Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/q2CQZu1UB5dDizTpP_vqhnUKy1M.roa
File: q2CQZu1UB5dDizTpP_vqhnUKy1M.roa (raw, json)
Hash identifier: M3reHlygVR9Al3FJInW8pgZlqNPqSl1BOYIX3XnxdEg=
Subject key identifier: AB:60:90:66:ED:54:07:97:43:8B:34:E9:3F:FB:EA:86:75:0A:CB:53
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DCCE7978FC02187BC180C53FC758E1
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/q2CQZu1UB5dDizTpP_vqhnUKy1M.roa
Signing time: Tue 02 Jan 2024 06:29:23 +0000
ROA not before: Tue 02 Jan 2024 06:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6939
IP address blocks: 94.156.112.0/24 maxlen: 24
94.156.116.0/24 maxlen: 24
94.156.117.0/24 maxlen: 24
94.156.113.0/24 maxlen: 24
94.156.118.0/24 maxlen: 24
94.156.114.0/24 maxlen: 24
94.156.115.0/24 maxlen: 24
94.156.124.0/24 maxlen: 24
94.156.120.0/24 maxlen: 24
94.156.125.0/24 maxlen: 24
94.156.121.0/24 maxlen: 24
94.156.122.0/24 maxlen: 24
94.156.119.0/24 maxlen: 24
94.156.126.0/24 maxlen: 24
94.156.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Jan 2024 11:38:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:ce:79:78:fc:02:18:7b:c1:80:c5:3f:c7:58:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab609066ed540797438b34e93ffbea86750acb53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:5a:4b:d1:fc:4e:95:3a:aa:9e:88:c8:9b:63:
04:8e:5d:7b:8e:31:21:82:3f:d1:93:05:7d:05:84:
ba:f9:19:43:ea:a7:44:20:75:53:ca:6f:4e:ad:b2:
0f:96:35:41:54:73:08:ed:78:2e:23:5e:6d:f5:d6:
28:a6:1c:a9:f4:4f:87:73:bc:25:8c:98:b2:6e:62:
25:ec:f1:0f:6a:61:5e:fe:30:81:3f:18:b4:35:5a:
43:c5:15:42:49:68:9f:36:f6:ef:f1:9a:b6:61:2d:
81:f5:35:4e:0d:91:f3:ef:2d:66:66:4b:26:5b:69:
ff:a1:8c:ea:71:20:9a:80:29:f8:d7:5c:ad:9c:5b:
1f:b1:87:ca:7c:d9:c2:1e:8f:8b:2e:b8:92:8e:bd:
7b:98:42:fd:df:98:45:eb:e2:fa:b4:fe:11:1f:1e:
31:e7:b3:d1:c0:7e:8c:19:4b:87:fb:6f:e0:54:69:
08:5a:ba:81:f6:88:aa:9b:97:b3:aa:1f:30:a5:b2:
23:58:e4:66:33:56:80:32:72:b5:48:f6:6d:5d:df:
22:27:f2:f2:e0:de:93:75:62:c2:87:b2:28:ea:16:
6a:03:11:1b:04:eb:ad:1f:90:75:40:9f:62:9b:5f:
65:82:77:61:2a:11:3e:a1:77:84:ac:61:e2:1a:c4:
60:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:60:90:66:ED:54:07:97:43:8B:34:E9:3F:FB:EA:86:75:0A:CB:53
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/q2CQZu1UB5dDizTpP_vqhnUKy1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.156.112.0-94.156.122.255
94.156.124.0/22
Signature Algorithm: sha256WithRSAEncryption
a6:90:58:05:36:de:ad:fc:ca:21:a5:0c:94:b7:3b:32:45:2e:
b7:ae:9b:77:95:1f:b1:a6:ee:d2:69:d5:c3:27:60:59:db:00:
3b:1b:4d:6a:56:fc:de:36:30:9e:86:c2:96:fc:11:32:87:e8:
7c:de:ff:b0:1b:60:7b:bc:6c:0c:6f:be:cd:8b:06:cc:ff:f5:
94:45:e2:80:5b:72:4b:23:53:ef:b9:8b:e8:aa:f0:f9:80:de:
9f:7e:21:3b:d6:8d:63:40:55:70:86:f7:2e:b5:36:88:eb:a9:
c4:b6:be:99:91:09:a9:06:30:cb:a3:2c:85:ae:18:7b:24:c1:
e5:54:5d:79:74:12:82:ad:dc:04:02:ed:32:23:64:b8:cd:20:
e3:b0:7f:8e:66:77:3f:22:78:33:c5:ff:d9:b7:c6:53:65:53:
c7:20:fb:cb:5a:66:8e:90:8a:66:1b:14:98:5a:15:0e:be:58:
ab:8e:77:4e:e7:55:c1:b4:79:d4:47:27:5a:42:61:da:35:6a:
a8:5f:1f:4a:3d:01:cf:b7:2b:af:9d:3c:b1:7f:83:e9:a7:93:
30:66:b0:92:65:3e:3e:be:14:37:88:2b:6d:84:ab:5c:01:ad:
20:e1:3e:de:6e:23:48:a9:0a:7d:f7:16:7d:9e:eb:c4:b3:40:
07:e7:e6:98
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzI3M55ePwCGHvBgMU/x1jhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjYwOTA2NmVkNTQwNzk3NDM4YjM0ZTkzZmZiZWE4Njc1MGFjYjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1pL0fxOlTqqnojIm2MEjl17jjEh
gj/RkwV9BYS6+RlD6qdEIHVTym9OrbIPljVBVHMI7XguI15t9dYophyp9E+Hc7wl
jJiybmIl7PEPamFe/jCBPxi0NVpDxRVCSWifNvbv8Zq2YS2B9TVODZHz7y1mZksm
W2n/oYzqcSCagCn411ytnFsfsYfKfNnCHo+LLriSjr17mEL935hF6+L6tP4RHx4x
57PRwH6MGUuH+2/gVGkIWrqB9oiqm5ezqh8wpbIjWORmM1aAMnK1SPZtXd8iJ/Ly
4N6TdWLCh7Io6hZqAxEbBOutH5B1QJ9im19lgndhKhE+oXeErGHiGsRgGwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKtgkGbtVAeXQ4s06T/76oZ1CstTMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcTJDUVp1MVVCNWREaXpUcFBfdnFoblVLeTFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBARenHAD
BABenHoDBAJenHwwDQYJKoZIhvcNAQELBQADggEBAKaQWAU23q38yiGlDJS3OzJF
Lreum3eVH7Gm7tJp1cMnYFnbADsbTWpW/N42MJ6Gwpb8ETKH6Hze/7AbYHu8bAxv
vs2LBsz/9ZRF4oBbcksjU++5i+iq8PmA3p9+ITvWjWNAVXCG9y61NojrqcS2vpmR
CakGMMujLIWuGHskweVUXXl0EoKt3AQC7TIjZLjNIOOwf45mdz8ieDPF/9m3xlNl
U8cg+8taZo6QimYbFJhaFQ6+WKuOd07nVcG0edRHJ1pCYdo1aqhfH0o9Ac+3K6+d
PLF/g+mnkzBmsJJlPj6+FDeIK22Eq1wBrSDhPt5uI0ipCn33Fn2e68SzQAfn5pg=
-----END CERTIFICATE-----
Generated at Mon Jan 8 14:55:20 2024 by rpki-client on console-ams.rpki-client.org