Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/Kx4KDmKkHfLy5RmgiLKmTHl-w1Y.roa
File: Kx4KDmKkHfLy5RmgiLKmTHl-w1Y.roa (raw, json)
Hash identifier: 5yym/t8koNpm5LaK4PfvyC3FDPKsWSDnIqsw1KmkRLQ=
Subject key identifier: 2B:1E:0A:0E:62:A4:1D:F2:F2:E5:19:A0:88:B2:A6:4C:79:7E:C3:56
Certificate issuer: /CN=954a2aee086174b01272fae779ad431eb092aeb7
Certificate serial: 01856FC2681BFF864743B777177849A13848
Authority key identifier: 95:4A:2A:EE:08:61:74:B0:12:72:FA:E7:79:AD:43:1E:B0:92:AE:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lUoq7ghhdLAScvrnea1DHrCSrrc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/Kx4KDmKkHfLy5RmgiLKmTHl-w1Y.roa
Signing time: Sun 01 Jan 2023 23:54:49 +0000
ROA not before: Sun 01 Jan 2023 23:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44922
IP address blocks: 93.89.16.0/24 maxlen: 24
93.89.17.0/24 maxlen: 24
93.89.21.0/24 maxlen: 24
93.89.22.0/24 maxlen: 24
93.89.20.0/24 maxlen: 24
93.89.18.0/24 maxlen: 24
93.89.19.0/24 maxlen: 24
93.89.25.0/24 maxlen: 24
93.89.26.0/24 maxlen: 24
93.89.28.0/24 maxlen: 24
93.89.29.0/24 maxlen: 24
93.89.27.0/24 maxlen: 24
93.89.30.0/24 maxlen: 24
93.89.31.0/24 maxlen: 24
2a03:400::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 08 Nov 2023 10:53:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:68:1b:ff:86:47:43:b7:77:17:78:49:a1:38:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=954a2aee086174b01272fae779ad431eb092aeb7
Validity
Not Before: Jan 1 23:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b1e0a0e62a41df2f2e519a088b2a64c797ec356
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:54:f5:b5:c9:33:06:20:3a:86:a0:d2:27:64:
ca:8e:d7:ab:33:0d:9f:d2:d8:c1:cf:4e:d8:ca:ec:
fa:ff:01:83:29:86:f0:ef:32:04:97:25:38:26:08:
55:5d:67:71:31:77:d4:8b:24:8c:00:7f:fe:9b:d1:
c6:b5:f8:6f:fe:72:ec:9e:79:8d:23:1f:d8:18:03:
70:f0:b3:6f:68:e8:ee:a5:20:e7:05:ac:cc:a6:cd:
3e:06:7b:da:8c:1a:36:7a:ce:34:61:0e:ff:14:58:
83:38:35:67:35:5f:2e:a3:c4:45:24:3d:b3:0e:1d:
17:58:17:2d:09:78:80:77:95:9b:38:5b:85:0e:39:
48:93:93:ea:9a:63:58:bd:2a:45:48:fd:4c:ba:9b:
18:da:c9:2a:25:86:77:cd:47:de:c5:af:43:b1:f4:
60:dd:e5:ca:e1:f6:69:08:11:6b:ac:40:2b:bf:d2:
f8:31:1a:f7:d7:09:da:0c:7a:62:a7:26:20:8a:e9:
67:f2:09:53:41:15:ea:a4:ef:93:b5:b6:ac:b7:0e:
43:a7:22:b5:53:55:83:b6:ff:15:3f:fc:00:67:b9:
14:61:28:8f:87:99:2b:c6:38:36:ab:42:ea:a0:0b:
af:6e:90:46:90:53:b5:0c:e3:c1:40:0b:e1:11:5b:
76:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:1E:0A:0E:62:A4:1D:F2:F2:E5:19:A0:88:B2:A6:4C:79:7E:C3:56
X509v3 Authority Key Identifier:
keyid:95:4A:2A:EE:08:61:74:B0:12:72:FA:E7:79:AD:43:1E:B0:92:AE:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lUoq7ghhdLAScvrnea1DHrCSrrc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/Kx4KDmKkHfLy5RmgiLKmTHl-w1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/lUoq7ghhdLAScvrnea1DHrCSrrc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.89.16.0-93.89.22.255
