Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/ad_RZQj3k1DYnAvwTNoeHPtztvo.roa
File: ad_RZQj3k1DYnAvwTNoeHPtztvo.roa (raw, json)
Hash identifier: lL2yZcvnVUSNRpPYYY0KDOx9gKdPXZ+yC2DoWmY+/FQ=
Subject key identifier: 69:DF:D1:65:08:F7:93:50:D8:9C:0B:F0:4C:DA:1E:1C:FB:73:B6:FA
Certificate issuer: /CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Certificate serial: 018BA8FF28DF4E199544F8E74269BA8BEE15
Authority key identifier: DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/ad_RZQj3k1DYnAvwTNoeHPtztvo.roa
Signing time: Tue 07 Nov 2023 08:56:16 +0000
ROA not before: Tue 07 Nov 2023 08:56:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 94.154.42.0/24 maxlen: 24
94.154.41.0/24 maxlen: 24
94.154.44.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 Nov 2023 11:02:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a8:ff:28:df:4e:19:95:44:f8:e7:42:69:ba:8b:ee:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Validity
Not Before: Nov 7 08:56:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69dfd16508f79350d89c0bf04cda1e1cfb73b6fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:b7:d1:60:5b:e4:fd:10:eb:72:cf:83:f3:cf:
45:d3:98:6b:69:27:2b:2a:e6:dd:ea:33:75:77:12:
d5:82:7c:f6:eb:b9:b0:e9:f6:ea:12:20:02:87:d8:
9a:16:11:6a:eb:e4:82:f6:74:8b:9f:1c:8f:2f:ff:
8b:a8:28:b6:98:e2:fe:e8:d3:f1:fe:c6:25:8c:33:
a8:42:46:e5:b2:a2:c7:92:dc:8c:93:50:6d:ed:c8:
73:a3:f9:74:45:3c:6a:77:70:64:df:21:63:84:90:
ad:1e:69:c9:e8:52:e9:b9:e1:3a:64:d4:29:0f:e9:
39:71:e9:ec:98:37:b8:57:23:18:4f:61:a5:b7:fc:
63:68:a4:06:c2:31:35:d3:44:7b:b9:59:b5:a3:fb:
a3:2d:11:de:be:7c:0e:0f:51:fa:32:f0:45:2e:3b:
56:de:a7:bb:30:c3:1d:52:45:c9:3b:46:89:07:32:
a8:a0:0a:68:82:a8:79:6e:73:59:25:0c:08:5d:ea:
2c:22:29:96:b2:c9:fc:5c:0a:de:d9:ba:91:6b:28:
2e:c0:7b:88:a4:ff:76:f3:f0:4d:46:f1:b7:db:21:
c3:b4:1e:94:08:bf:47:e0:60:17:02:dc:66:40:95:
11:47:a3:be:15:ab:e6:9a:95:f0:a5:79:d3:f9:f8:
07:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:DF:D1:65:08:F7:93:50:D8:9C:0B:F0:4C:DA:1E:1C:FB:73:B6:FA
X509v3 Authority Key Identifier:
keyid:DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/ad_RZQj3k1DYnAvwTNoeHPtztvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/3BHa76_4HH5QEnjYfZvCsgTXEVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.41.0-94.154.42.255
94.154.44.0/23
Signature Algorithm: sha256WithRSAEncryption
85:9d:55:5c:41:a5:74:ad:42:1c:9a:ab:e3:6d:0d:a3:3c:54:
01:0c:48:3b:8f:b6:dc:71:95:a6:e1:11:29:e8:55:2e:6b:9b:
ed:e0:83:86:5f:25:6f:03:de:e3:f3:10:0f:ac:0a:2c:f7:1f:
52:b4:68:aa:38:99:19:00:bd:97:0e:8b:1d:b8:ce:6e:be:1d:
f6:10:d7:e0:3e:da:86:42:d2:e9:bd:17:8b:3d:e3:a8:c2:ed:
b6:26:fb:22:33:21:66:b0:c8:a5:9e:cc:ef:5f:58:fb:de:d2:
98:3f:42:d8:36:c6:48:5d:9f:3b:de:3b:7b:cc:11:83:07:ec:
d0:32:54:a4:ef:09:1e:b8:4a:7d:ac:cc:8d:8d:f5:d9:c9:e0:
7e:49:2e:31:90:24:d1:4b:81:7c:78:fe:c0:52:8b:f8:b5:ab:
10:60:e6:11:e1:c7:2b:a2:08:6a:fa:c5:e7:8c:90:a7:28:88:
45:9e:a0:b3:80:72:9f:0d:16:80:2d:05:77:61:7c:9f:cd:7d:
72:88:d8:9b:10:4b:bb:ae:e6:46:fc:50:94:be:92:d3:0f:79:
b0:92:40:54:6c:1f:2a:93:1f:1a:7a:2a:d1:51:4b:92:ef:5c:
b1:e1:dc:ec:bc:be:18:5a:7f:c0:9e:b0:e4:ea:f9:5f:a6:f1:
e5:3b:64:db
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYuo/yjfThmVRPjnQmm6i+4VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTFkYWVmYWZmODFjN2U1MDEyNzhkODdkOWJjMmIyMDRk
NzExNTUwHhcNMjMxMTA3MDg1NjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWRmZDE2NTA4Zjc5MzUwZDg5YzBiZjA0Y2RhMWUxY2ZiNzNiNmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5bfRYFvk/RDrcs+D889F05hraScr
Kubd6jN1dxLVgnz267mw6fbqEiACh9iaFhFq6+SC9nSLnxyPL/+LqCi2mOL+6NPx
/sYljDOoQkblsqLHktyMk1Bt7chzo/l0RTxqd3Bk3yFjhJCtHmnJ6FLpueE6ZNQp
D+k5censmDe4VyMYT2Glt/xjaKQGwjE100R7uVm1o/ujLRHevnwOD1H6MvBFLjtW
3qe7MMMdUkXJO0aJBzKooApogqh5bnNZJQwIXeosIimWssn8XAre2bqRayguwHuI
pP928/BNRvG32yHDtB6UCL9H4GAXAtxmQJURR6O+FavmmpXwpXnT+fgHGwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGnf0WUI95NQ2JwL8EzaHhz7c7b6MB8GA1UdIwQY
MBaAFNwR2u+v+Bx+UBJ42H2bwrIE1xFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYt
NjUyNDljYmM1NzNjLzEvYWRfUlpRajNrMURZbkF2d1ROb2VIUHR6dHZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYtNjUyNDljYmM1NzNj
LzEvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABemikD
BABemioDBAFemiwwDQYJKoZIhvcNAQELBQADggEBAIWdVVxBpXStQhyaq+NtDaM8
VAEMSDuPttxxlabhESnoVS5rm+3gg4ZfJW8D3uPzEA+sCiz3H1K0aKo4mRkAvZcO
ix24zm6+HfYQ1+A+2oZC0um9F4s946jC7bYm+yIzIWawyKWezO9fWPve0pg/Qtg2
xkhdnzveO3vMEYMH7NAyVKTvCR64Sn2szI2N9dnJ4H5JLjGQJNFLgXx4/sBSi/i1
qxBg5hHhxyuiCGr6xeeMkKcoiEWeoLOAcp8NFoAtBXdhfJ/NfXKI2JsQS7uu5kb8
UJS+ktMPebCSQFRsHyqTHxp6KtFRS5LvXLHh3Oy8vhhaf8CesOTq+V+m8eU7ZNs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:55 2024 by rpki-client on console-ams.rpki-client.org