Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/dd6943-6fce-4309-8713-854182cb06a6/1/w4bMKLnCdRO0aTfOrfTMGZzxDjc.roa
File: w4bMKLnCdRO0aTfOrfTMGZzxDjc.roa (raw, json)
Hash identifier: qBJyllI5RuvPlPiBdjPlGe2JH7XOipfjavlgbUEe/MM=
Subject key identifier: C3:86:CC:28:B9:C2:75:13:B4:69:37:CE:AD:F4:CC:19:9C:F1:0E:37
Certificate issuer: /CN=7976d7d0bbcc08516523d5df24e6882b72ca5693
Certificate serial: 018CC42490A20571E0221B67380FB0E1031A
Authority key identifier: 79:76:D7:D0:BB:CC:08:51:65:23:D5:DF:24:E6:88:2B:72:CA:56:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eXbX0LvMCFFlI9XfJOaIK3LKVpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/dd6943-6fce-4309-8713-854182cb06a6/1/w4bMKLnCdRO0aTfOrfTMGZzxDjc.roa
Signing time: Mon 01 Jan 2024 08:29:39 +0000
ROA not before: Mon 01 Jan 2024 08:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44646
IP address blocks: 93.93.85.0/24 maxlen: 24
93.93.82.0/24 maxlen: 24
93.93.81.0/24 maxlen: 24
93.93.84.0/24 maxlen: 24
93.93.83.0/24 maxlen: 24
93.93.86.0/24 maxlen: 24
93.93.87.0/24 maxlen: 24
185.40.204.0/24 maxlen: 24
185.40.206.0/24 maxlen: 24
185.40.205.0/24 maxlen: 24
185.40.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jan 2024 09:07:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:90:a2:05:71:e0:22:1b:67:38:0f:b0:e1:03:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7976d7d0bbcc08516523d5df24e6882b72ca5693
Validity
Not Before: Jan 1 08:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c386cc28b9c27513b46937ceadf4cc199cf10e37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:3b:25:b4:5c:0b:81:8e:dc:cf:87:07:0c:16:
45:a3:41:0a:1b:f2:21:d7:f3:6c:c4:77:c4:8b:d6:
17:62:25:8c:03:a4:5d:e2:e1:a9:0f:37:7c:9a:78:
fb:70:ca:49:ec:ca:f8:99:32:af:b2:9c:f7:cd:53:
ea:28:c4:be:17:13:9b:33:ad:3a:8e:3f:b7:24:e0:
a8:44:40:a9:55:81:3c:47:b8:23:3e:f6:9d:34:19:
22:1a:2e:7a:91:90:1f:aa:fe:f8:fa:2a:57:4a:e8:
3d:36:4a:21:11:6d:8f:fa:6c:fc:4b:fa:89:ac:8c:
7d:89:36:08:8c:2f:c6:dc:f6:c7:97:12:37:ad:4d:
e6:90:8e:6e:9e:18:94:04:91:37:dd:ea:e9:47:57:
51:bf:be:ea:8a:00:55:fa:a1:8a:09:02:d8:55:4e:
aa:d7:dd:38:57:1b:18:05:e9:f5:3d:06:8f:18:04:
ad:73:f4:d1:44:5e:7c:2f:d7:43:9a:b3:54:d7:8e:
ac:e9:75:70:40:73:91:e8:3b:32:72:56:22:9d:a9:
9c:45:8f:0d:20:22:a9:da:33:ad:28:90:11:69:a0:
26:dd:e1:17:e1:03:91:aa:3d:f0:e4:70:3e:8f:3a:
60:8d:7e:01:d1:94:eb:dd:f3:4e:68:20:0f:93:b7:
11:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:86:CC:28:B9:C2:75:13:B4:69:37:CE:AD:F4:CC:19:9C:F1:0E:37
X509v3 Authority Key Identifier:
keyid:79:76:D7:D0:BB:CC:08:51:65:23:D5:DF:24:E6:88:2B:72:CA:56:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eXbX0LvMCFFlI9XfJOaIK3LKVpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dd6943-6fce-4309-8713-854182cb06a6/1/w4bMKLnCdRO0aTfOrfTMGZzxDjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dd6943-6fce-4309-8713-854182cb06a6/1/eXbX0LvMCFFlI9XfJOaIK3LKVpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.93.81.0-93.93.87.255
