Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/bc-nNFq7yJtR2B47t1EE-CNAxmE.roa
File: bc-nNFq7yJtR2B47t1EE-CNAxmE.roa (raw, json)
Hash identifier: uSSfs6WvalBx4smQ69nUSGF0ss0+ElU5huNQPzQjIdA=
Subject key identifier: 6D:CF:A7:34:5A:BB:C8:9B:51:D8:1E:3B:B7:51:04:F8:23:40:C6:61
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CF88CB8EA7B175385F4538C226006F7D1
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/bc-nNFq7yJtR2B47t1EE-CNAxmE.roa
Signing time: Thu 11 Jan 2024 12:43:41 +0000
ROA not before: Thu 11 Jan 2024 12:43:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200218
IP address blocks: 93.170.212.0/22 maxlen: 24
93.171.0.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f8:8c:b8:ea:7b:17:53:85:f4:53:8c:22:60:06:f7:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 11 12:43:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6dcfa7345abbc89b51d81e3bb75104f82340c661
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f6:df:c1:b7:f5:39:11:af:0c:fd:ff:ef:05:
3a:0e:0a:72:66:06:95:98:4b:e7:d1:aa:c5:09:58:
9f:4c:51:ca:cc:14:96:d9:81:42:f1:3d:4a:79:f7:
77:36:70:49:bd:51:3a:22:ec:76:b6:3c:8e:bd:72:
a1:56:5e:a8:aa:9f:31:e4:97:9a:ac:2a:32:7a:a5:
5b:55:40:87:cd:ae:48:b9:8b:ff:5d:c3:5b:3f:f7:
fe:ce:d2:f7:d0:18:83:3f:e7:7d:bd:1f:d1:2b:3c:
51:35:d9:c7:25:75:d1:ed:ab:cd:54:00:8a:01:38:
26:7d:d4:0a:d4:69:68:86:38:6e:be:9c:81:a1:41:
3d:29:ce:d8:5d:43:df:04:91:a2:1a:14:07:79:73:
d6:b0:98:6d:63:6e:56:dc:db:f5:98:0b:3d:bc:af:
d5:7e:a2:dd:6c:09:1a:43:12:00:4a:6a:38:91:09:
85:5c:90:cb:2e:62:42:43:64:ae:7e:2f:9e:f2:93:
2b:0d:c8:34:5c:25:c0:da:9c:5b:32:bc:38:72:c4:
db:35:cb:96:06:2b:84:c0:2c:ff:d9:ce:63:0d:7e:
d0:40:a4:70:2d:84:01:d7:00:a3:5d:9a:ef:08:ed:
52:03:56:cc:74:ca:49:63:97:64:14:f6:e7:fb:0a:
f6:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:CF:A7:34:5A:BB:C8:9B:51:D8:1E:3B:B7:51:04:F8:23:40:C6:61
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/bc-nNFq7yJtR2B47t1EE-CNAxmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.212.0/22
93.171.0.0/23
Signature Algorithm: sha256WithRSAEncryption
05:11:e5:b0:4b:9b:8c:d4:2e:dc:c4:a1:7c:8b:1a:a7:ed:6a:
d8:36:58:1f:ff:b3:9c:68:64:8c:d3:51:d4:f1:ef:6f:55:dc:
49:65:bf:12:e6:68:0b:a1:7d:a4:fd:f8:ce:0c:11:4b:fa:43:
2f:4c:52:49:a7:b1:2b:ef:a1:5a:ff:4b:dc:d7:e0:52:e3:24:
59:02:d4:08:5f:d6:0e:c1:6a:8d:2a:c0:7d:98:76:ef:0b:89:
6c:6b:84:60:be:a9:8c:6c:1a:af:07:95:38:aa:b0:e5:1a:a0:
17:7c:93:a6:af:8f:c0:e3:17:07:fe:5f:eb:5c:2d:bf:5b:43:
0e:69:ff:1a:eb:a5:25:b2:0f:55:f6:38:2b:bf:49:72:70:72:
53:85:2f:6b:38:21:f9:cf:34:44:1d:fc:33:8b:7e:d6:4a:a0:
07:f7:9a:f3:f3:8d:b4:29:ad:21:33:63:6f:76:6e:16:ed:ad:
fb:fe:43:41:4d:1d:12:80:1d:7e:75:c5:6e:20:a3:be:75:1d:
f4:43:f5:b6:5d:fb:e6:0b:5e:d1:4a:4e:74:16:78:42:d4:60:
ba:20:b0:64:01:fe:7d:fb:c9:09:38:03:e4:fc:22:c5:05:38:
a7:2a:61:af:00:e7:aa:e4:7d:56:4a:61:d8:77:ed:14:70:90:
85:40:d3:ae
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYz4jLjqexdThfRTjCJgBvfRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTExMTI0MzQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGNmYTczNDVhYmJjODliNTFkODFlM2JiNzUxMDRmODIzNDBjNjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfbfwbf1ORGvDP3/7wU6DgpyZgaV
mEvn0arFCVifTFHKzBSW2YFC8T1Kefd3NnBJvVE6Iux2tjyOvXKhVl6oqp8x5Jea
rCoyeqVbVUCHza5IuYv/XcNbP/f+ztL30BiDP+d9vR/RKzxRNdnHJXXR7avNVACK
ATgmfdQK1GlohjhuvpyBoUE9Kc7YXUPfBJGiGhQHeXPWsJhtY25W3Nv1mAs9vK/V
fqLdbAkaQxIASmo4kQmFXJDLLmJCQ2Sufi+e8pMrDcg0XCXA2pxbMrw4csTbNcuW
BiuEwCz/2c5jDX7QQKRwLYQB1wCjXZrvCO1SA1bMdMpJY5dkFPbn+wr2IwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG3PpzRau8ibUdgeO7dRBPgjQMZhMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvYmMtbk5GcTd5SnRSMkI0N3QxRUUtQ05BeG1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXarUAwQB
XasAMA0GCSqGSIb3DQEBCwUAA4IBAQAFEeWwS5uM1C7cxKF8ixqn7WrYNlgf/7Oc
aGSM01HU8e9vVdxJZb8S5mgLoX2k/fjODBFL+kMvTFJJp7Er76Fa/0vc1+BS4yRZ
AtQIX9YOwWqNKsB9mHbvC4lsa4RgvqmMbBqvB5U4qrDlGqAXfJOmr4/A4xcH/l/r
XC2/W0MOaf8a66Ulsg9V9jgrv0lycHJThS9rOCH5zzREHfwzi37WSqAH95rz8420
Ka0hM2Nvdm4W7a37/kNBTR0SgB1+dcVuIKO+dR30Q/W2XfvmC17RSk50FnhC1GC6
ILBkAf59+8kJOAPk/CLFBTinKmGvAOeq5H1WSmHYd+0UcJCFQNOu
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:55:05 2025 by rpki-client