93.89.25.0-93.89.31.255
IPv6:
2a03:400::/32
Signature Algorithm: sha256WithRSAEncryption
2c:0d:df:19:eb:bf:9c:9d:22:8e:e5:c1:cf:0a:68:f7:e0:6c:
e3:6f:6b:bd:de:90:aa:77:68:b7:e4:84:d0:1e:fc:9b:f4:98:
d4:36:1c:60:4e:16:d2:6e:ff:7c:4d:0d:72:b6:0f:fc:20:74:
e5:47:50:1b:9c:7e:6f:fc:d7:d9:ba:91:34:23:61:8c:69:73:
5b:a0:64:7f:f2:d0:97:08:ca:b8:d4:c3:52:5a:ef:b7:81:ea:
4f:06:d7:22:8d:90:f6:f3:38:7e:7a:6d:58:dc:1f:55:fa:b4:
4b:01:5b:f9:54:58:48:1d:d5:27:1e:6e:53:b3:b6:ef:d5:6f:
0c:1d:ac:0d:f5:45:f6:96:e6:3f:a7:55:d2:09:9a:ac:eb:d6:
41:fc:f2:30:f9:d3:55:ae:2c:b5:47:76:e4:3d:2a:5a:36:66:
07:ea:d9:49:ee:58:ad:65:90:39:a5:6a:b4:00:b0:3b:81:05:
af:18:5b:22:93:ba:d9:95:08:0c:3f:a9:f3:b5:4e:a9:39:ab:
6f:b7:ed:76:86:52:a8:cb:f0:ab:82:a8:57:b6:83:bd:cb:59:
e9:e4:1b:a4:62:2e:8b:6c:6a:fb:9d:4d:fd:8d:e4:6f:8a:67:
47:3e:f3:b9:23:ba:34:02:94:0a:95:f2:d0:db:3e:ee:07:dc:
23:64:de:8c
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYVvwmgb/4ZHQ7d3F3hJoThIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NGEyYWVlMDg2MTc0YjAxMjcyZmFlNzc5YWQ0MzFlYjA5
MmFlYjcwHhcNMjMwMTAxMjM1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjFlMGEwZTYyYTQxZGYyZjJlNTE5YTA4OGIyYTY0Yzc5N2VjMzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1T1tckzBiA6hqDSJ2TKjterMw2f
0tjBz07Yyuz6/wGDKYbw7zIElyU4JghVXWdxMXfUiySMAH/+m9HGtfhv/nLsnnmN
Ix/YGANw8LNvaOjupSDnBazMps0+BnvajBo2es40YQ7/FFiDODVnNV8uo8RFJD2z
Dh0XWBctCXiAd5WbOFuFDjlIk5PqmmNYvSpFSP1MupsY2skqJYZ3zUfexa9DsfRg
3eXK4fZpCBFrrEArv9L4MRr31wnaDHpipyYgiuln8glTQRXqpO+Ttbastw5DpyK1
U1WDtv8VP/wAZ7kUYSiPh5krxjg2q0LqoAuvbpBGkFO1DOPBQAvhEVt2uwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFCseCg5ipB3y8uUZoIiypkx5fsNWMB8GA1UdIwQY
MBaAFJVKKu4IYXSwEnL653mtQx6wkq63MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFVvcTdnaGhkTEFTY3ZybmVhMURIckNTcnJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8yMzUzOTYtMGU0Mi00Mzc3LTg1NWEt
NDU2NWYwNGY4ZDg1LzEvS3g0S0RtS2tIZkx5NVJtZ2lMS21USGwtdzFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8yMzUzOTYtMGU0Mi00Mzc3LTg1NWEtNDU2NWYwNGY4ZDg1
LzEvbFVvcTdnaGhkTEFTY3ZybmVhMURIckNTcnJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAiBAIAATAcMAwDBARdWRAD
BABdWRYwDAMEAF1ZGQMEBV1ZADANBAIAAjAHAwUAKgMEADANBgkqhkiG9w0BAQsF
AAOCAQEALA3fGeu/nJ0ijuXBzwpo9+Bs429rvd6Qqndot+SE0B78m/SY1DYcYE4W
0m7/fE0NcrYP/CB05UdQG5x+b/zX2bqRNCNhjGlzW6Bkf/LQlwjKuNTDUlrvt4Hq
TwbXIo2Q9vM4fnptWNwfVfq0SwFb+VRYSB3VJx5uU7O279VvDB2sDfVF9pbmP6dV
0gmarOvWQfzyMPnTVa4stUd25D0qWjZmB+rZSe5YrWWQOaVqtACwO4EFrxhbIpO6
2ZUIDD+p87VOqTmrb7ftdoZSqMvwq4KoV7aDvctZ6eQbpGIui2xq+51N/Y3kb4pn
Rz7zuSO6NAKUCpXy0Ns+7gfcI2TejA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:39 2024 by rpki-client on console-fra.rpki-client.org