Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/caBSSYsQU6b0d3i-zQd28whFvnQ.roa
File: caBSSYsQU6b0d3i-zQd28whFvnQ.roa (raw, json)
Hash identifier: 4rKdEfnCTLWoHbR71HRqhvYuhP8w6Lk0jrVKgGZe5C4=
Subject key identifier: 71:A0:52:49:8B:10:53:A6:F4:77:78:BE:CD:07:76:F3:08:45:BE:74
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018B288E4EFECA2791129A5B9ED08C46CE7B
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/caBSSYsQU6b0d3i-zQd28whFvnQ.roa
Signing time: Fri 13 Oct 2023 10:21:36 +0000
ROA not before: Fri 13 Oct 2023 10:21:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48948
IP address blocks: 93.114.160.0/24 maxlen: 24
93.114.161.0/24 maxlen: 24
93.114.162.0/24 maxlen: 24
93.114.163.0/24 maxlen: 24
93.114.164.0/24 maxlen: 24
93.114.165.0/24 maxlen: 24
93.114.166.0/24 maxlen: 24
93.114.167.0/24 maxlen: 24
2001:4d18:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:28:8e:4e:fe:ca:27:91:12:9a:5b:9e:d0:8c:46:ce:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Oct 13 10:21:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71a052498b1053a6f47778becd0776f30845be74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:69:87:00:62:a2:ee:89:93:93:b2:28:2a:de:
f5:80:6d:7d:a2:7e:98:62:40:b1:8c:69:39:93:b4:
cd:2e:fb:5c:35:b1:15:04:b9:56:aa:48:af:07:35:
c0:00:8b:11:92:d6:71:39:07:96:76:bb:dd:a2:c6:
a6:50:10:4b:fe:07:08:74:2d:44:a1:9c:ea:5d:12:
95:83:eb:01:dc:3f:ff:ad:9c:67:04:3f:d7:a4:25:
3b:0d:5e:48:da:ab:8e:c5:5f:3f:d2:63:8a:69:19:
e9:36:d2:41:79:70:3e:6e:d1:a0:c2:2e:71:ec:71:
5b:ee:61:82:99:d0:92:57:55:2b:54:df:f8:cd:96:
d7:50:92:8f:e1:27:e5:66:1f:b0:ae:7f:e5:97:13:
b9:e7:a5:47:bb:b6:79:78:86:a5:c4:07:a4:7e:09:
60:57:6f:35:d2:1a:ce:9d:d9:4c:19:71:66:20:af:
55:af:f4:5f:bf:a3:f8:0e:57:90:85:77:c8:2d:13:
29:af:a4:1e:dd:71:51:b7:00:78:86:8d:a5:43:c2:
c3:d0:18:3a:da:5b:c2:f8:57:09:f8:0a:e8:f7:82:
f6:1c:49:43:af:cc:13:02:93:29:da:e2:b5:26:f9:
7a:c4:5d:41:58:22:37:1e:0f:4c:29:ec:fe:0e:60:
29:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:A0:52:49:8B:10:53:A6:F4:77:78:BE:CD:07:76:F3:08:45:BE:74
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/caBSSYsQU6b0d3i-zQd28whFvnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.114.160.0/21
IPv6:
2001:4d18:3::/48
Signature Algorithm: sha256WithRSAEncryption
3b:39:4c:75:38:56:2d:a7:d3:ee:59:35:3f:65:3c:a7:a6:2a:
bd:0b:04:77:0c:98:75:31:05:e3:5e:93:62:30:c2:8d:32:cb:
11:96:05:b7:64:2d:4a:57:3a:6f:3a:d4:bd:cf:bc:22:fd:e4:
34:2a:1a:97:bd:4c:bf:52:33:83:30:ef:3d:40:c2:8f:a3:50:
75:31:03:8e:9a:d2:42:ae:d4:32:5e:e5:ee:1c:f6:b1:dd:72:
fa:93:aa:62:cb:62:a8:2f:05:21:f3:aa:d4:7f:fe:bb:a1:61:
20:a2:ab:0c:02:50:b1:21:48:8e:09:85:f8:a0:5b:6e:f0:63:
89:26:7f:6d:64:c5:75:d4:23:8e:e3:50:05:04:79:4c:fa:88:
a0:93:38:50:3a:46:d2:77:6d:7f:70:a4:7d:67:ae:62:56:ce:
87:a7:fc:1c:b8:ed:b6:40:b1:bf:91:ba:ba:62:8f:dc:1e:d9:
e7:1e:82:5d:7b:45:19:46:3f:e4:d8:fd:47:b2:8f:d8:d4:0f:
fe:61:12:da:e1:e6:b5:f6:2e:a2:77:ed:8a:43:64:17:26:cd:
9d:de:c3:21:9e:79:f1:9a:88:f5:c0:29:71:16:1a:10:7a:c4:
0d:51:8a:3e:1d:97:92:05:27:db:46:0e:34:42:c3:12:c3:30:
42:d1:82:78
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsojk7+yieREppbntCMRs57MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMDEzMTAyMTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWEwNTI0OThiMTA1M2E2ZjQ3Nzc4YmVjZDA3NzZmMzA4NDViZTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzmmHAGKi7omTk7IoKt71gG19on6Y
YkCxjGk5k7TNLvtcNbEVBLlWqkivBzXAAIsRktZxOQeWdrvdosamUBBL/gcIdC1E
oZzqXRKVg+sB3D//rZxnBD/XpCU7DV5I2quOxV8/0mOKaRnpNtJBeXA+btGgwi5x
7HFb7mGCmdCSV1UrVN/4zZbXUJKP4SflZh+wrn/llxO556VHu7Z5eIalxAekfglg
V2810hrOndlMGXFmIK9Vr/Rfv6P4DleQhXfILRMpr6Qe3XFRtwB4ho2lQ8LD0Bg6
2lvC+FcJ+Aro94L2HElDr8wTApMp2uK1Jvl6xF1BWCI3Hg9MKez+DmApZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHGgUkmLEFOm9Hd4vs0HdvMIRb50MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvY2FCU1NZc1FVNmIwZDNpLXpRZDI4d2hGdm5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDXXKgMA8E
AgACMAkDBwAgAU0YAAMwDQYJKoZIhvcNAQELBQADggEBADs5THU4Vi2n0+5ZNT9l
PKemKr0LBHcMmHUxBeNek2Iwwo0yyxGWBbdkLUpXOm861L3PvCL95DQqGpe9TL9S
M4Mw7z1Awo+jUHUxA46a0kKu1DJe5e4c9rHdcvqTqmLLYqgvBSHzqtR//ruhYSCi
qwwCULEhSI4JhfigW27wY4kmf21kxXXUI47jUAUEeUz6iKCTOFA6RtJ3bX9wpH1n
rmJWzoen/By47bZAsb+Rurpij9we2ecegl17RRlGP+TY/Ueyj9jUD/5hEtrh5rX2
LqJ37YpDZBcmzZ3ewyGeefGaiPXAKXEWGhB6xA1Rij4dl5IFJ9tGDjRCwxLDMELR
gng=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:50 2024 by rpki-client on console-ams.rpki-client.org