Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/454f11-fc35-498c-a7c0-5a4d8b4e3f0a/1/8mFb3fMndMnorzMdD7cIA1PgoDQ.roa
File: 8mFb3fMndMnorzMdD7cIA1PgoDQ.roa (raw, json)
Hash identifier: upCPUYIC4Si5umIdsLHPSpv7k9AGsf+Ft1xLsZP33uw=
Subject key identifier: F2:61:5B:DD:F3:27:74:C9:E8:AF:33:1D:0F:B7:08:03:53:E0:A0:34
Certificate issuer: /CN=e2c756c691073752260eda0b29df3140cec48c18
Certificate serial: 018D0DFB79A629E017DC2A6687F76847BD99
Authority key identifier: E2:C7:56:C6:91:07:37:52:26:0E:DA:0B:29:DF:31:40:CE:C4:8C:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sdWxpEHN1ImDtoLKd8xQM7EjBg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/454f11-fc35-498c-a7c0-5a4d8b4e3f0a/1/8mFb3fMndMnorzMdD7cIA1PgoDQ.roa
Signing time: Mon 15 Jan 2024 16:36:40 +0000
ROA not before: Mon 15 Jan 2024 16:36:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60508
IP address blocks: 93.90.77.0/24 maxlen: 24
93.90.76.0/22 maxlen: 22
93.90.76.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:47:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0d:fb:79:a6:29:e0:17:dc:2a:66:87:f7:68:47:bd:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c756c691073752260eda0b29df3140cec48c18
Validity
Not Before: Jan 15 16:36:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2615bddf32774c9e8af331d0fb7080353e0a034
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c5:13:fc:bc:fe:39:d6:1c:68:b5:02:f0:62:
6b:a3:e9:d9:83:b1:83:8f:3a:cc:8a:e1:b1:02:5b:
94:b4:f8:c4:f1:ed:63:77:1f:51:ca:59:c4:5f:04:
96:48:ad:52:d3:73:c4:29:40:03:26:32:2e:f8:e6:
8e:d9:e7:e5:47:2e:97:c1:c1:77:9c:34:0f:c9:b3:
6e:c3:f1:10:5e:7e:1e:6f:8f:af:32:84:3c:ed:40:
13:62:85:fb:a5:bd:bc:e8:e7:33:0b:c8:94:d9:dc:
6c:98:cf:c8:54:81:ab:72:48:4e:62:91:7e:b6:26:
be:28:e1:ce:9e:64:61:5c:19:44:8b:99:ce:00:2d:
ae:72:20:85:79:a2:6b:73:a6:5d:7b:09:f4:00:3a:
2a:29:13:a1:f6:35:09:a1:46:14:41:b6:f7:0c:91:
0a:94:62:dd:ae:cf:95:3a:21:5a:26:3c:20:91:f2:
1d:04:4b:a9:29:28:f5:55:24:48:8c:f9:28:cf:3c:
6e:27:48:0a:82:6e:d6:fc:34:c8:bb:ca:50:8b:c5:
8d:ee:a7:bf:0b:90:53:db:0a:d9:b1:ba:4c:60:77:
da:6c:17:de:78:95:6b:43:f6:b8:1f:d7:05:f2:7c:
a3:c9:a1:02:b5:fd:a3:5a:73:87:e7:9a:f1:0f:83:
bd:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:61:5B:DD:F3:27:74:C9:E8:AF:33:1D:0F:B7:08:03:53:E0:A0:34
X509v3 Authority Key Identifier:
keyid:E2:C7:56:C6:91:07:37:52:26:0E:DA:0B:29:DF:31:40:CE:C4:8C:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sdWxpEHN1ImDtoLKd8xQM7EjBg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/454f11-fc35-498c-a7c0-5a4d8b4e3f0a/1/8mFb3fMndMnorzMdD7cIA1PgoDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/454f11-fc35-498c-a7c0-5a4d8b4e3f0a/1/4sdWxpEHN1ImDtoLKd8xQM7EjBg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.90.76.0/22
