Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/J5mcurTmXe8vCgIXi7UWzJgRnmw.roa
File: J5mcurTmXe8vCgIXi7UWzJgRnmw.roa (raw, json)
Hash identifier: 6oQQtlDzW3NJnEixW2+7R1eitFsUjJftC8vSn016wL0=
Subject key identifier: 27:99:9C:BA:B4:E6:5D:EF:2F:0A:02:17:8B:B5:16:CC:98:11:9E:6C
Certificate issuer: /CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Certificate serial: 0190B28B0797F7EB2CA97D393397FC3D29D3
Authority key identifier: DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/J5mcurTmXe8vCgIXi7UWzJgRnmw.roa
Signing time: Sun 14 Jul 2024 18:39:34 +0000
ROA not before: Sun 14 Jul 2024 18:39:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 94.154.40.0/22 maxlen: 24
94.154.40.0/24 maxlen: 24
94.154.41.0/24 maxlen: 24
94.154.42.0/24 maxlen: 24
94.154.44.0/24 maxlen: 24
94.154.45.0/24 maxlen: 24
94.154.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:b2:8b:07:97:f7:eb:2c:a9:7d:39:33:97:fc:3d:29:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Validity
Not Before: Jul 14 18:39:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=27999cbab4e65def2f0a02178bb516cc98119e6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:af:78:63:78:c8:58:ef:03:d9:69:23:1b:e2:
41:77:61:a7:11:47:d2:33:39:3f:c0:0a:79:99:e2:
fb:48:13:6f:8e:4d:1c:54:bc:62:98:4f:0f:1d:ef:
63:24:c0:7f:83:cc:10:7d:b1:6a:66:67:cb:17:ff:
66:de:19:9a:e1:b1:53:5c:83:8a:50:54:59:3e:d3:
ea:02:97:5b:c5:96:ac:e7:78:60:ef:57:07:dd:e1:
98:a8:c6:c7:87:e5:db:23:a0:84:44:7b:80:9f:59:
6d:4f:62:01:e1:5c:fd:cd:b3:aa:38:95:18:49:cd:
e9:9f:80:ed:ad:8f:b4:97:80:42:4a:eb:9d:25:e9:
6f:92:50:97:5f:74:83:20:4f:da:f8:89:bb:85:28:
40:9b:33:34:dc:24:5b:97:09:b1:0e:01:c6:11:d1:
0b:fd:1e:9e:33:74:03:1b:1f:ba:67:ef:f8:8c:6e:
20:ee:b7:9d:f2:3c:74:33:26:0a:70:48:50:07:25:
00:8b:cc:6f:93:b8:fb:2e:06:c2:bd:ad:7f:92:df:
ea:42:e8:4a:ef:89:ca:fd:ec:34:f1:f3:85:2a:94:
75:d2:23:2e:f6:2f:59:1f:ee:3e:5d:c3:a3:16:c7:
ae:57:93:7b:8d:04:b3:d0:4c:bb:7d:48:63:aa:f1:
2f:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:99:9C:BA:B4:E6:5D:EF:2F:0A:02:17:8B:B5:16:CC:98:11:9E:6C
X509v3 Authority Key Identifier:
keyid:DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/J5mcurTmXe8vCgIXi7UWzJgRnmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/3BHa76_4HH5QEnjYfZvCsgTXEVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.40.0-94.154.46.255
Signature Algorithm: sha256WithRSAEncryption
6c:ca:a4:78:67:32:b3:69:a2:11:6f:65:0e:02:25:45:a9:73:
8f:d0:4c:bb:04:d5:11:97:aa:b8:ba:2d:af:0e:c1:7c:1d:64:
c0:a4:52:e3:94:b8:21:8f:34:7a:f6:9d:68:5f:2a:16:d9:31:
73:7e:2f:d8:e0:42:74:fa:03:7f:34:d0:6f:53:9b:5f:f7:78:
d4:d1:aa:fe:15:28:6e:18:75:60:b2:cf:ce:3f:a8:3c:b0:4d:
04:48:67:f1:55:fe:38:55:40:dc:6d:60:f5:f0:01:06:39:eb:
da:4c:df:fb:f8:25:71:47:90:2b:5d:5e:a8:e6:19:21:6f:4f:
c1:36:c8:e7:f8:39:77:78:57:73:83:7a:24:31:02:a7:3b:b6:
60:b5:80:a9:0a:0d:ff:9e:35:9b:81:74:33:e7:65:a6:ac:98:
76:a6:0a:ff:b9:11:d3:60:21:9e:a8:a9:75:4c:f8:ee:6b:7e:
97:ac:71:3b:a6:9d:7e:8e:c6:9b:ec:c6:c3:7b:15:38:93:77:
69:14:43:13:68:a1:02:20:3b:08:95:84:e1:03:ad:07:14:e6:
61:c3:36:7d:c3:c4:66:c5:8f:de:92:df:d3:1b:ca:52:51:db:
6e:87:1e:88:04:04:4c:72:bb:c6:94:d0:3a:88:d0:8d:da:ab:
39:7c:75:b6
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZCyiweX9+ssqX05M5f8PSnTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTFkYWVmYWZmODFjN2U1MDEyNzhkODdkOWJjMmIyMDRk
NzExNTUwHhcNMjQwNzE0MTgzOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzk5OWNiYWI0ZTY1ZGVmMmYwYTAyMTc4YmI1MTZjYzk4MTE5ZTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAra94Y3jIWO8D2WkjG+JBd2GnEUfS
Mzk/wAp5meL7SBNvjk0cVLximE8PHe9jJMB/g8wQfbFqZmfLF/9m3hma4bFTXIOK
UFRZPtPqApdbxZas53hg71cH3eGYqMbHh+XbI6CERHuAn1ltT2IB4Vz9zbOqOJUY
Sc3pn4DtrY+0l4BCSuudJelvklCXX3SDIE/a+Im7hShAmzM03CRblwmxDgHGEdEL
/R6eM3QDGx+6Z+/4jG4g7red8jx0MyYKcEhQByUAi8xvk7j7LgbCva1/kt/qQuhK
74nK/ew08fOFKpR10iMu9i9ZH+4+XcOjFseuV5N7jQSz0Ey7fUhjqvEvHQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCeZnLq05l3vLwoCF4u1FsyYEZ5sMB8GA1UdIwQY
MBaAFNwR2u+v+Bx+UBJ42H2bwrIE1xFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYt
NjUyNDljYmM1NzNjLzEvSjVtY3VyVG1YZTh2Q2dJWGk3VVd6SmdSbm13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYtNjUyNDljYmM1NzNj
LzEvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBANemigD
BABemi4wDQYJKoZIhvcNAQELBQADggEBAGzKpHhnMrNpohFvZQ4CJUWpc4/QTLsE
1RGXqri6La8OwXwdZMCkUuOUuCGPNHr2nWhfKhbZMXN+L9jgQnT6A3800G9Tm1/3
eNTRqv4VKG4YdWCyz84/qDywTQRIZ/FV/jhVQNxtYPXwAQY569pM3/v4JXFHkCtd
XqjmGSFvT8E2yOf4OXd4V3ODeiQxAqc7tmC1gKkKDf+eNZuBdDPnZaasmHamCv+5
EdNgIZ6oqXVM+O5rfpescTumnX6OxpvsxsN7FTiTd2kUQxNooQIgOwiVhOEDrQcU
5mHDNn3DxGbFj96S39MbylJR226HHogEBExyu8aU0DqI0I3aqzl8dbY=
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:46:57 2025 by rpki-client