Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hf43uKSUdA9gxc3fjLcUOe4TNXc.roa
File: hf43uKSUdA9gxc3fjLcUOe4TNXc.roa (raw, json)
Hash identifier: cjVuEC5iB6iChe0HHfVoX2+QpJb1xch4v3Ow0s0OcvE=
Subject key identifier: 85:FE:37:B8:A4:94:74:0F:60:C5:CD:DF:8C:B7:14:39:EE:13:35:77
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01890A9BEC7CEEDF9313472DB5A8AD2EA5B7
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hf43uKSUdA9gxc3fjLcUOe4TNXc.roa
Signing time: Fri 30 Jun 2023 04:42:17 +0000
ROA not before: Fri 30 Jun 2023 04:42:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 94.156.14.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:0a:9b:ec:7c:ee:df:93:13:47:2d:b5:a8:ad:2e:a5:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 30 04:42:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85fe37b8a494740f60c5cddf8cb71439ee133577
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:16:c2:d9:88:b6:e4:13:d2:0b:9f:03:17:d6:
2d:b2:f9:2a:39:dc:9c:41:b3:2d:cb:f5:54:56:75:
1e:cc:dd:11:67:9d:27:5d:19:98:31:29:cc:48:6d:
c3:56:eb:c5:1f:a4:13:da:f5:95:27:f0:16:94:40:
bc:5e:ac:fc:ec:1d:1e:9d:e9:8f:14:18:a3:f3:02:
4f:d8:ac:7b:9f:7e:19:6e:40:e3:2a:40:d0:c1:2b:
72:21:26:98:bd:a3:ce:1c:e9:80:66:d5:48:b0:4b:
4d:ad:db:67:ed:31:8b:e6:98:cf:d8:24:82:02:68:
1d:ee:7f:00:bc:fa:8d:ff:92:54:9f:b8:98:72:af:
ed:99:95:e5:e7:37:93:ca:91:58:47:3b:8a:89:a0:
c2:5a:f8:e5:55:8b:44:aa:85:a7:ff:66:91:13:89:
cf:20:dd:19:03:de:65:78:53:8b:cb:ad:86:80:cc:
80:28:ad:c4:98:cb:74:3f:a8:16:97:ea:14:1d:3f:
52:1b:70:5e:f5:fe:c0:0b:df:78:a4:ce:bf:f9:23:
f5:1b:50:03:b2:66:b7:be:cb:25:98:c2:9b:a5:9a:
d9:88:0a:72:2a:9b:4a:10:ce:af:52:79:3e:da:67:
26:ef:1b:ce:17:0e:52:97:c8:ed:b0:79:0c:22:6b:
fa:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:FE:37:B8:A4:94:74:0F:60:C5:CD:DF:8C:B7:14:39:EE:13:35:77
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hf43uKSUdA9gxc3fjLcUOe4TNXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.156.14.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:03:a3:12:3c:70:e7:88:ce:6b:15:db:7b:6a:5f:b0:7c:80:
32:2c:e3:d6:01:bc:a0:e1:13:e1:a6:38:9a:b1:fa:08:9d:36:
12:06:91:a3:bf:67:12:ca:09:43:4c:c1:f5:e5:77:da:58:f8:
dc:c5:6c:49:90:0d:d4:8d:5b:59:ca:7d:78:ef:e8:b0:9e:c0:
ae:a1:38:5d:47:73:3d:06:d1:68:e8:cd:08:87:29:c6:ef:db:
bf:c7:f9:b2:74:0e:c6:9e:c2:9a:8a:49:9a:03:8f:82:7b:0a:
68:f8:4a:99:9b:27:9a:b5:c1:1c:e7:02:aa:bc:07:6e:12:53:
b7:c3:d7:0e:9e:5a:1c:7b:d8:e1:ac:93:79:09:a7:19:b8:02:
75:03:f0:0b:8b:d7:c7:f0:d0:b2:bc:c5:04:e3:c9:1b:33:7f:
3a:0b:c2:61:75:3c:68:4a:51:ca:a7:b4:ab:5c:17:2e:15:d0:
32:c4:c8:4b:3a:cc:60:78:c9:43:c8:da:9d:ce:bc:eb:55:20:
c5:5a:49:fb:92:42:53:93:63:57:96:b3:96:ce:43:23:04:c0:
3c:8c:22:0b:8d:e4:ca:46:48:ba:72:b7:13:ef:ed:8f:7e:b9:
74:22:f0:c7:3f:9d:41:5f:05:cc:c4:e3:db:ce:88:d7:71:34:
81:87:90:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkKm+x87t+TE0cttaitLqW3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNjMwMDQ0MjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWZlMzdiOGE0OTQ3NDBmNjBjNWNkZGY4Y2I3MTQzOWVlMTMzNTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhbC2Yi25BPSC58DF9YtsvkqOdyc
QbMty/VUVnUezN0RZ50nXRmYMSnMSG3DVuvFH6QT2vWVJ/AWlEC8Xqz87B0enemP
FBij8wJP2Kx7n34ZbkDjKkDQwStyISaYvaPOHOmAZtVIsEtNrdtn7TGL5pjP2CSC
Amgd7n8AvPqN/5JUn7iYcq/tmZXl5zeTypFYRzuKiaDCWvjlVYtEqoWn/2aRE4nP
IN0ZA95leFOLy62GgMyAKK3EmMt0P6gWl+oUHT9SG3Be9f7AC994pM6/+SP1G1AD
sma3vsslmMKbpZrZiApyKptKEM6vUnk+2mcm7xvOFw5Sl8jtsHkMImv6GwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIX+N7iklHQPYMXN34y3FDnuEzV3MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaGY0M3VLU1VkQTlneGMzZmpMY1VPZTRUTlhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXpwOMA0G
CSqGSIb3DQEBCwUAA4IBAQCNA6MSPHDniM5rFdt7al+wfIAyLOPWAbyg4RPhpjia
sfoInTYSBpGjv2cSyglDTMH15XfaWPjcxWxJkA3UjVtZyn147+iwnsCuoThdR3M9
BtFo6M0IhynG79u/x/mydA7GnsKaikmaA4+Cewpo+EqZmyeatcEc5wKqvAduElO3
w9cOnloce9jhrJN5CacZuAJ1A/ALi9fH8NCyvMUE48kbM386C8JhdTxoSlHKp7Sr
XBcuFdAyxMhLOsxgeMlDyNqdzrzrVSDFWkn7kkJTk2NXlrOWzkMjBMA8jCILjeTK
Rki6crcT7+2Pfrl0IvDHP51BXwXMxOPbzojXcTSBh5DY
-----END CERTIFICATE-----
Generated at Wed Nov 8 20:55:58 2023 by rpki-client on console-ams.rpki-client.org