Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/qBC9GFvPkPsdfgqXovct-LYhvy8.roa
File: qBC9GFvPkPsdfgqXovct-LYhvy8.roa (raw, json)
Hash identifier: eORH7wR5lIdGjicHwjb8TpW7PPZ1WiHRYwlJK4Xku4w=
Subject key identifier: A8:10:BD:18:5B:CF:90:FB:1D:7E:0A:97:A2:F7:2D:F8:B6:21:BF:2F
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018C3E2C3A810BFB5D98A77CBD2CE080CB59
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/qBC9GFvPkPsdfgqXovct-LYhvy8.roa
Signing time: Wed 06 Dec 2023 08:08:55 +0000
ROA not before: Wed 06 Dec 2023 08:08:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34974
IP address blocks: 93.171.168.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3e:2c:3a:81:0b:fb:5d:98:a7:7c:bd:2c:e0:80:cb:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Dec 6 08:08:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a810bd185bcf90fb1d7e0a97a2f72df8b621bf2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:bc:b2:68:83:20:9f:ff:75:89:c3:23:c3:f2:
3f:3d:0c:95:cb:76:18:37:53:8a:1c:37:a1:0a:33:
2c:37:19:bf:d9:79:ac:c6:b6:01:71:3d:d7:0a:40:
29:55:91:56:84:6a:2b:0b:71:31:24:9d:15:e0:d7:
6c:1d:9f:61:43:04:52:55:88:23:69:fb:0d:aa:6d:
9a:da:5b:3b:f6:17:5f:e0:e6:69:1e:92:92:b6:cd:
11:48:70:31:1f:81:b6:3c:24:b5:42:52:19:4e:90:
87:16:ff:5c:3e:e3:2b:cd:7b:ea:f1:7c:5a:df:9d:
fe:44:30:71:c3:e3:29:8b:40:75:65:e8:f1:b0:78:
22:95:72:19:fe:e0:92:e2:df:c5:af:a7:15:c3:b3:
72:57:20:a7:59:49:94:c0:ef:60:cd:cb:8b:ca:cd:
a9:40:e2:20:d7:30:b2:2f:e6:73:02:e9:ec:4f:4e:
ef:c7:67:20:19:fc:e8:f4:4b:8f:a5:fe:15:38:5d:
e2:f0:f4:47:41:07:38:8e:9a:35:8f:33:bc:d1:f3:
28:b7:50:dd:55:00:9a:7e:0a:84:10:b2:b0:d2:c5:
fa:2b:6c:eb:ba:a7:79:db:86:c6:e0:95:50:fb:64:
2d:41:0f:d9:42:0a:20:51:33:5c:18:2f:db:7a:1e:
16:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:10:BD:18:5B:CF:90:FB:1D:7E:0A:97:A2:F7:2D:F8:B6:21:BF:2F
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/qBC9GFvPkPsdfgqXovct-LYhvy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.171.168.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:9e:6f:eb:93:f4:2d:5d:9f:49:13:6a:f7:cd:ec:24:09:12:
68:be:bb:84:fa:64:46:b9:4a:f1:6b:a6:30:49:d5:5b:76:68:
7c:02:57:22:43:fe:ce:7e:fa:fb:1e:e3:79:c8:e1:d6:c5:50:
6f:34:c9:66:7a:28:fd:a0:b9:10:9c:a0:3f:5a:e9:a1:7e:c8:
be:92:8c:1d:85:93:3f:d0:c2:20:74:25:63:cc:46:f1:53:1c:
83:0a:90:6f:4d:9b:11:33:dc:ad:f6:73:41:ba:33:eb:eb:68:
50:9a:33:f4:14:b7:34:0e:bc:37:75:ea:8d:6d:18:7c:89:6b:
9d:8f:39:13:7b:2a:af:73:98:dc:cc:01:dc:7b:d5:91:f7:b1:
53:f7:ed:1b:e3:ec:0c:e7:7e:28:94:81:62:21:7d:32:40:66:
c6:81:34:90:83:8f:01:2c:58:6b:cb:70:e7:77:77:be:a7:00:
03:56:2c:ad:28:87:96:4f:b3:0f:69:fb:7e:6d:71:72:00:a9:
d7:5f:1e:eb:7f:88:e2:1c:cd:89:6a:a2:5f:58:fe:f0:47:30:
7a:dd:2d:e5:fa:7e:62:d3:fb:79:a8:65:8b:81:d7:5f:99:fb:
a5:c2:92:e0:ba:fc:23:ed:53:cd:46:ef:66:8f:ab:ad:67:cb:
4d:3d:b7:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYw+LDqBC/tdmKd8vSzggMtZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMxMjA2MDgwODU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODEwYmQxODViY2Y5MGZiMWQ3ZTBhOTdhMmY3MmRmOGI2MjFiZjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLyyaIMgn/91icMjw/I/PQyVy3YY
N1OKHDehCjMsNxm/2XmsxrYBcT3XCkApVZFWhGorC3ExJJ0V4NdsHZ9hQwRSVYgj
afsNqm2a2ls79hdf4OZpHpKSts0RSHAxH4G2PCS1QlIZTpCHFv9cPuMrzXvq8Xxa
353+RDBxw+Mpi0B1ZejxsHgilXIZ/uCS4t/Fr6cVw7NyVyCnWUmUwO9gzcuLys2p
QOIg1zCyL+ZzAunsT07vx2cgGfzo9EuPpf4VOF3i8PRHQQc4jpo1jzO80fMot1Dd
VQCafgqEELKw0sX6K2zruqd524bG4JVQ+2QtQQ/ZQgogUTNcGC/beh4WPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKgQvRhbz5D7HX4Kl6L3Lfi2Ib8vMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvcUJDOUdGdlBrUHNkZmdxWG92Y3QtTFlodnk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXauoMA0G
CSqGSIb3DQEBCwUAA4IBAQCgnm/rk/QtXZ9JE2r3zewkCRJovruE+mRGuUrxa6Yw
SdVbdmh8AlciQ/7Ofvr7HuN5yOHWxVBvNMlmeij9oLkQnKA/Wumhfsi+kowdhZM/
0MIgdCVjzEbxUxyDCpBvTZsRM9yt9nNBujPr62hQmjP0FLc0Drw3deqNbRh8iWud
jzkTeyqvc5jczAHce9WR97FT9+0b4+wM534olIFiIX0yQGbGgTSQg48BLFhry3Dn
d3e+pwADViytKIeWT7MPaft+bXFyAKnXXx7rf4jiHM2JaqJfWP7wRzB63S3l+n5i
0/t5qGWLgddfmfulwpLguvwj7VPNRu9mj6utZ8tNPbc8
-----END CERTIFICATE-----
Generated at Wed Dec 6 13:28:07 2023 by rpki-client on console-fra.rpki-client.org