Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/c5ccd8-8f0d-4862-86aa-d979ece93285/1/IbivKv7SxGWPFQO53GjLVx-3kbw.roa
File: IbivKv7SxGWPFQO53GjLVx-3kbw.roa (raw, json)
Hash identifier: o+5Evfm+GPX6CMC9IGAaqi4Tmdq/MR63Ea9AaoE+3uo=
Subject key identifier: 21:B8:AF:2A:FE:D2:C4:65:8F:15:03:B9:DC:68:CB:57:1F:B7:91:BC
Certificate issuer: /CN=4d3b82290c2e8090924a9efd9c517ca14a5c3704
Certificate serial: 018CC79373591B566CD2B63A5D24866BF5E8
Authority key identifier: 4D:3B:82:29:0C:2E:80:90:92:4A:9E:FD:9C:51:7C:A1:4A:5C:37:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TTuCKQwugJCSSp79nFF8oUpcNwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/c5ccd8-8f0d-4862-86aa-d979ece93285/1/IbivKv7SxGWPFQO53GjLVx-3kbw.roa
Signing time: Tue 02 Jan 2024 00:29:38 +0000
ROA not before: Tue 02 Jan 2024 00:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196733
IP address blocks: 93.89.64.0/21 maxlen: 21
93.89.72.0/21 maxlen: 21
193.109.134.0/23 maxlen: 23
2a01:ad80::/32 maxlen: 32
2a01:ad80::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:73:59:1b:56:6c:d2:b6:3a:5d:24:86:6b:f5:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d3b82290c2e8090924a9efd9c517ca14a5c3704
Validity
Not Before: Jan 2 00:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21b8af2afed2c4658f1503b9dc68cb571fb791bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:75:1d:c1:88:c0:15:e0:29:22:91:71:64:0f:
35:4a:85:f5:38:bd:7b:60:cf:38:a3:ab:33:65:f0:
5e:c9:16:4e:10:c8:4a:d5:0a:09:85:b5:0a:c7:d8:
d4:03:78:3a:7f:62:ea:b7:4c:32:08:32:39:41:54:
2b:bc:e2:71:67:74:98:02:23:72:7d:91:c8:4c:2c:
c6:49:23:dd:73:9d:1e:f3:ba:d2:73:e0:d9:37:07:
93:59:18:ec:ec:38:60:09:38:06:fc:ba:63:3d:55:
50:81:05:ac:e4:a7:82:60:16:94:23:04:19:d0:92:
04:f0:d4:ed:3a:d1:11:91:00:c2:47:de:4f:b4:d9:
1d:87:91:c7:2b:26:06:d1:20:cf:1e:5b:c8:55:18:
16:44:f4:4c:04:b1:26:50:ad:7d:bf:55:78:23:75:
89:57:45:1d:71:ef:93:80:83:60:9b:5d:2a:47:85:
ca:cc:08:0e:5c:20:e4:24:db:a6:e5:10:c3:12:3f:
f6:31:4f:0a:fc:53:1a:10:a0:99:f0:3b:80:57:39:
65:f2:fc:86:4b:37:16:88:f9:55:92:24:4b:f5:4e:
45:75:d0:e4:82:71:a1:54:04:7b:81:41:bf:d3:4a:
ff:76:34:72:33:91:9b:0d:17:e5:3a:1e:42:3f:b3:
f3:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:B8:AF:2A:FE:D2:C4:65:8F:15:03:B9:DC:68:CB:57:1F:B7:91:BC
X509v3 Authority Key Identifier:
keyid:4D:3B:82:29:0C:2E:80:90:92:4A:9E:FD:9C:51:7C:A1:4A:5C:37:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TTuCKQwugJCSSp79nFF8oUpcNwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/c5ccd8-8f0d-4862-86aa-d979ece93285/1/IbivKv7SxGWPFQO53GjLVx-3kbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/c5ccd8-8f0d-4862-86aa-d979ece93285/1/TTuCKQwugJCSSp79nFF8oUpcNwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.89.64.0/20
