Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/HB8Cm2pLjebMcj4OoJQv0fABZsY.roa
File: HB8Cm2pLjebMcj4OoJQv0fABZsY.roa (raw, json)
Hash identifier: UljQoxaG0zud6s4ArsAKP19kdWk6dP1112SMV69V36o=
Subject key identifier: 1C:1F:02:9B:6A:4B:8D:E6:CC:72:3E:0E:A0:94:2F:D1:F0:01:66:C6
Certificate issuer: /CN=bfb493457b2f02e69b85f718dcc16a9a9ef0fcd1
Certificate serial: 018CC7273D26D18EA3E159EA2DD48610EC37
Authority key identifier: BF:B4:93:45:7B:2F:02:E6:9B:85:F7:18:DC:C1:6A:9A:9E:F0:FC:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v7STRXsvAuabhfcY3MFqmp7w_NE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/HB8Cm2pLjebMcj4OoJQv0fABZsY.roa
Signing time: Mon 01 Jan 2024 22:31:26 +0000
ROA not before: Mon 01 Jan 2024 22:31:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196714
IP address blocks: 93.94.7.0/24 maxlen: 24
93.94.6.0/24 maxlen: 24
93.94.6.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:3d:26:d1:8e:a3:e1:59:ea:2d:d4:86:10:ec:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfb493457b2f02e69b85f718dcc16a9a9ef0fcd1
Validity
Not Before: Jan 1 22:31:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c1f029b6a4b8de6cc723e0ea0942fd1f00166c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a7:a1:5a:41:79:d4:db:96:81:66:b6:14:c4:
52:8a:f9:dd:b0:75:b7:6b:e1:b0:05:5b:72:a4:52:
61:e6:8a:4e:e2:3b:61:0a:53:d8:e6:2e:e3:95:80:
b0:c1:3a:eb:1f:3c:63:7e:40:4a:10:ca:de:c2:66:
57:bb:ec:1c:3a:d5:e2:52:02:be:42:b8:d0:a7:73:
50:e7:2d:49:ae:46:68:20:5a:0c:18:10:50:7d:f2:
a4:14:98:e6:13:db:f9:8e:f6:32:82:a1:7a:67:6f:
6c:0f:da:4a:c4:d7:c3:89:3b:14:8f:39:0f:88:ff:
d1:76:7a:da:af:2a:3e:17:ea:68:1b:fe:5b:71:7f:
fe:e5:12:41:de:84:a8:e5:2d:69:f1:96:03:e9:59:
ad:6f:37:e8:87:ba:51:1f:a6:20:d9:09:57:a3:35:
25:ac:56:78:b9:d5:d5:ed:7a:8f:95:d8:32:33:20:
c3:9a:81:67:7d:a3:05:fd:3e:8c:23:3b:a2:0a:54:
a6:8e:92:cf:9a:62:51:70:ce:ef:1b:93:db:99:1c:
d5:1e:6f:a6:3a:cd:c1:3a:77:43:9d:a0:26:7c:92:
5c:eb:c3:9a:76:ff:d5:f6:04:c7:e9:45:d4:86:5b:
3f:cb:af:97:c9:77:d5:bd:aa:4a:14:f4:d6:84:34:
36:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:1F:02:9B:6A:4B:8D:E6:CC:72:3E:0E:A0:94:2F:D1:F0:01:66:C6
X509v3 Authority Key Identifier:
keyid:BF:B4:93:45:7B:2F:02:E6:9B:85:F7:18:DC:C1:6A:9A:9E:F0:FC:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v7STRXsvAuabhfcY3MFqmp7w_NE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/HB8Cm2pLjebMcj4OoJQv0fABZsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/v7STRXsvAuabhfcY3MFqmp7w_NE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.94.6.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:9f:f4:7a:8a:30:6c:06:ad:b3:bb:03:79:fc:b3:8e:11:9f:
