Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/cCoLDcZHCBxF-e6tJ6upc0Iu0kk.roa
File: cCoLDcZHCBxF-e6tJ6upc0Iu0kk.roa (raw, json)
Hash identifier: hezEs8RMJS+BzCgyJ3yVYmrC2YO+zdnnK5avBQFl4LY=
Subject key identifier: 70:2A:0B:0D:C6:47:08:1C:45:F9:EE:AD:27:AB:A9:73:42:2E:D2:49
Certificate issuer: /CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Certificate serial: 01860C54D90E06BB96DBEB00D468B19A751F
Authority key identifier: DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/cCoLDcZHCBxF-e6tJ6upc0Iu0kk.roa
Signing time: Wed 01 Feb 2023 09:35:32 +0000
ROA not before: Wed 01 Feb 2023 09:35:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2856
IP address blocks: 94.154.44.0/23 maxlen: 24
94.154.40.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 04 Aug 2023 14:24:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0c:54:d9:0e:06:bb:96:db:eb:00:d4:68:b1:9a:75:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Validity
Not Before: Feb 1 09:35:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=702a0b0dc647081c45f9eead27aba973422ed249
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:15:c7:3a:22:8c:1c:97:af:b9:df:40:37:46:
8c:96:91:c1:99:00:7c:5e:f2:51:3d:59:af:9b:36:
d2:64:1e:c9:35:ff:2a:fe:f6:e3:89:1c:83:2e:14:
27:77:89:31:f0:16:83:b5:87:d0:9c:e0:d5:bd:54:
eb:7b:bf:35:23:86:1f:72:c2:e3:2e:5e:6d:db:6a:
cd:7c:93:3d:6e:74:c8:9e:37:f0:89:f9:53:90:74:
d6:82:95:f2:0f:ee:db:ce:fa:79:6a:1b:3a:c3:6a:
93:75:d4:e6:b5:31:aa:5d:e9:0f:c1:6f:1c:ea:65:
6b:07:94:4a:e4:96:c1:c5:69:57:da:6d:46:97:45:
37:fb:37:77:b3:82:ad:7e:df:0c:f8:dc:1d:fc:e4:
9b:aa:27:d5:5d:e2:4a:a9:50:d6:eb:e2:f1:e9:06:
c1:e4:e5:41:67:93:11:07:ae:19:cc:40:8a:9f:a7:
0f:c5:8f:d8:d1:2f:5c:a0:a7:e4:a4:75:33:59:a7:
11:9f:26:54:41:7a:c4:72:30:a3:d1:e4:48:4b:a9:
d0:b8:71:30:34:3f:94:06:20:3d:de:8a:5a:7f:27:
6b:fc:e8:d7:f6:90:a4:3b:0a:c2:65:cc:d3:47:18:
23:56:77:47:c0:5c:7a:4e:6a:fd:30:82:aa:2d:26:
e9:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:2A:0B:0D:C6:47:08:1C:45:F9:EE:AD:27:AB:A9:73:42:2E:D2:49
X509v3 Authority Key Identifier:
keyid:DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/cCoLDcZHCBxF-e6tJ6upc0Iu0kk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/3BHa76_4HH5QEnjYfZvCsgTXEVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.40.0-94.154.45.255
Signature Algorithm: sha256WithRSAEncryption
89:bb:5f:db:64:0c:1f:22:23:15:e9:a8:22:a6:3c:a3:78:86:
a9:84:0c:ea:2a:fe:3d:89:bd:0b:99:8a:09:37:21:d4:4b:5b:
21:8f:ff:26:2a:75:98:15:21:7f:7e:84:e0:bc:00:a4:37:c7:
12:1d:53:bd:a7:80:96:dc:42:92:28:da:10:c1:45:c0:59:a0:
f2:a1:0e:22:dc:e1:8d:ad:0a:af:be:4f:dd:68:70:db:3d:f1:
20:d2:53:a2:b0:b4:99:ca:b8:f2:67:5e:3f:df:70:71:24:1d:
d1:ff:24:f4:ef:95:26:33:fb:bc:4c:69:bc:c8:e3:16:56:ab:
aa:f2:3f:e7:35:0b:d5:95:fc:12:72:0d:06:80:7c:2e:25:34:
9b:36:fb:85:7d:1d:f8:92:df:ac:75:81:42:80:11:e4:80:ae:
5a:b0:f1:f2:e9:f4:c9:d5:02:f0:89:cd:1e:79:fc:2c:a1:54:
b9:ed:79:19:00:2d:af:0c:e1:17:cc:a7:13:aa:50:03:3f:e6:
a6:50:e3:50:3b:6c:88:d9:6e:d6:58:95:b8:20:8c:34:ce:f8:
54:e8:8a:69:5e:f6:23:fc:14:64:40:ef:8e:95:b5:aa:30:40:
7a:c4:6d:13:a9:b1:44:ca:f0:d1:38:77:9e:ca:8c:b8:da:b8:
4f:be:fc:30
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYYMVNkOBruW2+sA1GixmnUfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTFkYWVmYWZmODFjN2U1MDEyNzhkODdkOWJjMmIyMDRk
NzExNTUwHhcNMjMwMjAxMDkzNTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDJhMGIwZGM2NDcwODFjNDVmOWVlYWQyN2FiYTk3MzQyMmVkMjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRXHOiKMHJevud9AN0aMlpHBmQB8
XvJRPVmvmzbSZB7JNf8q/vbjiRyDLhQnd4kx8BaDtYfQnODVvVTre781I4YfcsLj
Ll5t22rNfJM9bnTInjfwiflTkHTWgpXyD+7bzvp5ahs6w2qTddTmtTGqXekPwW8c
6mVrB5RK5JbBxWlX2m1Gl0U3+zd3s4Ktft8M+Nwd/OSbqifVXeJKqVDW6+Lx6QbB
5OVBZ5MRB64ZzECKn6cPxY/Y0S9coKfkpHUzWacRnyZUQXrEcjCj0eRIS6nQuHEw
ND+UBiA93opafydr/OjX9pCkOwrCZczTRxgjVndHwFx6Tmr9MIKqLSbpjwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHAqCw3GRwgcRfnurSerqXNCLtJJMB8GA1UdIwQY
MBaAFNwR2u+v+Bx+UBJ42H2bwrIE1xFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYt
NjUyNDljYmM1NzNjLzEvY0NvTERjWkhDQnhGLWU2dEo2dXBjMEl1MGtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYtNjUyNDljYmM1NzNj
LzEvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBANemigD
BAFemiwwDQYJKoZIhvcNAQELBQADggEBAIm7X9tkDB8iIxXpqCKmPKN4hqmEDOoq
/j2JvQuZigk3IdRLWyGP/yYqdZgVIX9+hOC8AKQ3xxIdU72ngJbcQpIo2hDBRcBZ
oPKhDiLc4Y2tCq++T91ocNs98SDSU6KwtJnKuPJnXj/fcHEkHdH/JPTvlSYz+7xM
abzI4xZWq6ryP+c1C9WV/BJyDQaAfC4lNJs2+4V9HfiS36x1gUKAEeSArlqw8fLp
9MnVAvCJzR55/CyhVLnteRkALa8M4RfMpxOqUAM/5qZQ41A7bIjZbtZYlbggjDTO
+FToimle9iP8FGRA746VtaowQHrEbROpsUTK8NE4d57KjLjauE++/DA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:55 2024 by rpki-client on console-ams.rpki-client.org