Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/Xqp6_W0TGZokFar-FVud2SDC0VY.roa
File: Xqp6_W0TGZokFar-FVud2SDC0VY.roa (raw, json)
Hash identifier: 7f9W0QzYE+4JDlYyLG6ReXgZORe2tI4AlJSSbTVQZH4=
Subject key identifier: 5E:AA:7A:FD:6D:13:19:9A:24:15:AA:FE:15:5B:9D:D9:20:C2:D1:56
Certificate issuer: /CN=cd3bbc195cda7e58245a61cb30b96fe572fd7811
Certificate serial: 018B3C5CF31311B38D347257702B94000194
Authority key identifier: CD:3B:BC:19:5C:DA:7E:58:24:5A:61:CB:30:B9:6F:E5:72:FD:78:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zTu8GVzaflgkWmHLMLlv5XL9eBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/Xqp6_W0TGZokFar-FVud2SDC0VY.roa
Signing time: Tue 17 Oct 2023 06:40:06 +0000
ROA not before: Tue 17 Oct 2023 06:40:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210692
IP address blocks: 94.154.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Oct 2023 09:35:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3c:5c:f3:13:11:b3:8d:34:72:57:70:2b:94:00:01:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd3bbc195cda7e58245a61cb30b96fe572fd7811
Validity
Not Before: Oct 17 06:40:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5eaa7afd6d13199a2415aafe155b9dd920c2d156
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:8e:75:8a:d1:39:d7:38:06:3f:74:fd:9b:be:
3d:e1:60:30:3d:50:d1:ed:1a:a7:2a:9f:e4:61:57:
a4:df:4f:b8:30:77:3d:dc:92:e3:62:bd:23:db:75:
f0:f4:5d:9b:09:8a:39:71:08:8a:5a:dc:fe:c5:7f:
47:7b:e7:07:95:04:ef:83:10:3b:97:d4:be:9f:bd:
fe:d3:10:1f:46:35:7a:90:ee:56:49:39:30:9b:22:
18:90:c8:fc:d2:ff:ca:d1:0d:ad:61:1d:08:0e:52:
2d:fb:4e:73:b9:4e:ed:12:ed:1d:27:32:b5:06:3e:
bb:4f:53:62:67:f7:cd:5f:9c:ce:c8:3d:c2:fe:ad:
79:b1:18:5b:0f:6e:bc:29:9a:dd:ce:c0:ea:ce:2a:
c6:50:17:51:15:3c:b3:fe:da:6c:dc:63:1e:5b:6c:
6d:ba:69:37:0b:e6:7a:a7:cb:03:55:32:c2:62:6a:
7c:a7:1f:71:a2:19:30:aa:d0:87:d3:69:cf:09:07:
6f:72:ba:40:0a:e5:9f:f7:c7:5f:ea:39:16:5b:c6:
67:23:1d:f2:27:7e:4d:23:aa:4c:d2:d1:d4:40:e8:
81:16:f6:c4:62:e5:97:dc:ac:af:ca:47:01:2d:77:
64:ef:85:d0:6e:01:6b:4b:20:85:95:a4:a5:0e:9f:
bd:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:AA:7A:FD:6D:13:19:9A:24:15:AA:FE:15:5B:9D:D9:20:C2:D1:56
X509v3 Authority Key Identifier:
keyid:CD:3B:BC:19:5C:DA:7E:58:24:5A:61:CB:30:B9:6F:E5:72:FD:78:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zTu8GVzaflgkWmHLMLlv5XL9eBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/Xqp6_W0TGZokFar-FVud2SDC0VY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.112.0/24
Signature Algorithm: sha256WithRSAEncryption
