Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/kADzCWPbQ7my2WfE2kxCuSPmSM8.roa
File: kADzCWPbQ7my2WfE2kxCuSPmSM8.roa (raw, json)
Hash identifier: JM2ZWGAf0hFpqBcp69k3eHXJevVoArTymiFfDAVEmno=
Subject key identifier: 90:00:F3:09:63:DB:43:B9:B2:D9:67:C4:DA:4C:42:B9:23:E6:48:CF
Certificate issuer: /CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Certificate serial: 0193B1CC15F796F437CA155AA343DF533EFC
Authority key identifier: DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/kADzCWPbQ7my2WfE2kxCuSPmSM8.roa
Signing time: Tue 10 Dec 2024 18:19:22 +0000
ROA not before: Tue 10 Dec 2024 18:19:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 94.154.40.0/24 maxlen: 24
94.154.41.0/24 maxlen: 24
94.154.44.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Dec 2024 20:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b1:cc:15:f7:96:f4:37:ca:15:5a:a3:43:df:53:3e:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Validity
Not Before: Dec 10 18:19:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9000f30963db43b9b2d967c4da4c42b923e648cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:8e:41:61:5d:62:6a:7e:5b:a1:9d:91:3d:af:
e9:78:96:66:dc:d8:a4:a7:19:88:a7:c6:9b:01:03:
f9:8d:dd:c3:24:80:a0:ec:98:f2:a5:b1:c0:d7:1d:
26:a2:56:a8:cb:d7:e5:ee:bd:5b:79:fe:bc:d3:79:
2a:76:9b:f5:7b:00:87:75:94:fe:0f:31:26:5d:d4:
a1:cb:90:fa:f5:d3:2d:ca:04:75:8a:39:6b:b3:35:
e5:6b:ba:34:7e:95:67:cc:04:88:66:52:2f:47:82:
e3:57:78:6c:4e:38:2e:e9:80:6e:4d:5e:97:bd:f1:
d5:ef:01:f7:28:58:ad:d0:45:31:77:11:c3:bd:1e:
d2:23:6b:a8:79:15:09:2f:dd:d0:28:95:de:3d:71:
f4:9d:88:99:7f:92:12:6a:37:06:82:9f:d1:da:7e:
74:6a:fe:07:ae:dd:01:ca:f0:df:cc:47:7a:7d:61:
95:24:00:b5:3a:ea:f8:f9:3a:1f:eb:7e:93:69:cc:
66:37:62:4a:15:9e:58:3f:7f:23:0e:67:e7:ee:78:
84:21:52:91:4d:95:7f:9b:89:8f:7f:e3:5d:c7:01:
00:72:3c:0b:b9:5f:4a:22:68:29:0f:48:23:64:27:
6d:d2:71:55:30:f9:4b:88:81:66:d7:bb:81:5d:3b:
f0:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:00:F3:09:63:DB:43:B9:B2:D9:67:C4:DA:4C:42:B9:23:E6:48:CF
X509v3 Authority Key Identifier:
keyid:DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/kADzCWPbQ7my2WfE2kxCuSPmSM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/3BHa76_4HH5QEnjYfZvCsgTXEVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.40.0/23
94.154.44.0/23
Signature Algorithm: sha256WithRSAEncryption
27:ab:84:0e:05:a5:e4:f2:c4:9a:60:97:9b:a8:0e:e9:26:02:
b0:fe:0b:3f:b5:a1:a6:9f:8f:9c:77:e6:30:e1:c4:8e:53:37:
94:bf:8e:25:fa:9e:16:e7:1b:0e:86:6d:8f:86:dc:37:17:ce:
2d:9b:d3:52:b1:09:6c:55:d9:11:38:43:1b:0b:9c:05:56:c9:
44:36:e8:77:57:bf:c8:b3:95:07:10:d1:f4:56:e1:80:62:fc:
88:64:30:bf:6f:3e:af:20:d1:90:d9:a9:d2:ea:34:84:7c:46:
59:5f:63:d4:72:c6:ce:54:1c:7d:1b:db:73:ce:17:67:4b:fd:
b1:ac:dd:75:09:2a:1c:e1:b4:06:e5:fe:8a:ec:4a:50:07:e0:
f4:fd:b0:4f:ef:89:70:2e:cd:5f:ce:9b:82:0e:4a:32:99:f2:
36:0e:02:f9:5d:87:4e:f0:08:06:26:4d:26:86:18:66:41:a4:
b5:35:90:ae:64:32:82:9e:b9:f7:5c:d8:cb:9f:cf:bf:03:e2:
8b:a1:6a:7a:0d:2f:49:c0:49:66:c1:01:e0:0e:97:c5:ee:6c:
f3:38:ae:fb:a1:5f:dc:af:23:12:58:24:89:cf:b6:7d:a4:74:
a8:6b:7d:94:6a:27:41:35:b4:66:58:8a:66:f2:44:7c:41:46:
a0:41:41:b6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZOxzBX3lvQ3yhVao0PfUz78MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTFkYWVmYWZmODFjN2U1MDEyNzhkODdkOWJjMmIyMDRk
NzExNTUwHhcNMjQxMjEwMTgxOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDAwZjMwOTYzZGI0M2I5YjJkOTY3YzRkYTRjNDJiOTIzZTY0OGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoY5BYV1ian5boZ2RPa/peJZm3Nik
pxmIp8abAQP5jd3DJICg7JjypbHA1x0molaoy9fl7r1bef6803kqdpv1ewCHdZT+
DzEmXdShy5D69dMtygR1ijlrszXla7o0fpVnzASIZlIvR4LjV3hsTjgu6YBuTV6X
vfHV7wH3KFit0EUxdxHDvR7SI2uoeRUJL93QKJXePXH0nYiZf5ISajcGgp/R2n50
av4Hrt0ByvDfzEd6fWGVJAC1Our4+Tof636TacxmN2JKFZ5YP38jDmfn7niEIVKR
TZV/m4mPf+NdxwEAcjwLuV9KImgpD0gjZCdt0nFVMPlLiIFm17uBXTvw+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJAA8wlj20O5stlnxNpMQrkj5kjPMB8GA1UdIwQY
MBaAFNwR2u+v+Bx+UBJ42H2bwrIE1xFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYt
NjUyNDljYmM1NzNjLzEva0FEekNXUGJRN215MldmRTJreEN1U1BtU004LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYtNjUyNDljYmM1NzNj
LzEvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBXpooAwQB
XposMA0GCSqGSIb3DQEBCwUAA4IBAQAnq4QOBaXk8sSaYJebqA7pJgKw/gs/taGm
n4+cd+Yw4cSOUzeUv44l+p4W5xsOhm2Phtw3F84tm9NSsQlsVdkROEMbC5wFVslE
Nuh3V7/Is5UHENH0VuGAYvyIZDC/bz6vINGQ2anS6jSEfEZZX2PUcsbOVBx9G9tz
zhdnS/2xrN11CSoc4bQG5f6K7EpQB+D0/bBP74lwLs1fzpuCDkoymfI2DgL5XYdO
8AgGJk0mhhhmQaS1NZCuZDKCnrn3XNjLn8+/A+KLoWp6DS9JwElmwQHgDpfF7mzz
OK77oV/cryMSWCSJz7Z9pHSoa32UaidBNbRmWIpm8kR8QUagQUG2
-----END CERTIFICATE-----
Generated at Mon Apr 14 03:51:14 2025 by rpki-client