Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/729ea4-6a68-4838-8fec-7feb18b9f552/1/6Gh_uO8PX7BS9Hj23c7uaPYgtO4.roa
File: 6Gh_uO8PX7BS9Hj23c7uaPYgtO4.roa (raw, json)
Hash identifier: tMKQRV/08HCdMLdB9ocdfLlfpcOScSxMXxAurIwiYCM=
Subject key identifier: E8:68:7F:B8:EF:0F:5F:B0:52:F4:78:F6:DD:CE:EE:68:F6:20:B4:EE
Certificate issuer: /CN=02c2c187d98b4603804ed1165adb4509b630a83a
Certificate serial: 018CC2DB0E95ED3B59764E1EF72CA975C8E4
Authority key identifier: 02:C2:C1:87:D9:8B:46:03:80:4E:D1:16:5A:DB:45:09:B6:30:A8:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AsLBh9mLRgOATtEWWttFCbYwqDo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/729ea4-6a68-4838-8fec-7feb18b9f552/1/6Gh_uO8PX7BS9Hj23c7uaPYgtO4.roa
Signing time: Mon 01 Jan 2024 02:29:45 +0000
ROA not before: Mon 01 Jan 2024 02:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 45047
IP address blocks: 93.188.217.0/24 maxlen: 24
93.188.216.0/21 maxlen: 21
2a12:9dc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 23 Sep 2024 14:18:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:0e:95:ed:3b:59:76:4e:1e:f7:2c:a9:75:c8:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02c2c187d98b4603804ed1165adb4509b630a83a
Validity
Not Before: Jan 1 02:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e8687fb8ef0f5fb052f478f6ddceee68f620b4ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:df:ba:38:90:ff:7b:d4:b0:11:35:8d:e0:3f:
8e:b1:11:1b:a8:96:37:bb:06:27:34:c1:86:95:96:
9a:f1:e1:20:eb:46:5a:6f:99:a4:94:ca:65:d4:a4:
7e:0f:04:89:9e:8b:2c:12:2e:81:77:f2:4d:3e:d8:
37:6a:70:83:eb:a9:fb:c0:0a:86:c9:1e:26:30:4e:
94:0e:79:8a:6e:85:b0:a3:0f:e0:fe:cd:ee:9f:ea:
57:f7:08:7f:39:65:52:5b:97:34:86:0d:c0:9b:4b:
fe:a6:60:da:f1:2e:4f:35:59:d4:5c:a6:8d:37:c6:
35:7e:93:2c:20:a8:78:94:2f:9f:2e:04:b5:c0:08:
69:56:07:f9:78:70:19:6c:ac:01:e2:53:91:bb:bf:
cb:11:f6:85:5d:94:87:81:fa:7f:7c:82:39:d9:ba:
11:fd:f2:42:48:c4:30:1d:1d:4d:e0:42:a2:e8:a2:
72:12:80:5a:2c:7a:e1:3c:54:72:58:03:99:ae:06:
32:ef:0f:31:0e:e5:19:fb:df:9b:5f:99:2f:b5:8e:
ae:ba:c5:ad:61:f5:2f:44:23:2f:85:b3:49:7a:05:
93:62:57:d9:e2:0d:f3:e2:2d:44:04:b0:45:16:83:
a5:92:be:b0:2f:86:ef:69:99:43:fd:9c:fe:c6:be:
1a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:68:7F:B8:EF:0F:5F:B0:52:F4:78:F6:DD:CE:EE:68:F6:20:B4:EE
X509v3 Authority Key Identifier:
keyid:02:C2:C1:87:D9:8B:46:03:80:4E:D1:16:5A:DB:45:09:B6:30:A8:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AsLBh9mLRgOATtEWWttFCbYwqDo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/729ea4-6a68-4838-8fec-7feb18b9f552/1/6Gh_uO8PX7BS9Hj23c7uaPYgtO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/729ea4-6a68-4838-8fec-7feb18b9f552/1/AsLBh9mLRgOATtEWWttFCbYwqDo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.188.216.0/21
