Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/iQs3C-kKb8cWoWwOaQm9PWd7T8M.roa
File: iQs3C-kKb8cWoWwOaQm9PWd7T8M.roa (raw, json)
Hash identifier: lN4TO7GBmu8TXmsBGwvppVRgM8TZanGh4Pg+PkdK9sM=
Subject key identifier: 89:0B:37:0B:E9:0A:6F:C7:16:A1:6C:0E:69:09:BD:3D:67:7B:4F:C3
Certificate issuer: /CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Certificate serial: 0190A84DE0E8FFCEA490D67852143E6042EE
Authority key identifier: DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/iQs3C-kKb8cWoWwOaQm9PWd7T8M.roa
Signing time: Fri 12 Jul 2024 18:56:34 +0000
ROA not before: Fri 12 Jul 2024 18:56:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205733
IP address blocks: 94.154.41.0/24 maxlen: 24
94.154.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 14 Jul 2024 18:39:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a8:4d:e0:e8:ff:ce:a4:90:d6:78:52:14:3e:60:42:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Validity
Not Before: Jul 12 18:56:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=890b370be90a6fc716a16c0e6909bd3d677b4fc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:61:fe:95:d5:f8:14:51:14:44:01:4d:97:d2:
cc:11:d4:a5:8e:a3:cf:ca:23:93:9b:f7:7d:1c:5a:
a7:84:58:1e:7a:27:ec:e8:e3:71:c3:bb:fe:c2:04:
44:3f:e6:2f:0e:5e:9d:d3:90:ed:f6:41:56:e8:59:
b8:5d:7b:a8:85:b8:9e:83:0e:d8:be:83:91:62:05:
f2:2e:08:53:e4:1d:10:44:5e:24:c8:f3:f9:aa:78:
ce:a0:12:d8:c5:e7:da:6f:f6:89:f5:e1:7a:2e:31:
e7:51:11:d2:bf:50:bc:0b:90:9b:44:39:ca:53:7a:
31:31:0f:62:75:f5:79:3f:32:9b:87:c8:5a:24:c5:
25:41:12:6c:43:bf:1b:03:8d:32:12:7c:3a:97:2c:
27:44:1b:2c:e7:4b:f9:d8:ef:81:78:38:23:03:48:
ca:05:4e:e3:58:0b:1e:88:8b:c3:ca:33:81:cb:e1:
92:62:ec:4a:ae:f1:83:2b:bc:fb:f3:f7:29:3e:2d:
a9:e3:a2:77:93:df:f9:5f:c5:b8:ff:ae:10:00:4b:
be:c1:63:99:c7:e0:78:f6:6b:2f:64:72:99:7d:4f:
de:1c:07:2b:24:f9:ae:55:97:94:05:a9:ca:1f:15:
66:cf:60:47:2f:68:6e:94:8f:42:bb:c7:66:f9:d0:
3a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:0B:37:0B:E9:0A:6F:C7:16:A1:6C:0E:69:09:BD:3D:67:7B:4F:C3
X509v3 Authority Key Identifier:
keyid:DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/iQs3C-kKb8cWoWwOaQm9PWd7T8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/3BHa76_4HH5QEnjYfZvCsgTXEVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.41.0/24
94.154.46.0/24
Signature Algorithm: sha256WithRSAEncryption
69:7e:60:24:76:fe:31:13:d9:e4:a1:70:f1:36:cf:d4:ee:05:
74:0c:99:60:2c:ee:bd:ef:1c:59:1f:09:fe:70:bb:63:0d:c7:
b9:54:82:e8:15:e5:a2:4c:d8:d9:20:cc:0e:c8:38:2d:25:8d:
39:b6:f2:25:81:7b:f4:0a:02:60:2e:55:b0:4f:a3:e1:27:9c:
d1:33:16:74:2e:71:53:ae:6a:1b:cd:c8:39:89:d3:91:db:ab:
98:bd:e1:6e:a9:00:83:fd:30:c7:76:bd:c5:f8:cf:f3:ae:0a:
f8:99:a5:47:17:9d:13:0a:80:12:5a:49:4a:1c:eb:11:3a:90:
36:d4:d2:2a:44:8b:3d:bd:e2:c4:10:6a:45:94:6f:ec:01:18:
0c:1e:c9:e1:a8:e7:11:ae:47:be:9a:65:b7:16:17:18:ca:a1:
d2:67:67:56:5a:7e:85:19:6b:93:1d:53:51:58:f6:89:d0:e8:
d3:c8:29:09:27:16:7d:2d:4c:9d:41:cc:30:32:42:a9:b2:2a:
ab:08:1d:65:de:d9:ab:95:e3:0a:e0:b9:5f:dd:ed:29:84:24:
49:f6:7c:44:a3:64:67:26:d7:7a:aa:c3:0c:17:67:52:92:96:
94:7d:0a:bd:60:72:01:68:3c:1b:d4:d5:49:d5:92:82:f2:f5:
80:47:39:45
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZCoTeDo/86kkNZ4UhQ+YELuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTFkYWVmYWZmODFjN2U1MDEyNzhkODdkOWJjMmIyMDRk
NzExNTUwHhcNMjQwNzEyMTg1NjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTBiMzcwYmU5MGE2ZmM3MTZhMTZjMGU2OTA5YmQzZDY3N2I0ZmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2H+ldX4FFEURAFNl9LMEdSljqPP
yiOTm/d9HFqnhFgeeifs6ONxw7v+wgREP+YvDl6d05Dt9kFW6Fm4XXuohbiegw7Y
voORYgXyLghT5B0QRF4kyPP5qnjOoBLYxefab/aJ9eF6LjHnURHSv1C8C5CbRDnK
U3oxMQ9idfV5PzKbh8haJMUlQRJsQ78bA40yEnw6lywnRBss50v52O+BeDgjA0jK
BU7jWAseiIvDyjOBy+GSYuxKrvGDK7z78/cpPi2p46J3k9/5X8W4/64QAEu+wWOZ
x+B49msvZHKZfU/eHAcrJPmuVZeUBanKHxVmz2BHL2hulI9Cu8dm+dA64wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIkLNwvpCm/HFqFsDmkJvT1ne0/DMB8GA1UdIwQY
MBaAFNwR2u+v+Bx+UBJ42H2bwrIE1xFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYt
NjUyNDljYmM1NzNjLzEvaVFzM0Mta0tiOGNXb1d3T2FRbTlQV2Q3VDhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYtNjUyNDljYmM1NzNj
LzEvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXpopAwQA
XpouMA0GCSqGSIb3DQEBCwUAA4IBAQBpfmAkdv4xE9nkoXDxNs/U7gV0DJlgLO69
7xxZHwn+cLtjDce5VILoFeWiTNjZIMwOyDgtJY05tvIlgXv0CgJgLlWwT6PhJ5zR
MxZ0LnFTrmobzcg5idOR26uYveFuqQCD/TDHdr3F+M/zrgr4maVHF50TCoASWklK
HOsROpA21NIqRIs9veLEEGpFlG/sARgMHsnhqOcRrke+mmW3FhcYyqHSZ2dWWn6F
GWuTHVNRWPaJ0OjTyCkJJxZ9LUydQcwwMkKpsiqrCB1l3tmrleMK4Llf3e0phCRJ
9nxEo2RnJtd6qsMMF2dSkpaUfQq9YHIBaDwb1NVJ1ZKC8vWARzlF
-----END CERTIFICATE-----
Generated at Sun Jul 14 19:59:03 2024 by rpki-client on console-fra.rpki-client.org