Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/lgUl4lpQMdqNmoxAadmlOlCtyNI.roa
File: lgUl4lpQMdqNmoxAadmlOlCtyNI.roa (raw, json)
Hash identifier: DjiierBR7eCagyKKGdnzMAM3jz3l1qHQbGIWVB61+Lo=
Subject key identifier: 96:05:25:E2:5A:50:31:DA:8D:9A:8C:40:69:D9:A5:3A:50:AD:C8:D2
Certificate issuer: /CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Certificate serial: 018E1836628AA6189BC6887C428D6294E848
Authority key identifier: DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/lgUl4lpQMdqNmoxAadmlOlCtyNI.roa
Signing time: Thu 07 Mar 2024 09:20:01 +0000
ROA not before: Thu 07 Mar 2024 09:20:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 94.154.40.0/22 maxlen: 24
94.154.41.0/24 maxlen: 24
94.154.42.0/24 maxlen: 24
94.154.44.0/24 maxlen: 24
94.154.45.0/24 maxlen: 24
94.154.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 16 Mar 2024 20:34:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:18:36:62:8a:a6:18:9b:c6:88:7c:42:8d:62:94:e8:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Validity
Not Before: Mar 7 09:20:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=960525e25a5031da8d9a8c4069d9a53a50adc8d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:83:53:89:19:b7:50:ec:52:cf:4b:77:7c:92:
1e:4e:c8:17:bc:82:d2:c2:f0:31:5d:9c:14:a3:95:
a6:e1:00:76:24:eb:5f:3c:59:80:d6:77:ef:2e:f9:
66:2a:d3:cd:7f:7b:7e:eb:67:4a:d3:48:cc:f4:44:
e8:53:d6:b5:1e:4b:ab:35:31:7a:6a:e0:f5:29:be:
d9:78:c8:bd:2b:e9:25:ef:6e:59:5b:6a:dc:a2:ec:
71:f2:a0:44:4e:3d:55:d9:f4:24:43:a7:22:0d:63:
d3:47:10:f8:d2:8e:e2:66:51:e8:6e:1b:ed:8b:69:
22:a3:40:06:27:c4:11:00:60:11:2b:98:cd:9c:ee:
0c:f6:e7:2c:3e:8f:b9:10:76:dd:a7:67:88:bc:ea:
bf:4d:e9:e9:0d:0b:3f:b7:68:cd:fc:88:7b:53:3b:
a4:a6:a1:2c:d9:06:93:d2:30:9e:a7:e8:15:38:b4:
dd:34:78:fd:5b:9b:18:c7:01:bd:fe:4e:f5:42:9a:
51:8a:dd:56:c8:2a:41:c0:40:78:38:f7:2e:2a:9c:
cd:ad:ca:d8:7e:8a:bc:26:97:20:80:7b:9d:86:84:
a4:0d:5b:24:24:25:fa:b9:db:6d:f2:fc:43:fb:f1:
c1:76:27:ea:9b:13:a2:01:aa:13:84:d8:66:f9:41:
25:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:05:25:E2:5A:50:31:DA:8D:9A:8C:40:69:D9:A5:3A:50:AD:C8:D2
X509v3 Authority Key Identifier:
keyid:DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/lgUl4lpQMdqNmoxAadmlOlCtyNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/3BHa76_4HH5QEnjYfZvCsgTXEVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.40.0-94.154.46.255
Signature Algorithm: sha256WithRSAEncryption
05:0c:30:88:31:95:db:a8:a4:49:8e:f1:a6:05:60:82:7f:34:
e1:59:0a:e5:79:b8:6b:7a:18:a0:44:b0:f0:b2:d4:b9:bc:44:
f6:a1:45:10:f5:a0:0b:10:39:16:4a:95:d1:8e:30:93:47:95:
ba:f8:be:3e:3d:76:c7:3a:e1:a3:cc:13:a3:99:46:80:e5:cb:
e9:fa:1a:7e:90:60:dc:d6:84:b5:a5:1c:8f:62:ae:06:e0:ec:
51:10:91:8e:69:90:7b:5c:55:01:2e:dd:44:bc:59:33:88:ad:
f2:65:72:d7:87:65:35:e2:f9:0a:34:e5:31:2d:de:fd:f3:4c:
11:cc:9f:0a:04:89:c4:d9:05:da:ee:e1:6c:be:fe:75:85:ee:
0d:54:ae:75:70:db:a7:00:0f:00:be:46:96:2a:57:10:38:04:
bc:91:af:a3:5e:68:ce:b5:e7:e9:36:04:b2:5a:cb:fb:eb:00:
96:b8:0d:8d:12:83:21:ef:47:7e:6f:1f:39:f0:cb:fc:d9:8c:
5f:c4:cd:38:be:4b:cf:3a:a8:87:ec:65:8f:63:a6:12:a8:34:
95:24:af:53:da:4c:79:30:84:e9:6f:83:cc:79:6c:50:b3:ee:
28:3f:88:53:93:9a:72:e0:e9:a4:b0:d3:44:9c:17:96:98:da:
e7:c6:1f:ea
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY4YNmKKphibxoh8Qo1ilOhIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTFkYWVmYWZmODFjN2U1MDEyNzhkODdkOWJjMmIyMDRk
NzExNTUwHhcNMjQwMzA3MDkyMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjA1MjVlMjVhNTAzMWRhOGQ5YThjNDA2OWQ5YTUzYTUwYWRjOGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlINTiRm3UOxSz0t3fJIeTsgXvILS
wvAxXZwUo5Wm4QB2JOtfPFmA1nfvLvlmKtPNf3t+62dK00jM9EToU9a1HkurNTF6
auD1Kb7ZeMi9K+kl725ZW2rcouxx8qBETj1V2fQkQ6ciDWPTRxD40o7iZlHobhvt
i2kio0AGJ8QRAGARK5jNnO4M9ucsPo+5EHbdp2eIvOq/TenpDQs/t2jN/Ih7Uzuk
pqEs2QaT0jCep+gVOLTdNHj9W5sYxwG9/k71QppRit1WyCpBwEB4OPcuKpzNrcrY
foq8JpcggHudhoSkDVskJCX6udtt8vxD+/HBdifqmxOiAaoThNhm+UElfwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJYFJeJaUDHajZqMQGnZpTpQrcjSMB8GA1UdIwQY
MBaAFNwR2u+v+Bx+UBJ42H2bwrIE1xFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYt
NjUyNDljYmM1NzNjLzEvbGdVbDRscFFNZHFObW94QWFkbWxPbEN0eU5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYtNjUyNDljYmM1NzNj
LzEvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBANemigD
BABemi4wDQYJKoZIhvcNAQELBQADggEBAAUMMIgxlduopEmO8aYFYIJ/NOFZCuV5
uGt6GKBEsPCy1Lm8RPahRRD1oAsQORZKldGOMJNHlbr4vj49dsc64aPME6OZRoDl
y+n6Gn6QYNzWhLWlHI9irgbg7FEQkY5pkHtcVQEu3US8WTOIrfJlcteHZTXi+Qo0
5TEt3v3zTBHMnwoEicTZBdru4Wy+/nWF7g1UrnVw26cADwC+RpYqVxA4BLyRr6Ne
aM615+k2BLJay/vrAJa4DY0SgyHvR35vHznwy/zZjF/EzTi+S886qIfsZY9jphKo
NJUkr1PaTHkwhOlvg8x5bFCz7ig/iFOTmnLg6aSw00ScF5aY2ufGH+o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:31 2024 by rpki-client on console-fra.rpki-client.org