilebIwR1
l04nnVuQR7mOmhZQcLeW4rZ4vm7nfmpWe7vZUWHQwwAa
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:08:16 2025 by rpki-client