185.40.204.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:8d:41:8c:3c:c7:7e:ce:e8:c8:cf:71:eb:2a:f6:33:df:ce:
73:f3:37:b0:84:f7:e0:d7:8a:b8:b9:4d:8a:65:6c:3d:49:08:
3c:e4:7f:cc:f3:d4:b4:bd:60:47:ca:1f:ec:8c:61:02:df:8a:
15:5c:aa:8b:e6:1a:5e:71:55:c5:5b:d3:1c:91:9e:8b:a7:9f:
8e:15:e5:39:e4:0f:5d:9a:40:32:2c:17:11:2c:66:16:dd:96:
d8:30:70:3d:32:2b:f2:a2:a1:76:ba:d5:7b:06:bd:2e:e5:4b:
d0:54:c3:79:6a:b4:b0:d0:90:62:5f:65:29:80:dd:0a:52:53:
e8:f8:bd:45:d6:47:3b:1a:92:4f:c3:54:8e:ff:9f:1c:f1:ce:
c3:ee:d7:c5:67:40:dc:63:71:1d:cc:36:0a:06:07:c4:78:6b:
c5:62:ce:d5:97:7e:f2:9f:8f:b1:0a:ec:89:7c:6c:62:c1:14:
4b:e1:59:37:47:82:b5:97:e9:66:c7:5e:5b:e4:15:4d:01:15:
ad:64:34:5d:fb:95:5d:8f:49:86:a7:83:f0:5c:cf:1b:d9:41:
dc:80:c9:40:5e:69:e9:d9:a4:b1:46:6c:a3:17:19:d2:19:84:
f0:32:cf:4e:c5:5d:e3:7a:10:d2:a1:ae:d0:96:2a:b5:d6:40:
39:95:6c:71
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzEJJCiBXHgIhtnOA+w4QMaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5NzZkN2QwYmJjYzA4NTE2NTIzZDVkZjI0ZTY4ODJiNzJj
YTU2OTMwHhcNMjQwMTAxMDgyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzg2Y2MyOGI5YzI3NTEzYjQ2OTM3Y2VhZGY0Y2MxOTljZjEwZTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2jsltFwLgY7cz4cHDBZFo0EKG/Ih
1/NsxHfEi9YXYiWMA6Rd4uGpDzd8mnj7cMpJ7Mr4mTKvspz3zVPqKMS+FxObM606
jj+3JOCoRECpVYE8R7gjPvadNBkiGi56kZAfqv74+ipXSug9NkohEW2P+mz8S/qJ
rIx9iTYIjC/G3PbHlxI3rU3mkI5unhiUBJE33erpR1dRv77qigBV+qGKCQLYVU6q
1904VxsYBen1PQaPGAStc/TRRF58L9dDmrNU146s6XVwQHOR6DsyclYinamcRY8N
ICKp2jOtKJARaaAm3eEX4QORqj3w5HA+jzpgjX4B0ZTr3fNOaCAPk7cRbwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMOGzCi5wnUTtGk3zq30zBmc8Q43MB8GA1UdIwQY
MBaAFHl219C7zAhRZSPV3yTmiCtyylaTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVhiWDBMdk1DRkZsSTlYZkpPYUlLM0xLVnBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kZDY5NDMtNmZjZS00MzA5LTg3MTMt
ODU0MTgyY2IwNmE2LzEvdzRiTUtMbkNkUk8wYVRmT3JmVE1HWnp4RGpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9kZDY5NDMtNmZjZS00MzA5LTg3MTMtODU0MTgyY2IwNmE2
LzEvZVhiWDBMdk1DRkZsSTlYZkpPYUlLM0xLVnBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABdXVED
BANdXVADBAK5KMwwDQYJKoZIhvcNAQELBQADggEBAE+NQYw8x37O6MjPcesq9jPf
znPzN7CE9+DXiri5TYplbD1JCDzkf8zz1LS9YEfKH+yMYQLfihVcqovmGl5xVcVb
0xyRnounn44V5TnkD12aQDIsFxEsZhbdltgwcD0yK/KioXa61XsGvS7lS9BUw3lq
tLDQkGJfZSmA3QpSU+j4vUXWRzsakk/DVI7/nxzxzsPu18VnQNxjcR3MNgoGB8R4
a8ViztWXfvKfj7EK7Il8bGLBFEvhWTdHgrWX6WbHXlvkFU0BFa1kNF37lV2PSYan
g/BczxvZQdyAyUBeaenZpLFGbKMXGdIZhPAyz07FXeN6ENKhrtCWKrXWQDmVbHE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:58 2024 by rpki-client on console-fra.rpki-client.org