IPv6:
2a12:9dc0::/29
Signature Algorithm: sha256WithRSAEncryption
21:a5:ce:42:95:8b:ad:76:43:88:30:86:b1:87:a2:56:c8:0c:
9b:6a:62:70:6a:bc:36:ff:90:0a:a2:7d:d7:e9:84:4c:28:36:
c3:41:7b:fe:29:1c:28:91:32:e6:ac:18:c1:2f:7b:0b:36:fa:
e6:1e:37:d6:4c:c4:18:6e:d4:d6:6f:31:04:ff:9c:36:89:70:
54:e6:b3:43:2d:c7:6f:9c:76:0e:bd:37:63:d5:e6:0f:9b:f4:
b5:6d:8b:a9:85:3f:45:17:04:47:5c:99:c9:62:1f:1e:b6:0d:
ba:07:ed:d1:3f:83:e5:a7:67:1e:24:56:93:67:f8:02:18:7f:
79:b1:66:3b:57:be:ab:8f:2e:88:1b:9c:a8:c3:5a:b1:a5:bc:
7b:fa:56:82:a8:74:cc:a2:1d:7a:2a:ae:08:fb:66:cf:09:54:
a4:1f:8d:65:b2:4c:00:2e:66:e6:51:7b:44:70:19:f0:9a:0a:
03:c0:ab:57:0a:c0:09:c6:1b:83:b3:9a:28:f1:0e:e6:1d:b9:
d1:be:85:e2:63:84:1d:50:18:ba:1f:d7:f8:f9:af:75:dc:ac:
12:09:d5:61:38:62:c5:a0:ee:c7:dc:bf:d9:d0:62:37:64:bc:
49:61:32:1a:7e:6b:b0:94:ea:31:b0:ef:47:79:92:55:88:6f:
ea:6a:0e:42
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC2w6V7TtZdk4e9yypdcjkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYzJjMTg3ZDk4YjQ2MDM4MDRlZDExNjVhZGI0NTA5YjYz
MGE4M2EwHhcNMjQwMTAxMDIyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODY4N2ZiOGVmMGY1ZmIwNTJmNDc4ZjZkZGNlZWU2OGY2MjBiNGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9+6OJD/e9SwETWN4D+OsREbqJY3
uwYnNMGGlZaa8eEg60Zab5mklMpl1KR+DwSJnossEi6Bd/JNPtg3anCD66n7wAqG
yR4mME6UDnmKboWwow/g/s3un+pX9wh/OWVSW5c0hg3Am0v+pmDa8S5PNVnUXKaN
N8Y1fpMsIKh4lC+fLgS1wAhpVgf5eHAZbKwB4lORu7/LEfaFXZSHgfp/fII52boR
/fJCSMQwHR1N4EKi6KJyEoBaLHrhPFRyWAOZrgYy7w8xDuUZ+9+bX5kvtY6uusWt
YfUvRCMvhbNJegWTYlfZ4g3z4i1EBLBFFoOlkr6wL4bvaZlD/Zz+xr4aDQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOhof7jvD1+wUvR49t3O7mj2ILTuMB8GA1UdIwQY
MBaAFALCwYfZi0YDgE7RFlrbRQm2MKg6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXNMQmg5bUxSZ09BVHRFV1d0dEZDYll3cURvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83MjllYTQtNmE2OC00ODM4LThmZWMt
N2ZlYjE4YjlmNTUyLzEvNkdoX3VPOFBYN0JTOUhqMjNjN3VhUFlndE80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83MjllYTQtNmE2OC00ODM4LThmZWMtN2ZlYjE4YjlmNTUy
LzEvQXNMQmg5bUxSZ09BVHRFV1d0dEZDYll3cURvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDXbzYMA0E
AgACMAcDBQMqEp3AMA0GCSqGSIb3DQEBCwUAA4IBAQAhpc5ClYutdkOIMIaxh6JW
yAybamJwarw2/5AKon3X6YRMKDbDQXv+KRwokTLmrBjBL3sLNvrmHjfWTMQYbtTW
bzEE/5w2iXBU5rNDLcdvnHYOvTdj1eYPm/S1bYuphT9FFwRHXJnJYh8etg26B+3R
P4Plp2ceJFaTZ/gCGH95sWY7V76rjy6IG5yow1qxpbx7+laCqHTMoh16Kq4I+2bP
CVSkH41lskwALmbmUXtEcBnwmgoDwKtXCsAJxhuDs5oo8Q7mHbnRvoXiY4QdUBi6
H9f4+a913KwSCdVhOGLFoO7H3L/Z0GI3ZLxJYTIafmuwlOoxsO9HeZJViG/qag5C
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:15 2025 by rpki-client