ad:ea:77:8c:21:b3:9d:99:b0:c2:86:47:01:99:26:4b:bd:0c:
00:78:a6:cd:81:98:f9:b4:bd:6c:cd:5c:35:e3:88:89:1a:ec:
cd:df:cf:36:a9:f3:60:70:6c:f4:a1:1c:ca:dd:57:fe:08:93:
b8:39:7b:a0:0e:2b:b0:2f:c3:8f:fc:de:85:a2:bf:32:60:fd:
f6:56:a3:5d:1c:3e:81:ec:6b:2e:b0:1d:af:ba:38:a6:56:43:
8f:f0:7f:1d:04:5f:9b:ee:07:ba:1a:ee:04:e3:7d:b9:e6:ea:
ab:46:11:a0:e9:97:20:01:d6:1e:15:22:1b:2f:ad:0e:4f:91:
21:bf:d0:fa:7f:4a:f8:40:a6:77:21:8b:5d:18:dc:1f:4b:d8:
3a:9c:86:c1:eb:39:a8:1f:71:5a:10:34:db:1d:ec:70:c5:5e:
a1:be:ac:8e:c0:43:66:1f:00:ce:1e:98:d7:79:20:35:6a:2c:
a4:4f:64:20:8e:04:a4:4d:5a:1b:6c:64:55:6a:6b:d5:02:ed:
98:9f:f7:ad:d7:c1:7c:9a:eb:03:bf:c0:d5:79:cb:56:b3:54:
d9:0c:84:0b:15:0e:c0:5e:93:12:d6:fe:52:c5:32:f0:05:1e:
4e:6b:8e:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJz0m0Y6j4VnqLdSGEOw3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYjQ5MzQ1N2IyZjAyZTY5Yjg1ZjcxOGRjYzE2YTlhOWVm
MGZjZDEwHhcNMjQwMTAxMjIzMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzFmMDI5YjZhNGI4ZGU2Y2M3MjNlMGVhMDk0MmZkMWYwMDE2NmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqehWkF51NuWgWa2FMRSivndsHW3
a+GwBVtypFJh5opO4jthClPY5i7jlYCwwTrrHzxjfkBKEMrewmZXu+wcOtXiUgK+
QrjQp3NQ5y1JrkZoIFoMGBBQffKkFJjmE9v5jvYygqF6Z29sD9pKxNfDiTsUjzkP
iP/Rdnraryo+F+poG/5bcX/+5RJB3oSo5S1p8ZYD6Vmtbzfoh7pRH6Yg2QlXozUl
rFZ4udXV7XqPldgyMyDDmoFnfaMF/T6MIzuiClSmjpLPmmJRcM7vG5PbmRzVHm+m
Os3BOndDnaAmfJJc68Oadv/V9gTH6UXUhls/y6+XyXfVvapKFPTWhDQ26QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBwfAptqS43mzHI+DqCUL9HwAWbGMB8GA1UdIwQY
MBaAFL+0k0V7LwLmm4X3GNzBapqe8PzRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjdTVFJYc3ZBdWFiaGZjWTNNRnFtcDd3X05FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9hNDE0MWQtODQ5OC00MmY0LWIyZjMt
MWY2NDA5ODQ4MTUwLzEvSEI4Q20ycExqZWJNY2o0T29KUXYwZkFCWnNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9hNDE0MWQtODQ5OC00MmY0LWIyZjMtMWY2NDA5ODQ4MTUw
LzEvdjdTVFJYc3ZBdWFiaGZjWTNNRnFtcDd3X05FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXV4GMA0G
CSqGSIb3DQEBCwUAA4IBAQB6n/R6ijBsBq2zuwN5/LOOEZ+t6neMIbOdmbDChkcB
mSZLvQwAeKbNgZj5tL1szVw144iJGuzN3882qfNgcGz0oRzK3Vf+CJO4OXugDiuw
L8OP/N6For8yYP32VqNdHD6B7GsusB2vujimVkOP8H8dBF+b7ge6Gu4E43255uqr
RhGg6ZcgAdYeFSIbL60OT5Ehv9D6f0r4QKZ3IYtdGNwfS9g6nIbB6zmoH3FaEDTb
HexwxV6hvqyOwENmHwDOHpjXeSA1aiykT2QgjgSkTVobbGRVamvVAu2Yn/et18F8
musDv8DVectWs1TZDIQLFQ7AXpMS1v5SxTLwBR5Oa46I
-----END CERTIFICATE-----
Generated at Wed Apr 9 05:50:19 2025 by rpki-client