Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/75465f-6797-4141-b961-8b7c57c56215/1/1kZNEkbSBjPPyNw3Bpx4UJBHiSs.roa
File: 1kZNEkbSBjPPyNw3Bpx4UJBHiSs.roa (raw, json)
Hash identifier: ytUtlzISDE6O67w5eYW+I2b0VqY8TH/uxsbdt3jwbBs=
Subject key identifier: D6:46:4D:12:46:D2:06:33:CF:C8:DC:37:06:9C:78:50:90:47:89:2B
Certificate issuer: /CN=3f273b6861cf7cf4646cc5e04275d6617635f07b
Certificate serial: 018570429E22CEF92E7A8D29D012928A9C16
Authority key identifier: 3F:27:3B:68:61:CF:7C:F4:64:6C:C5:E0:42:75:D6:61:76:35:F0:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pyc7aGHPfPRkbMXgQnXWYXY18Hs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/75465f-6797-4141-b961-8b7c57c56215/1/1kZNEkbSBjPPyNw3Bpx4UJBHiSs.roa
Signing time: Mon 02 Jan 2023 02:14:52 +0000
ROA not before: Mon 02 Jan 2023 02:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20776
IP address blocks: 94.124.219.0/24 maxlen: 24
109.203.224.0/20 maxlen: 20
109.203.224.0/23 maxlen: 23
109.203.226.0/23 maxlen: 23
109.203.228.0/24 maxlen: 24
109.203.230.0/23 maxlen: 23
109.203.232.0/23 maxlen: 23
109.203.235.0/24 maxlen: 24
109.203.234.0/24 maxlen: 24
109.203.240.0/24 maxlen: 24
109.203.242.0/24 maxlen: 24
109.203.241.0/24 maxlen: 24
109.203.240.0/20 maxlen: 20
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:35:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:9e:22:ce:f9:2e:7a:8d:29:d0:12:92:8a:9c:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f273b6861cf7cf4646cc5e04275d6617635f07b
Validity
Not Before: Jan 2 02:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6464d1246d20633cfc8dc37069c78509047892b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:7f:0c:66:97:5c:14:9f:d6:17:6c:09:51:82:
87:f7:fb:05:3c:bc:36:23:23:d9:15:65:01:9e:81:
86:0e:cc:d7:2f:06:bb:e6:b4:cc:11:db:56:fb:f5:
92:06:d8:a9:08:e1:e3:4f:82:c4:69:e7:75:fd:dd:
24:dc:7a:9e:10:b9:ad:6b:9d:49:ac:ca:16:79:dd:
c9:73:49:fa:f4:c1:95:f6:a4:e2:97:a5:20:d0:f0:
72:86:77:e4:8b:2a:f4:0d:10:a1:1c:e8:5d:cf:eb:
a7:67:48:b9:58:4f:ae:99:85:f7:7d:f8:8b:ca:d1:
ce:b8:a3:46:f2:b1:66:93:57:c7:93:c3:5a:84:4f:
e5:8d:e0:43:96:05:89:bc:f2:5c:f8:21:ea:14:6d:
4d:8b:0b:bb:3b:39:cd:6a:5e:78:0a:fe:b7:bd:15:
d8:97:2b:22:56:ae:1c:12:da:58:70:3b:05:c1:a5:
89:c0:73:2b:77:05:3d:ae:ec:a4:bd:2a:58:d6:55:
18:17:ef:27:9c:a9:da:a1:16:aa:c5:89:5b:ee:ee:
70:7e:23:20:90:f2:61:f8:19:62:ac:24:e2:48:27:
95:a1:b5:44:fa:87:d5:5f:3d:05:7f:70:ef:9e:82:
ac:51:15:6a:a6:84:4b:09:dd:1e:e9:86:ba:59:6e:
2a:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:46:4D:12:46:D2:06:33:CF:C8:DC:37:06:9C:78:50:90:47:89:2B
X509v3 Authority Key Identifier:
