Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/bL7jM0pi1RHe68hwUlcg8p_y8W0.roa
File: bL7jM0pi1RHe68hwUlcg8p_y8W0.roa (raw, json)
Hash identifier: k2wbz8fuvMlmop+UzyzZNy/NYIQBATI63mauP3h+CV8=
Subject key identifier: 6C:BE:E3:33:4A:62:D5:11:DE:EB:C8:70:52:57:20:F2:9F:F2:F1:6D
Certificate issuer: /CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Certificate serial: 0193C14B112633DC81AB761DFB2016EAE735
Authority key identifier: DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/bL7jM0pi1RHe68hwUlcg8p_y8W0.roa
Signing time: Fri 13 Dec 2024 18:32:22 +0000
ROA not before: Fri 13 Dec 2024 18:32:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208485
IP address blocks: 94.154.40.0/24 maxlen: 24
94.154.41.0/24 maxlen: 24
94.154.43.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Dec 2024 12:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c1:4b:11:26:33:dc:81:ab:76:1d:fb:20:16:ea:e7:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Validity
Not Before: Dec 13 18:32:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cbee3334a62d511deebc870525720f29ff2f16d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:36:91:c8:17:8c:26:9f:7f:a7:ab:a3:62:e2:
8e:09:d0:51:6e:5f:ae:ab:c2:88:16:17:84:9d:1c:
b5:50:67:6f:2c:67:c8:3b:6e:e5:b6:7e:85:d8:a4:
66:9b:07:4b:fe:46:37:4e:0b:24:db:d7:01:43:88:
7a:7b:75:62:72:1b:fa:89:97:b4:78:8e:8b:9e:25:
5a:ce:df:6e:e3:a9:e8:b8:2e:db:dd:4b:f1:e6:70:
e4:cd:92:b9:20:99:c7:a8:46:58:bc:6c:7a:5e:c1:
e4:31:ee:03:2d:16:cf:43:a1:36:8f:01:7e:dc:6f:
5b:67:98:36:9c:19:f3:67:93:df:b2:88:ba:10:f7:
96:f3:df:49:30:5a:4c:ac:40:5e:a6:9d:1e:ff:0a:
a0:24:62:36:91:93:8a:a6:73:06:30:89:fd:1f:4d:
12:02:52:60:d9:26:83:5c:79:05:14:97:40:ac:3f:
31:e6:b9:77:e6:c0:6f:d2:20:f0:71:9e:0f:18:6c:
a3:f6:67:e9:04:12:62:5d:60:34:93:9e:39:51:45:
3a:7a:99:ab:1e:d0:7a:36:50:f5:62:40:99:87:96:
d5:e4:a8:b0:d9:24:54:25:65:1e:32:67:52:14:d4:
87:7a:51:dc:96:b1:49:8e:ea:d4:a1:a6:64:7c:11:
49:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:BE:E3:33:4A:62:D5:11:DE:EB:C8:70:52:57:20:F2:9F:F2:F1:6D
X509v3 Authority Key Identifier:
keyid:DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/bL7jM0pi1RHe68hwUlcg8p_y8W0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/3BHa76_4HH5QEnjYfZvCsgTXEVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.40.0/23
94.154.43.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:c9:93:c7:8e:2d:4d:62:cc:63:20:88:c8:87:4d:52:ef:ed:
77:59:b8:5d:a7:a9:1f:90:d9:13:4a:20:47:75:0b:f7:b2:9d:
7c:76:75:76:73:8d:7b:49:09:6c:50:5f:8d:e6:ee:73:d0:7a:
4f:90:23:cc:6a:31:77:31:ef:e9:0c:15:9f:f8:b5:e6:1d:38:
88:97:fa:1d:de:22:85:9b:fe:45:61:0a:ff:05:c6:c4:a1:fb:
0a:b9:d1:5d:bf:ec:ee:81:d5:37:04:5f:18:dc:ec:70:6b:9a:
fc:1e:8f:c0:d8:ad:9c:42:55:86:cf:42:08:21:cd:bd:f2:a8:
f0:a2:d6:3d:99:af:50:11:ca:30:e5:74:d3:5a:c3:b4:0b:64:
c0:19:e7:8a:7c:5f:10:18:3a:74:ee:0e:cc:6c:e7:47:d0:1b:
07:89:d9:ae:e5:7f:d8:6b:aa:d7:03:dd:6f:fd:b8:a5:70:30:
8c:fc:ef:f5:b7:aa:52:96:0f:65:0b:45:dc:f0:3e:69:24:81:
9d:d1:b7:a1:4a:08:16:b0:de:a8:ba:d3:f8:41:70:d9:86:b6:
15:53:ff:eb:09:c8:0e:7c:74:e1:e7:0d:fc:e1:e9:42:42:8a:
36:b5:7d:3d:09:b6:0f:49:e6:dd:49:80:8a:9d:65:42:d3:89:
73:b8:df:57
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZPBSxEmM9yBq3Yd+yAW6uc1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTFkYWVmYWZmODFjN2U1MDEyNzhkODdkOWJjMmIyMDRk
NzExNTUwHhcNMjQxMjEzMTgzMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2JlZTMzMzRhNjJkNTExZGVlYmM4NzA1MjU3MjBmMjlmZjJmMTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jaRyBeMJp9/p6ujYuKOCdBRbl+u
q8KIFheEnRy1UGdvLGfIO27ltn6F2KRmmwdL/kY3Tgsk29cBQ4h6e3Vichv6iZe0
eI6LniVazt9u46nouC7b3Uvx5nDkzZK5IJnHqEZYvGx6XsHkMe4DLRbPQ6E2jwF+
3G9bZ5g2nBnzZ5Pfsoi6EPeW899JMFpMrEBepp0e/wqgJGI2kZOKpnMGMIn9H00S
AlJg2SaDXHkFFJdArD8x5rl35sBv0iDwcZ4PGGyj9mfpBBJiXWA0k545UUU6epmr
HtB6NlD1YkCZh5bV5Kiw2SRUJWUeMmdSFNSHelHclrFJjurUoaZkfBFJjwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGy+4zNKYtUR3uvIcFJXIPKf8vFtMB8GA1UdIwQY
MBaAFNwR2u+v+Bx+UBJ42H2bwrIE1xFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYt
NjUyNDljYmM1NzNjLzEvYkw3ak0wcGkxUkhlNjhod1VsY2c4cF95OFcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYtNjUyNDljYmM1NzNj
LzEvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBXpooAwQA
XporMA0GCSqGSIb3DQEBCwUAA4IBAQBeyZPHji1NYsxjIIjIh01S7+13Wbhdp6kf
kNkTSiBHdQv3sp18dnV2c417SQlsUF+N5u5z0HpPkCPMajF3Me/pDBWf+LXmHTiI
l/od3iKFm/5FYQr/BcbEofsKudFdv+zugdU3BF8Y3Oxwa5r8Ho/A2K2cQlWGz0II
Ic298qjwotY9ma9QEcow5XTTWsO0C2TAGeeKfF8QGDp07g7MbOdH0BsHidmu5X/Y
a6rXA91v/bilcDCM/O/1t6pSlg9lC0Xc8D5pJIGd0behSggWsN6outP4QXDZhrYV
U//rCcgOfHTh5w384elCQoo2tX09CbYPSebdSYCKnWVC04lzuN9X
-----END CERTIFICATE-----
Generated at Mon Apr 14 04:20:04 2025 by rpki-client