Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/1-bzTGU4aEYSZsOnjwEg5pTAbS8g.roa
File: 1-bzTGU4aEYSZsOnjwEg5pTAbS8g.roa (raw, json)
Hash identifier: wpdcqCf0Rf0AsQi22mi9kakwS8U1xsv0BuUjPRMWh2Y=
Subject key identifier: F9:BC:D3:19:4E:1A:11:84:99:B0:E9:E3:C0:48:39:A5:30:1B:4B:C8
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 018CC86F276A7B7395659F518B5313FF53D2
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/1-bzTGU4aEYSZsOnjwEg5pTAbS8g.roa
Signing time: Tue 02 Jan 2024 04:29:36 +0000
ROA not before: Tue 02 Jan 2024 04:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 45382
IP address blocks: 93.152.210.0/24 maxlen: 24
93.152.212.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Feb 2024 16:06:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:27:6a:7b:73:95:65:9f:51:8b:53:13:ff:53:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jan 2 04:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9bcd3194e1a118499b0e9e3c04839a5301b4bc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:c3:fc:ac:07:00:15:b9:1f:4c:8f:c6:e8:be:
94:26:49:41:25:7e:4b:f2:2e:4b:a4:fe:2b:f2:9a:
5b:ab:3f:9d:90:09:7f:45:8b:dc:c7:fe:35:05:c4:
fb:e6:39:a7:f0:b3:40:54:cb:0b:d9:7b:75:9c:88:
98:2b:98:0d:5b:ed:d6:a0:ce:fc:3d:7d:22:d2:89:
9e:2a:32:d1:51:04:2e:d7:22:0b:63:8d:18:1d:08:
28:33:ae:fd:ba:9b:cc:3d:b8:12:98:10:6a:39:fd:
cc:e7:0c:0a:e9:52:eb:12:66:3a:bb:9a:ef:74:42:
ba:b5:8c:e7:28:51:a4:0f:cc:d7:3d:c7:86:87:0b:
29:b5:e8:ae:64:a1:42:94:9e:d8:85:4a:fd:6f:a6:
80:10:80:7a:a9:fe:e5:98:33:29:cd:68:d8:24:1e:
19:20:bb:3f:99:24:f9:93:01:17:a5:ef:9f:ba:b2:
33:0c:af:df:a9:d6:7a:34:09:70:d2:b3:6f:85:34:
da:ee:a9:9a:79:77:f0:d7:21:59:bb:c7:28:57:f2:
b6:1b:13:ae:79:9a:20:91:f4:a2:79:d8:91:cc:70:
ff:0a:50:ad:82:0a:c5:67:61:6d:63:a7:7b:98:74:
6a:ae:a7:27:dd:66:77:64:91:6d:11:29:98:1e:c9:
23:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:BC:D3:19:4E:1A:11:84:99:B0:E9:E3:C0:48:39:A5:30:1B:4B:C8
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/1-bzTGU4aEYSZsOnjwEg5pTAbS8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.152.210.0/24
93.152.212.0/24
Signature Algorithm: sha256WithRSAEncryption
17:72:14:1a:e5:48:3f:df:13:54:58:98:aa:7f:8b:a2:90:4e:
99:2d:c3:6b:4d:4f:d0:e7:9a:a7:4d:9f:75:39:75:78:ae:37:
df:06:46:8e:90:ea:9f:14:8e:9b:a3:f5:33:f8:df:68:de:7a:
ed:04:80:99:b1:2e:0a:1a:34:77:3e:4f:16:b2:4d:77:4e:b2:
62:e8:37:8f:eb:96:0b:b6:0b:dd:29:7f:3f:a4:00:8d:42:4d:
7a:12:bd:82:9d:62:fe:96:64:a7:65:67:a9:03:ed:37:c0:ee:
42:17:25:6d:5f:bd:08:b5:61:2d:02:e3:7e:48:32:19:36:50:
08:7c:42:93:23:6f:79:e3:a4:16:c0:a3:78:63:60:ed:84:9c:
77:95:f4:57:50:32:c8:a6:66:08:a6:b2:84:cb:82:a8:1d:d0:
ad:37:07:0d:32:f1:96:ea:2c:7d:21:7a:88:75:20:fb:6a:86:
4e:3d:41:7c:5f:d6:d0:bd:d4:89:75:a4:40:55:dc:28:c9:c5:
ec:dd:52:1c:62:06:07:a0:50:86:08:f9:68:70:fc:fa:93:b3:
67:f5:63:32:07:47:82:9e:b6:95:dd:58:12:ba:a3:46:31:88:
f4:bf:6e:62:cd:9a:f1:fc:74:f2:1a:e3:ca:55:cc:b8:ee:74:
0f:19:6d:37
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYzIbydqe3OVZZ9Ri1MT/1PSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjQwMTAyMDQyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWJjZDMxOTRlMWExMTg0OTliMGU5ZTNjMDQ4MzlhNTMwMWI0YmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8P8rAcAFbkfTI/G6L6UJklBJX5L
8i5LpP4r8ppbqz+dkAl/RYvcx/41BcT75jmn8LNAVMsL2Xt1nIiYK5gNW+3WoM78
PX0i0omeKjLRUQQu1yILY40YHQgoM679upvMPbgSmBBqOf3M5wwK6VLrEmY6u5rv
dEK6tYznKFGkD8zXPceGhwspteiuZKFClJ7YhUr9b6aAEIB6qf7lmDMpzWjYJB4Z
ILs/mST5kwEXpe+furIzDK/fqdZ6NAlw0rNvhTTa7qmaeXfw1yFZu8coV/K2GxOu
eZogkfSiediRzHD/ClCtggrFZ2FtY6d7mHRqrqcn3WZ3ZJFtESmYHskjHQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPm80xlOGhGEmbDp48BIOaUwG0vIMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvMS1ielRHVTRhRVlTWnNPbmp3RWc1cFRBYlM4Zy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZGYvYTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNh
ZC8xL0xSeXFhVFdQakpqM3B4bnlXWDFkcmR2UUFZdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAF2Y0gME
AF2Y1DANBgkqhkiG9w0BAQsFAAOCAQEAF3IUGuVIP98TVFiYqn+LopBOmS3Da01P
0Oeap02fdTl1eK433wZGjpDqnxSOm6P1M/jfaN567QSAmbEuCho0dz5PFrJNd06y
Yug3j+uWC7YL3Sl/P6QAjUJNehK9gp1i/pZkp2VnqQPtN8DuQhclbV+9CLVhLQLj
fkgyGTZQCHxCkyNveeOkFsCjeGNg7YScd5X0V1AyyKZmCKayhMuCqB3QrTcHDTLx
luosfSF6iHUg+2qGTj1BfF/W0L3UiXWkQFXcKMnF7N1SHGIGB6BQhgj5aHD8+pOz
Z/VjMgdHgp62ld1YErqjRjGI9L9uYs2a8fx08hrjylXMuO50DxltNw==
-----END CERTIFICATE-----
Generated at Mon Feb 5 20:17:03 2024 by rpki-client on console-fra.rpki-client.org