Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/7560e4-fc7d-4a64-b500-e7f05f029a48/1/kTXwQGYBeSGxbdby-3xgHk8P13I.roa
File: kTXwQGYBeSGxbdby-3xgHk8P13I.roa (raw, json)
Hash identifier: +vUYkuvis3M4cDLU+EAXBUOnVNMLGsSAaxE/sTHAtRM=
Subject key identifier: 91:35:F0:40:66:01:79:21:B1:6D:D6:F2:FB:7C:60:1E:4F:0F:D7:72
Certificate issuer: /CN=af05d4291cae8185c6c342e25dee9b7e920f76dd
Certificate serial: 019371F3E685F5AB802DB89AFD0D0E16ED44
Authority key identifier: AF:05:D4:29:1C:AE:81:85:C6:C3:42:E2:5D:EE:9B:7E:92:0F:76:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rwXUKRyugYXGw0LiXe6bfpIPdt0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/7560e4-fc7d-4a64-b500-e7f05f029a48/1/kTXwQGYBeSGxbdby-3xgHk8P13I.roa
Signing time: Thu 28 Nov 2024 08:47:09 +0000
ROA not before: Thu 28 Nov 2024 08:47:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203971
IP address blocks: 185.93.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:71:f3:e6:85:f5:ab:80:2d:b8:9a:fd:0d:0e:16:ed:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af05d4291cae8185c6c342e25dee9b7e920f76dd
Validity
Not Before: Nov 28 08:47:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9135f04066017921b16dd6f2fb7c601e4f0fd772
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:1f:c0:b1:19:e3:23:5c:8c:a1:0b:23:7a:81:
88:81:39:f4:2d:81:b9:47:c9:88:9f:5f:c2:0f:b3:
86:ce:e0:68:99:ab:0f:20:db:11:1e:d3:25:ab:bc:
08:94:a6:7d:fb:4e:da:b4:e6:d3:f3:30:a5:f4:aa:
08:2c:ce:a0:98:a4:a1:61:6e:3f:de:14:89:2f:37:
b5:7a:cd:b5:0a:d8:3e:48:01:6f:70:99:df:40:07:
6f:2b:b6:48:e8:34:43:0c:aa:e0:af:75:82:3f:49:
96:e8:f4:5c:5d:46:3e:be:68:64:d0:d2:fe:ae:91:
f3:7e:41:66:d1:67:57:2e:fd:93:40:6c:eb:3f:9b:
67:0a:42:06:e1:96:c9:80:05:ca:16:38:eb:8e:8f:
0f:6e:38:6f:7c:22:cb:8c:05:93:91:c0:55:7c:7b:
00:79:fc:c6:b2:ae:d7:e7:64:85:6e:5c:6a:93:05:
2e:e5:3d:88:ba:77:9f:27:5b:e0:99:cd:fe:98:cc:
ca:33:f8:aa:c0:78:5a:53:86:3b:86:ae:6b:f7:96:
11:a7:d6:d3:7d:6d:17:76:a9:93:8b:ba:6b:e5:5c:
a6:d1:e1:73:55:05:a2:8e:14:4d:f1:3b:59:8f:31:
c0:a3:33:1f:41:e4:1a:75:7f:3b:34:fd:f2:2b:c8:
a4:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:35:F0:40:66:01:79:21:B1:6D:D6:F2:FB:7C:60:1E:4F:0F:D7:72
X509v3 Authority Key Identifier:
keyid:AF:05:D4:29:1C:AE:81:85:C6:C3:42:E2:5D:EE:9B:7E:92:0F:76:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rwXUKRyugYXGw0LiXe6bfpIPdt0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/7560e4-fc7d-4a64-b500-e7f05f029a48/1/kTXwQGYBeSGxbdby-3xgHk8P13I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/7560e4-fc7d-4a64-b500-e7f05f029a48/1/rwXUKRyugYXGw0LiXe6bfpIPdt0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.91.0/24
