Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/B6kol2_pItNAzefdBvSKBSlAxyU.roa
File: B6kol2_pItNAzefdBvSKBSlAxyU.roa (raw, json)
Hash identifier: vWPQC4RqNPFk+BICadKrsbX5yJSTMpCXriwTwXAO29A=
Subject key identifier: 07:A9:28:97:6F:E9:22:D3:40:CD:E7:DD:06:F4:8A:05:29:40:C7:25
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 019112482AA1E8E984255F511A7F35C3B0C5
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/B6kol2_pItNAzefdBvSKBSlAxyU.roa
Signing time: Fri 02 Aug 2024 08:50:04 +0000
ROA not before: Fri 02 Aug 2024 08:50:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211192
IP address blocks: 94.177.113.0/24 maxlen: 24
94.177.118.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:12:48:2a:a1:e8:e9:84:25:5f:51:1a:7f:35:c3:b0:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Aug 2 08:50:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=07a928976fe922d340cde7dd06f48a052940c725
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:c8:a2:47:a6:ac:2b:3f:a7:e7:7b:34:23:f6:
80:ed:de:2b:ed:b4:2e:9f:f1:63:d0:96:09:13:93:
9c:e6:e4:82:e8:fb:0c:f3:d5:be:27:64:b4:ae:23:
fa:ee:54:22:c5:87:ba:51:e2:11:d8:c3:01:e5:5c:
15:e3:81:ac:26:38:7d:19:ff:1a:8e:a2:86:8c:d5:
9e:ec:9d:2d:de:15:51:86:cc:a8:ef:fd:6c:31:e0:
d8:6f:40:44:dc:b5:97:0a:22:7b:b6:76:30:d5:53:
0a:af:35:52:3d:16:46:3f:55:ae:f6:40:2f:80:a3:
03:8d:04:ed:83:f1:90:08:4d:48:3e:67:d4:85:ee:
f1:d7:03:a7:a7:aa:05:28:6f:33:25:68:56:dd:cc:
12:f2:d5:31:42:bf:9c:cc:17:58:7d:79:95:f3:18:
a5:5f:85:dc:e0:5a:69:05:85:cd:42:03:dc:30:7e:
44:a1:bf:c3:ba:2a:06:77:db:33:02:cd:f7:3c:19:
6d:98:d4:fc:d3:e9:a2:ba:da:54:ae:3f:a9:57:67:
c0:f5:f0:f5:df:84:48:c6:ba:3f:5f:84:f0:6b:89:
53:45:a6:5b:08:f4:52:c8:b3:89:87:af:1f:82:79:
b7:fe:54:73:90:05:58:e5:d3:52:47:a9:0c:87:eb:
a2:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:A9:28:97:6F:E9:22:D3:40:CD:E7:DD:06:F4:8A:05:29:40:C7:25
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/B6kol2_pItNAzefdBvSKBSlAxyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.177.113.0/24
94.177.118.0/24
Signature Algorithm: sha256WithRSAEncryption
19:e5:4f:af:b7:3b:1f:71:e8:e9:8b:59:97:89:71:c6:0e:f3:
df:d4:8b:24:e5:31:f2:0c:a3:59:b2:45:e5:d2:3e:91:b7:15:
b0:84:aa:2d:1b:32:e3:c8:b6:17:da:ef:b7:18:bf:ae:4d:78:
b3:55:0e:eb:f5:d5:f1:cd:80:cb:24:74:05:a1:b6:f8:3b:5c:
8e:d2:bd:ab:03:aa:1b:56:b8:d4:4d:71:71:fa:1e:4d:b6:ce:
02:ce:a8:8e:a0:31:06:a9:07:83:98:6a:66:a3:4e:6b:20:12:
6c:f7:24:a6:83:c5:97:1a:16:e1:ff:1e:4c:dd:13:9d:b4:17:
df:95:05:07:f0:c4:ed:6e:c7:9d:90:eb:fb:4e:b1:e1:9b:81:
a5:ac:4a:5a:0d:fb:50:95:b8:f3:f5:90:3c:26:47:3f:75:31:
5a:ac:92:5e:a9:ab:33:3c:bc:40:57:44:9b:5d:94:0b:60:7c:
19:08:80:63:af:e1:21:df:60:8a:6b:b9:f8:0b:e2:10:55:4a:
40:1a:5f:37:2e:75:e6:66:f8:4a:a9:93:28:f7:f5:a6:d4:39:
4b:fe:d7:1c:2c:94:45:5a:ab:68:61:f8:81:ad:43:4e:21:f0:
f1:28:2f:74:bd:82:be:6e:81:0b:0f:e7:dd:44:f1:a6:54:3e:
59:df:d4:2b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZESSCqh6OmEJV9RGn81w7DFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwODAyMDg1MDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2E5Mjg5NzZmZTkyMmQzNDBjZGU3ZGQwNmY0OGEwNTI5NDBjNzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7siiR6asKz+n53s0I/aA7d4r7bQu
n/Fj0JYJE5Oc5uSC6PsM89W+J2S0riP67lQixYe6UeIR2MMB5VwV44GsJjh9Gf8a
jqKGjNWe7J0t3hVRhsyo7/1sMeDYb0BE3LWXCiJ7tnYw1VMKrzVSPRZGP1Wu9kAv
gKMDjQTtg/GQCE1IPmfUhe7x1wOnp6oFKG8zJWhW3cwS8tUxQr+czBdYfXmV8xil
X4Xc4FppBYXNQgPcMH5Eob/DuioGd9szAs33PBltmNT80+miutpUrj+pV2fA9fD1
34RIxro/X4Twa4lTRaZbCPRSyLOJh68fgnm3/lRzkAVY5dNSR6kMh+ui9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAepKJdv6SLTQM3n3Qb0igUpQMclMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvQjZrb2wyX3BJdE5BemVmZEJ2U0tCU2xBeHlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXrFxAwQA
XrF2MA0GCSqGSIb3DQEBCwUAA4IBAQAZ5U+vtzsfcejpi1mXiXHGDvPf1Isk5THy
DKNZskXl0j6RtxWwhKotGzLjyLYX2u+3GL+uTXizVQ7r9dXxzYDLJHQFobb4O1yO
0r2rA6obVrjUTXFx+h5Nts4CzqiOoDEGqQeDmGpmo05rIBJs9ySmg8WXGhbh/x5M
3ROdtBfflQUH8MTtbsedkOv7TrHhm4GlrEpaDftQlbjz9ZA8Jkc/dTFarJJeqasz
PLxAV0SbXZQLYHwZCIBjr+Eh32CKa7n4C+IQVUpAGl83LnXmZvhKqZMo9/Wm1DlL
/tccLJRFWqtoYfiBrUNOIfDxKC90vYK+boELD+fdRPGmVD5Z39Qr
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:49:39 2025 by rpki-client