keyid:3F:27:3B:68:61:CF:7C:F4:64:6C:C5:E0:42:75:D6:61:76:35:F0:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pyc7aGHPfPRkbMXgQnXWYXY18Hs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/75465f-6797-4141-b961-8b7c57c56215/1/1kZNEkbSBjPPyNw3Bpx4UJBHiSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/75465f-6797-4141-b961-8b7c57c56215/1/Pyc7aGHPfPRkbMXgQnXWYXY18Hs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.124.219.0/24
109.203.224.0/19
Signature Algorithm: sha256WithRSAEncryption
12:9a:99:45:a5:a2:13:06:a1:7c:12:62:33:fe:d0:9e:e8:77:
ca:b5:eb:6a:7b:16:32:bd:33:2e:c9:aa:17:20:99:3b:32:db:
69:66:b2:14:b3:ad:fc:a0:31:a9:26:8a:ae:3e:16:47:00:89:
ac:1f:92:7a:60:b0:75:4a:37:60:7f:11:2d:e1:08:32:5d:be:
d6:b7:29:9f:ae:c8:9b:35:c6:dc:09:bc:0d:c7:56:7d:ad:19:
f4:82:4e:36:2b:8c:b7:55:fd:09:2f:b9:8f:a7:55:b6:99:d3:
b5:c2:9b:d9:b2:7f:af:12:10:9d:a3:c6:d0:0e:50:d0:9e:a1:
34:3c:b5:7b:f4:17:73:59:6c:f6:8a:08:f5:e4:81:ce:7d:41:
d0:23:0e:62:2f:43:15:f9:44:44:de:0c:08:08:4b:02:01:5a:
5d:f9:e5:1a:11:8b:bd:8c:f5:2a:f5:3b:18:4c:c0:11:d0:ff:
9f:f4:44:98:6e:87:24:92:dd:1c:9b:37:26:a1:eb:33:47:e4:
2e:0b:65:9c:b3:d7:57:e0:bf:7e:2a:c0:1c:d4:14:e6:85:9d:
6c:8b:61:0c:4b:a8:8c:98:c0:54:1e:41:80:32:9d:1b:e9:a4:
a7:33:4e:0c:c9:be:45:b9:3a:29:c4:17:3f:44:9e:e4:63:31:
13:93:e5:f2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwQp4izvkueo0p0BKSipwWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMjczYjY4NjFjZjdjZjQ2NDZjYzVlMDQyNzVkNjYxNzYz
NWYwN2IwHhcNMjMwMTAyMDIxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjQ2NGQxMjQ2ZDIwNjMzY2ZjOGRjMzcwNjljNzg1MDkwNDc4OTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAun8MZpdcFJ/WF2wJUYKH9/sFPLw2
IyPZFWUBnoGGDszXLwa75rTMEdtW+/WSBtipCOHjT4LEaed1/d0k3HqeELmta51J
rMoWed3Jc0n69MGV9qTil6Ug0PByhnfkiyr0DRChHOhdz+unZ0i5WE+umYX3ffiL
ytHOuKNG8rFmk1fHk8NahE/ljeBDlgWJvPJc+CHqFG1Niwu7OznNal54Cv63vRXY
lysiVq4cEtpYcDsFwaWJwHMrdwU9ruykvSpY1lUYF+8nnKnaoRaqxYlb7u5wfiMg
kPJh+BlirCTiSCeVobVE+ofVXz0Ff3DvnoKsURVqpoRLCd0e6Ya6WW4q+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNZGTRJG0gYzz8jcNwaceFCQR4krMB8GA1UdIwQY
MBaAFD8nO2hhz3z0ZGzF4EJ11mF2NfB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHljN2FHSFBmUFJrYk1YZ1FuWFdZWFkxOEhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC83NTQ2NWYtNjc5Ny00MTQxLWI5NjEt
OGI3YzU3YzU2MjE1LzEvMWtaTkVrYlNCalBQeU53M0JweDRVSkJIaVNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC83NTQ2NWYtNjc5Ny00MTQxLWI5NjEtOGI3YzU3YzU2MjE1
LzEvUHljN2FHSFBmUFJrYk1YZ1FuWFdZWFkxOEhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXnzbAwQF
bcvgMA0GCSqGSIb3DQEBCwUAA4IBAQASmplFpaITBqF8EmIz/tCe6HfKtetqexYy
vTMuyaoXIJk7MttpZrIUs638oDGpJoquPhZHAImsH5J6YLB1SjdgfxEt4QgyXb7W
tymfrsibNcbcCbwNx1Z9rRn0gk42K4y3Vf0JL7mPp1W2mdO1wpvZsn+vEhCdo8bQ
DlDQnqE0PLV79BdzWWz2igj15IHOfUHQIw5iL0MV+URE3gwICEsCAVpd+eUaEYu9
jPUq9TsYTMAR0P+f9ESYbockkt0cmzcmoeszR+QuC2Wcs9dX4L9+KsAc1BTmhZ1s
i2EMS6iMmMBUHkGAMp0b6aSnM04Myb5FuTopxBc/RJ7kYzETk+Xy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:46 2024 by rpki-client on console-fra.rpki-client.org