Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/jH3-vpZGSbstHNu1rJ7C9yKIYcI.roa
File: jH3-vpZGSbstHNu1rJ7C9yKIYcI.roa (raw, json)
Hash identifier: kYsi82hIjvKqqi0bA+NmZ5pNN+72VOKdI+uho2/wCFs=
Subject key identifier: 8C:7D:FE:BE:96:46:49:BB:2D:1C:DB:B5:AC:9E:C2:F7:22:88:61:C2
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01856ECB7A6F1D894B7D04DA64674A1C2D34
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/jH3-vpZGSbstHNu1rJ7C9yKIYcI.roa
Signing time: Sun 01 Jan 2023 19:25:06 +0000
ROA not before: Sun 01 Jan 2023 19:25:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48948
IP address blocks: 93.114.160.0/24 maxlen: 24
93.114.161.0/24 maxlen: 24
93.114.162.0/24 maxlen: 24
93.114.163.0/24 maxlen: 24
93.114.164.0/24 maxlen: 24
93.114.165.0/24 maxlen: 24
93.114.166.0/24 maxlen: 24
93.114.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Oct 2023 10:21:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:7a:6f:1d:89:4b:7d:04:da:64:67:4a:1c:2d:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 19:25:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8c7dfebe964649bb2d1cdbb5ac9ec2f7228861c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:30:ae:ae:ed:bc:1c:f1:2a:0e:3a:b9:a8:5b:
81:f5:63:15:7b:a3:79:2c:3e:78:9f:3f:99:12:e4:
9d:23:a0:26:38:92:ee:37:06:2e:22:39:e3:b6:7b:
db:d7:31:31:11:c8:26:f0:73:99:83:e1:a4:3e:0a:
0e:2a:40:bd:0f:b9:ef:cd:f7:63:12:77:4e:37:f7:
bb:fd:32:ff:7e:e1:a6:47:ca:9d:3e:c6:7b:f9:5d:
5a:36:7d:3d:9b:a8:d5:0a:0a:51:b6:87:e5:6d:80:
1f:93:09:c5:37:ce:ec:76:bb:1c:e2:47:73:3c:2e:
f3:24:9d:60:1f:ea:8d:52:60:44:09:f7:78:47:c3:
6e:f6:a4:1f:fe:94:c0:dc:2b:10:55:b5:57:bf:18:
9b:bd:3c:b0:88:70:f2:fe:b8:a8:c5:2c:3e:49:0f:
5d:25:51:02:f5:b4:eb:79:78:e6:6d:6d:34:2b:7f:
14:69:2e:28:ac:b9:d4:07:a3:32:b3:6a:ff:53:1a:
0f:2c:30:00:73:8e:51:38:70:33:a9:92:fe:d0:27:
72:47:ff:21:4c:8e:29:8c:30:72:55:0b:9f:33:32:
76:90:e2:c9:53:e5:66:18:1d:a1:c9:9f:b9:c9:63:
38:9d:c1:59:88:4b:13:f4:16:e8:5d:85:de:bf:5c:
30:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:7D:FE:BE:96:46:49:BB:2D:1C:DB:B5:AC:9E:C2:F7:22:88:61:C2
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/jH3-vpZGSbstHNu1rJ7C9yKIYcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.114.160.0/21
Signature Algorithm: sha256WithRSAEncryption
87:ab:ba:bf:b7:78:57:5e:a1:33:00:a0:42:91:e7:29:9b:3c:
4b:ee:4e:64:8a:16:f6:9d:9b:59:16:a8:68:31:c9:a4:c2:e5:
cf:64:58:41:fe:dd:0d:a0:ea:6b:9a:14:40:1f:2c:6f:c6:75:
9e:e5:d1:c3:44:b4:44:8c:03:0a:23:69:4b:29:f4:12:c9:4c:
87:47:38:0b:8f:1a:61:af:87:11:27:c4:9d:ff:fb:7b:0c:34:
b6:e5:a0:05:a0:ee:eb:b1:14:4f:fd:c9:7e:f4:68:02:ae:0d:
64:51:f2:02:79:76:b8:bd:79:75:b8:82:8d:81:bb:f0:24:67:
dc:5f:fa:3c:55:2a:43:9e:35:bb:ff:02:b3:11:b3:1d:35:2d:
f8:47:80:14:fc:02:23:03:c3:1b:1d:64:f7:90:b6:11:40:fa:
e2:3f:4d:6a:1f:02:a0:15:cf:5f:bf:d0:8c:bc:c6:0e:41:e3:
4a:93:cf:44:51:8a:87:47:f3:c0:28:59:c9:2a:3a:ee:39:c3:
cb:c4:7c:6d:eb:60:da:2b:53:ac:be:b2:47:72:4c:bb:4f:bf:
27:5f:65:77:cb:c0:71:0c:76:eb:53:64:0b:f7:f1:55:4f:22:
e1:e2:c3:72:05:ff:5c:78:7d:50:5e:49:1b:69:d8:97:07:d4:
23:a0:60:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuy3pvHYlLfQTaZGdKHC00MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwMTAxMTkyNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzdkZmViZTk2NDY0OWJiMmQxY2RiYjVhYzllYzJmNzIyODg2MWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzCuru28HPEqDjq5qFuB9WMVe6N5
LD54nz+ZEuSdI6AmOJLuNwYuIjnjtnvb1zExEcgm8HOZg+GkPgoOKkC9D7nvzfdj
EndON/e7/TL/fuGmR8qdPsZ7+V1aNn09m6jVCgpRtoflbYAfkwnFN87sdrsc4kdz
PC7zJJ1gH+qNUmBECfd4R8Nu9qQf/pTA3CsQVbVXvxibvTywiHDy/rioxSw+SQ9d
JVEC9bTreXjmbW00K38UaS4orLnUB6Mys2r/UxoPLDAAc45ROHAzqZL+0CdyR/8h
TI4pjDByVQufMzJ2kOLJU+VmGB2hyZ+5yWM4ncFZiEsT9BboXYXev1ww5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIx9/r6WRkm7LRzbtayewvciiGHCMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvakgzLXZwWkdTYnN0SE51MXJKN0M5eUtJWWNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDXXKgMA0G
CSqGSIb3DQEBCwUAA4IBAQCHq7q/t3hXXqEzAKBCkecpmzxL7k5kihb2nZtZFqho
McmkwuXPZFhB/t0NoOprmhRAHyxvxnWe5dHDRLREjAMKI2lLKfQSyUyHRzgLjxph
r4cRJ8Sd//t7DDS25aAFoO7rsRRP/cl+9GgCrg1kUfICeXa4vXl1uIKNgbvwJGfc
X/o8VSpDnjW7/wKzEbMdNS34R4AU/AIjA8MbHWT3kLYRQPriP01qHwKgFc9fv9CM
vMYOQeNKk89EUYqHR/PAKFnJKjruOcPLxHxt62DaK1OsvrJHcky7T78nX2V3y8Bx
DHbrU2QL9/FVTyLh4sNyBf9ceH1QXkkbadiXB9QjoGAt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org