Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/aoHkmf6CHfVZofp0by5kS4rWllo.roa
File: aoHkmf6CHfVZofp0by5kS4rWllo.roa (raw, json)
Hash identifier: kNBDTNKH32uB3Nna/bMA8mpal5ygZkYDGGEhoypACOE=
Subject key identifier: 6A:81:E4:99:FE:82:1D:F5:59:A1:FA:74:6F:2E:64:4B:8A:D6:96:5A
Certificate issuer: /CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Certificate serial: 018F1123C7A8E74EB8175506E3F4B76E9B57
Authority key identifier: DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/aoHkmf6CHfVZofp0by5kS4rWllo.roa
Signing time: Wed 24 Apr 2024 17:25:08 +0000
ROA not before: Wed 24 Apr 2024 17:25:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 94.154.41.0/24 maxlen: 24
94.154.44.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 Apr 2024 09:19:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:11:23:c7:a8:e7:4e:b8:17:55:06:e3:f4:b7:6e:9b:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Validity
Not Before: Apr 24 17:25:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a81e499fe821df559a1fa746f2e644b8ad6965a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:2b:b2:4a:2e:35:ad:e3:d6:4a:32:e6:69:2b:
1a:bb:c8:27:9c:c0:85:39:3f:6a:ae:c4:d2:b0:9a:
50:2f:b4:b7:51:5e:a0:13:cf:61:74:86:b7:bb:31:
3e:80:8a:69:0c:c7:75:2d:65:6b:98:37:c0:d0:ee:
3d:b7:f3:46:96:8c:1d:de:3b:eb:4a:5e:5f:13:69:
1e:2b:5f:cb:e3:88:65:de:cd:72:d6:da:52:a6:e5:
f4:a4:ac:2e:10:6d:f2:23:d7:91:31:bf:46:53:e2:
6e:12:cf:f1:1d:36:a2:67:d8:24:1d:6f:a3:e0:16:
70:c3:5d:44:f8:53:64:f4:43:aa:94:f2:3b:b1:18:
24:7c:0e:73:8f:e8:9c:30:66:f6:d6:d2:6b:54:86:
9a:18:bc:fb:23:32:a2:61:a4:cf:92:7e:e4:18:0b:
e0:46:f8:fb:1c:88:89:3f:b9:72:ad:08:4b:c4:56:
d2:92:0d:9a:e7:49:61:df:26:a6:d1:27:22:0b:a3:
e7:da:bf:14:e5:20:08:40:fe:86:6e:ea:d1:b9:b2:
71:28:f1:62:38:75:64:74:da:c5:b8:5d:b6:43:79:
f6:41:5f:83:ab:68:03:fb:a3:b7:1d:4a:b1:ee:f6:
49:21:9f:61:3f:67:71:e9:a7:5e:e3:65:b6:bd:1a:
f2:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:81:E4:99:FE:82:1D:F5:59:A1:FA:74:6F:2E:64:4B:8A:D6:96:5A
X509v3 Authority Key Identifier:
keyid:DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/aoHkmf6CHfVZofp0by5kS4rWllo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/3BHa76_4HH5QEnjYfZvCsgTXEVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.41.0/24
94.154.44.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:da:aa:4c:b5:ab:79:cc:27:4c:3a:1b:52:8f:72:4f:6b:dd:
70:c2:50:4e:51:74:32:5e:1b:44:ab:09:b6:ac:8d:21:22:8a:
bd:d7:0c:4f:c0:57:e1:61:bc:ba:77:3f:d1:cf:1c:91:50:06:
d7:05:aa:6f:f0:87:fd:f8:09:73:54:50:3a:d2:b8:73:38:ed:
54:7b:da:39:c6:20:69:70:c9:d2:88:b5:db:49:53:71:ef:54:
2e:f0:75:bb:44:f4:0a:71:63:fa:8e:99:73:71:5f:b9:0e:6a:
8a:af:54:ae:04:89:5a:db:fa:29:fa:e3:6b:fd:fc:e1:fe:77:
c1:ee:2e:6a:9b:a2:ee:ee:a3:63:f3:1b:db:28:f3:41:fb:80:
32:68:ef:59:c6:a5:5f:e8:12:f6:c8:6e:7d:e2:33:fd:a9:dd:
ee:20:50:65:2e:ac:e2:04:aa:87:bf:6a:05:14:a5:4f:ff:58:
07:fd:3a:d4:9c:19:1e:b0:2f:75:4e:03:99:7b:b3:ca:19:ff:
74:e1:91:a2:f0:5e:c8:a4:10:1f:dd:43:61:b1:2e:50:f2:69:
4c:ec:3e:28:1b:db:41:84:e8:84:fb:f4:65:bf:a5:27:a4:83:
9f:db:c1:59:cb:f1:7f:08:f0:bf:da:f9:73:6a:a1:dd:45:8a:
6f:b9:a0:29
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY8RI8eo5064F1UG4/S3bptXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTFkYWVmYWZmODFjN2U1MDEyNzhkODdkOWJjMmIyMDRk
NzExNTUwHhcNMjQwNDI0MTcyNTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTgxZTQ5OWZlODIxZGY1NTlhMWZhNzQ2ZjJlNjQ0YjhhZDY5NjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjiuySi41rePWSjLmaSsau8gnnMCF
OT9qrsTSsJpQL7S3UV6gE89hdIa3uzE+gIppDMd1LWVrmDfA0O49t/NGlowd3jvr
Sl5fE2keK1/L44hl3s1y1tpSpuX0pKwuEG3yI9eRMb9GU+JuEs/xHTaiZ9gkHW+j
4BZww11E+FNk9EOqlPI7sRgkfA5zj+icMGb21tJrVIaaGLz7IzKiYaTPkn7kGAvg
Rvj7HIiJP7lyrQhLxFbSkg2a50lh3yam0SciC6Pn2r8U5SAIQP6GburRubJxKPFi
OHVkdNrFuF22Q3n2QV+Dq2gD+6O3HUqx7vZJIZ9hP2dx6ade42W2vRryWQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGqB5Jn+gh31WaH6dG8uZEuK1pZaMB8GA1UdIwQY
MBaAFNwR2u+v+Bx+UBJ42H2bwrIE1xFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYt
NjUyNDljYmM1NzNjLzEvYW9Ia21mNkNIZlZab2ZwMGJ5NWtTNHJXbGxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYtNjUyNDljYmM1NzNj
LzEvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXpopAwQB
XposMA0GCSqGSIb3DQEBCwUAA4IBAQBb2qpMtat5zCdMOhtSj3JPa91wwlBOUXQy
XhtEqwm2rI0hIoq91wxPwFfhYby6dz/RzxyRUAbXBapv8If9+AlzVFA60rhzOO1U
e9o5xiBpcMnSiLXbSVNx71Qu8HW7RPQKcWP6jplzcV+5DmqKr1SuBIla2/op+uNr
/fzh/nfB7i5qm6Lu7qNj8xvbKPNB+4AyaO9ZxqVf6BL2yG594jP9qd3uIFBlLqzi
BKqHv2oFFKVP/1gH/TrUnBkesC91TgOZe7PKGf904ZGi8F7IpBAf3UNhsS5Q8mlM
7D4oG9tBhOiE+/Rlv6UnpIOf28FZy/F/CPC/2vlzaqHdRYpvuaAp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:31 2024 by rpki-client on console-fra.rpki-client.org