Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/SvK0kbMKVnAq04q358HRxLsrpYY.roa
File: SvK0kbMKVnAq04q358HRxLsrpYY.roa (raw, json)
Hash identifier: 274m6WkMbOOs7/2qqm64XxxAScMZQvHItf7hRNhlGWs=
Subject key identifier: 4A:F2:B4:91:B3:0A:56:70:2A:D3:8A:B7:E7:C1:D1:C4:BB:2B:A5:86
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 0189A01E995B13FC81AF41CE2CF3E9A0EF7E
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/SvK0kbMKVnAq04q358HRxLsrpYY.roa
Signing time: Sat 29 Jul 2023 05:28:27 +0000
ROA not before: Sat 29 Jul 2023 05:28:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 94.26.90.0/24 maxlen: 24
78.159.131.0/24 maxlen: 24
93.152.206.0/24 maxlen: 24
93.152.205.0/24 maxlen: 24
93.152.209.0/24 maxlen: 24
93.152.217.0/24 maxlen: 24
93.152.225.0/24 maxlen: 24
93.152.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 31 Jul 2023 14:56:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:a0:1e:99:5b:13:fc:81:af:41:ce:2c:f3:e9:a0:ef:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jul 29 05:28:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4af2b491b30a56702ad38ab7e7c1d1c4bb2ba586
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f5:d4:cf:8b:c1:6b:21:a1:fd:3a:13:cc:5e:
c1:11:a3:2b:71:9e:92:12:ce:45:a4:13:c5:e8:3b:
4c:94:f0:67:44:15:ec:20:43:aa:f7:c2:63:2b:8b:
dd:d9:63:1f:f6:04:c6:9d:6e:41:b6:15:3e:fa:4d:
7a:0d:5b:5a:aa:b2:ce:b1:2d:f9:e8:9f:97:06:00:
69:f7:7a:dc:9f:7a:45:f9:30:70:49:98:a1:03:0d:
73:3a:52:8c:97:32:40:7f:67:dd:57:e5:5f:80:3c:
18:3a:22:1e:01:c0:9c:48:c6:51:02:6d:e9:66:71:
f6:43:72:2b:da:14:5d:e8:0c:9f:ef:e9:c1:04:c8:
12:63:7a:5b:c0:3c:d4:f0:9e:d9:dc:e7:db:63:3d:
63:f7:83:c9:13:55:ad:2e:db:ed:d5:7f:e2:df:df:
2e:7f:e8:f0:c0:cb:d8:54:15:88:cc:80:88:74:3e:
36:cf:59:e2:80:62:ac:52:ad:01:46:89:d3:f3:4a:
81:6b:29:a4:50:ce:e4:d7:8b:20:59:3e:8f:9d:d2:
50:99:75:cb:3a:53:6c:af:8f:6a:27:7a:80:ff:1d:
c4:99:ca:7c:01:f4:b6:df:74:bf:4a:dc:2a:b7:3a:
9f:51:c3:dd:b5:37:19:5a:6d:d4:e7:6d:cc:eb:c1:
29:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:F2:B4:91:B3:0A:56:70:2A:D3:8A:B7:E7:C1:D1:C4:BB:2B:A5:86
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/SvK0kbMKVnAq04q358HRxLsrpYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.159.131.0/24
93.152.205.0-93.152.206.255
93.152.209.0/24
93.152.217.0/24
93.152.221.0/24
93.152.225.0/24
94.26.90.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:2f:a4:57:f7:3b:2c:00:5d:1a:fa:64:cc:00:f4:43:89:37:
3f:36:7b:7c:40:41:ee:3d:0f:e2:d8:45:ea:06:e7:df:f5:92:
48:8c:10:9b:3c:4d:47:0f:43:43:a1:46:5d:8c:c5:f3:08:42:
e2:96:76:e3:ef:a8:88:ad:06:4c:0d:ff:ab:2f:92:6a:21:62:
cd:a6:5d:ca:51:ae:25:15:ed:2b:b1:bd:60:8b:6c:45:cb:96:
60:58:16:46:97:dc:1f:8b:03:01:34:10:e3:c4:65:3c:c0:63:
ce:05:a0:d3:29:4b:ad:39:1d:a7:1f:80:e6:73:ff:9b:42:35:
9b:30:dd:51:fd:6f:16:ff:8e:10:77:7e:ec:71:77:6d:b9:f4:
21:11:13:67:3d:90:63:71:b0:5e:e7:49:ab:af:4a:d2:82:73:
59:a0:2b:a9:c4:7b:f8:9b:2d:e3:41:a1:5b:07:60:e7:0b:b0:
60:65:3a:94:db:03:1a:38:73:8b:98:44:15:25:5f:b0:f6:6c:
4e:fb:b8:d9:ba:a4:75:d2:9a:14:55:bb:92:c0:93:46:8f:57:
2f:5a:63:41:63:62:30:d1:3c:6b:14:14:11:ea:eb:8a:fa:12:
a2:10:4b:1d:12:f8:05:b0:7a:ea:02:99:c8:eb:f8:f4:4b:f5:
66:b3:35:59
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYmgHplbE/yBr0HOLPPpoO9+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjMwNzI5MDUyODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWYyYjQ5MWIzMGE1NjcwMmFkMzhhYjdlN2MxZDFjNGJiMmJhNTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPXUz4vBayGh/ToTzF7BEaMrcZ6S
Es5FpBPF6DtMlPBnRBXsIEOq98JjK4vd2WMf9gTGnW5BthU++k16DVtaqrLOsS35
6J+XBgBp93rcn3pF+TBwSZihAw1zOlKMlzJAf2fdV+VfgDwYOiIeAcCcSMZRAm3p
ZnH2Q3Ir2hRd6Ayf7+nBBMgSY3pbwDzU8J7Z3OfbYz1j94PJE1WtLtvt1X/i398u
f+jwwMvYVBWIzICIdD42z1nigGKsUq0BRonT80qBaymkUM7k14sgWT6PndJQmXXL
OlNsr49qJ3qA/x3Emcp8AfS233S/StwqtzqfUcPdtTcZWm3U523M68EpDQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFErytJGzClZwKtOKt+fB0cS7K6WGMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvU3ZLMGtiTUtWbkFxMDRxMzU4SFJ4THNycFlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQATp+DMAwD
BABdmM0DBABdmM4DBABdmNEDBABdmNkDBABdmN0DBABdmOEDBABeGlowDQYJKoZI
hvcNAQELBQADggEBAKovpFf3OywAXRr6ZMwA9EOJNz82e3xAQe49D+LYReoG59/1
kkiMEJs8TUcPQ0OhRl2MxfMIQuKWduPvqIitBkwN/6svkmohYs2mXcpRriUV7Sux
vWCLbEXLlmBYFkaX3B+LAwE0EOPEZTzAY84FoNMpS605HacfgOZz/5tCNZsw3VH9
bxb/jhB3fuxxd2259CERE2c9kGNxsF7nSauvStKCc1mgK6nEe/ibLeNBoVsHYOcL
sGBlOpTbAxo4c4uYRBUlX7D2bE77uNm6pHXSmhRVu5LAk0aPVy9aY0FjYjDRPGsU
FBHq64r6EqIQSx0S+AWweuoCmcjr+PRL9WazNVk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:42 2024 by rpki-client on console-fra.rpki-client.org