Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/eyTPDyHnMvGnEntloukdlStH5kU.roa
File: eyTPDyHnMvGnEntloukdlStH5kU.roa (raw, json)
Hash identifier: jp+EEccLH2ErDaRdgYgJ1SwfQwpFVpK1cXileDLghI8=
Subject key identifier: 7B:24:CF:0F:21:E7:32:F1:A7:12:7B:65:A2:E9:1D:95:2B:47:E6:45
Certificate issuer: /CN=767f3bd4bfbd3071c38cd4d7092bd3490920c3d9
Certificate serial: 018CC3B7412F0C9EA3F74B481CED47336BB4
Authority key identifier: 76:7F:3B:D4:BF:BD:30:71:C3:8C:D4:D7:09:2B:D3:49:09:20:C3:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/eyTPDyHnMvGnEntloukdlStH5kU.roa
Signing time: Mon 01 Jan 2024 06:30:16 +0000
ROA not before: Mon 01 Jan 2024 06:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 193.9.124.0/24 maxlen: 24
94.247.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jul 2024 05:28:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:41:2f:0c:9e:a3:f7:4b:48:1c:ed:47:33:6b:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=767f3bd4bfbd3071c38cd4d7092bd3490920c3d9
Validity
Not Before: Jan 1 06:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7b24cf0f21e732f1a7127b65a2e91d952b47e645
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f1:40:6e:ca:ad:2b:a8:6c:02:96:37:cb:c9:
b3:a6:b8:c6:f1:6f:f3:ac:5e:1f:4b:86:2a:15:c6:
6a:2f:8a:46:ea:00:c4:7a:d4:c3:2e:63:fb:03:cb:
6e:f0:1e:cd:31:20:87:d9:b4:ff:7c:69:5a:e1:fd:
0d:e9:e3:e9:10:11:91:76:c6:80:8e:13:bc:7e:82:
46:49:72:36:22:fb:ae:1b:18:bc:35:cd:f7:21:93:
0e:73:0f:3e:a2:b0:40:7b:8c:f9:8f:d5:11:f6:82:
de:05:cc:da:ad:12:27:ab:0b:6d:fc:a3:53:7f:76:
f1:68:f0:e4:49:6b:45:f0:99:0b:34:49:14:03:4f:
69:6b:0b:9d:b2:4b:52:ec:b9:5b:bb:0d:9e:80:f8:
6f:91:0a:68:01:86:67:2b:7a:43:2b:52:59:9b:7e:
1b:bd:a4:ad:a7:d9:83:ad:f3:5a:25:32:e1:06:b0:
bd:18:64:da:a1:e0:18:3d:ce:0b:71:eb:64:a8:ce:
46:4d:1b:f1:1b:48:67:62:24:66:6f:e5:cc:48:09:
1e:88:5b:fb:38:6d:ae:a7:cd:e8:dd:dd:05:c8:c3:
66:df:72:0d:c3:ba:9e:d4:35:4f:73:72:4d:3d:c1:
0a:93:b3:2f:81:5f:89:a7:7a:4f:74:cc:16:92:4d:
55:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:24:CF:0F:21:E7:32:F1:A7:12:7B:65:A2:E9:1D:95:2B:47:E6:45
X509v3 Authority Key Identifier:
keyid:76:7F:3B:D4:BF:BD:30:71:C3:8C:D4:D7:09:2B:D3:49:09:20:C3:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/eyTPDyHnMvGnEntloukdlStH5kU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.247.139.0/24
193.9.124.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:dc:89:6f:27:f2:a3:4c:48:9b:fe:8b:be:d4:91:ac:53:ca:
