Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/F22v60uXiHy6YrZnFBNNhQBfl4I.roa
File: F22v60uXiHy6YrZnFBNNhQBfl4I.roa (raw, json)
Hash identifier: i82nnVLSv9cg3DxTwYzaxpFMiEjrIQhfVTgMLscA0+c=
Subject key identifier: 17:6D:AF:EB:4B:97:88:7C:BA:62:B6:67:14:13:4D:85:00:5F:97:82
Certificate issuer: /CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Certificate serial: 018FBF8912A845AEF161314B9ED461DCC374
Authority key identifier: 8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/F22v60uXiHy6YrZnFBNNhQBfl4I.roa
Signing time: Tue 28 May 2024 14:09:42 +0000
ROA not before: Tue 28 May 2024 14:09:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31004
IP address blocks: 93.157.32.0/21 maxlen: 23
2a00:4bc0:2000::/44 maxlen: 56
2a00:4bc0:2100::/40 maxlen: 48
2a00:4bc0:2300::/40 maxlen: 48
2a00:4bc0:2400::/40 maxlen: 48
Validation: Failed, certificate revoked on Wed 29 May 2024 08:30:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:bf:89:12:a8:45:ae:f1:61:31:4b:9e:d4:61:dc:c3:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Validity
Not Before: May 28 14:09:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=176dafeb4b97887cba62b66714134d85005f9782
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:ee:3f:c8:4b:f9:9c:1b:e5:9d:66:37:f3:e6:
b7:09:a0:80:0c:88:d0:70:a3:8a:d2:3f:9d:70:a1:
25:33:72:f1:7e:d8:ef:2b:b6:ed:3b:25:59:b6:52:
4e:0d:23:f6:cd:86:0a:1c:2d:94:16:b1:ec:6a:8a:
6b:04:1b:99:ec:0d:cb:e5:d5:f3:f7:1e:8a:51:ed:
28:e8:36:77:ef:3b:e1:10:e5:ef:93:e8:e1:62:65:
8f:c5:93:21:48:67:2a:2f:e4:61:31:c9:ee:cc:d6:
84:3f:97:e0:02:ab:bc:1c:14:f3:d4:d5:fb:8f:c1:
c5:4e:ab:50:4d:57:e4:c1:22:8c:be:35:e9:dc:fa:
cf:95:c3:96:1b:7e:c4:ce:90:f7:89:49:fa:b0:0d:
4f:cf:09:c3:e0:4c:0d:a4:f0:08:0d:02:bc:00:7d:
ee:9a:c7:14:bf:48:1a:2b:84:70:aa:dd:88:07:3b:
10:62:e0:46:ff:01:b4:41:b4:9e:6a:08:c2:0c:11:
16:9c:38:d6:2e:6b:4b:f6:fa:bf:27:e2:5b:46:c0:
2a:fb:f7:ea:9c:16:e5:c3:1e:3f:8a:ef:91:18:cf:
ad:14:eb:d7:27:dc:20:21:c9:d6:10:2c:90:06:14:
d5:5f:65:df:f9:89:8d:5d:0f:90:6c:54:9b:ea:ef:
40:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:6D:AF:EB:4B:97:88:7C:BA:62:B6:67:14:13:4D:85:00:5F:97:82
X509v3 Authority Key Identifier:
keyid:8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/F22v60uXiHy6YrZnFBNNhQBfl4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/jygkxhNX3DRLvfNbg1d0WbnT_EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.157.32.0/21
IPv6:
2a00:4bc0:2000::/44
2a00:4bc0:2100::/40
2a00:4bc0:2300::-2a00:4bc0:24ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1e:70:ef:8f:2e:14:3a:ea:fe:26:46:cd:b7:22:8c:94:0a:63:
