Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/1-1L3ywq1zlyLRl-TAbwxgTk-NNQ.roa
File: 1-1L3ywq1zlyLRl-TAbwxgTk-NNQ.roa (raw, json)
Hash identifier: UwssH3bTO2Gxf1dfp8wuDomSY/pibr+p2X7BapTpSBg=
Subject key identifier: FB:52:F7:CB:0A:B5:CE:5C:8B:46:5F:93:01:BC:31:81:39:3E:34:D4
Certificate issuer: /CN=dc02b18f588a50b9274fe3469ff8bd4a1649d74d
Certificate serial: 018CF7AC699DD72532BB33673D0B51DF9597
Authority key identifier: DC:02:B1:8F:58:8A:50:B9:27:4F:E3:46:9F:F8:BD:4A:16:49:D7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3AKxj1iKULknT-NGn_i9ShZJ100.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/1-1L3ywq1zlyLRl-TAbwxgTk-NNQ.roa
Signing time: Thu 11 Jan 2024 08:38:40 +0000
ROA not before: Thu 11 Jan 2024 08:38:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 185.52.118.0/24 maxlen: 24
93.187.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jan 2024 11:58:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f7:ac:69:9d:d7:25:32:bb:33:67:3d:0b:51:df:95:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc02b18f588a50b9274fe3469ff8bd4a1649d74d
Validity
Not Before: Jan 11 08:38:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb52f7cb0ab5ce5c8b465f9301bc3181393e34d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:5b:7f:9a:23:f2:9a:fd:fd:c8:0e:e7:ee:2f:
f4:88:52:2c:c9:8c:86:fc:46:fb:95:cf:03:47:ba:
52:cb:c0:2b:5d:26:a3:76:c8:29:cf:e1:bf:39:13:
87:46:26:72:35:eb:39:fa:b9:99:c4:01:56:53:9b:
8d:29:96:a7:32:0c:5c:19:f7:03:d8:0c:e5:b1:ea:
9c:64:10:36:45:40:da:c4:0b:17:03:20:22:d1:26:
f6:dd:dc:52:16:1a:16:b9:e2:63:0f:49:db:7d:8e:
7b:e9:2d:b1:14:4d:f4:45:16:83:08:bc:51:04:0f:
9e:31:71:63:02:b7:eb:30:39:7e:64:a9:a2:47:44:
28:4d:e7:17:56:38:a9:9b:4c:24:bf:b6:65:a6:44:
e2:f9:a9:fd:e1:e9:37:b6:90:e7:f0:56:c3:17:32:
55:28:35:46:00:fa:b6:f7:a8:35:32:bf:ec:72:0f:
07:42:07:91:0b:08:c7:da:c6:cf:5a:85:28:75:c2:
5b:f7:60:dd:ed:0a:2e:df:77:c5:55:99:9b:75:1c:
3f:5c:e3:93:3b:d7:03:74:db:46:22:29:83:9a:3c:
35:b7:82:04:39:82:8a:0c:2e:e7:2b:a5:f1:17:98:
58:6e:37:8b:f5:ef:83:59:82:e1:f6:4e:18:9f:d2:
9f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:52:F7:CB:0A:B5:CE:5C:8B:46:5F:93:01:BC:31:81:39:3E:34:D4
X509v3 Authority Key Identifier:
keyid:DC:02:B1:8F:58:8A:50:B9:27:4F:E3:46:9F:F8:BD:4A:16:49:D7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3AKxj1iKULknT-NGn_i9ShZJ100.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/1-1L3ywq1zlyLRl-TAbwxgTk-NNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/3AKxj1iKULknT-NGn_i9ShZJ100.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.187.36.0/24