70:47:bf:e2:6f:fd:f3:f7:10:11:44:31:59:a1:a0:a0:d2:8b:
13:49:06:cf:1a:6e:b1:47:98:bc:c8:41:31:9d:0e:38:bb:13:
28:83:a9:1c:27:00:c2:85:fc:f8:fb:2f:8f:10:67:9a:c5:b4:
2d:7c:df:93:f8:7f:40:71:71:59:2d:4b:20:c9:33:23:01:ab:
a0:4b:f8:68:d9:ac:03:8a:83:2e:d9:d3:7e:09:12:b0:b2:b4:
9f:06:c3:1b:3b:d4:67:8b:49:0b:74:75:bb:eb:74:6b:a8:36:
ab:e3:57:54:c8:94:d8:34:88:8e:1c:8e:e1:c4:15:fd:df:ba:
56:b1:71:fd:20:c0:e9:1a:59:9c:f9:17:5f:2f:b4:b8:fa:4a:
9b:d6:58:44:ce:bb:16:f5:a4:a1:08:b1:56:19:8c:7e:ac:12:
e3:e7:4a:cd:eb:d7:80:d4:06:a3:af:07:ee:ec:fa:9d:07:36:
8c:e9:30:d0:c6:44:32:a5:86:53:7e:39:43:14:9c:b7:d5:f1:
a3:84:73:e4:53:67:13:14:30:bb:2d:33:1b:b8:89:47:07:49:
9a:3f:29:ed:a2:15:17:11:61:b7:72:53:3a:73:15:39:5e:ba:
99:19:ef:2d:6c:8a:ef:da:f4:e5:05:19:24:f0:9d:ac:47:e7:
d3:b3:0a:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYs8XPMTEbONNHJXcCuUAAGUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkM2JiYzE5NWNkYTdlNTgyNDVhNjFjYjMwYjk2ZmU1NzJm
ZDc4MTEwHhcNMjMxMDE3MDY0MDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWFhN2FmZDZkMTMxOTlhMjQxNWFhZmUxNTViOWRkOTIwYzJkMTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAko51itE51zgGP3T9m7494WAwPVDR
7RqnKp/kYVek30+4MHc93JLjYr0j23Xw9F2bCYo5cQiKWtz+xX9He+cHlQTvgxA7
l9S+n73+0xAfRjV6kO5WSTkwmyIYkMj80v/K0Q2tYR0IDlIt+05zuU7tEu0dJzK1
Bj67T1NiZ/fNX5zOyD3C/q15sRhbD268KZrdzsDqzirGUBdRFTyz/tps3GMeW2xt
umk3C+Z6p8sDVTLCYmp8px9xohkwqtCH02nPCQdvcrpACuWf98df6jkWW8ZnIx3y
J35NI6pM0tHUQOiBFvbEYuWX3KyvykcBLXdk74XQbgFrSyCFlaSlDp+9yQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF6qev1tExmaJBWq/hVbndkgwtFWMB8GA1UdIwQY
MBaAFM07vBlc2n5YJFphyzC5b+Vy/XgRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelR1OEdWemFmbGdrV21ITE1MbHY1WEw5ZUJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny81YWY3YTUtYjY3Yy00NTlhLTk4OTMt
YzZmYWRlYjI4NWJhLzEvWHFwNl9XMFRHWm9rRmFyLUZWdWQyU0RDMFZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny81YWY3YTUtYjY3Yy00NTlhLTk4OTMtYzZmYWRlYjI4NWJh
LzEvelR1OEdWemFmbGdrV21ITE1MbHY1WEw5ZUJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXppwMA0G
CSqGSIb3DQEBCwUAA4IBAQBwR7/ib/3z9xARRDFZoaCg0osTSQbPGm6xR5i8yEEx
nQ44uxMog6kcJwDChfz4+y+PEGeaxbQtfN+T+H9AcXFZLUsgyTMjAaugS/ho2awD
ioMu2dN+CRKwsrSfBsMbO9Rni0kLdHW763RrqDar41dUyJTYNIiOHI7hxBX937pW
sXH9IMDpGlmc+RdfL7S4+kqb1lhEzrsW9aShCLFWGYx+rBLj50rN69eA1Aajrwfu
7PqdBzaM6TDQxkQypYZTfjlDFJy31fGjhHPkU2cTFDC7LTMbuIlHB0maPyntohUX
EWG3clM6cxU5XrqZGe8tbIrv2vTlBRkk8J2sR+fTswq9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:45 2024 by rpki-client on console-ams.rpki-client.org