c5:c3:64:f4:08:64:dd:cf:56:78:3f:1f:2a:73:71:91:58:a2:
8b:e2:96:42:27:0e:8b:76:09:7c:35:0c:aa:a9:be:95:3b:8a:
e3:a4:b8:f3:52:38:44:af:83:df:1a:1f:9b:a4:1c:1e:17:e6:
ca:c6:b2:00:44:b3:87:9a:35:06:d2:0b:b6:81:17:ba:41:38:
f3:15:33:fe:5c:00:dc:02:60:18:38:a9:6e:4d:45:b8:cc:16:
7f:a3:b1:70:5a:d8:a0:27:00:53:ab:04:45:3b:09:0d:b5:55:
05:e1:cf:d7:f5:ab:5d:ef:44:b3:55:7b:6f:2a:29:46:2b:bf:
20:cd:b9:c9:77:4c:19:aa:04:7b:bb:40:5e:d6:f6:4a:d9:97:
aa:e4:55:bd:4e:fb:45:8a:45:25:90:e8:ba:a2:60:b7:d4:41:
b7:97:98:88:40:54:1f:d5:7a:80:53:ad:67:8d:19:3d:b0:c1:
09:a2:41:17:86:45:2d:55:ad:38:67:7a:19:40:85:1b:44:8f:
7c:50:de:9f:6a:86:2d:a8:00:fb:b6:24:9e:b2:1c:b8:9b:87:
c9:0b:df:0b:fe:36:3b:da:f0:bd:34:fa:ae:35:5d:1a:75:02:
8d:11:5f:7d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDt0EvDJ6j90tIHO1HM2u0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2N2YzYmQ0YmZiZDMwNzFjMzhjZDRkNzA5MmJkMzQ5MDky
MGMzZDkwHhcNMjQwMTAxMDYzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjI0Y2YwZjIxZTczMmYxYTcxMjdiNjVhMmU5MWQ5NTJiNDdlNjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfFAbsqtK6hsApY3y8mzprjG8W/z
rF4fS4YqFcZqL4pG6gDEetTDLmP7A8tu8B7NMSCH2bT/fGla4f0N6ePpEBGRdsaA
jhO8foJGSXI2IvuuGxi8Nc33IZMOcw8+orBAe4z5j9UR9oLeBczarRInqwtt/KNT
f3bxaPDkSWtF8JkLNEkUA09pawudsktS7Llbuw2egPhvkQpoAYZnK3pDK1JZm34b
vaStp9mDrfNaJTLhBrC9GGTaoeAYPc4LcetkqM5GTRvxG0hnYiRmb+XMSAkeiFv7
OG2up83o3d0FyMNm33INw7qe1DVPc3JNPcEKk7MvgV+Jp3pPdMwWkk1VVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHskzw8h5zLxpxJ7ZaLpHZUrR+ZFMB8GA1UdIwQY
MBaAFHZ/O9S/vTBxw4zU1wkr00kJIMPZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG44NzFMLTlNSEhEak5UWENTdlRTUWtndzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9mZjVjYzYtOGY2MS00NDdiLWI2NTgt
NGZiNTU5YjNiOWIzLzEvZXlUUER5SG5NdkduRW50bG91a2RsU3RINWtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9mZjVjYzYtOGY2MS00NDdiLWI2NTgtNGZiNTU5YjNiOWIz
LzEvZG44NzFMLTlNSEhEak5UWENTdlRTUWtndzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXveLAwQA
wQl8MA0GCSqGSIb3DQEBCwUAA4IBAQAr3IlvJ/KjTEib/ou+1JGsU8rFw2T0CGTd
z1Z4Px8qc3GRWKKL4pZCJw6Ldgl8NQyqqb6VO4rjpLjzUjhEr4PfGh+bpBweF+bK
xrIARLOHmjUG0gu2gRe6QTjzFTP+XADcAmAYOKluTUW4zBZ/o7FwWtigJwBTqwRF
OwkNtVUF4c/X9atd70SzVXtvKilGK78gzbnJd0wZqgR7u0Be1vZK2Zeq5FW9TvtF
ikUlkOi6omC31EG3l5iIQFQf1XqAU61njRk9sMEJokEXhkUtVa04Z3oZQIUbRI98
UN6faoYtqAD7tiSeshy4m4fJC98L/jY72vC9NPquNV0adQKNEV99
-----END CERTIFICATE-----
Generated at Wed Jul 10 06:41:13 2024 by rpki-client on console-fra.rpki-client.org