185.52.118.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:cf:d6:19:cf:0b:76:c0:a1:a3:9a:c7:8c:eb:c2:fc:bc:69:
c8:52:0d:a9:2e:20:8f:31:c7:5a:d9:b4:66:5c:dc:f7:52:b0:
10:34:ba:77:9b:b4:31:1d:4d:f4:15:e5:79:3d:71:09:85:1f:
00:b6:a3:16:87:be:2c:86:fb:be:18:5f:e7:7f:49:6f:13:67:
a2:00:c2:a7:7f:92:04:f8:74:81:3b:8d:c9:1e:4b:5f:34:94:
85:7c:1f:92:4b:42:de:26:c3:c4:6c:43:8b:c3:55:f6:c6:4c:
55:0f:50:5c:42:8b:d5:53:48:3a:96:26:89:08:78:fc:54:97:
0b:74:98:ab:c5:83:f1:b0:a4:50:0d:9e:76:66:61:49:f7:f0:
3e:7e:82:f3:6d:38:88:d2:24:3a:da:78:fc:2d:d9:1d:f1:d2:
77:e2:17:6d:a7:dc:32:98:e0:47:66:18:28:9e:1b:57:1b:7f:
fc:db:25:dd:ee:0f:d5:01:90:46:9e:8e:65:87:86:ae:66:f8:
08:dd:ba:3d:d8:09:8d:69:69:b2:81:31:03:18:67:01:86:cc:
e7:22:c1:c8:0d:37:cb:5e:4d:dd:23:75:b4:56:3d:e6:cd:72:
70:8f:71:82:57:b2:8e:eb:41:b5:50:4b:76:5d:82:ad:4c:8e:
69:d9:07:a1
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYz3rGmd1yUyuzNnPQtR35WXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDJiMThmNTg4YTUwYjkyNzRmZTM0NjlmZjhiZDRhMTY0
OWQ3NGQwHhcNMjQwMTExMDgzODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjUyZjdjYjBhYjVjZTVjOGI0NjVmOTMwMWJjMzE4MTM5M2UzNGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1t/miPymv39yA7n7i/0iFIsyYyG
/Eb7lc8DR7pSy8ArXSajdsgpz+G/OROHRiZyNes5+rmZxAFWU5uNKZanMgxcGfcD
2AzlseqcZBA2RUDaxAsXAyAi0Sb23dxSFhoWueJjD0nbfY576S2xFE30RRaDCLxR
BA+eMXFjArfrMDl+ZKmiR0QoTecXVjipm0wkv7ZlpkTi+an94ek3tpDn8FbDFzJV
KDVGAPq296g1Mr/scg8HQgeRCwjH2sbPWoUodcJb92Dd7Qou33fFVZmbdRw/XOOT
O9cDdNtGIimDmjw1t4IEOYKKDC7nK6XxF5hYbjeL9e+DWYLh9k4Yn9KfKQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPtS98sKtc5ci0ZfkwG8MYE5PjTUMB8GA1UdIwQY
MBaAFNwCsY9YilC5J0/jRp/4vUoWSddNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FLeGoxaUtVTGtuVC1OR25faTlTaFpKMTAwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jODYxYzgtYzg5YS00MDQzLWEwMmQt
NjY0ZjA0ZDJhNjhkLzEvMS0xTDN5d3Exemx5TFJsLVRBYnd4Z1RrLU5OUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTUvYzg2MWM4LWM4OWEtNDA0My1hMDJkLTY2NGYwNGQyYTY4
ZC8xLzNBS3hqMWlLVUxrblQtTkduX2k5U2haSjEwMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAF27JAME
ALk0djANBgkqhkiG9w0BAQsFAAOCAQEATs/WGc8LdsCho5rHjOvC/LxpyFINqS4g
jzHHWtm0Zlzc91KwEDS6d5u0MR1N9BXleT1xCYUfALajFoe+LIb7vhhf539JbxNn
ogDCp3+SBPh0gTuNyR5LXzSUhXwfkktC3ibDxGxDi8NV9sZMVQ9QXEKL1VNIOpYm
iQh4/FSXC3SYq8WD8bCkUA2edmZhSffwPn6C8204iNIkOtp4/C3ZHfHSd+IXbafc
MpjgR2YYKJ4bVxt//Nsl3e4P1QGQRp6OZYeGrmb4CN26PdgJjWlpsoExAxhnAYbM
5yLByA03y15N3SN1tFY95s1ycI9xgleyjutBtVBLdl2CrUyOadkHoQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:42 2024 by rpki-client on console-ams.rpki-client.org