Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/372KCKjOeNgsXVg19ytP5WJ_zUs.roa
File: 372KCKjOeNgsXVg19ytP5WJ_zUs.roa (raw, json)
Hash identifier: QXGBdM5PjBsfQSn305FFYuYjfboKEC6ofQC+Uidbndo=
Subject key identifier: DF:BD:8A:08:A8:CE:78:D8:2C:5D:58:35:F7:2B:4F:E5:62:7F:CD:4B
Certificate issuer: /CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Certificate serial: 0191988FBD5EFB6E5221302A17A854374C57
Authority key identifier: DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/372KCKjOeNgsXVg19ytP5WJ_zUs.roa
Signing time: Wed 28 Aug 2024 10:37:22 +0000
ROA not before: Wed 28 Aug 2024 10:37:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 94.154.41.0/24 maxlen: 24
94.154.44.0/23 maxlen: 24
94.154.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Aug 2024 13:25:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:98:8f:bd:5e:fb:6e:52:21:30:2a:17:a8:54:37:4c:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Validity
Not Before: Aug 28 10:37:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dfbd8a08a8ce78d82c5d5835f72b4fe5627fcd4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:34:7b:5a:f7:d5:ef:33:12:00:47:6d:c8:0d:
84:a3:9e:20:72:7c:f3:99:e5:9e:0f:74:92:b5:09:
54:ce:22:b5:24:54:22:b5:bf:91:fd:0b:ad:cc:6a:
5c:06:01:82:16:94:76:e1:57:b2:5a:c0:9c:5f:42:
a5:60:f2:d4:e0:b9:80:b5:cc:b9:9b:12:58:39:6c:
c7:4e:a0:66:36:8e:af:94:da:48:c9:d3:d5:f8:38:
d4:4b:f0:3d:e5:77:e8:92:33:22:6a:c8:20:bf:51:
dd:12:72:ae:1d:18:d0:ef:9a:1a:ac:39:63:7f:78:
f8:0f:57:31:c8:56:91:cc:d9:7f:e0:ac:f9:44:d4:
b3:0d:73:a6:8d:42:e1:a4:df:f1:2d:d2:07:35:02:
36:73:ca:25:46:f1:7f:c6:28:24:a4:74:a0:56:87:
de:51:f0:6d:09:1e:90:51:4f:6e:36:cb:de:2d:c6:
6c:29:38:55:ff:8f:b8:2f:9c:06:ed:08:83:12:97:
4e:8d:25:67:86:9d:ca:ef:dc:61:a3:16:0d:cf:2c:
43:94:98:ae:14:a0:02:87:78:11:78:34:c8:a8:25:
29:b3:7c:ed:11:90:27:4b:a0:fe:44:7e:d6:82:d0:
83:30:bd:4b:fd:58:c1:43:6b:47:22:48:5f:9d:fd:
a9:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:BD:8A:08:A8:CE:78:D8:2C:5D:58:35:F7:2B:4F:E5:62:7F:CD:4B
X509v3 Authority Key Identifier:
keyid:DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/372KCKjOeNgsXVg19ytP5WJ_zUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/3BHa76_4HH5QEnjYfZvCsgTXEVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.41.0/24
94.154.44.0-94.154.46.255
Signature Algorithm: sha256WithRSAEncryption
50:a3:56:ae:90:bb:1b:d5:e1:ec:24:b2:fe:6a:12:01:11:e1:
b1:3a:0f:a2:51:b2:a6:19:23:75:89:95:bc:ca:f5:f3:32:49:
56:a6:d4:18:f1:41:ff:f2:03:c2:3e:ce:85:f0:35:1a:05:24:
be:bc:f2:7b:85:84:31:ec:c2:1b:f6:9b:45:38:60:1f:b5:86:
e3:af:dc:55:0f:9f:a9:da:c1:39:ea:79:59:1b:10:40:5c:de:
7c:e4:b6:d1:0f:c3:46:5b:20:bf:41:48:89:b3:a9:92:df:6f:
02:46:53:49:ce:08:e2:03:07:08:70:42:14:18:47:a9:10:0b:
45:45:53:c6:73:c2:e8:92:e4:06:57:15:ae:b1:94:06:ee:09:
44:fa:7d:ca:4b:95:b2:e1:46:c8:51:68:95:b9:6c:f3:4a:24:
53:2f:6e:f9:36:e1:3d:29:71:0b:05:c6:39:42:92:bd:21:46:
95:fe:64:37:2f:2b:aa:ce:50:39:37:c0:af:cd:85:b3:bc:9c:
93:b0:03:35:5d:2b:64:af:e4:18:f6:44:4a:df:06:60:01:06:
31:90:1a:20:ae:98:2e:1d:da:28:c3:d9:ff:7a:4f:53:30:1e:
4b:54:c7:70:4c:df:a7:11:57:8b:db:50:1c:f0:bd:98:b1:af:
03:fe:4d:5d
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZGYj71e+25SITAqF6hUN0xXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTFkYWVmYWZmODFjN2U1MDEyNzhkODdkOWJjMmIyMDRk
NzExNTUwHhcNMjQwODI4MTAzNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmJkOGEwOGE4Y2U3OGQ4MmM1ZDU4MzVmNzJiNGZlNTYyN2ZjZDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTR7WvfV7zMSAEdtyA2Eo54gcnzz
meWeD3SStQlUziK1JFQitb+R/QutzGpcBgGCFpR24VeyWsCcX0KlYPLU4LmAtcy5
mxJYOWzHTqBmNo6vlNpIydPV+DjUS/A95XfokjMiasggv1HdEnKuHRjQ75oarDlj
f3j4D1cxyFaRzNl/4Kz5RNSzDXOmjULhpN/xLdIHNQI2c8olRvF/xigkpHSgVofe
UfBtCR6QUU9uNsveLcZsKThV/4+4L5wG7QiDEpdOjSVnhp3K79xhoxYNzyxDlJiu
FKACh3gReDTIqCUps3ztEZAnS6D+RH7WgtCDML1L/VjBQ2tHIkhfnf2pTQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFN+9igioznjYLF1YNfcrT+Vif81LMB8GA1UdIwQY
MBaAFNwR2u+v+Bx+UBJ42H2bwrIE1xFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYt
NjUyNDljYmM1NzNjLzEvMzcyS0NLak9lTmdzWFZnMTl5dFA1V0pfelVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYtNjUyNDljYmM1NzNj
LzEvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAXpopMAwD
BAJemiwDBABemi4wDQYJKoZIhvcNAQELBQADggEBAFCjVq6QuxvV4ewksv5qEgER
4bE6D6JRsqYZI3WJlbzK9fMySVam1BjxQf/yA8I+zoXwNRoFJL688nuFhDHswhv2
m0U4YB+1huOv3FUPn6nawTnqeVkbEEBc3nzkttEPw0ZbIL9BSImzqZLfbwJGU0nO
COIDBwhwQhQYR6kQC0VFU8ZzwuiS5AZXFa6xlAbuCUT6fcpLlbLhRshRaJW5bPNK
JFMvbvk24T0pcQsFxjlCkr0hRpX+ZDcvK6rOUDk3wK/NhbO8nJOwAzVdK2Sv5Bj2
RErfBmABBjGQGiCumC4d2ijD2f96T1MwHktUx3BM36cRV4vbUBzwvZixrwP+TV0=
-----END CERTIFICATE-----
Generated at Wed Aug 28 16:05:30 2024 by rpki-client on console-fra.rpki-client.org