Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/cfmsUa9yd2LOcbxUxUf_CgnpJeo.roa
File: cfmsUa9yd2LOcbxUxUf_CgnpJeo.roa (raw, json)
Hash identifier: Ur+0YHFdYrA+sJYW4CZFZbIsRhFVRvf/xb/ncwGmBUU=
Subject key identifier: 71:F9:AC:51:AF:72:77:62:CE:71:BC:54:C5:47:FF:0A:09:E9:25:EA
Certificate issuer: /CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Certificate serial: 018D12099738FE22770966A307585408026F
Authority key identifier: DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/cfmsUa9yd2LOcbxUxUf_CgnpJeo.roa
Signing time: Tue 16 Jan 2024 11:30:34 +0000
ROA not before: Tue 16 Jan 2024 11:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 94.154.40.0/22 maxlen: 24
94.154.40.0/24 maxlen: 24
94.154.42.0/24 maxlen: 24
94.154.44.0/24 maxlen: 24
94.154.45.0/24 maxlen: 24
94.154.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jan 2024 13:56:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:12:09:97:38:fe:22:77:09:66:a3:07:58:54:08:02:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Validity
Not Before: Jan 16 11:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71f9ac51af727762ce71bc54c547ff0a09e925ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:9a:5f:f3:5b:2e:bf:37:c4:3b:f8:5a:df:13:
30:4a:9e:2e:d6:7b:37:43:ea:bc:e6:a8:3b:72:b6:
9d:e4:d2:e6:1d:74:94:b2:c9:a8:26:4c:51:8f:ac:
01:9c:3e:b4:24:bc:2d:09:d7:da:3b:e8:a2:7e:82:
e3:ae:5e:6f:e3:2f:60:57:52:12:56:1f:7b:59:89:
da:33:74:1b:90:ae:58:db:be:c8:b8:a1:1d:f0:81:
36:e1:f4:2a:2b:98:3b:bd:4e:ff:c3:ce:ee:7f:19:
86:a1:02:9e:aa:52:51:8f:a8:80:66:05:12:33:23:
42:9a:e3:d9:cd:7c:b2:50:13:5c:30:4a:3c:28:2e:
82:26:35:47:5e:36:41:86:82:7f:6e:5e:77:f3:20:
d8:dd:6b:12:24:2e:7e:53:32:05:0c:fc:eb:4e:de:
49:ae:71:a1:b6:55:ed:a0:69:40:a9:a1:dd:1c:b1:
1b:46:71:14:24:c8:a0:f3:c8:7f:08:73:09:4f:9e:
96:84:c2:c6:3b:a9:54:b1:2b:fa:17:ee:f2:91:75:
82:50:e5:dd:85:a2:29:cf:8d:e9:eb:75:60:aa:be:
00:2b:54:9e:e0:59:40:47:99:37:73:c4:02:9a:00:
90:30:ff:e8:54:36:75:cf:92:84:05:95:c8:17:15:
be:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:F9:AC:51:AF:72:77:62:CE:71:BC:54:C5:47:FF:0A:09:E9:25:EA
X509v3 Authority Key Identifier:
keyid:DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/cfmsUa9yd2LOcbxUxUf_CgnpJeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/3BHa76_4HH5QEnjYfZvCsgTXEVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.40.0-94.154.46.255
Signature Algorithm: sha256WithRSAEncryption
73:b2:b6:62:aa:76:23:db:7e:6e:06:2a:c2:d5:2f:00:5a:01:
b8:ac:d4:5e:39:a7:25:96:ee:1d:0c:8e:a3:62:db:d4:d0:b4:
44:bd:bf:bd:98:9a:7d:2f:ab:c4:63:60:f3:38:2f:8c:cb:da:
72:ae:28:30:07:34:9a:7c:4e:73:e4:96:4b:33:67:b4:23:f4:
b8:cc:7c:21:1e:bd:2e:f3:0d:24:cf:44:d1:7c:38:d9:ea:01:
7f:5e:58:f0:81:f4:53:21:5a:36:16:e6:3d:4e:40:3c:05:ff:
eb:36:0d:22:f2:f2:90:97:14:ce:e7:75:5f:63:ad:86:da:9f:
c5:be:9d:b4:01:9d:21:c0:cb:23:a0:ae:df:1d:32:b5:5b:40:
b6:1f:eb:bb:52:0c:ad:60:f4:58:de:03:5f:7c:80:12:28:05:
c4:e0:04:4d:57:f0:75:e8:9a:6f:83:14:1b:d7:e1:0f:0d:69:
2f:77:2d:0e:5d:f6:8f:2b:d4:86:8d:41:d8:47:23:bb:cb:23:
3c:68:d9:b7:68:52:61:33:8b:50:11:45:8a:27:37:05:26:58:
7f:1b:7d:73:ab:00:ff:23:c4:f3:a8:67:09:f7:55:28:40:0f:
dc:42:49:bd:20:be:f0:eb:e1:e1:e0:d7:42:f3:20:0b:e0:bf:
01:94:9d:55
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY0SCZc4/iJ3CWajB1hUCAJvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTFkYWVmYWZmODFjN2U1MDEyNzhkODdkOWJjMmIyMDRk
NzExNTUwHhcNMjQwMTE2MTEzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWY5YWM1MWFmNzI3NzYyY2U3MWJjNTRjNTQ3ZmYwYTA5ZTkyNWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZpf81suvzfEO/ha3xMwSp4u1ns3
Q+q85qg7crad5NLmHXSUssmoJkxRj6wBnD60JLwtCdfaO+iifoLjrl5v4y9gV1IS
Vh97WYnaM3QbkK5Y277IuKEd8IE24fQqK5g7vU7/w87ufxmGoQKeqlJRj6iAZgUS
MyNCmuPZzXyyUBNcMEo8KC6CJjVHXjZBhoJ/bl538yDY3WsSJC5+UzIFDPzrTt5J
rnGhtlXtoGlAqaHdHLEbRnEUJMig88h/CHMJT56WhMLGO6lUsSv6F+7ykXWCUOXd
haIpz43p63Vgqr4AK1Se4FlAR5k3c8QCmgCQMP/oVDZ1z5KEBZXIFxW+KQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHH5rFGvcndiznG8VMVH/woJ6SXqMB8GA1UdIwQY
MBaAFNwR2u+v+Bx+UBJ42H2bwrIE1xFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYt
NjUyNDljYmM1NzNjLzEvY2Ztc1VhOXlkMkxPY2J4VXhVZl9DZ25wSmVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYtNjUyNDljYmM1NzNj
LzEvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBANemigD
BABemi4wDQYJKoZIhvcNAQELBQADggEBAHOytmKqdiPbfm4GKsLVLwBaAbis1F45
pyWW7h0MjqNi29TQtES9v72Ymn0vq8RjYPM4L4zL2nKuKDAHNJp8TnPklkszZ7Qj
9LjMfCEevS7zDSTPRNF8ONnqAX9eWPCB9FMhWjYW5j1OQDwF/+s2DSLy8pCXFM7n
dV9jrYban8W+nbQBnSHAyyOgrt8dMrVbQLYf67tSDK1g9FjeA198gBIoBcTgBE1X
8HXomm+DFBvX4Q8NaS93LQ5d9o8r1IaNQdhHI7vLIzxo2bdoUmEzi1ARRYonNwUm
WH8bfXOrAP8jxPOoZwn3VShAD9xCSb0gvvDr4eHg10LzIAvgvwGUnVU=
-----END CERTIFICATE-----
Generated at Mon Jan 22 17:49:59 2024 by rpki-client on console-fra.rpki-client.org