Signature Algorithm: sha256WithRSAEncryption
30:ed:1e:1d:33:4a:6d:bf:51:db:a1:88:4a:0f:ce:e6:a2:c0:
9a:0a:77:d5:1f:47:1e:bd:e3:0c:10:fd:cc:c1:a4:f8:56:17:
36:c6:3f:1e:70:b4:00:18:3d:e4:d3:10:06:b7:dc:95:0c:0c:
4d:ad:08:ed:fd:fa:ec:58:e0:6a:1a:74:ac:01:b1:3b:e6:28:
61:38:94:d7:9d:d1:b0:69:19:8b:ec:65:9c:41:95:ac:01:2c:
e2:68:2a:06:e9:d3:d9:22:2d:62:e4:2d:92:6e:21:87:d7:7d:
6f:eb:43:2e:9f:a3:ee:a7:e6:fc:47:49:c3:39:b8:18:50:46:
cd:45:e3:e5:55:41:ef:56:af:94:b8:6d:aa:42:2b:c0:7a:2b:
b1:bf:60:8d:d6:46:f5:eb:3a:bc:43:ee:b4:5a:2c:0a:26:94:
0a:26:b5:94:b0:08:6a:37:b2:33:cc:cf:92:be:85:7e:f8:a8:
e9:68:93:fb:28:21:96:f9:55:e4:68:5b:17:79:67:bb:79:ee:
a1:26:9a:b2:03:8b:61:de:39:b4:00:f6:09:d9:7a:62:c6:8c:
04:74:cb:d9:36:b5:f1:32:92:0d:1e:99:ce:7a:71:d8:6d:68:
98:17:f1:d8:b7:a5:a0:f9:a9:4d:bb:7a:32:0f:13:a3:3a:44:
e9:aa:0e:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZNx8+aF9auALbia/Q0OFu1EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMDVkNDI5MWNhZTgxODVjNmMzNDJlMjVkZWU5YjdlOTIw
Zjc2ZGQwHhcNMjQxMTI4MDg0NzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTM1ZjA0MDY2MDE3OTIxYjE2ZGQ2ZjJmYjdjNjAxZTRmMGZkNzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyR/AsRnjI1yMoQsjeoGIgTn0LYG5
R8mIn1/CD7OGzuBomasPINsRHtMlq7wIlKZ9+07atObT8zCl9KoILM6gmKShYW4/
3hSJLze1es21Ctg+SAFvcJnfQAdvK7ZI6DRDDKrgr3WCP0mW6PRcXUY+vmhk0NL+
rpHzfkFm0WdXLv2TQGzrP5tnCkIG4ZbJgAXKFjjrjo8PbjhvfCLLjAWTkcBVfHsA
efzGsq7X52SFblxqkwUu5T2IunefJ1vgmc3+mMzKM/iqwHhaU4Y7hq5r95YRp9bT
fW0XdqmTi7pr5Vym0eFzVQWijhRN8TtZjzHAozMfQeQadX87NP3yK8ikwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJE18EBmAXkhsW3W8vt8YB5PD9dyMB8GA1UdIwQY
MBaAFK8F1CkcroGFxsNC4l3um36SD3bdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcndYVUtSeXVnWVhHdzBMaVhlNmJmcElQZHQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy83NTYwZTQtZmM3ZC00YTY0LWI1MDAt
ZTdmMDVmMDI5YTQ4LzEva1RYd1FHWUJlU0d4YmRieS0zeGdIazhQMTNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy83NTYwZTQtZmM3ZC00YTY0LWI1MDAtZTdmMDVmMDI5YTQ4
LzEvcndYVUtSeXVnWVhHdzBMaVhlNmJmcElQZHQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuV1bMA0G
CSqGSIb3DQEBCwUAA4IBAQAw7R4dM0ptv1HboYhKD87mosCaCnfVH0ceveMMEP3M
waT4Vhc2xj8ecLQAGD3k0xAGt9yVDAxNrQjt/frsWOBqGnSsAbE75ihhOJTXndGw
aRmL7GWcQZWsASziaCoG6dPZIi1i5C2SbiGH131v60Mun6Pup+b8R0nDObgYUEbN
RePlVUHvVq+UuG2qQivAeiuxv2CN1kb16zq8Q+60WiwKJpQKJrWUsAhqN7IzzM+S
voV++KjpaJP7KCGW+VXkaFsXeWe7ee6hJpqyA4th3jm0APYJ2XpixowEdMvZNrXx
MpINHpnOenHYbWiYF/HYt6Wg+alNu3oyDxOjOkTpqg7A
-----END CERTIFICATE-----
Generated at Wed Apr 16 04:27:39 2025 by rpki-client