Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/8gMuAzNdh2pEpE6BbeSk-nESPu4.roa
File: 8gMuAzNdh2pEpE6BbeSk-nESPu4.roa (raw, json)
Hash identifier: eQamusnXHgtLgdBVjUo8dYt2yF6+n7JoQuP/3jjpRYA=
Subject key identifier: F2:03:2E:03:33:5D:87:6A:44:A4:4E:81:6D:E4:A4:FA:71:12:3E:EE
Certificate issuer: /CN=71949b47df313cbab9452da98fcc637608a909bd
Certificate serial: 018BD7CCBEB4BBD555ECE20AA7E0274303C3
Authority key identifier: 71:94:9B:47:DF:31:3C:BA:B9:45:2D:A9:8F:CC:63:76:08:A9:09:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cZSbR98xPLq5RS2pj8xjdgipCb0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/8gMuAzNdh2pEpE6BbeSk-nESPu4.roa
Signing time: Thu 16 Nov 2023 11:03:21 +0000
ROA not before: Thu 16 Nov 2023 11:03:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28742
IP address blocks: 185.158.28.0/23 maxlen: 23
185.158.29.0/24 maxlen: 24
185.158.28.0/24 maxlen: 24
93.93.16.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:32:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d7:cc:be:b4:bb:d5:55:ec:e2:0a:a7:e0:27:43:03:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71949b47df313cbab9452da98fcc637608a909bd
Validity
Not Before: Nov 16 11:03:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f2032e03335d876a44a44e816de4a4fa71123eee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ea:61:c3:56:a8:85:4d:40:2d:7f:9d:6b:61:
83:63:e2:75:76:00:3a:e2:44:4e:6a:0e:7e:4e:4e:
ab:2b:9e:2b:72:cf:a7:b3:5e:f1:85:27:cb:97:d8:
cc:88:88:61:75:9d:3d:21:79:9b:48:41:5a:86:b2:
7e:da:9c:e1:ea:ff:9e:02:ff:06:87:63:b5:07:d7:
19:73:17:20:79:66:e4:ad:02:ed:8e:c9:ed:f5:c2:
f5:e0:fe:9a:3c:f7:94:d7:ef:c7:34:46:57:a3:2d:
b1:0b:2e:f8:86:ee:8d:ed:da:e8:cf:03:8d:96:06:
68:9f:4c:4e:1a:76:29:22:8d:1b:44:ad:75:a5:cb:
37:f1:c6:39:03:6a:5b:56:6c:4f:b7:58:3f:64:7d:
79:a9:be:d9:e9:8e:62:00:3c:df:67:7f:91:4f:35:
c6:d6:7d:70:2b:29:65:2b:a8:ea:71:0a:61:ff:50:
94:71:d2:ab:3d:f5:c9:c2:8e:69:b8:fa:90:ff:e1:
23:e2:05:8a:89:3c:dd:aa:df:9f:fe:0b:56:b5:48:
69:22:0d:25:7f:ac:fe:26:86:40:02:61:e7:00:67:
21:32:16:28:11:12:7d:70:52:da:cd:9b:01:40:ed:
32:a4:04:ee:98:39:df:6f:9d:9f:df:e7:55:04:5e:
43:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:03:2E:03:33:5D:87:6A:44:A4:4E:81:6D:E4:A4:FA:71:12:3E:EE
X509v3 Authority Key Identifier:
keyid:71:94:9B:47:DF:31:3C:BA:B9:45:2D:A9:8F:CC:63:76:08:A9:09:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cZSbR98xPLq5RS2pj8xjdgipCb0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/8gMuAzNdh2pEpE6BbeSk-nESPu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/cZSbR98xPLq5RS2pj8xjdgipCb0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.93.16.0/23
