Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/_QoILImw52R6shHxIlr9GcVnuFQ.roa
File: _QoILImw52R6shHxIlr9GcVnuFQ.roa (raw, json)
Hash identifier: jrtWZk0nIJh6WlTvAgeEIppd1SZl5WVAb5IZOr2iS7Q=
Subject key identifier: FD:0A:08:2C:89:B0:E7:64:7A:B2:11:F1:22:5A:FD:19:C5:67:B8:54
Certificate issuer: /CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Certificate serial: 0190FE94BB2135F3840418ABBE6A5AA6E8AE
Authority key identifier: DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/_QoILImw52R6shHxIlr9GcVnuFQ.roa
Signing time: Mon 29 Jul 2024 13:01:18 +0000
ROA not before: Mon 29 Jul 2024 13:01:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 94.154.40.0/24 maxlen: 24
94.154.41.0/24 maxlen: 24
94.154.44.0/23 maxlen: 24
94.154.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Aug 2024 10:37:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:fe:94:bb:21:35:f3:84:04:18:ab:be:6a:5a:a6:e8:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Validity
Not Before: Jul 29 13:01:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd0a082c89b0e7647ab211f1225afd19c567b854
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ea:59:f4:55:dc:73:06:5c:cc:a7:74:43:39:
f2:f1:f0:2a:e9:bd:14:ac:ac:da:b5:bf:51:d5:cb:
95:58:a3:1f:b4:cf:d8:48:9f:cf:3f:5e:ca:16:55:
04:15:06:ac:50:2c:bd:2f:db:0d:5b:6d:6f:97:ee:
71:a6:b5:92:a3:86:d9:b7:5e:af:00:c9:1a:00:75:
2d:f9:cf:dc:9c:d3:ad:5d:ea:34:41:7c:f5:2d:77:
3f:a4:5a:08:4c:35:5e:14:ed:c0:1c:da:1c:3f:ce:
b2:0e:a8:b9:f9:97:5e:1a:12:c9:fc:a7:ac:71:49:
79:50:b1:90:d9:1f:71:80:c8:9c:06:cb:f5:10:51:
31:44:fe:bd:e5:4a:87:19:16:f5:45:ca:ab:ba:25:
d8:c5:d1:27:9c:53:8c:c9:65:66:cb:e8:50:be:b3:
9b:05:80:fc:37:fd:5f:ab:7e:f3:66:c5:60:42:b9:
54:69:78:0d:92:74:af:91:fe:1a:3e:7c:28:8f:81:
30:f0:1b:3a:a9:f6:0c:32:cb:59:35:cb:4b:2a:14:
36:84:10:1e:ee:1e:a2:7c:09:b4:73:c8:66:46:ee:
b1:08:ee:11:43:12:8e:92:80:42:70:43:1a:b3:b3:
98:34:8f:c2:5d:1a:84:1b:5f:d1:ad:42:4b:9d:ea:
59:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:0A:08:2C:89:B0:E7:64:7A:B2:11:F1:22:5A:FD:19:C5:67:B8:54
X509v3 Authority Key Identifier:
keyid:DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/_QoILImw52R6shHxIlr9GcVnuFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/3BHa76_4HH5QEnjYfZvCsgTXEVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.40.0/23
94.154.44.0-94.154.46.255
Signature Algorithm: sha256WithRSAEncryption
7f:90:ba:8b:e5:4c:be:31:60:72:20:26:c1:6d:17:e1:c9:46:
fd:c3:9e:12:c2:10:a1:03:4a:1b:25:13:3d:9b:f8:6a:42:a9:
10:72:e3:f4:53:b0:1e:19:ca:4b:8f:7c:b8:1a:c6:83:e5:98:
c0:74:1a:ec:4d:b9:ae:ad:ce:35:a9:64:88:ac:d5:33:e2:14:
29:f5:5b:3e:4d:0e:7d:79:9a:0d:10:23:a6:42:32:d9:a1:5f:
f2:67:30:59:34:13:fb:f2:3f:7a:2d:08:07:92:19:96:cb:69:
e5:b3:85:f8:43:bf:6d:74:26:7c:7d:f0:e9:3e:53:e1:8a:1b:
14:1b:92:13:01:c3:02:03:6e:ce:38:64:b3:7c:06:0e:3b:ff:
8c:c6:e7:f1:61:37:76:e8:fd:de:57:fd:92:86:ab:24:66:e4:
36:be:6c:98:ec:eb:23:a6:fd:28:41:11:1a:51:16:17:58:07:
0a:c2:07:ff:12:db:f1:d2:3c:a4:9d:67:7e:9e:fc:8a:3e:70:
52:02:f0:55:4a:91:6e:2a:ec:15:95:a9:e8:8b:f8:db:29:53:
ae:b9:15:b0:ef:67:89:0b:96:b2:8e:1a:18:c0:51:63:b4:16:
d8:72:a0:c3:17:45:68:55:58:12:80:7c:04:19:c2:df:e9:d1:
fb:f6:24:37
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZD+lLshNfOEBBirvmpapuiuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTFkYWVmYWZmODFjN2U1MDEyNzhkODdkOWJjMmIyMDRk
NzExNTUwHhcNMjQwNzI5MTMwMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDBhMDgyYzg5YjBlNzY0N2FiMjExZjEyMjVhZmQxOWM1NjdiODU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvupZ9FXccwZczKd0Qzny8fAq6b0U
rKzatb9R1cuVWKMftM/YSJ/PP17KFlUEFQasUCy9L9sNW21vl+5xprWSo4bZt16v
AMkaAHUt+c/cnNOtXeo0QXz1LXc/pFoITDVeFO3AHNocP86yDqi5+ZdeGhLJ/Kes
cUl5ULGQ2R9xgMicBsv1EFExRP695UqHGRb1RcqruiXYxdEnnFOMyWVmy+hQvrOb
BYD8N/1fq37zZsVgQrlUaXgNknSvkf4aPnwoj4Ew8Bs6qfYMMstZNctLKhQ2hBAe
7h6ifAm0c8hmRu6xCO4RQxKOkoBCcEMas7OYNI/CXRqEG1/RrUJLnepZ8wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFP0KCCyJsOdkerIR8SJa/RnFZ7hUMB8GA1UdIwQY
MBaAFNwR2u+v+Bx+UBJ42H2bwrIE1xFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYt
NjUyNDljYmM1NzNjLzEvX1FvSUxJbXc1MlI2c2hIeElscjlHY1ZudUZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYtNjUyNDljYmM1NzNj
LzEvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBXpooMAwD
BAJemiwDBABemi4wDQYJKoZIhvcNAQELBQADggEBAH+QuovlTL4xYHIgJsFtF+HJ
Rv3DnhLCEKEDShslEz2b+GpCqRBy4/RTsB4ZykuPfLgaxoPlmMB0GuxNua6tzjWp
ZIis1TPiFCn1Wz5NDn15mg0QI6ZCMtmhX/JnMFk0E/vyP3otCAeSGZbLaeWzhfhD
v210Jnx98Ok+U+GKGxQbkhMBwwIDbs44ZLN8Bg47/4zG5/FhN3bo/d5X/ZKGqyRm
5Da+bJjs6yOm/ShBERpRFhdYBwrCB/8S2/HSPKSdZ36e/Io+cFIC8FVKkW4q7BWV
qeiL+NspU665FbDvZ4kLlrKOGhjAUWO0FthyoMMXRWhVWBKAfAQZwt/p0fv2JDc=
-----END CERTIFICATE-----
Generated at Wed Aug 28 14:17:30 2024 by rpki-client on console-ams.rpki-client.org