193.109.134.0/23
IPv6:
2a01:ad80::/32
Signature Algorithm: sha256WithRSAEncryption
7b:c9:18:62:db:93:d5:c1:e1:c6:b2:71:ed:9c:ca:a8:02:07:
1b:93:8b:8c:82:9c:e8:b6:c7:47:f2:8c:ac:a5:22:9f:db:77:
bc:ba:84:79:97:e8:72:2b:cb:7a:59:22:e3:c7:54:08:89:16:
49:2b:3f:76:d7:20:d5:16:59:75:8f:18:3a:73:d0:51:98:de:
26:ac:ca:0c:73:bb:e6:ea:52:ce:29:7f:ff:2c:6f:d3:d0:60:
ad:29:92:62:1b:33:80:5a:be:6f:0f:c7:45:08:67:23:5a:ee:
e7:ce:b7:67:17:3d:54:32:84:04:24:a3:e4:60:5c:99:dd:94:
77:85:69:61:ac:3e:53:4e:be:22:ba:09:a5:f3:57:72:88:cf:
76:31:da:23:40:26:9c:cd:b8:ac:49:30:c1:a7:7f:3c:71:56:
03:47:78:40:28:2a:ec:9f:59:2b:96:31:72:c9:79:b2:91:86:
65:8b:eb:98:89:97:93:57:5f:9d:e6:72:8b:32:7f:60:e7:3b:
52:88:48:81:fa:5f:35:53:a4:bd:65:64:01:6c:46:5f:44:87:
b4:17:5e:1e:f0:87:37:df:62:4b:4c:40:b2:c0:f7:dc:57:d0:
8d:39:2c:a7:8d:18:a6:30:54:f6:bc:f9:20:33:ef:d5:aa:5a:
c8:27:bf:94
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHk3NZG1Zs0rY6XSSGa/XoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkM2I4MjI5MGMyZTgwOTA5MjRhOWVmZDljNTE3Y2ExNGE1
YzM3MDQwHhcNMjQwMTAyMDAyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWI4YWYyYWZlZDJjNDY1OGYxNTAzYjlkYzY4Y2I1NzFmYjc5MWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXUdwYjAFeApIpFxZA81SoX1OL17
YM84o6szZfBeyRZOEMhK1QoJhbUKx9jUA3g6f2Lqt0wyCDI5QVQrvOJxZ3SYAiNy
fZHITCzGSSPdc50e87rSc+DZNweTWRjs7DhgCTgG/LpjPVVQgQWs5KeCYBaUIwQZ
0JIE8NTtOtERkQDCR95PtNkdh5HHKyYG0SDPHlvIVRgWRPRMBLEmUK19v1V4I3WJ
V0Udce+TgINgm10qR4XKzAgOXCDkJNum5RDDEj/2MU8K/FMaEKCZ8DuAVzll8vyG
SzcWiPlVkiRL9U5FddDkgnGhVAR7gUG/00r/djRyM5GbDRflOh5CP7Pz9QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCG4ryr+0sRljxUDudxoy1cft5G8MB8GA1UdIwQY
MBaAFE07gikMLoCQkkqe/ZxRfKFKXDcEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFR1Q0tRd3VnSkNTU3A3OW5GRjhvVXBjTndRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9jNWNjZDgtOGYwZC00ODYyLTg2YWEt
ZDk3OWVjZTkzMjg1LzEvSWJpdkt2N1N4R1dQRlFPNTNHakxWeC0za2J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9jNWNjZDgtOGYwZC00ODYyLTg2YWEtZDk3OWVjZTkzMjg1
LzEvVFR1Q0tRd3VnSkNTU3A3OW5GRjhvVXBjTndRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEXVlAAwQB
wW2GMA0EAgACMAcDBQAqAa2AMA0GCSqGSIb3DQEBCwUAA4IBAQB7yRhi25PVweHG
snHtnMqoAgcbk4uMgpzotsdH8oyspSKf23e8uoR5l+hyK8t6WSLjx1QIiRZJKz92
1yDVFll1jxg6c9BRmN4mrMoMc7vm6lLOKX//LG/T0GCtKZJiGzOAWr5vD8dFCGcj
Wu7nzrdnFz1UMoQEJKPkYFyZ3ZR3hWlhrD5TTr4iugml81dyiM92MdojQCaczbis
STDBp388cVYDR3hAKCrsn1krljFyyXmykYZli+uYiZeTV1+d5nKLMn9g5ztSiEiB
+l81U6S9ZWQBbEZfRIe0F14e8Ic332JLTECywPfcV9CNOSynjRimMFT2vPkgM+/V
qlrIJ7+U
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:40:34 2025 by rpki-client