Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/69a09f-5809-4656-b355-146f254ac131/1/XdN7bMy6MM-DbBbeLmU-OgqGDX0.roa
File: XdN7bMy6MM-DbBbeLmU-OgqGDX0.roa (raw, json)
Hash identifier: MlgpXgt1blZ/c6v82mp4fFIsUU4vp26Cppniu2vN+jo=
Subject key identifier: 5D:D3:7B:6C:CC:BA:30:CF:83:6C:16:DE:2E:65:3E:3A:0A:86:0D:7D
Certificate issuer: /CN=7f439d942426fc673b279cc98ab35fdbd7ea97f5
Certificate serial: 018570DE39D2CEDF4E2F486BCC081E9BE131
Authority key identifier: 7F:43:9D:94:24:26:FC:67:3B:27:9C:C9:8A:B3:5F:DB:D7:EA:97:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f0OdlCQm_Gc7J5zJirNf29fql_U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/69a09f-5809-4656-b355-146f254ac131/1/XdN7bMy6MM-DbBbeLmU-OgqGDX0.roa
Signing time: Mon 02 Jan 2023 05:04:49 +0000
ROA not before: Mon 02 Jan 2023 05:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48483
IP address blocks: 94.247.112.0/21 maxlen: 24
2a01:7a40::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:39:d2:ce:df:4e:2f:48:6b:cc:08:1e:9b:e1:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f439d942426fc673b279cc98ab35fdbd7ea97f5
Validity
Not Before: Jan 2 05:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5dd37b6cccba30cf836c16de2e653e3a0a860d7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:65:77:16:bc:68:26:61:16:ae:0a:3f:31:c5:
74:76:31:64:c8:9a:c6:81:c8:4c:ce:aa:32:21:85:
98:03:b7:e6:76:73:1a:56:a9:bd:69:dd:05:1b:0b:
f6:7d:17:fa:17:aa:c7:c0:60:fa:98:24:bf:29:e6:
9b:fa:10:d5:4e:2c:00:20:8b:9d:ef:d6:b5:eb:81:
93:ec:f7:6a:32:31:61:ea:2f:0f:88:01:10:b0:87:
4c:09:6c:af:07:06:70:d3:ab:83:24:06:8f:f0:a3:
91:9d:7c:ec:06:54:89:5d:d1:5d:62:10:74:04:35:
36:16:b5:6c:d2:04:c2:93:08:00:11:c4:bc:fb:ae:
e0:06:e0:a1:02:a8:01:14:71:a0:90:22:f6:46:5d:
1a:28:de:61:c2:5d:9f:d1:84:75:d2:2b:bb:4e:1b:
f3:8b:c5:2d:f5:b1:16:3e:8d:ca:bc:1a:43:80:f3:
80:09:8e:98:d3:87:7c:60:4c:79:0f:a1:28:db:2c:
13:4b:53:b8:4c:dd:b6:4d:d7:2d:c9:4c:38:aa:5f:
8a:f6:9e:29:c8:cd:96:40:63:63:35:a1:86:61:ed:
66:ab:e0:29:45:49:9d:57:ba:8d:c8:c0:72:4e:ee:
08:e4:71:fa:db:cf:f8:70:09:d2:aa:9c:f1:fa:01:
7b:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:D3:7B:6C:CC:BA:30:CF:83:6C:16:DE:2E:65:3E:3A:0A:86:0D:7D
X509v3 Authority Key Identifier:
keyid:7F:43:9D:94:24:26:FC:67:3B:27:9C:C9:8A:B3:5F:DB:D7:EA:97:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0OdlCQm_Gc7J5zJirNf29fql_U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/69a09f-5809-4656-b355-146f254ac131/1/XdN7bMy6MM-DbBbeLmU-OgqGDX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/69a09f-5809-4656-b355-146f254ac131/1/f0OdlCQm_Gc7J5zJirNf29fql_U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.247.112.0/21
