Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/ft0YluLy5t9WbsAWeFvsSmrGVgs.roa
File: ft0YluLy5t9WbsAWeFvsSmrGVgs.roa (raw, json)
Hash identifier: 0VNCGjxyiaVzsS3Q8SrwItahLF1EGkFRbGmA7DQiDxc=
Subject key identifier: 7E:DD:18:96:E2:F2:E6:DF:56:6E:C0:16:78:5B:EC:4A:6A:C6:56:0B
Certificate issuer: /CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Certificate serial: 018D642A64C2D987A9DE4D16B0055CC0EBC4
Authority key identifier: DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/ft0YluLy5t9WbsAWeFvsSmrGVgs.roa
Signing time: Thu 01 Feb 2024 10:15:16 +0000
ROA not before: Thu 01 Feb 2024 10:15:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 94.154.42.0/24 maxlen: 24
94.154.44.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Feb 2024 15:12:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:64:2a:64:c2:d9:87:a9:de:4d:16:b0:05:5c:c0:eb:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Validity
Not Before: Feb 1 10:15:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7edd1896e2f2e6df566ec016785bec4a6ac6560b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:3a:dd:c3:de:0e:da:bc:85:f0:f6:6b:d8:e9:
e6:56:93:44:40:60:af:f0:d3:41:75:59:78:39:58:
6c:86:f2:c7:6c:62:fc:18:ed:26:45:65:e7:e4:a8:
97:52:e6:e0:27:01:4e:9b:84:67:32:24:8e:f8:03:
df:14:7e:e5:cc:54:71:97:e5:78:f9:ae:a5:b2:83:
d0:38:b9:fe:27:ff:0e:75:36:4f:75:10:74:45:fe:
d0:81:78:80:47:69:a2:9a:8b:a8:ef:d3:41:48:10:
cf:82:7a:23:54:ee:08:1e:1e:0b:75:9f:52:17:3b:
97:1c:2b:c3:f4:c0:6f:d6:dd:78:6a:9a:54:e4:77:
73:30:72:37:f6:5b:76:54:a4:d8:3e:ce:0a:c3:c8:
e6:3f:74:7d:96:9a:3f:ed:2a:98:53:36:91:27:f9:
31:1b:39:fb:d4:d8:dd:9d:f9:b4:b8:69:23:69:17:
3f:e2:c4:59:53:04:f4:9f:4b:3a:b7:7a:0a:99:c8:
79:9c:3d:65:c8:69:43:77:1f:1b:56:45:e1:b1:79:
3d:33:1d:f1:e5:16:76:3c:fe:ac:53:dc:b5:92:cc:
47:51:36:96:fe:5a:78:92:55:14:79:2d:14:ad:77:
7b:a1:42:f4:bd:4f:33:ce:5a:0b:16:e2:f1:38:50:
31:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:DD:18:96:E2:F2:E6:DF:56:6E:C0:16:78:5B:EC:4A:6A:C6:56:0B
X509v3 Authority Key Identifier:
keyid:DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/ft0YluLy5t9WbsAWeFvsSmrGVgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/3BHa76_4HH5QEnjYfZvCsgTXEVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.42.0/24
94.154.44.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:4f:20:1b:c2:3c:21:f1:35:99:5b:a4:4f:72:aa:aa:b2:e1:
0a:44:4e:ec:41:01:3f:89:16:7d:d4:2e:03:5e:31:13:8c:63:
d7:2f:d6:e2:8a:6f:00:8d:a0:ff:c1:f7:e0:86:3a:50:c3:f5:
b2:7b:da:40:15:c2:ad:7b:c6:40:13:a8:6e:5e:02:2b:1d:35:
de:91:d6:82:80:80:fb:53:ce:72:56:9a:a7:63:a9:60:d7:1f:
b7:31:19:08:a6:96:d2:28:45:4f:b7:00:07:81:88:b9:98:49:
d1:82:81:28:58:d4:4b:3b:4e:04:e1:8d:a4:2a:f9:9a:26:70:
5c:98:ea:a0:61:ce:53:e0:0b:39:0c:59:de:86:1e:b4:44:8a:
b5:08:66:95:fa:55:68:0f:92:93:15:79:8d:9d:f0:e3:c8:74:
a8:2d:b2:3d:26:47:11:2e:78:c3:e4:8c:25:94:6b:74:f5:40:
0f:28:31:4b:40:43:0f:e2:cb:18:51:aa:ab:ea:bc:ee:35:62:
32:e6:ee:46:0a:fe:c1:df:0e:45:a3:33:82:49:02:3e:98:88:
a0:7a:27:69:b5:57:b5:fe:8f:4e:e2:7d:58:83:95:ca:34:f4:
9d:8c:66:bf:3b:05:7d:a2:5f:f2:cd:08:07:d5:bf:d6:de:c1:
23:ff:23:05
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1kKmTC2Yep3k0WsAVcwOvEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTFkYWVmYWZmODFjN2U1MDEyNzhkODdkOWJjMmIyMDRk
NzExNTUwHhcNMjQwMjAxMTAxNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWRkMTg5NmUyZjJlNmRmNTY2ZWMwMTY3ODViZWM0YTZhYzY1NjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozrdw94O2ryF8PZr2OnmVpNEQGCv
8NNBdVl4OVhshvLHbGL8GO0mRWXn5KiXUubgJwFOm4RnMiSO+APfFH7lzFRxl+V4
+a6lsoPQOLn+J/8OdTZPdRB0Rf7QgXiAR2mimouo79NBSBDPgnojVO4IHh4LdZ9S
FzuXHCvD9MBv1t14appU5HdzMHI39lt2VKTYPs4Kw8jmP3R9lpo/7SqYUzaRJ/kx
Gzn71Njdnfm0uGkjaRc/4sRZUwT0n0s6t3oKmch5nD1lyGlDdx8bVkXhsXk9Mx3x
5RZ2PP6sU9y1ksxHUTaW/lp4klUUeS0UrXd7oUL0vU8zzloLFuLxOFAxdQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH7dGJbi8ubfVm7AFnhb7EpqxlYLMB8GA1UdIwQY
MBaAFNwR2u+v+Bx+UBJ42H2bwrIE1xFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYt
NjUyNDljYmM1NzNjLzEvZnQwWWx1THk1dDlXYnNBV2VGdnNTbXJHVmdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYtNjUyNDljYmM1NzNj
LzEvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXpoqAwQB
XposMA0GCSqGSIb3DQEBCwUAA4IBAQBbTyAbwjwh8TWZW6RPcqqqsuEKRE7sQQE/
iRZ91C4DXjETjGPXL9biim8AjaD/wffghjpQw/Wye9pAFcKte8ZAE6huXgIrHTXe
kdaCgID7U85yVpqnY6lg1x+3MRkIppbSKEVPtwAHgYi5mEnRgoEoWNRLO04E4Y2k
KvmaJnBcmOqgYc5T4As5DFnehh60RIq1CGaV+lVoD5KTFXmNnfDjyHSoLbI9JkcR
LnjD5IwllGt09UAPKDFLQEMP4ssYUaqr6rzuNWIy5u5GCv7B3w5FozOCSQI+mIig
eidptVe1/o9O4n1Yg5XKNPSdjGa/OwV9ol/yzQgH1b/W3sEj/yMF
-----END CERTIFICATE-----
Generated at Fri Feb 2 20:35:38 2024 by rpki-client on console-ams.rpki-client.org