Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/vQq8NdiWqKC636mY4pmMGRnmwhY.roa
File: vQq8NdiWqKC636mY4pmMGRnmwhY.roa (raw, json)
Hash identifier: A1dxntRNIzafqKN4Kla039NiWfDrg3mlyik21Izc4Rg=
Subject key identifier: BD:0A:BC:35:D8:96:A8:A0:BA:DF:A9:98:E2:99:8C:19:19:E6:C2:16
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A38973440EDB7738AB2734AF2660F
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/vQq8NdiWqKC636mY4pmMGRnmwhY.roa
Signing time: Tue 02 Jan 2024 12:33:33 +0000
ROA not before: Tue 02 Jan 2024 12:33:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201041
IP address blocks: 93.171.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:38:97:34:40:ed:b7:73:8a:b2:73:4a:f2:66:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd0abc35d896a8a0badfa998e2998c1919e6c216
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:13:1d:30:42:28:1a:0e:56:c2:58:f7:c7:f1:
8a:14:2f:9b:f4:5d:bd:58:f5:07:cb:e8:47:80:ee:
7d:76:29:60:64:b1:ac:91:45:54:ee:64:09:5c:d4:
56:b7:69:94:82:f6:54:87:d5:d1:57:f1:db:22:d2:
1a:57:c1:b5:9b:9f:ff:0e:5a:8f:ab:f7:07:c1:36:
60:a4:fb:f5:01:76:7a:5e:fb:12:f0:17:80:c8:47:
2f:d5:8d:39:37:b1:af:ef:cf:1d:5f:13:50:03:68:
34:a3:d6:06:30:c1:7a:71:b7:ee:5e:77:72:65:cf:
93:96:27:8b:fc:68:ad:b3:b9:56:1b:e5:91:3b:a2:
0a:23:bf:af:e3:44:fc:b9:d1:c5:81:e2:66:1a:0f:
24:90:6a:7b:04:5f:49:03:eb:2e:d1:d1:8a:1f:b1:
72:f9:6e:98:97:c4:63:ce:83:cd:ec:1d:f0:f7:27:
9e:23:cd:77:4d:5e:8d:c3:e9:80:56:0b:3b:78:59:
02:43:cb:b4:fe:1c:66:a6:8f:49:f6:19:cf:72:6b:
23:93:64:86:0c:53:56:7a:ca:96:d3:27:3b:85:5a:
56:4e:a1:98:d0:1c:db:9f:28:f9:bd:1b:08:74:3f:
71:43:5e:23:5c:cd:35:49:a1:f4:07:e2:9a:c2:1c:
f8:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:0A:BC:35:D8:96:A8:A0:BA:DF:A9:98:E2:99:8C:19:19:E6:C2:16
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/vQq8NdiWqKC636mY4pmMGRnmwhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.171.163.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:76:69:20:a4:20:57:dd:f5:79:6b:69:69:e0:84:8f:31:f6:
21:24:7b:b8:74:1d:c8:aa:16:f4:5b:9f:4a:90:8f:bf:0e:21:
7e:26:d3:94:c3:75:45:10:7d:c0:4d:0b:24:aa:f6:e2:3d:39:
2e:e7:ce:26:88:f4:4f:f4:d3:a8:c2:25:17:e2:ec:76:65:d1:
d3:f1:79:c7:2b:18:03:fd:64:da:23:07:ba:c2:11:ea:d9:b3:
71:94:4b:35:4f:01:54:f4:e0:a9:03:5c:a8:af:81:fa:da:0c:
34:05:ab:aa:4a:3f:3a:6c:82:a4:d0:7d:83:97:1c:ea:d0:a8:
0c:dc:bc:3a:3d:f3:ca:51:01:75:70:96:3f:c5:50:b9:9f:f5:
1f:9d:a5:9c:f0:b6:75:5e:38:1a:8e:4e:46:79:99:63:e6:a2:
ce:cf:e2:8a:a6:2f:35:9e:de:47:d3:14:9a:b8:54:0e:08:ef:
6f:54:7b:c2:47:d0:90:77:f5:ba:70:e1:08:7b:d7:0a:34:29:
34:1d:ca:6b:3a:00:ca:d6:cf:9e:60:b8:7c:29:2f:c5:de:32:
08:d8:c8:62:b2:8b:56:09:de:d2:f8:fe:4c:d8:34:fe:58:5d:
d0:67:59:28:78:40:25:72:1e:02:d8:fe:8e:75:b8:89:15:95:
a7:e6:63:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKjiXNEDtt3OKsnNK8mYPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDBhYmMzNWQ4OTZhOGEwYmFkZmE5OThlMjk5OGMxOTE5ZTZjMjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBMdMEIoGg5Wwlj3x/GKFC+b9F29
WPUHy+hHgO59dilgZLGskUVU7mQJXNRWt2mUgvZUh9XRV/HbItIaV8G1m5//DlqP
q/cHwTZgpPv1AXZ6XvsS8BeAyEcv1Y05N7Gv788dXxNQA2g0o9YGMMF6cbfuXndy
Zc+TlieL/Gits7lWG+WRO6IKI7+v40T8udHFgeJmGg8kkGp7BF9JA+su0dGKH7Fy
+W6Yl8RjzoPN7B3w9yeeI813TV6Nw+mAVgs7eFkCQ8u0/hxmpo9J9hnPcmsjk2SG
DFNWesqW0yc7hVpWTqGY0Bzbnyj5vRsIdD9xQ14jXM01SaH0B+Kawhz4VQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL0KvDXYlqigut+pmOKZjBkZ5sIWMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvdlFxOE5kaVdxS0M2MzZtWTRwbU1HUm5td2hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXaujMA0G
CSqGSIb3DQEBCwUAA4IBAQCKdmkgpCBX3fV5a2lp4ISPMfYhJHu4dB3Iqhb0W59K
kI+/DiF+JtOUw3VFEH3ATQskqvbiPTku584miPRP9NOowiUX4ux2ZdHT8XnHKxgD
/WTaIwe6whHq2bNxlEs1TwFU9OCpA1yor4H62gw0BauqSj86bIKk0H2Dlxzq0KgM
3Lw6PfPKUQF1cJY/xVC5n/UfnaWc8LZ1Xjgajk5GeZlj5qLOz+KKpi81nt5H0xSa
uFQOCO9vVHvCR9CQd/W6cOEIe9cKNCk0HcprOgDK1s+eYLh8KS/F3jII2MhisotW
Cd7S+P5M2DT+WF3QZ1koeEAlch4C2P6OdbiJFZWn5mP/
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:01:12 2025 by rpki-client