7d:9c:19:dd:d8:6d:e1:00:37:b9:d5:85:d6:00:e9:6e:9d:b7:
56:06:a5:bb:60:82:a2:d6:f0:cd:8a:07:8d:0a:e2:c3:f3:df:
1e:3c:73:7c:cb:d6:09:82:52:63:86:e2:d6:d3:15:de:e0:2c:
2d:2f:6b:0d:95:3a:d0:53:3b:46:aa:5c:8c:dc:a2:4e:95:c4:
c2:ee:b5:69:cd:22:64:43:ed:f8:f9:40:34:95:91:95:e8:cf:
aa:20:09:1d:02:2b:8c:24:86:81:41:2f:29:3f:d0:2a:3c:3d:
0a:da:a0:7f:14:4f:32:1c:23:e1:bf:da:35:53:e9:2f:38:18:
cc:0c:6c:fb:74:03:3b:57:7b:cc:97:8d:4d:57:f3:44:0a:02:
51:b9:fe:14:f2:93:56:15:d5:c4:15:e0:80:f3:1e:9e:ae:d8:
69:de:8a:fa:c9:2a:0e:7a:53:95:78:78:7b:2a:a4:c2:64:37:
69:e0:55:6a:0c:d3:cc:cb:a8:25:dd:4b:63:6d:6f:0c:b7:1d:
1e:18:6f:b7:d1:a6:bc:a6:33:e0:64:6e:2e:90:de:b3:78:ad:
43:2f:94:93:14:a2:57:27:c8:79:04:47:d9:6d:e4:bc:fb:d7:
b4:60:8d:c9
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAY+/iRKoRa7xYTFLntRh3MN0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMjgyNGM2MTM1N2RjMzQ0YmJkZjM1YjgzNTc3NDU5Yjlk
M2ZjNDQwHhcNMjQwNTI4MTQwOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzZkYWZlYjRiOTc4ODdjYmE2MmI2NjcxNDEzNGQ4NTAwNWY5NzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+4/yEv5nBvlnWY38+a3CaCADIjQ
cKOK0j+dcKElM3LxftjvK7btOyVZtlJODSP2zYYKHC2UFrHsaoprBBuZ7A3L5dXz
9x6KUe0o6DZ37zvhEOXvk+jhYmWPxZMhSGcqL+RhMcnuzNaEP5fgAqu8HBTz1NX7
j8HFTqtQTVfkwSKMvjXp3PrPlcOWG37EzpD3iUn6sA1PzwnD4EwNpPAIDQK8AH3u
mscUv0gaK4Rwqt2IBzsQYuBG/wG0QbSeagjCDBEWnDjWLmtL9vq/J+JbRsAq+/fq
nBblwx4/iu+RGM+tFOvXJ9wgIcnWECyQBhTVX2Xf+YmNXQ+QbFSb6u9AUwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFBdtr+tLl4h8umK2ZxQTTYUAX5eCMB8GA1UdIwQY
MBaAFI8oJMYTV9w0S73zW4NXdFm50/xEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanlna3hoTlgzRFJMdmZOYmcxZDBXYm5UX0VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS82NTJlYjQtMzIxYy00OGMwLTkyNzIt
M2FlNzExYWYwMzRiLzEvRjIydjYwdVhpSHk2WXJabkZCTk5oUUJmbDRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS82NTJlYjQtMzIxYy00OGMwLTkyNzItM2FlNzExYWYwMzRi
LzEvanlna3hoTlgzRFJMdmZOYmcxZDBXYm5UX0VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAMBAIAATAGAwQDXZ0gMCkE
AgACMCMDBwQqAEvAIAADBgAqAEvAITAQAwYAKgBLwCMDBgAqAEvAJDANBgkqhkiG
9w0BAQsFAAOCAQEAHnDvjy4UOur+JkbNtyKMlApjfZwZ3dht4QA3udWF1gDpbp23
Vgalu2CCotbwzYoHjQriw/PfHjxzfMvWCYJSY4bi1tMV3uAsLS9rDZU60FM7Rqpc
jNyiTpXEwu61ac0iZEPt+PlANJWRlejPqiAJHQIrjCSGgUEvKT/QKjw9CtqgfxRP
Mhwj4b/aNVPpLzgYzAxs+3QDO1d7zJeNTVfzRAoCUbn+FPKTVhXVxBXggPMenq7Y
ad6K+skqDnpTlXh4eyqkwmQ3aeBVagzTzMuoJd1LY21vDLcdHhhvt9GmvKYz4GRu
LpDes3itQy+UkxSiVyfIeQRH2W3kvPvXtGCNyQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:46 2024 by rpki-client on console-fra.rpki-client.org