Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/jg72MYRfL_8VGI5C-zSY0Njz3lE.roa
File: jg72MYRfL_8VGI5C-zSY0Njz3lE.roa (raw, json)
Hash identifier: Ml7Jrhu6fqQoE4I8aEQZdHciMn8xo1ikCoQNAP4/Jfk=
Subject key identifier: 8E:0E:F6:31:84:5F:2F:FF:15:18:8E:42:FB:34:98:D0:D8:F3:DE:51
Certificate issuer: /CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Certificate serial: 018C9E00BF50F267C3F2E534DE86F899BA4D
Authority key identifier: DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/jg72MYRfL_8VGI5C-zSY0Njz3lE.roa
Signing time: Sun 24 Dec 2023 22:44:58 +0000
ROA not before: Sun 24 Dec 2023 22:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 94.154.42.0/24 maxlen: 24
94.154.41.0/24 maxlen: 24
94.154.44.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:9e:00:bf:50:f2:67:c3:f2:e5:34:de:86:f8:99:ba:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Validity
Not Before: Dec 24 22:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e0ef631845f2fff15188e42fb3498d0d8f3de51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:5a:39:34:01:a4:bf:1c:ad:64:7c:6c:5a:4d:
e2:a2:f9:38:de:ef:30:ed:30:86:00:c4:1a:ad:eb:
52:8e:ae:4b:0a:aa:37:e5:be:50:26:5d:d8:31:c0:
03:c0:ea:1c:bc:6a:43:78:d7:45:22:a5:37:99:f6:
bb:c1:f9:18:9b:f9:50:87:2a:43:6b:a5:dc:c7:b1:
45:ea:94:e8:66:9f:c3:a2:c2:b0:24:e8:70:97:cd:
df:0b:3d:d7:f5:92:be:c4:26:f3:2b:21:84:3b:11:
bc:76:24:61:f4:22:a7:66:7a:41:14:04:6a:c5:07:
7c:36:b9:2b:3b:49:f6:97:1b:98:96:3d:9c:ca:9f:
04:fa:09:12:b2:f9:a4:5a:62:40:36:36:6a:59:ec:
65:98:b6:13:59:ba:7b:12:4d:4c:db:cb:ed:88:1d:
d4:69:ff:b7:f4:78:90:18:82:c4:75:16:ef:1b:98:
b1:59:5a:a6:e1:93:76:b3:cc:dc:53:db:4b:03:46:
be:a3:e8:31:3f:83:4a:30:f5:9a:f1:88:a7:89:af:
96:96:22:9e:d3:69:3d:9e:37:55:07:d9:12:cd:f5:
a1:eb:43:7f:9d:40:b0:52:ea:43:43:ee:63:06:34:
87:23:7c:72:40:e4:d3:9b:db:06:67:a3:b6:03:10:
43:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:0E:F6:31:84:5F:2F:FF:15:18:8E:42:FB:34:98:D0:D8:F3:DE:51
X509v3 Authority Key Identifier:
keyid:DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/jg72MYRfL_8VGI5C-zSY0Njz3lE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/3BHa76_4HH5QEnjYfZvCsgTXEVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.41.0-94.154.42.255
94.154.44.0/23
Signature Algorithm: sha256WithRSAEncryption
14:74:13:82:7e:d2:13:2f:b1:cc:d8:e7:c3:04:69:9b:d1:c8:
9e:d8:1f:a1:54:17:61:68:2b:56:b6:b3:a0:af:f0:be:e8:f0:
3e:3f:f8:45:60:43:aa:25:bb:f1:5c:25:75:03:a4:58:22:74:
b0:a1:ce:11:e7:d0:4e:2b:79:a7:ce:bb:28:42:2a:23:21:de:
dc:79:67:41:25:11:13:a8:a9:47:ed:3d:6d:5f:e7:f5:90:f7:
11:bd:ff:76:d0:80:0a:38:1e:78:f9:0a:6b:cb:12:0d:9e:cf:
f9:fc:0b:3a:0f:45:c4:b4:1f:72:e7:02:99:9c:0b:16:1d:7a:
70:cb:bf:cb:81:65:c6:9a:ed:12:e6:63:3b:3d:eb:35:61:e6:
97:25:f3:70:22:f1:6b:b7:49:9d:12:9d:7c:67:6d:bb:a0:c6:
46:91:21:84:a7:4d:1e:d2:9a:49:ec:aa:4e:0f:7f:43:ad:c2:
ce:4a:9e:d3:b3:8f:94:c5:d1:a9:7c:14:97:94:ea:f2:9f:de:
af:56:d5:88:ad:be:6c:f2:34:df:ff:14:b5:7d:2b:24:4e:04:
cf:8c:13:77:87:29:97:73:77:ad:3e:56:6a:64:8a:21:62:f3:
29:ca:80:d8:75:96:d6:04:b2:92:4f:6e:de:64:f2:fe:dc:a3:
46:c2:db:07
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYyeAL9Q8mfD8uU03ob4mbpNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTFkYWVmYWZmODFjN2U1MDEyNzhkODdkOWJjMmIyMDRk
NzExNTUwHhcNMjMxMjI0MjI0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTBlZjYzMTg0NWYyZmZmMTUxODhlNDJmYjM0OThkMGQ4ZjNkZTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1o5NAGkvxytZHxsWk3iovk43u8w
7TCGAMQaretSjq5LCqo35b5QJl3YMcADwOocvGpDeNdFIqU3mfa7wfkYm/lQhypD
a6Xcx7FF6pToZp/DosKwJOhwl83fCz3X9ZK+xCbzKyGEOxG8diRh9CKnZnpBFARq
xQd8NrkrO0n2lxuYlj2cyp8E+gkSsvmkWmJANjZqWexlmLYTWbp7Ek1M28vtiB3U
af+39HiQGILEdRbvG5ixWVqm4ZN2s8zcU9tLA0a+o+gxP4NKMPWa8Yinia+WliKe
02k9njdVB9kSzfWh60N/nUCwUupDQ+5jBjSHI3xyQOTTm9sGZ6O2AxBDKwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFI4O9jGEXy//FRiOQvs0mNDY895RMB8GA1UdIwQY
MBaAFNwR2u+v+Bx+UBJ42H2bwrIE1xFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYt
NjUyNDljYmM1NzNjLzEvamc3Mk1ZUmZMXzhWR0k1Qy16U1kwTmp6M2xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYtNjUyNDljYmM1NzNj
LzEvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABemikD
BABemioDBAFemiwwDQYJKoZIhvcNAQELBQADggEBABR0E4J+0hMvsczY58MEaZvR
yJ7YH6FUF2FoK1a2s6Cv8L7o8D4/+EVgQ6olu/FcJXUDpFgidLChzhHn0E4reafO
uyhCKiMh3tx5Z0ElEROoqUftPW1f5/WQ9xG9/3bQgAo4Hnj5CmvLEg2ez/n8CzoP
RcS0H3LnApmcCxYdenDLv8uBZcaa7RLmYzs96zVh5pcl83Ai8Wu3SZ0SnXxnbbug
xkaRIYSnTR7Smknsqk4Pf0Otws5KntOzj5TF0al8FJeU6vKf3q9W1YitvmzyNN//
FLV9KyROBM+ME3eHKZdzd60+VmpkiiFi8ynKgNh1ltYEspJPbt5k8v7co0bC2wc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:55 2024 by rpki-client on console-ams.rpki-client.org