Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/CiV1aRt9GPBpe1flSPomgTS_D_Y.roa
File: CiV1aRt9GPBpe1flSPomgTS_D_Y.roa (raw, json)
Hash identifier: hadvCKlCYQmscJRP77tVNrMcrNrc+bFjuv6CRh8zA/4=
Subject key identifier: 0A:25:75:69:1B:7D:18:F0:69:7B:57:E5:48:FA:26:81:34:BF:0F:F6
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01856E41DFC5B549FED06CC609D8B28E02CF
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/CiV1aRt9GPBpe1flSPomgTS_D_Y.roa
Signing time: Sun 01 Jan 2023 16:54:48 +0000
ROA not before: Sun 01 Jan 2023 16:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51832
IP address blocks: 93.119.168.0/24 maxlen: 24
93.119.170.0/24 maxlen: 24
93.119.169.0/24 maxlen: 24
93.119.171.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Dec 2023 12:47:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:41:df:c5:b5:49:fe:d0:6c:c6:09:d8:b2:8e:02:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 16:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a2575691b7d18f0697b57e548fa268134bf0ff6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:48:0b:f2:c5:39:45:fc:3c:8d:2f:17:b3:9c:
37:73:23:e9:fa:d8:ae:09:09:d0:07:74:38:0f:89:
2f:a4:d9:7d:af:a7:87:b5:4d:50:8d:ed:5f:a0:8a:
40:b9:4f:86:ee:7c:5f:55:29:d8:11:26:e7:61:91:
67:7d:41:39:bd:72:86:ed:57:75:2a:b2:b4:32:e5:
dd:d9:b0:27:3e:c3:17:8b:60:2c:af:78:a6:c1:b5:
52:b6:18:3e:d0:43:15:8e:46:6e:c2:07:a1:ae:cd:
a2:ca:ba:b2:6c:ee:74:38:be:a2:99:c6:30:dd:02:
25:d0:b4:bb:ac:10:83:bc:0e:6f:19:10:1c:a2:48:
c4:06:f8:b2:2e:1a:dc:ba:d8:f8:bc:ad:87:9a:88:
94:ab:86:3b:cd:96:1b:1b:19:8d:ec:10:a0:e2:73:
21:98:8e:dd:e9:61:b4:df:b6:ed:92:de:d4:e8:19:
6a:e2:dc:ce:3d:bd:b9:99:01:87:55:9d:64:94:c5:
b2:01:28:2c:71:59:0e:4d:d9:f2:39:13:2e:de:ef:
38:ae:0e:ea:3b:2c:6f:3a:95:d1:80:76:ce:df:fe:
ac:1d:e9:e0:da:12:5f:ed:ea:91:c1:06:25:9c:36:
79:55:6a:ea:36:00:ef:bf:a3:76:69:a9:67:a8:49:
1e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:25:75:69:1B:7D:18:F0:69:7B:57:E5:48:FA:26:81:34:BF:0F:F6
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/CiV1aRt9GPBpe1flSPomgTS_D_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.119.168.0/22
Signature Algorithm: sha256WithRSAEncryption
89:00:bb:74:17:68:09:fc:dc:6b:37:c4:7c:18:fc:9a:c8:dd:
84:c5:02:d0:34:7b:dd:4f:75:f9:e3:c6:a5:2c:99:b0:00:8a:
78:85:dd:02:30:88:4f:a8:12:4b:be:9f:e5:10:b6:ed:21:6c:
fa:09:1a:f4:a5:b2:89:2c:f5:73:f6:a0:58:66:5f:93:cf:c0:
f8:51:ff:40:9d:7c:c8:a0:8a:37:be:81:ff:0e:95:b1:f7:d8:
55:89:c7:c6:da:99:85:f5:c1:9d:c2:91:ef:fd:23:43:8b:32:
6d:21:a7:d1:88:d3:0c:8e:f8:ed:c5:c4:d2:d5:40:0f:d2:60:
9f:91:c9:e6:2b:b1:1d:af:69:ec:89:e2:cb:84:cd:62:d6:ce:
b0:29:77:5b:32:79:71:15:21:13:e3:74:f6:d1:2a:27:fd:19:
5a:ee:18:e7:f9:14:ad:73:5b:81:7c:57:68:43:17:28:e8:ee:
44:bb:19:d9:fa:78:e9:3f:65:99:76:86:5f:92:cb:3c:0c:be:
57:01:6f:33:e9:27:b5:e9:77:20:d0:0b:d5:23:ba:40:ff:ba:
05:ea:03:bf:24:ee:01:eb:17:7b:cd:19:93:51:11:01:54:da:
2c:bd:87:1a:e2:75:8f:06:20:de:cd:01:6d:67:36:79:7b:af:
82:09:b9:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuQd/FtUn+0GzGCdiyjgLPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjMwMTAxMTY1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTI1NzU2OTFiN2QxOGYwNjk3YjU3ZTU0OGZhMjY4MTM0YmYwZmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhEgL8sU5Rfw8jS8Xs5w3cyPp+tiu
CQnQB3Q4D4kvpNl9r6eHtU1Qje1foIpAuU+G7nxfVSnYESbnYZFnfUE5vXKG7Vd1
KrK0MuXd2bAnPsMXi2Asr3imwbVSthg+0EMVjkZuwgehrs2iyrqybO50OL6imcYw
3QIl0LS7rBCDvA5vGRAcokjEBviyLhrcutj4vK2HmoiUq4Y7zZYbGxmN7BCg4nMh
mI7d6WG037btkt7U6Blq4tzOPb25mQGHVZ1klMWyASgscVkOTdnyORMu3u84rg7q
OyxvOpXRgHbO3/6sHeng2hJf7eqRwQYlnDZ5VWrqNgDvv6N2aalnqEkejQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAoldWkbfRjwaXtX5Uj6JoE0vw/2MB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvQ2lWMWFSdDlHUEJwZTFmbFNQb21nVFNfRF9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXXeoMA0G
CSqGSIb3DQEBCwUAA4IBAQCJALt0F2gJ/NxrN8R8GPyayN2ExQLQNHvdT3X548al
LJmwAIp4hd0CMIhPqBJLvp/lELbtIWz6CRr0pbKJLPVz9qBYZl+Tz8D4Uf9AnXzI
oIo3voH/DpWx99hVicfG2pmF9cGdwpHv/SNDizJtIafRiNMMjvjtxcTS1UAP0mCf
kcnmK7Edr2nsieLLhM1i1s6wKXdbMnlxFSET43T20Son/Rla7hjn+RStc1uBfFdo
Qxco6O5EuxnZ+njpP2WZdoZfkss8DL5XAW8z6Se16Xcg0AvVI7pA/7oF6gO/JO4B
6xd7zRmTUREBVNosvYca4nWPBiDezQFtZzZ5e6+CCbmK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:41 2024 by rpki-client on console-ams.rpki-client.org