Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/ag1rQqWvKddybi25DFeRbjhtgmI.roa
File: ag1rQqWvKddybi25DFeRbjhtgmI.roa (raw, json)
Hash identifier: mrG/SxughgW3tjXNCPfyr6DZuRw7GY3e5wrSho7wqRc=
Subject key identifier: 6A:0D:6B:42:A5:AF:29:D7:72:6E:2D:B9:0C:57:91:6E:38:6D:82:62
Certificate issuer: /CN=71949b47df313cbab9452da98fcc637608a909bd
Certificate serial: 018BD2700012A89B575C29D15A8FC0113CFC
Authority key identifier: 71:94:9B:47:DF:31:3C:BA:B9:45:2D:A9:8F:CC:63:76:08:A9:09:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cZSbR98xPLq5RS2pj8xjdgipCb0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/ag1rQqWvKddybi25DFeRbjhtgmI.roa
Signing time: Wed 15 Nov 2023 10:03:57 +0000
ROA not before: Wed 15 Nov 2023 10:03:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28742
IP address blocks: 185.158.30.0/23 maxlen: 23
185.158.28.0/23 maxlen: 23
185.158.29.0/24 maxlen: 24
185.158.28.0/24 maxlen: 24
93.93.16.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 15 Nov 2023 14:24:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d2:70:00:12:a8:9b:57:5c:29:d1:5a:8f:c0:11:3c:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71949b47df313cbab9452da98fcc637608a909bd
Validity
Not Before: Nov 15 10:03:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a0d6b42a5af29d7726e2db90c57916e386d8262
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a8:68:94:c2:44:db:5f:9c:e8:aa:71:6c:d7:
90:29:b6:fc:e2:83:0e:2d:7c:63:7a:c1:2f:a4:65:
ff:da:5c:53:9c:83:ff:ca:85:7c:f9:b5:18:a6:fe:
7a:af:0e:70:20:29:36:01:7c:d4:fb:40:be:f8:ac:
a4:a9:b5:d5:0a:da:78:84:7e:9a:01:c5:74:b4:8c:
9f:fc:53:57:f7:e9:ed:59:52:27:19:31:62:89:b6:
2d:e3:ad:76:d7:a0:c2:c8:2e:9b:cb:36:8e:31:e5:
ad:a0:22:bd:fc:6a:15:4f:96:e7:ac:52:c3:03:08:
24:73:48:15:d1:f1:13:cd:40:bb:b5:e2:e0:a5:28:
60:3b:b9:24:60:b6:ec:02:4b:fa:4f:73:09:39:4e:
2a:f4:e6:7f:78:fb:81:40:11:90:8d:3c:41:79:2d:
69:86:63:5e:9d:b4:8a:a9:29:c6:e5:06:ab:ba:c0:
83:e4:c0:fa:e3:72:56:26:cd:f3:2a:e9:46:a2:6b:
44:3a:12:3b:6c:4a:87:3a:74:c9:2d:94:f6:e7:8c:
c7:de:8d:2e:ff:b7:f0:e2:45:35:b5:4f:28:40:0a:
aa:26:50:a7:2d:6d:b8:93:cf:f0:00:ea:80:b5:b3:
12:08:6a:f1:51:11:6b:ce:ea:bd:59:da:92:91:62:
30:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:0D:6B:42:A5:AF:29:D7:72:6E:2D:B9:0C:57:91:6E:38:6D:82:62
X509v3 Authority Key Identifier:
keyid:71:94:9B:47:DF:31:3C:BA:B9:45:2D:A9:8F:CC:63:76:08:A9:09:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cZSbR98xPLq5RS2pj8xjdgipCb0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/ag1rQqWvKddybi25DFeRbjhtgmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/cZSbR98xPLq5RS2pj8xjdgipCb0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.93.16.0/23
