Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/2f69df-6f23-4aa7-88f4-e299e910039e/1/7oUztVasE-sblz8913mxS7Slb8E.roa
File: 7oUztVasE-sblz8913mxS7Slb8E.roa (raw, json)
Hash identifier: qaIEuivy3MtdRKNCREz0VsgW4PGmwQF9dXx2dN9WZZ8=
Subject key identifier: EE:85:33:B5:56:AC:13:EB:1B:97:3F:3D:D7:79:B1:4B:B4:A5:6F:C1
Certificate issuer: /CN=d0f6cd30b4cfa193e226bba9282e366a22a3110f
Certificate serial: 018CC79361D02DB5FC18DDAB0BBFE8220047
Authority key identifier: D0:F6:CD:30:B4:CF:A1:93:E2:26:BB:A9:28:2E:36:6A:22:A3:11:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0PbNMLTPoZPiJrupKC42aiKjEQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/2f69df-6f23-4aa7-88f4-e299e910039e/1/7oUztVasE-sblz8913mxS7Slb8E.roa
Signing time: Tue 02 Jan 2024 00:29:33 +0000
ROA not before: Tue 02 Jan 2024 00:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51760
IP address blocks: 93.191.88.0/21 maxlen: 21
93.191.88.0/24 maxlen: 24
93.191.89.0/24 maxlen: 24
2a02:2820::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:61:d0:2d:b5:fc:18:dd:ab:0b:bf:e8:22:00:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0f6cd30b4cfa193e226bba9282e366a22a3110f
Validity
Not Before: Jan 2 00:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee8533b556ac13eb1b973f3dd779b14bb4a56fc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:a7:81:4f:ed:f4:6c:c5:75:0e:e4:2a:c7:05:
4d:45:ba:6f:77:6c:15:c6:3e:3a:a3:62:78:96:1c:
ce:d1:61:92:cf:a6:82:05:69:38:c7:40:42:14:d6:
66:fe:1b:c0:02:ca:c8:92:af:cd:8b:eb:81:ce:68:
6c:11:9c:d4:6f:5a:88:b5:f8:77:b9:90:93:5b:f3:
32:e9:7c:d0:bd:90:cb:60:4e:31:6b:97:48:81:9b:
9c:86:e2:ea:0c:48:16:17:68:da:8a:eb:11:0c:bc:
ae:4c:41:3f:6c:31:3a:f8:8c:a3:90:e9:9a:0d:f2:
1a:e0:a3:0d:5e:0a:6b:aa:12:f1:3d:86:3c:3a:24:
8b:23:d9:a1:96:28:98:ef:68:0d:6c:15:15:ce:f6:
01:10:75:ea:46:07:32:1c:d2:6d:9c:ad:b2:f8:db:
c2:2c:96:ae:c6:36:b1:a3:43:ad:c8:e2:3a:8d:eb:
9b:23:89:2d:e5:e3:eb:18:3d:b3:f9:49:0d:4b:14:
58:06:64:98:00:b9:50:a8:e3:1f:55:11:e0:e6:07:
b4:4b:b3:11:6c:6d:12:35:5a:9a:27:34:70:53:f2:
70:57:a5:f8:a1:16:7b:39:22:dc:a3:86:5b:96:ad:
76:8e:30:3b:b1:d1:a5:8b:2e:24:b6:86:33:af:1c:
b9:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:85:33:B5:56:AC:13:EB:1B:97:3F:3D:D7:79:B1:4B:B4:A5:6F:C1
X509v3 Authority Key Identifier:
keyid:D0:F6:CD:30:B4:CF:A1:93:E2:26:BB:A9:28:2E:36:6A:22:A3:11:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0PbNMLTPoZPiJrupKC42aiKjEQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/2f69df-6f23-4aa7-88f4-e299e910039e/1/7oUztVasE-sblz8913mxS7Slb8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/2f69df-6f23-4aa7-88f4-e299e910039e/1/0PbNMLTPoZPiJrupKC42aiKjEQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.191.88.0/21
