Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/OjTVaALizIFWQGX8RFwnEUcdO_o.roa
File: OjTVaALizIFWQGX8RFwnEUcdO_o.roa (raw, json)
Hash identifier: wSo9StqG2LVQ5NFwBc5pyDMx/h6EMdMN86eQ+lwQqtA=
Subject key identifier: 3A:34:D5:68:02:E2:CC:81:56:40:65:FC:44:5C:27:11:47:1D:3B:FA
Certificate issuer: /CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Certificate serial: 019199298C84A5108F1E766F542F59DF6942
Authority key identifier: DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/OjTVaALizIFWQGX8RFwnEUcdO_o.roa
Signing time: Wed 28 Aug 2024 13:25:22 +0000
ROA not before: Wed 28 Aug 2024 13:25:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 94.154.40.0/24 maxlen: 24
94.154.41.0/24 maxlen: 24
94.154.44.0/23 maxlen: 24
94.154.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Aug 2024 09:04:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:99:29:8c:84:a5:10:8f:1e:76:6f:54:2f:59:df:69:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Validity
Not Before: Aug 28 13:25:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a34d56802e2cc81564065fc445c2711471d3bfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:67:44:77:6f:99:e7:08:29:2d:25:87:94:aa:
0f:59:ea:8b:8e:38:c9:a7:cf:89:a8:80:a7:dd:74:
39:44:ee:0e:bf:62:4c:d9:91:31:b7:99:ed:04:a2:
3d:7e:c5:b6:05:da:7a:be:22:b3:db:20:4c:e2:06:
16:ce:1f:66:b9:15:b9:40:78:03:54:f9:5b:a0:c2:
6a:b1:14:19:69:59:5f:8f:82:06:40:50:e9:58:36:
39:39:33:f7:ed:2c:91:e7:9c:5f:97:30:6e:e6:15:
a4:d3:03:bd:1b:51:4d:57:1c:2f:9b:af:c4:06:93:
b4:b8:e6:8c:64:00:da:b0:80:2b:d2:d2:88:cc:93:
ee:3d:fe:bf:df:98:e4:ab:4e:7c:00:b1:fb:08:d5:
e5:97:bf:ab:0b:5f:b0:5c:7d:c2:c9:dd:ed:f6:45:
3a:9b:07:1d:fc:6b:23:18:78:80:f3:ec:04:06:f0:
76:6a:45:8e:9e:e3:ec:fe:37:4e:0b:17:dd:22:eb:
d4:15:8a:f0:b0:7f:c9:71:a3:dc:4d:7e:fe:cd:47:
c9:1f:f2:32:77:4e:70:fd:75:0b:1d:a1:33:aa:36:
b7:88:45:1a:e9:92:1d:75:50:99:87:78:87:44:75:
31:11:7a:e8:a7:15:78:0e:ef:dd:9c:7d:30:5f:a9:
bf:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:34:D5:68:02:E2:CC:81:56:40:65:FC:44:5C:27:11:47:1D:3B:FA
X509v3 Authority Key Identifier:
keyid:DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/OjTVaALizIFWQGX8RFwnEUcdO_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/3BHa76_4HH5QEnjYfZvCsgTXEVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.40.0/23
94.154.44.0-94.154.46.255
Signature Algorithm: sha256WithRSAEncryption
20:d0:37:28:29:0d:dc:e6:6d:fc:48:90:11:8e:0b:51:c8:4d:
49:9b:2d:35:7d:83:a0:e5:dd:97:bb:70:36:da:ee:4f:98:0f:
b3:d0:aa:7d:85:7b:fb:86:8f:28:c1:66:be:5e:67:ab:f1:07:
d5:5e:4c:c7:c9:38:b4:85:1d:48:49:c3:3b:60:95:d0:c3:2e:
20:a4:b2:1f:4d:5c:94:dc:bc:79:b5:7f:88:de:13:eb:1a:f4:
96:d7:33:8c:c1:e8:35:a3:29:d6:0f:08:34:00:c3:8d:99:87:
73:8c:02:25:b8:09:3e:db:1f:f7:ac:1a:78:ab:07:b6:26:6e:
58:17:3e:b0:fa:40:1a:09:88:fb:0f:3c:39:18:97:c0:77:55:
cf:3d:ff:c5:5a:bf:db:43:b4:3a:a5:74:2e:08:18:8a:28:59:
4c:d8:10:c1:d6:ea:f5:b3:83:6d:78:17:6f:02:54:84:69:29:
54:22:3d:60:2b:4a:f0:8d:f1:bd:9f:9d:85:93:15:c3:23:3c:
da:19:1d:6b:9f:03:8d:85:db:6f:a8:c0:11:3a:04:a2:db:a8:
23:d8:4a:c1:c2:3e:db:cf:d9:a0:c6:dc:c5:dc:08:26:ee:0c:
6e:bc:58:a0:ff:90:bc:73:d7:10:e2:c3:2c:41:0e:fc:63:0f:
3e:fb:d0:9f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZGZKYyEpRCPHnZvVC9Z32lCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTFkYWVmYWZmODFjN2U1MDEyNzhkODdkOWJjMmIyMDRk
NzExNTUwHhcNMjQwODI4MTMyNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTM0ZDU2ODAyZTJjYzgxNTY0MDY1ZmM0NDVjMjcxMTQ3MWQzYmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2dEd2+Z5wgpLSWHlKoPWeqLjjjJ
p8+JqICn3XQ5RO4Ov2JM2ZExt5ntBKI9fsW2Bdp6viKz2yBM4gYWzh9muRW5QHgD
VPlboMJqsRQZaVlfj4IGQFDpWDY5OTP37SyR55xflzBu5hWk0wO9G1FNVxwvm6/E
BpO0uOaMZADasIAr0tKIzJPuPf6/35jkq058ALH7CNXll7+rC1+wXH3Cyd3t9kU6
mwcd/GsjGHiA8+wEBvB2akWOnuPs/jdOCxfdIuvUFYrwsH/JcaPcTX7+zUfJH/Iy
d05w/XULHaEzqja3iEUa6ZIddVCZh3iHRHUxEXropxV4Du/dnH0wX6m/uwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDo01WgC4syBVkBl/ERcJxFHHTv6MB8GA1UdIwQY
MBaAFNwR2u+v+Bx+UBJ42H2bwrIE1xFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYt
NjUyNDljYmM1NzNjLzEvT2pUVmFBTGl6SUZXUUdYOFJGd25FVWNkT19vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYtNjUyNDljYmM1NzNj
LzEvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBXpooMAwD
BAJemiwDBABemi4wDQYJKoZIhvcNAQELBQADggEBACDQNygpDdzmbfxIkBGOC1HI
TUmbLTV9g6Dl3Ze7cDba7k+YD7PQqn2Fe/uGjyjBZr5eZ6vxB9VeTMfJOLSFHUhJ
wztgldDDLiCksh9NXJTcvHm1f4jeE+sa9JbXM4zB6DWjKdYPCDQAw42Zh3OMAiW4
CT7bH/esGnirB7YmblgXPrD6QBoJiPsPPDkYl8B3Vc89/8Vav9tDtDqldC4IGIoo
WUzYEMHW6vWzg214F28CVIRpKVQiPWArSvCN8b2fnYWTFcMjPNoZHWufA42F22+o
wBE6BKLbqCPYSsHCPtvP2aDG3MXcCCbuDG68WKD/kLxz1xDiwyxBDvxjDz770J8=
-----END CERTIFICATE-----
Generated at Thu Aug 29 10:18:12 2024 by rpki-client on console-ams.rpki-client.org