185.158.28.0/22
Signature Algorithm: sha256WithRSAEncryption
51:2e:9c:55:d5:77:b6:f2:5a:e4:b6:f7:d1:d7:1d:ea:32:eb:
5e:58:d6:a5:db:c4:cb:d0:b4:23:2f:28:86:8c:35:0a:71:18:
ff:a2:4a:d9:e0:3b:1a:91:8c:48:72:ee:f9:f3:7f:94:b6:ad:
73:af:13:11:92:1b:36:1d:fe:e2:2f:5e:0d:2f:10:0a:97:c6:
46:3c:7d:8e:88:46:e6:f1:65:81:a9:b9:13:a6:22:af:ee:cc:
8f:2c:dc:0a:b7:3b:7e:7c:f2:86:b4:98:ba:35:b3:4d:cc:91:
f9:a6:d4:8c:17:93:bd:7f:ff:dd:ee:44:60:bd:a5:84:71:a0:
c5:3d:20:b9:d2:8a:00:cc:1d:35:aa:11:56:9e:7c:34:29:d8:
7a:d9:33:3e:d4:5c:60:21:5d:cf:7e:24:de:41:49:d9:6a:e0:
11:fa:63:41:69:37:58:d2:c9:22:b4:42:78:a8:1e:a2:39:00:
c9:13:e9:b0:d2:bd:ab:5e:c6:88:ad:c3:bd:76:ab:b2:93:b8:
e0:2e:c1:df:64:a8:0f:92:5d:e2:0d:a2:e9:6b:ae:f7:49:6c:
5c:9b:30:80:ca:84:a9:d7:1b:cc:45:d6:c5:d5:fd:ed:0b:d4:
17:c8:bc:0f:f9:dc:da:bb:de:dd:17:62:ec:c8:94:af:42:59:
ee:11:3c:60
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvScAASqJtXXCnRWo/AETz8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxOTQ5YjQ3ZGYzMTNjYmFiOTQ1MmRhOThmY2M2Mzc2MDhh
OTA5YmQwHhcNMjMxMTE1MTAwMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTBkNmI0MmE1YWYyOWQ3NzI2ZTJkYjkwYzU3OTE2ZTM4NmQ4MjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqholMJE21+c6KpxbNeQKbb84oMO
LXxjesEvpGX/2lxTnIP/yoV8+bUYpv56rw5wICk2AXzU+0C++KykqbXVCtp4hH6a
AcV0tIyf/FNX9+ntWVInGTFiibYt461216DCyC6byzaOMeWtoCK9/GoVT5bnrFLD
Awgkc0gV0fETzUC7teLgpShgO7kkYLbsAkv6T3MJOU4q9OZ/ePuBQBGQjTxBeS1p
hmNenbSKqSnG5QarusCD5MD643JWJs3zKulGomtEOhI7bEqHOnTJLZT254zH3o0u
/7fw4kU1tU8oQAqqJlCnLW24k8/wAOqAtbMSCGrxURFrzuq9WdqSkWIwYwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGoNa0KlrynXcm4tuQxXkW44bYJiMB8GA1UdIwQY
MBaAFHGUm0ffMTy6uUUtqY/MY3YIqQm9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1pTYlI5OHhQTHE1UlMycGo4eGpkZ2lwQ2IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iMzNhNzgtYTUxZS00NmU0LTg2NDgt
MDA2NmY1NDFmYWVhLzEvYWcxclFxV3ZLZGR5YmkyNURGZVJiamh0Z21JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9iMzNhNzgtYTUxZS00NmU0LTg2NDgtMDA2NmY1NDFmYWVh
LzEvY1pTYlI5OHhQTHE1UlMycGo4eGpkZ2lwQ2IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBXV0QAwQC
uZ4cMA0GCSqGSIb3DQEBCwUAA4IBAQBRLpxV1Xe28lrktvfR1x3qMuteWNal28TL
0LQjLyiGjDUKcRj/okrZ4DsakYxIcu7583+Utq1zrxMRkhs2Hf7iL14NLxAKl8ZG
PH2OiEbm8WWBqbkTpiKv7syPLNwKtzt+fPKGtJi6NbNNzJH5ptSMF5O9f//d7kRg
vaWEcaDFPSC50ooAzB01qhFWnnw0Kdh62TM+1FxgIV3PfiTeQUnZauAR+mNBaTdY
0skitEJ4qB6iOQDJE+mw0r2rXsaIrcO9dquyk7jgLsHfZKgPkl3iDaLpa673SWxc
mzCAyoSp1xvMRdbF1f3tC9QXyLwP+dzau97dF2LsyJSvQlnuETxg
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:06 2024 by rpki-client on console-fra.rpki-client.org