IPv6:
2a02:2820::/32
Signature Algorithm: sha256WithRSAEncryption
5a:6e:18:f1:60:a4:ed:a4:bc:47:cd:9f:0d:6b:66:53:cc:e4:
0a:44:70:04:2b:64:b0:8e:ee:51:c3:92:5d:60:e3:58:c5:39:
c7:a3:69:3f:26:07:3f:07:57:27:3f:90:fe:b4:c1:2a:fb:89:
8c:b8:67:6c:fa:3f:9b:f0:0a:5f:00:5f:c5:01:28:fb:30:02:
70:1b:2d:c5:d7:43:92:c1:53:9a:d1:19:b2:b9:89:69:d2:30:
ef:02:46:70:26:df:62:26:80:d7:0b:8d:14:04:0b:33:56:4d:
3b:b9:ce:a6:db:34:b2:5d:ee:5e:3c:0c:6d:6a:5a:87:63:55:
14:d3:f5:e3:53:c2:63:fb:60:f0:9e:dc:e3:cc:c5:0f:a2:ec:
e6:fe:52:d1:d9:48:87:3b:9a:20:c8:95:87:9d:34:15:f1:b1:
55:5d:cf:e9:5e:b3:a0:2e:28:ab:35:62:4c:b5:ca:44:db:6b:
7e:7b:15:3c:83:69:2a:a1:d3:e1:41:66:4b:af:09:b9:07:0c:
28:c1:41:fd:26:67:8b:f4:06:e3:d8:35:84:eb:e0:16:fa:6e:
3e:30:ea:66:a1:33:78:fc:2d:5b:a8:c5:b1:de:7c:45:9c:ff:
f4:9e:81:40:3c:97:ed:11:56:52:eb:ea:e3:9d:1d:73:6c:98:
94:62:05:77
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHk2HQLbX8GN2rC7/oIgBHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwZjZjZDMwYjRjZmExOTNlMjI2YmJhOTI4MmUzNjZhMjJh
MzExMGYwHhcNMjQwMTAyMDAyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTg1MzNiNTU2YWMxM2ViMWI5NzNmM2RkNzc5YjE0YmI0YTU2ZmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6eBT+30bMV1DuQqxwVNRbpvd2wV
xj46o2J4lhzO0WGSz6aCBWk4x0BCFNZm/hvAAsrIkq/Ni+uBzmhsEZzUb1qItfh3
uZCTW/My6XzQvZDLYE4xa5dIgZuchuLqDEgWF2jaiusRDLyuTEE/bDE6+IyjkOma
DfIa4KMNXgprqhLxPYY8OiSLI9mhliiY72gNbBUVzvYBEHXqRgcyHNJtnK2y+NvC
LJauxjaxo0OtyOI6jeubI4kt5ePrGD2z+UkNSxRYBmSYALlQqOMfVRHg5ge0S7MR
bG0SNVqaJzRwU/JwV6X4oRZ7OSLco4Zblq12jjA7sdGliy4ktoYzrxy53wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFO6FM7VWrBPrG5c/Pdd5sUu0pW/BMB8GA1UdIwQY
MBaAFND2zTC0z6GT4ia7qSguNmoioxEPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFBiTk1MVFBvWlBpSnJ1cEtDNDJhaUtqRVE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8yZjY5ZGYtNmYyMy00YWE3LTg4ZjQt
ZTI5OWU5MTAwMzllLzEvN29VenRWYXNFLXNibHo4OTEzbXhTN1NsYjhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8yZjY5ZGYtNmYyMy00YWE3LTg4ZjQtZTI5OWU5MTAwMzll
LzEvMFBiTk1MVFBvWlBpSnJ1cEtDNDJhaUtqRVE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDXb9YMA0E
AgACMAcDBQAqAiggMA0GCSqGSIb3DQEBCwUAA4IBAQBabhjxYKTtpLxHzZ8Na2ZT
zOQKRHAEK2Swju5Rw5JdYONYxTnHo2k/Jgc/B1cnP5D+tMEq+4mMuGds+j+b8Apf
AF/FASj7MAJwGy3F10OSwVOa0RmyuYlp0jDvAkZwJt9iJoDXC40UBAszVk07uc6m
2zSyXe5ePAxtalqHY1UU0/XjU8Jj+2DwntzjzMUPouzm/lLR2UiHO5ogyJWHnTQV
8bFVXc/pXrOgLiirNWJMtcpE22t+exU8g2kqodPhQWZLrwm5BwwowUH9JmeL9Abj
2DWE6+AW+m4+MOpmoTN4/C1bqMWx3nxFnP/0noFAPJftEVZS6+rjnR1zbJiUYgV3
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:46 2025 by rpki-client