Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/NIxf1vyFMDg6KGtIIeXYAjJJm_k.roa
File: NIxf1vyFMDg6KGtIIeXYAjJJm_k.roa (raw, json)
Hash identifier: DJ4pi6O7gpIhwO2giP/zSlyZDpkHvN6t0sqEfA9JizY=
Subject key identifier: 34:8C:5F:D6:FC:85:30:38:3A:28:6B:48:21:E5:D8:02:32:49:9B:F9
Certificate issuer: /CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Certificate serial: 018CF92FADE96AD2D589A7F9DBF3AFE20245
Authority key identifier: DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/NIxf1vyFMDg6KGtIIeXYAjJJm_k.roa
Signing time: Thu 11 Jan 2024 15:41:40 +0000
ROA not before: Thu 11 Jan 2024 15:41:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 94.154.42.0/24 maxlen: 24
94.154.44.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jan 2024 21:27:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f9:2f:ad:e9:6a:d2:d5:89:a7:f9:db:f3:af:e2:02:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Validity
Not Before: Jan 11 15:41:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=348c5fd6fc8530383a286b4821e5d80232499bf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:11:6b:19:ea:8d:2a:6a:ab:5e:f9:7b:5b:d8:
a2:7b:1b:16:a8:04:99:a9:7f:93:c6:88:9d:c8:53:
48:bf:05:4d:b5:cd:cd:72:4a:4d:7b:c8:a7:33:15:
67:70:7c:5b:16:9c:b1:de:e5:6a:89:9d:2a:00:3b:
22:3c:07:5f:31:2a:9d:25:a2:4f:5a:93:46:23:bf:
e9:23:a3:82:7a:91:d3:8e:54:6a:88:4a:4b:c0:04:
54:26:94:07:ef:12:8d:fc:de:2e:9f:50:c8:bc:bc:
b8:58:d0:d3:01:55:e9:4f:30:c7:0e:32:53:1a:8c:
c2:5e:10:91:07:a9:7b:05:44:6d:5a:c2:14:80:1d:
a2:ab:25:11:8d:5e:b1:34:09:4f:aa:12:d6:59:60:
22:fc:81:aa:b5:d9:06:23:65:50:ca:5c:58:8a:a7:
95:fb:75:c0:be:d3:63:00:0b:95:26:f5:85:01:32:
67:f8:b8:3c:18:1a:ad:af:0a:73:67:d7:2c:37:65:
ac:f0:4d:e5:c1:cd:5b:b3:5c:d8:b2:1b:0d:b7:92:
0f:e6:77:78:20:2e:02:7e:a8:d4:67:97:71:6b:c3:
e4:49:ee:77:c4:6e:d7:27:60:00:b2:0a:77:10:d0:
93:3d:13:d3:7e:78:b9:05:f9:78:e2:25:42:7f:84:
b6:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:8C:5F:D6:FC:85:30:38:3A:28:6B:48:21:E5:D8:02:32:49:9B:F9
X509v3 Authority Key Identifier:
keyid:DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/NIxf1vyFMDg6KGtIIeXYAjJJm_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/3BHa76_4HH5QEnjYfZvCsgTXEVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.42.0/24
94.154.44.0/23
Signature Algorithm: sha256WithRSAEncryption
7c:0a:16:35:74:66:5a:af:2a:11:0e:dc:a9:8c:46:84:3e:b3:
5c:6f:74:4c:4d:14:b0:16:08:92:83:04:8e:a9:56:d9:33:44:
72:34:f8:38:e4:0e:74:02:c0:37:b9:47:f1:14:e6:36:64:b7:
34:a6:6c:63:8e:7f:74:f6:ed:19:c8:bd:b0:71:be:e2:3b:30:
fc:39:17:cc:4a:19:20:fe:b8:00:21:aa:24:a9:b1:86:7d:74:
8d:bd:c9:8d:45:14:2e:e0:5e:0c:a6:c7:7e:6b:69:9d:4e:98:
d5:d5:60:74:7f:da:b9:2a:a9:4e:d8:42:7f:01:78:53:85:89:
be:8a:76:3a:5d:b1:61:b4:71:47:8c:ec:85:95:09:5e:28:98:
66:cb:a4:7e:13:13:0a:76:74:84:52:e6:4c:9d:22:43:81:d2:
07:e3:68:fb:53:8b:95:5a:9c:44:49:c7:89:8d:03:b3:1d:fc:
c1:72:a2:32:36:76:c9:84:91:7a:5e:a2:7a:57:5e:13:fd:35:
dc:ac:c9:3f:f4:ef:6e:6e:b3:8e:c8:49:bf:50:a5:8d:9b:ca:
d1:9c:c4:fa:b5:8f:59:4d:c5:24:10:e3:ba:7d:8a:44:c7:0d:
62:ca:7d:1c:49:77:01:4c:eb:5c:db:1e:65:77:43:ae:d7:95:
33:91:16:75
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYz5L63patLViaf52/Ov4gJFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTFkYWVmYWZmODFjN2U1MDEyNzhkODdkOWJjMmIyMDRk
NzExNTUwHhcNMjQwMTExMTU0MTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDhjNWZkNmZjODUzMDM4M2EyODZiNDgyMWU1ZDgwMjMyNDk5YmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2hFrGeqNKmqrXvl7W9iiexsWqASZ
qX+TxoidyFNIvwVNtc3NckpNe8inMxVncHxbFpyx3uVqiZ0qADsiPAdfMSqdJaJP
WpNGI7/pI6OCepHTjlRqiEpLwARUJpQH7xKN/N4un1DIvLy4WNDTAVXpTzDHDjJT
GozCXhCRB6l7BURtWsIUgB2iqyURjV6xNAlPqhLWWWAi/IGqtdkGI2VQylxYiqeV
+3XAvtNjAAuVJvWFATJn+Lg8GBqtrwpzZ9csN2Ws8E3lwc1bs1zYshsNt5IP5nd4
IC4CfqjUZ5dxa8PkSe53xG7XJ2AAsgp3ENCTPRPTfni5Bfl44iVCf4S2dQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDSMX9b8hTA4OihrSCHl2AIySZv5MB8GA1UdIwQY
MBaAFNwR2u+v+Bx+UBJ42H2bwrIE1xFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYt
NjUyNDljYmM1NzNjLzEvTkl4ZjF2eUZNRGc2S0d0SUllWFlBakpKbV9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYtNjUyNDljYmM1NzNj
LzEvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXpoqAwQB
XposMA0GCSqGSIb3DQEBCwUAA4IBAQB8ChY1dGZaryoRDtypjEaEPrNcb3RMTRSw
FgiSgwSOqVbZM0RyNPg45A50AsA3uUfxFOY2ZLc0pmxjjn909u0ZyL2wcb7iOzD8
ORfMShkg/rgAIaokqbGGfXSNvcmNRRQu4F4Mpsd+a2mdTpjV1WB0f9q5KqlO2EJ/
AXhThYm+inY6XbFhtHFHjOyFlQleKJhmy6R+ExMKdnSEUuZMnSJDgdIH42j7U4uV
WpxESceJjQOzHfzBcqIyNnbJhJF6XqJ6V14T/TXcrMk/9O9ubrOOyEm/UKWNm8rR
nMT6tY9ZTcUkEOO6fYpExw1iyn0cSXcBTOtc2x5ld0Ou15UzkRZ1
-----END CERTIFICATE-----
Generated at Fri Jan 12 01:11:59 2024 by rpki-client on console-fra.rpki-client.org