185.158.28.0/23
Signature Algorithm: sha256WithRSAEncryption
09:b1:f3:de:5b:15:42:83:3b:8c:fc:0f:57:88:c4:02:38:e1:
f2:ac:e2:a8:c2:88:9c:74:6b:fd:fd:0c:53:df:5a:13:cd:a9:
e6:90:74:b6:d0:90:b9:31:2c:76:17:0e:8b:84:af:85:fe:8c:
43:a6:2c:36:a5:dc:38:14:56:a4:3c:7f:f3:97:f5:93:d0:2d:
53:7d:38:22:00:51:e7:23:d4:4a:25:24:30:a3:2c:83:1a:f9:
f6:6d:a3:f7:b7:3b:0e:82:a2:cd:07:b8:57:40:2c:71:61:e8:
10:94:86:8a:e3:05:67:9c:8f:fc:a4:b9:ea:7f:56:a2:a7:42:
94:6c:3d:40:79:06:dc:4f:76:29:d1:9a:11:a9:04:39:cd:e5:
20:97:1f:dc:70:cd:2a:33:aa:ff:4d:8b:84:9b:9d:ee:cb:c1:
72:a0:34:d1:ba:f8:c0:4e:34:ef:8d:f0:ee:3d:13:87:5c:ee:
37:86:38:6d:8e:e3:7c:b5:64:ec:f0:5b:78:d5:a1:ec:82:b2:
7e:7e:e8:90:e8:ea:22:f8:87:08:a5:5e:a7:9e:a6:c0:44:50:
3f:8f:c6:80:4b:34:e4:a3:9e:92:10:0c:86:14:56:50:0a:cf:
19:0f:54:3c:9e:d6:b7:29:4e:56:27:c0:9c:22:c4:ce:ae:5e:
b8:f2:65:0b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvXzL60u9VV7OIKp+AnQwPDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxOTQ5YjQ3ZGYzMTNjYmFiOTQ1MmRhOThmY2M2Mzc2MDhh
OTA5YmQwHhcNMjMxMTE2MTEwMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjAzMmUwMzMzNWQ4NzZhNDRhNDRlODE2ZGU0YTRmYTcxMTIzZWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxuphw1aohU1ALX+da2GDY+J1dgA6
4kROag5+Tk6rK54rcs+ns17xhSfLl9jMiIhhdZ09IXmbSEFahrJ+2pzh6v+eAv8G
h2O1B9cZcxcgeWbkrQLtjsnt9cL14P6aPPeU1+/HNEZXoy2xCy74hu6N7drozwON
lgZon0xOGnYpIo0bRK11pcs38cY5A2pbVmxPt1g/ZH15qb7Z6Y5iADzfZ3+RTzXG
1n1wKyllK6jqcQph/1CUcdKrPfXJwo5puPqQ/+Ej4gWKiTzdqt+f/gtWtUhpIg0l
f6z+JoZAAmHnAGchMhYoERJ9cFLazZsBQO0ypATumDnfb52f3+dVBF5DJQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPIDLgMzXYdqRKROgW3kpPpxEj7uMB8GA1UdIwQY
MBaAFHGUm0ffMTy6uUUtqY/MY3YIqQm9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1pTYlI5OHhQTHE1UlMycGo4eGpkZ2lwQ2IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iMzNhNzgtYTUxZS00NmU0LTg2NDgt
MDA2NmY1NDFmYWVhLzEvOGdNdUF6TmRoMnBFcEU2QmJlU2stbkVTUHU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9iMzNhNzgtYTUxZS00NmU0LTg2NDgtMDA2NmY1NDFmYWVh
LzEvY1pTYlI5OHhQTHE1UlMycGo4eGpkZ2lwQ2IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBXV0QAwQB
uZ4cMA0GCSqGSIb3DQEBCwUAA4IBAQAJsfPeWxVCgzuM/A9XiMQCOOHyrOKowoic
dGv9/QxT31oTzanmkHS20JC5MSx2Fw6LhK+F/oxDpiw2pdw4FFakPH/zl/WT0C1T
fTgiAFHnI9RKJSQwoyyDGvn2baP3tzsOgqLNB7hXQCxxYegQlIaK4wVnnI/8pLnq
f1aip0KUbD1AeQbcT3Yp0ZoRqQQ5zeUglx/ccM0qM6r/TYuEm53uy8FyoDTRuvjA
TjTvjfDuPROHXO43hjhtjuN8tWTs8Ft41aHsgrJ+fuiQ6Ooi+IcIpV6nnqbARFA/
j8aASzTko56SEAyGFFZQCs8ZD1Q8nta3KU5WJ8CcIsTOrl648mUL
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:06 2024 by rpki-client on console-fra.rpki-client.org