Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/GH6AEdfH2m85GpbvpAg9HdaUkqY.roa
File: GH6AEdfH2m85GpbvpAg9HdaUkqY.roa (raw, json)
Hash identifier: MSUKNOkli/lO2Vrqyk92rI2S71xD24q9dZcnLi7lD+8=
Subject key identifier: 18:7E:80:11:D7:C7:DA:6F:39:1A:96:EF:A4:08:3D:1D:D6:94:92:A6
Certificate issuer: /CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Certificate serial: 018CC5DC5C58D0092BFC4D9FAAC46C26C8DB
Authority key identifier: DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/GH6AEdfH2m85GpbvpAg9HdaUkqY.roa
Signing time: Mon 01 Jan 2024 16:30:02 +0000
ROA not before: Mon 01 Jan 2024 16:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 94.154.42.0/24 maxlen: 24
94.154.41.0/24 maxlen: 24
94.154.44.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:5c:58:d0:09:2b:fc:4d:9f:aa:c4:6c:26:c8:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Validity
Not Before: Jan 1 16:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=187e8011d7c7da6f391a96efa4083d1dd69492a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:47:3f:6b:e6:97:17:bc:d1:5e:01:0b:01:e4:
f6:54:48:3c:68:04:98:2e:46:b0:7f:e8:7b:07:fa:
80:9e:0f:9c:f4:a8:c7:be:da:23:5c:4a:b4:ac:cc:
b8:f1:ce:4d:80:ca:73:15:b8:e6:56:dc:33:3c:a4:
c4:08:7f:74:44:81:c0:0b:15:cc:d5:b8:78:16:46:
c1:53:63:fc:14:24:a0:47:0a:c7:e4:6b:5b:6a:5c:
44:ea:fd:05:29:77:ff:a4:fc:8b:47:1b:83:6b:f3:
a0:59:91:d0:94:b5:01:ad:cc:ec:40:b5:a4:26:a9:
d3:c7:f8:9e:d5:6d:70:33:a1:0d:bc:15:61:10:36:
a2:77:85:7a:e5:64:89:4a:07:dd:48:8b:3b:22:4f:
e4:27:21:7a:7c:c6:3a:c8:7e:66:a8:86:b1:7c:34:
f3:7d:2f:3c:f5:a2:bb:22:76:8d:21:94:06:b1:c8:
c7:19:7f:0e:cd:ab:08:06:dd:37:cb:f7:11:99:59:
a0:bb:1e:a8:ac:4f:17:00:a4:1a:ce:d9:83:5f:40:
56:77:c3:08:65:66:a8:ac:0f:86:0d:b0:ce:95:9a:
a9:a8:0a:69:a5:14:3d:66:f0:f3:20:40:e4:5a:d6:
8d:ac:1f:b9:35:46:c9:8b:fb:4a:ec:78:dd:61:d0:
b5:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:7E:80:11:D7:C7:DA:6F:39:1A:96:EF:A4:08:3D:1D:D6:94:92:A6
X509v3 Authority Key Identifier:
keyid:DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/GH6AEdfH2m85GpbvpAg9HdaUkqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/3BHa76_4HH5QEnjYfZvCsgTXEVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.41.0-94.154.42.255
94.154.44.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:a3:e7:eb:95:eb:96:87:01:47:5b:b2:80:dd:ab:15:db:9a:
54:90:5d:c8:d6:40:de:a8:da:9c:54:d1:78:62:8c:3d:e2:75:
4f:cb:d2:1d:0d:0d:56:e8:7b:cb:d9:02:b0:1f:fa:b1:ff:fe:
ed:b2:c5:b7:ec:46:f1:8f:40:a7:4c:3a:b6:d4:00:91:b2:c0:
47:fc:9d:84:bc:55:e9:ae:38:a2:1b:0a:1e:41:93:00:b6:a5:
88:6e:ee:61:74:10:80:c3:ee:72:b9:3d:56:5a:4c:8d:91:22:
ec:be:7f:b2:aa:86:8f:fe:6a:52:7a:df:d3:f2:9f:4a:87:e7:
a3:b3:e1:87:6b:c1:64:74:1e:d0:6b:91:39:49:e8:5b:a6:c4:
8f:fb:c1:77:fd:31:f0:ec:c4:b3:30:be:bb:01:bf:6a:8e:04:
47:03:72:74:7f:03:9e:04:fb:9e:b1:c4:4d:50:4f:75:e7:71:
4c:b2:32:6e:4a:e3:45:e6:03:22:01:2c:79:39:b5:43:ee:48:
db:91:0d:27:94:19:61:c1:4b:b2:8e:60:9d:08:20:f4:9e:1e:
d5:2b:e7:06:6c:da:4f:73:1d:05:7d:75:e0:38:7d:ec:70:20:
4f:01:92:8d:ac:fa:21:ec:c3:50:15:d0:41:70:10:65:43:65:
90:89:3e:bb
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzF3FxY0Akr/E2fqsRsJsjbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTFkYWVmYWZmODFjN2U1MDEyNzhkODdkOWJjMmIyMDRk
NzExNTUwHhcNMjQwMTAxMTYzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODdlODAxMWQ3YzdkYTZmMzkxYTk2ZWZhNDA4M2QxZGQ2OTQ5MmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00c/a+aXF7zRXgELAeT2VEg8aASY
Lkawf+h7B/qAng+c9KjHvtojXEq0rMy48c5NgMpzFbjmVtwzPKTECH90RIHACxXM
1bh4FkbBU2P8FCSgRwrH5GtbalxE6v0FKXf/pPyLRxuDa/OgWZHQlLUBrczsQLWk
JqnTx/ie1W1wM6ENvBVhEDaid4V65WSJSgfdSIs7Ik/kJyF6fMY6yH5mqIaxfDTz
fS889aK7InaNIZQGscjHGX8OzasIBt03y/cRmVmgux6orE8XAKQaztmDX0BWd8MI
ZWaorA+GDbDOlZqpqApppRQ9ZvDzIEDkWtaNrB+5NUbJi/tK7HjdYdC10wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFBh+gBHXx9pvORqW76QIPR3WlJKmMB8GA1UdIwQY
MBaAFNwR2u+v+Bx+UBJ42H2bwrIE1xFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYt
NjUyNDljYmM1NzNjLzEvR0g2QUVkZkgybTg1R3BidnBBZzlIZGFVa3FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYtNjUyNDljYmM1NzNj
LzEvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABemikD
BABemioDBAFemiwwDQYJKoZIhvcNAQELBQADggEBAAqj5+uV65aHAUdbsoDdqxXb
mlSQXcjWQN6o2pxU0XhijD3idU/L0h0NDVboe8vZArAf+rH//u2yxbfsRvGPQKdM
OrbUAJGywEf8nYS8VemuOKIbCh5BkwC2pYhu7mF0EIDD7nK5PVZaTI2RIuy+f7Kq
ho/+alJ639Pyn0qH56Oz4YdrwWR0HtBrkTlJ6FumxI/7wXf9MfDsxLMwvrsBv2qO
BEcDcnR/A54E+56xxE1QT3XncUyyMm5K40XmAyIBLHk5tUPuSNuRDSeUGWHBS7KO
YJ0IIPSeHtUr5wZs2k9zHQV9deA4fexwIE8Bko2s+iHsw1AV0EFwEGVDZZCJPrs=
-----END CERTIFICATE-----
Generated at Wed Jan 3 19:17:24 2024 by rpki-client on console-fra.rpki-client.org