Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/gi6m6YTSm-0p5ebltHWUkv7PH0o.roa
File: gi6m6YTSm-0p5ebltHWUkv7PH0o.roa (raw, json)
Hash identifier: 5gMGLEjBihUqiV2FmdIyD/sweE3fJW5QjW9bOvcrks0=
Subject key identifier: 82:2E:A6:E9:84:D2:9B:ED:29:E5:E6:E5:B4:75:94:92:FE:CF:1F:4A
Certificate issuer: /CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Certificate serial: 018D6A60AA06FB29AC3A09B550EEBF4CBEC6
Authority key identifier: DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/gi6m6YTSm-0p5ebltHWUkv7PH0o.roa
Signing time: Fri 02 Feb 2024 15:12:16 +0000
ROA not before: Fri 02 Feb 2024 15:12:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 94.154.44.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Mar 2024 21:56:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6a:60:aa:06:fb:29:ac:3a:09:b5:50:ee:bf:4c:be:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Validity
Not Before: Feb 2 15:12:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=822ea6e984d29bed29e5e6e5b4759492fecf1f4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:4c:19:32:02:b4:37:be:60:55:cf:8d:ad:d3:
d7:8c:21:da:a9:b2:cf:a5:0f:7d:21:69:c7:cf:77:
42:2f:3c:50:91:d7:3a:af:6c:a6:4e:52:03:55:c6:
51:69:bd:a6:5e:15:68:73:b9:04:06:4b:d1:ae:bc:
5e:d9:6e:d7:2f:cd:45:8a:c6:60:fb:ae:30:cf:8e:
5d:bf:cb:23:f8:f8:55:92:0e:cc:c6:2b:64:a3:ad:
66:a4:5d:5a:07:00:2b:af:b9:f7:8b:81:b8:f7:da:
f3:9a:5b:d2:37:1f:d8:74:70:48:b3:c9:08:8c:fb:
65:ca:2e:13:66:cd:60:80:91:07:87:81:ed:7b:4a:
7d:f6:c5:70:b5:1d:cf:49:73:3c:4f:91:d9:f0:96:
28:95:99:b4:1a:5d:14:ac:91:cd:5a:df:9b:5e:aa:
6c:0d:ef:a1:b5:ca:95:7e:5e:88:94:f3:3c:60:b3:
de:20:df:f4:53:e5:82:85:f8:6b:2c:80:66:b1:02:
9e:72:be:6a:a8:4c:75:25:9a:c3:58:31:86:05:26:
54:bf:0b:e0:dc:59:66:2b:8e:58:c0:f0:bf:27:e9:
75:a8:cb:90:d9:12:86:73:b0:d7:c6:49:bc:3c:5e:
80:7c:4f:88:72:5e:c3:98:f1:85:d5:c4:45:a5:8d:
72:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:2E:A6:E9:84:D2:9B:ED:29:E5:E6:E5:B4:75:94:92:FE:CF:1F:4A
X509v3 Authority Key Identifier:
keyid:DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/gi6m6YTSm-0p5ebltHWUkv7PH0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/3BHa76_4HH5QEnjYfZvCsgTXEVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.44.0/23
Signature Algorithm: sha256WithRSAEncryption
88:a9:60:3a:3b:31:25:99:92:15:00:78:ee:f9:3e:76:40:49:
6f:7e:6a:18:5b:50:f1:8d:dc:4e:fe:8b:20:6a:04:1a:3f:e4:
20:d3:1b:dd:a5:c1:a4:aa:d8:3f:c6:c8:d3:6c:b4:32:a3:fa:
50:3b:28:fd:7e:86:92:29:17:1b:52:4d:33:8a:51:d9:03:4e:
6b:04:3d:51:5a:b8:70:05:f8:dc:96:61:0d:2d:1d:7a:09:99:
39:84:69:c1:bc:34:19:7d:7f:b1:53:f3:a2:da:fc:7e:70:1f:
5b:f5:f4:93:72:50:68:c2:10:31:99:c6:be:30:b9:79:1e:65:
d9:4f:f2:3b:de:e4:a9:55:48:5b:21:dd:60:0c:c7:ab:b1:d0:
52:e0:1d:3d:80:5a:39:b7:04:0c:43:59:bf:ee:55:e1:11:ab:
23:d2:13:5d:d9:af:21:f4:f4:f3:25:f6:ed:bc:ba:36:a4:33:
34:bb:7d:3d:06:82:80:da:ea:07:52:db:e1:dd:8f:d5:bc:93:
c1:7c:97:25:2a:73:ca:68:18:e8:07:0f:dd:26:96:b6:b5:9f:
8b:ac:b3:8e:2c:43:8d:9d:ed:fa:1a:25:37:a8:6e:2f:1b:52:
c0:7d:e6:85:c7:0a:53:5d:69:b6:ee:13:60:f7:1b:1b:0b:fb:
10:7a:45:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1qYKoG+ymsOgm1UO6/TL7GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTFkYWVmYWZmODFjN2U1MDEyNzhkODdkOWJjMmIyMDRk
NzExNTUwHhcNMjQwMjAyMTUxMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjJlYTZlOTg0ZDI5YmVkMjllNWU2ZTViNDc1OTQ5MmZlY2YxZjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUwZMgK0N75gVc+NrdPXjCHaqbLP
pQ99IWnHz3dCLzxQkdc6r2ymTlIDVcZRab2mXhVoc7kEBkvRrrxe2W7XL81FisZg
+64wz45dv8sj+PhVkg7Mxitko61mpF1aBwArr7n3i4G499rzmlvSNx/YdHBIs8kI
jPtlyi4TZs1ggJEHh4Hte0p99sVwtR3PSXM8T5HZ8JYolZm0Gl0UrJHNWt+bXqps
De+htcqVfl6IlPM8YLPeIN/0U+WChfhrLIBmsQKecr5qqEx1JZrDWDGGBSZUvwvg
3FlmK45YwPC/J+l1qMuQ2RKGc7DXxkm8PF6AfE+Icl7DmPGF1cRFpY1y4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIIupumE0pvtKeXm5bR1lJL+zx9KMB8GA1UdIwQY
MBaAFNwR2u+v+Bx+UBJ42H2bwrIE1xFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYt
NjUyNDljYmM1NzNjLzEvZ2k2bTZZVFNtLTBwNWVibHRIV1VrdjdQSDBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYtNjUyNDljYmM1NzNj
LzEvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXposMA0G
CSqGSIb3DQEBCwUAA4IBAQCIqWA6OzElmZIVAHju+T52QElvfmoYW1DxjdxO/osg
agQaP+Qg0xvdpcGkqtg/xsjTbLQyo/pQOyj9foaSKRcbUk0zilHZA05rBD1RWrhw
BfjclmENLR16CZk5hGnBvDQZfX+xU/Oi2vx+cB9b9fSTclBowhAxmca+MLl5HmXZ
T/I73uSpVUhbId1gDMersdBS4B09gFo5twQMQ1m/7lXhEasj0hNd2a8h9PTzJfbt
vLo2pDM0u309BoKA2uoHUtvh3Y/VvJPBfJclKnPKaBjoBw/dJpa2tZ+LrLOOLEON
ne36GiU3qG4vG1LAfeaFxwpTXWm27hNg9xsbC/sQekUC
-----END CERTIFICATE-----
Generated at Tue Mar 12 22:46:12 2024 by rpki-client on console-ams.rpki-client.org