IPv6:
2a01:7a40::/32
Signature Algorithm: sha256WithRSAEncryption
33:18:d0:33:e6:30:2e:3a:61:ae:6b:e9:55:f9:9a:03:f0:40:
8e:16:e8:76:64:a6:54:86:20:2b:24:aa:7d:bf:bb:86:73:22:
9e:a9:78:84:c6:50:71:02:bc:ea:0c:1b:4b:ad:48:bc:3d:51:
c7:e6:b0:b9:26:ab:92:4c:09:02:e9:1b:53:28:6b:5b:05:aa:
22:a6:e7:07:f4:33:07:b4:7e:5e:fb:70:00:f5:87:01:ad:26:
93:70:38:ef:fa:1c:cf:25:ab:b6:a3:84:1b:39:d0:ab:e6:48:
2b:04:74:5e:fe:bf:58:71:ab:3b:cb:f3:0f:52:04:a7:8b:34:
cf:d3:f2:6b:13:77:44:bd:f4:c8:0c:2d:49:28:f7:e5:eb:16:
48:3d:36:36:cb:6e:53:02:8f:46:a9:11:e5:4c:18:a3:14:28:
09:19:a4:db:34:65:c9:f1:71:56:d8:98:cd:47:9f:c0:82:b6:
19:64:07:b5:3f:8c:56:c9:db:ca:aa:06:d1:3f:02:62:d8:d8:
81:7f:eb:55:a7:fb:ea:9f:59:95:f5:f1:46:78:28:3c:3d:2c:
df:31:a2:5e:b4:c0:b8:0f:49:0e:d8:73:e5:cc:2d:a2:11:ee:
9d:91:ab:4d:a7:ba:3c:2e:b5:5a:3e:f9:2f:01:0a:dd:41:30:
cf:a8:d0:c6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVw3jnSzt9OL0hrzAgem+ExMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNDM5ZDk0MjQyNmZjNjczYjI3OWNjOThhYjM1ZmRiZDdl
YTk3ZjUwHhcNMjMwMTAyMDUwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGQzN2I2Y2NjYmEzMGNmODM2YzE2ZGUyZTY1M2UzYTBhODYwZDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimV3FrxoJmEWrgo/McV0djFkyJrG
gchMzqoyIYWYA7fmdnMaVqm9ad0FGwv2fRf6F6rHwGD6mCS/Keab+hDVTiwAIIud
79a164GT7PdqMjFh6i8PiAEQsIdMCWyvBwZw06uDJAaP8KORnXzsBlSJXdFdYhB0
BDU2FrVs0gTCkwgAEcS8+67gBuChAqgBFHGgkCL2Rl0aKN5hwl2f0YR10iu7Thvz
i8Ut9bEWPo3KvBpDgPOACY6Y04d8YEx5D6Eo2ywTS1O4TN22TdctyUw4ql+K9p4p
yM2WQGNjNaGGYe1mq+ApRUmdV7qNyMByTu4I5HH628/4cAnSqpzx+gF7HQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF3Te2zMujDPg2wW3i5lPjoKhg19MB8GA1UdIwQY
MBaAFH9DnZQkJvxnOyecyYqzX9vX6pf1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjBPZGxDUW1fR2M3SjV6SmlyTmYyOWZxbF9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS82OWEwOWYtNTgwOS00NjU2LWIzNTUt
MTQ2ZjI1NGFjMTMxLzEvWGRON2JNeTZNTS1EYkJiZUxtVS1PZ3FHRFgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS82OWEwOWYtNTgwOS00NjU2LWIzNTUtMTQ2ZjI1NGFjMTMx
LzEvZjBPZGxDUW1fR2M3SjV6SmlyTmYyOWZxbF9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDXvdwMA0E
AgACMAcDBQAqAXpAMA0GCSqGSIb3DQEBCwUAA4IBAQAzGNAz5jAuOmGua+lV+ZoD
8ECOFuh2ZKZUhiArJKp9v7uGcyKeqXiExlBxArzqDBtLrUi8PVHH5rC5JquSTAkC
6RtTKGtbBaoipucH9DMHtH5e+3AA9YcBrSaTcDjv+hzPJau2o4QbOdCr5kgrBHRe
/r9Ycas7y/MPUgSnizTP0/JrE3dEvfTIDC1JKPfl6xZIPTY2y25TAo9GqRHlTBij
FCgJGaTbNGXJ8XFW2JjNR5/AgrYZZAe1P4xWydvKqgbRPwJi2NiBf+tVp/vqn1mV
9fFGeCg8PSzfMaJetMC4D0kO2HPlzC2iEe6dkatNp7o8LrVaPvkvAQrdQTDPqNDG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:13 2024 by rpki-client on console-ams.rpki-client.org