Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/9c2p1rGPEfvcCg2EwXwMAlVyoco.roa
File: 9c2p1rGPEfvcCg2EwXwMAlVyoco.roa (raw, json)
Hash identifier: MgL0YKcDz+/cRarLwdz/ELwyf2F34jyfZREbDqbV8DU=
Subject key identifier: F5:CD:A9:D6:B1:8F:11:FB:DC:0A:0D:84:C1:7C:0C:02:55:72:A1:CA
Certificate issuer: /CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Certificate serial: 018BDD4DBF1F3559E94E86AC067BB7BD7BD8
Authority key identifier: DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/9c2p1rGPEfvcCg2EwXwMAlVyoco.roa
Signing time: Fri 17 Nov 2023 12:42:21 +0000
ROA not before: Fri 17 Nov 2023 12:42:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 94.154.43.0/24 maxlen: 24
94.154.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Dec 2023 08:50:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:dd:4d:bf:1f:35:59:e9:4e:86:ac:06:7b:b7:bd:7b:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Validity
Not Before: Nov 17 12:42:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f5cda9d6b18f11fbdc0a0d84c17c0c025572a1ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:36:c9:b2:54:e8:43:84:4a:cb:9b:32:b8:27:
6c:25:bd:fc:1d:bf:86:88:cd:b0:7d:7f:96:56:3f:
c9:a4:9b:a5:40:74:9e:09:37:31:fe:5f:4e:05:b4:
2f:bc:81:a8:ee:38:cf:b4:13:62:59:a6:da:1f:34:
0a:4b:1a:da:52:f3:fd:32:27:dd:1d:a7:5c:ad:61:
81:c8:40:50:2b:18:ea:de:06:b0:7f:9f:42:6c:7f:
54:f1:94:a5:c2:4d:22:58:49:cb:fa:d5:83:35:00:
07:50:78:0e:14:0d:7e:11:a4:11:5d:00:7f:a0:6c:
be:e6:83:96:c6:11:f1:27:21:cd:fc:0a:f5:d7:9f:
35:29:65:06:ac:d3:58:a1:1a:d0:47:ed:4b:04:b9:
c2:63:fb:73:da:98:96:11:ec:5d:96:60:57:e6:d3:
10:09:b7:43:e6:21:da:e7:ce:22:91:6d:0e:af:7c:
0d:de:ee:3b:a3:b1:21:06:70:8b:e7:44:80:44:87:
f8:83:17:0e:13:fe:17:06:25:4e:18:bc:2b:b9:4c:
7d:d4:2e:83:9e:78:84:78:3b:16:48:14:2f:91:5d:
e7:66:f9:60:97:1a:61:5b:b5:00:10:a8:fc:75:2d:
17:35:b8:1c:08:95:36:c9:fd:70:3f:44:c5:b9:97:
23:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:CD:A9:D6:B1:8F:11:FB:DC:0A:0D:84:C1:7C:0C:02:55:72:A1:CA
X509v3 Authority Key Identifier:
keyid:DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/9c2p1rGPEfvcCg2EwXwMAlVyoco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/3BHa76_4HH5QEnjYfZvCsgTXEVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.42.0/23
Signature Algorithm: sha256WithRSAEncryption
72:19:e2:74:84:66:01:8a:81:7b:bd:3f:bc:e7:d5:e5:7b:be:
52:f0:b2:38:81:b2:0e:e6:95:ea:83:0b:83:53:dc:ff:19:9b:
fe:a0:af:60:d0:a8:d1:49:e6:bb:79:19:99:d9:3f:35:6c:19:
54:2f:dd:7f:bd:ec:10:cf:76:8b:94:10:c3:0d:6d:20:ae:40:
80:07:b0:22:bb:6b:9a:a3:3a:bf:cf:71:66:8e:34:1b:db:76:
88:88:e0:9b:94:b3:d6:d6:d6:32:00:15:bb:25:16:34:72:7c:
3c:ae:d1:be:63:68:93:41:88:2d:24:b6:39:a5:26:d0:da:da:
c9:c9:72:44:db:49:b9:98:48:ab:3f:f4:e9:f2:65:eb:92:bd:
9f:e3:90:6b:1b:27:16:a8:ab:c3:39:fa:e0:65:f3:8b:0d:72:
b2:b9:22:70:ec:38:02:5b:75:df:bd:77:e1:9a:f7:8c:0d:00:
36:f7:a0:ec:36:09:4c:c4:b1:4f:fa:d6:1a:5d:73:ed:1a:cf:
d8:bb:b7:74:cd:f9:d9:a3:e7:d1:41:b6:50:13:21:a1:2b:d2:
2f:4e:2a:e3:ba:da:3f:8a:51:21:1e:be:24:51:1b:a9:dd:ff:
d2:1d:08:6d:8b:ce:96:a8:b4:6c:ef:3b:75:9f:59:39:48:c3:
d5:01:7c:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvdTb8fNVnpToasBnu3vXvYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTFkYWVmYWZmODFjN2U1MDEyNzhkODdkOWJjMmIyMDRk
NzExNTUwHhcNMjMxMTE3MTI0MjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWNkYTlkNmIxOGYxMWZiZGMwYTBkODRjMTdjMGMwMjU1NzJhMWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzbJslToQ4RKy5syuCdsJb38Hb+G
iM2wfX+WVj/JpJulQHSeCTcx/l9OBbQvvIGo7jjPtBNiWabaHzQKSxraUvP9Mifd
HadcrWGByEBQKxjq3gawf59CbH9U8ZSlwk0iWEnL+tWDNQAHUHgOFA1+EaQRXQB/
oGy+5oOWxhHxJyHN/Ar11581KWUGrNNYoRrQR+1LBLnCY/tz2piWEexdlmBX5tMQ
CbdD5iHa584ikW0Or3wN3u47o7EhBnCL50SARIf4gxcOE/4XBiVOGLwruUx91C6D
nniEeDsWSBQvkV3nZvlglxphW7UAEKj8dS0XNbgcCJU2yf1wP0TFuZcj/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPXNqdaxjxH73AoNhMF8DAJVcqHKMB8GA1UdIwQY
MBaAFNwR2u+v+Bx+UBJ42H2bwrIE1xFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYt
NjUyNDljYmM1NzNjLzEvOWMycDFyR1BFZnZjQ2cyRXdYd01BbFZ5b2NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYtNjUyNDljYmM1NzNj
LzEvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXpoqMA0G
CSqGSIb3DQEBCwUAA4IBAQByGeJ0hGYBioF7vT+859Xle75S8LI4gbIO5pXqgwuD
U9z/GZv+oK9g0KjRSea7eRmZ2T81bBlUL91/vewQz3aLlBDDDW0grkCAB7Aiu2ua
ozq/z3FmjjQb23aIiOCblLPW1tYyABW7JRY0cnw8rtG+Y2iTQYgtJLY5pSbQ2trJ
yXJE20m5mEirP/Tp8mXrkr2f45BrGycWqKvDOfrgZfOLDXKyuSJw7DgCW3XfvXfh
mveMDQA296DsNglMxLFP+tYaXXPtGs/Yu7d0zfnZo+fRQbZQEyGhK9IvTirjuto/
ilEhHr4kURup3f/SHQhti86WqLRs7zt1n1k5SMPVAXy6
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:55 2024 by rpki-client on console-ams.rpki-client.org