Signature Algorithm: sha256WithRSAEncryption
87:71:a0:0c:aa:51:91:f5:91:7f:4c:90:75:3c:19:cb:a8:34:
c8:a8:9c:e7:c4:35:4c:fb:4c:56:00:ca:87:15:dd:87:ec:c4:
8e:06:77:68:b8:67:a9:99:b3:4d:2b:ea:3a:20:fd:11:1b:49:
7a:f3:a8:65:b5:8e:07:55:be:b0:3a:1c:3f:4e:6f:48:5e:09:
e7:9e:59:f5:c8:0b:9d:a2:19:39:4c:c9:8e:53:c7:c5:5e:3f:
92:30:9e:18:15:79:cd:40:ad:03:44:1f:41:fd:89:c5:7d:98:
f8:07:ca:6a:79:6e:16:a0:fa:84:d9:06:37:71:63:ea:b1:95:
f4:26:bc:6e:d8:1d:4c:5e:89:b7:a6:21:96:14:74:58:6a:c6:
d2:18:ee:8f:81:dc:bf:da:4c:92:84:58:15:ef:08:09:8f:59:
bd:ac:d3:a1:4a:a0:81:21:f8:27:a2:bd:7f:bb:27:d3:10:6a:
fe:a8:13:e7:0b:40:a6:76:2b:55:3c:f5:89:07:0c:df:e6:f9:
cc:a0:23:d3:fd:62:3a:58:a0:89:35:7e:85:29:1b:55:97:c2:
06:83:8a:e1:49:79:00:70:74:36:86:b7:18:ad:87:33:35:92:
a6:f2:31:65:82:45:24:4d:5e:0f:7a:c6:92:b4:bc:41:39:50:
cf:4e:21:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0N+3mmKeAX3Cpmh/doR72ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzc1NmM2OTEwNzM3NTIyNjBlZGEwYjI5ZGYzMTQwY2Vj
NDhjMTgwHhcNMjQwMTE1MTYzNjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjYxNWJkZGYzMjc3NGM5ZThhZjMzMWQwZmI3MDgwMzUzZTBhMDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcUT/Lz+OdYcaLUC8GJro+nZg7GD
jzrMiuGxAluUtPjE8e1jdx9RylnEXwSWSK1S03PEKUADJjIu+OaO2eflRy6XwcF3
nDQPybNuw/EQXn4eb4+vMoQ87UATYoX7pb286OczC8iU2dxsmM/IVIGrckhOYpF+
tia+KOHOnmRhXBlEi5nOAC2uciCFeaJrc6Zdewn0ADoqKROh9jUJoUYUQbb3DJEK
lGLdrs+VOiFaJjwgkfIdBEupKSj1VSRIjPkozzxuJ0gKgm7W/DTIu8pQi8WN7qe/
C5BT2wrZsbpMYHfabBfeeJVrQ/a4H9cF8nyjyaECtf2jWnOH55rxD4O99wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPJhW93zJ3TJ6K8zHQ+3CANT4KA0MB8GA1UdIwQY
MBaAFOLHVsaRBzdSJg7aCynfMUDOxIwYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNkV3hwRUhOMUltRHRvTEtkOHhRTTdFakJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC80NTRmMTEtZmMzNS00OThjLWE3YzAt
NWE0ZDhiNGUzZjBhLzEvOG1GYjNmTW5kTW5vcnpNZEQ3Y0lBMVBnb0RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC80NTRmMTEtZmMzNS00OThjLWE3YzAtNWE0ZDhiNGUzZjBh
LzEvNHNkV3hwRUhOMUltRHRvTEtkOHhRTTdFakJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXVpMMA0G
CSqGSIb3DQEBCwUAA4IBAQCHcaAMqlGR9ZF/TJB1PBnLqDTIqJznxDVM+0xWAMqH
Fd2H7MSOBndouGepmbNNK+o6IP0RG0l686hltY4HVb6wOhw/Tm9IXgnnnln1yAud
ohk5TMmOU8fFXj+SMJ4YFXnNQK0DRB9B/YnFfZj4B8pqeW4WoPqE2QY3cWPqsZX0
Jrxu2B1MXom3piGWFHRYasbSGO6Pgdy/2kyShFgV7wgJj1m9rNOhSqCBIfgnor1/
uyfTEGr+qBPnC0CmditVPPWJBwzf5vnMoCPT/WI6WKCJNX6FKRtVl8IGg4rhSXkA
cHQ2hrcYrYczNZKm8jFlgkUkTV4PesaStLxBOVDPTiFf
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:56 2025 by rpki-client