Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/A7xWbj9tfw1-IqbfhhM-F8_AsfE.roa
File: A7xWbj9tfw1-IqbfhhM-F8_AsfE.roa (raw, json)
Hash identifier: SAAd3v0WxPGzVc8KTnqRHrBICtCukGZov+YlwzOD7As=
Subject key identifier: 03:BC:56:6E:3F:6D:7F:0D:7E:22:A6:DF:86:13:3E:17:CF:C0:B1:F1
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 018D7A052AA9A1C7E7B3F45AEF9FB7661EEE
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/A7xWbj9tfw1-IqbfhhM-F8_AsfE.roa
Signing time: Mon 05 Feb 2024 16:06:15 +0000
ROA not before: Mon 05 Feb 2024 16:06:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 45382
IP address blocks: 93.152.212.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Jun 2024 06:34:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7a:05:2a:a9:a1:c7:e7:b3:f4:5a:ef:9f:b7:66:1e:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Feb 5 16:06:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03bc566e3f6d7f0d7e22a6df86133e17cfc0b1f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e7:2c:df:fc:18:c3:c4:f8:fd:05:f7:60:37:
46:35:83:f8:78:9d:f3:f9:cd:12:fa:58:af:e7:b1:
1a:28:57:79:24:0d:44:9f:3c:42:de:a5:1f:51:88:
ee:d3:6e:5c:8a:38:3f:2e:5d:7e:86:6d:ac:8d:7f:
0d:df:ca:b5:64:af:d5:73:79:fc:38:44:80:f6:d1:
fc:b7:29:d8:e4:d8:33:1d:36:28:82:93:8a:39:6a:
9e:86:b6:ce:1c:9b:8b:2a:de:fe:4c:98:9f:00:b0:
40:d3:81:8d:95:d7:5d:85:7a:8e:de:44:5f:79:7b:
14:3d:e5:71:58:e0:15:08:0e:6f:cf:ef:78:76:2a:
ed:6c:6b:0b:c1:fe:2c:3b:02:11:e8:b1:2f:02:31:
62:5d:63:26:1d:e9:61:f4:6a:59:bb:dc:a1:0b:b9:
07:62:32:92:1f:ea:12:cb:85:eb:a6:2a:6d:75:0e:
e1:e5:84:61:d5:6d:51:ab:39:a2:90:0e:7b:12:5f:
5c:4d:0e:be:05:de:62:b4:22:80:ef:68:08:0a:4f:
bf:34:a4:5b:4b:e7:af:8c:1b:db:9a:27:cd:a6:1c:
41:1e:20:09:cf:60:d5:aa:56:a2:e7:50:31:40:72:
5e:27:65:dd:7f:1e:ab:99:2b:0d:16:73:ea:5a:41:
8b:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:BC:56:6E:3F:6D:7F:0D:7E:22:A6:DF:86:13:3E:17:CF:C0:B1:F1
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/A7xWbj9tfw1-IqbfhhM-F8_AsfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.152.212.0/24
Signature Algorithm: sha256WithRSAEncryption
02:aa:35:fa:1c:eb:a2:98:ec:e3:88:45:8f:93:fd:55:9b:3a:
1b:d0:4a:69:fb:90:bc:81:31:5a:a2:cf:e0:23:e7:7a:7f:ad:
6c:77:80:2a:3b:44:24:c0:e1:e2:bb:5e:87:da:ad:97:a5:ab:
26:e6:05:20:61:8e:17:33:eb:a9:73:ec:cc:de:14:c5:a7:ee:
c5:be:3f:4f:6e:f6:dc:c7:79:ef:8d:50:44:30:5b:e5:9d:1f:
81:fc:50:ae:ec:09:5c:a6:5c:6c:fb:d3:4a:d9:5b:b5:23:1b:
ff:26:4e:d7:c0:1b:09:94:d0:db:10:59:fd:ad:6e:4a:60:55:
46:b5:4e:fd:14:cb:f1:8b:82:3e:c4:7e:0d:20:65:38:13:e9:
1d:96:72:46:5d:c2:eb:54:c1:d8:9b:48:f9:e3:49:18:3b:62:
fe:d2:68:26:54:de:7f:8c:92:32:83:f6:ca:c4:fe:45:94:89:
25:94:68:89:f6:3e:9b:fc:b3:88:9e:29:67:2a:17:77:bf:9c:
c3:80:1f:00:fa:2c:f5:8a:50:00:60:ce:61:34:14:3e:ff:23:
19:08:bb:3e:43:96:20:f1:0c:44:7c:aa:49:b3:1e:ce:40:b1:
d1:ba:2d:83:e2:72:fc:9e:2a:f6:23:c7:26:8b:ab:e3:20:e4:
05:0d:9d:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY16BSqpocfns/Ra75+3Zh7uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjQwMjA1MTYwNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2JjNTY2ZTNmNmQ3ZjBkN2UyMmE2ZGY4NjEzM2UxN2NmYzBiMWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiucs3/wYw8T4/QX3YDdGNYP4eJ3z
+c0S+liv57EaKFd5JA1EnzxC3qUfUYju025cijg/Ll1+hm2sjX8N38q1ZK/Vc3n8
OESA9tH8tynY5NgzHTYogpOKOWqehrbOHJuLKt7+TJifALBA04GNldddhXqO3kRf
eXsUPeVxWOAVCA5vz+94dirtbGsLwf4sOwIR6LEvAjFiXWMmHelh9GpZu9yhC7kH
YjKSH+oSy4XrpiptdQ7h5YRh1W1RqzmikA57El9cTQ6+Bd5itCKA72gICk+/NKRb
S+evjBvbmifNphxBHiAJz2DVqlai51AxQHJeJ2Xdfx6rmSsNFnPqWkGLzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAO8Vm4/bX8NfiKm34YTPhfPwLHxMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvQTd4V2JqOXRmdzEtSXFiZmhoTS1GOF9Bc2ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXZjUMA0G
CSqGSIb3DQEBCwUAA4IBAQACqjX6HOuimOzjiEWPk/1Vmzob0Epp+5C8gTFaos/g
I+d6f61sd4AqO0QkwOHiu16H2q2Xpasm5gUgYY4XM+upc+zM3hTFp+7Fvj9Pbvbc
x3nvjVBEMFvlnR+B/FCu7Alcplxs+9NK2Vu1Ixv/Jk7XwBsJlNDbEFn9rW5KYFVG
tU79FMvxi4I+xH4NIGU4E+kdlnJGXcLrVMHYm0j540kYO2L+0mgmVN5/jJIyg/bK
xP5FlIkllGiJ9j6b/LOInilnKhd3v5zDgB8A+iz1ilAAYM5hNBQ+/yMZCLs+Q5Yg
8QxEfKpJsx7OQLHRui2D4nL8nir2I8cmi6vjIOQFDZ3F
-----END CERTIFICATE-----
Generated at Thu Jun 27 12:26:57 2024 by rpki-client on console-ams.rpki-client.org