Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/oKLevpWxTtzPyXxBatTgObKi3iA.roa
File: oKLevpWxTtzPyXxBatTgObKi3iA.roa (raw, json)
Hash identifier: xE0FbMAXeQ1w2stz08HoIInqvviE4O0xoj7lbydxsDs=
Subject key identifier: A0:A2:DE:BE:95:B1:4E:DC:CF:C9:7C:41:6A:D4:E0:39:B2:A2:DE:20
Certificate issuer: /CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Certificate serial: 018EA34DBFBF367EDF23FC36F31F4160CB34
Authority key identifier: DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/oKLevpWxTtzPyXxBatTgObKi3iA.roa
Signing time: Wed 03 Apr 2024 09:32:45 +0000
ROA not before: Wed 03 Apr 2024 09:32:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 94.154.40.0/22 maxlen: 24
94.154.40.0/24 maxlen: 24
94.154.42.0/24 maxlen: 24
94.154.44.0/24 maxlen: 24
94.154.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 Apr 2024 09:34:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a3:4d:bf:bf:36:7e:df:23:fc:36:f3:1f:41:60:cb:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Validity
Not Before: Apr 3 09:32:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a0a2debe95b14edccfc97c416ad4e039b2a2de20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f2:00:e6:2f:6b:c7:94:85:0e:4e:65:92:21:
fd:97:31:b7:2a:05:1f:39:26:7c:f1:85:09:1e:3f:
6b:1f:1d:a6:46:71:a6:24:91:ee:d2:8d:74:46:5c:
a4:6d:09:28:88:13:fd:24:3a:48:ca:15:72:40:46:
8f:ce:c8:36:9c:b4:15:37:b5:22:88:09:cc:89:09:
e2:37:62:ef:db:df:ef:87:c3:2c:d1:c0:24:2f:16:
36:5a:08:f7:5a:2c:18:e6:06:f3:67:dd:d3:a1:b3:
24:7c:e5:da:f3:dc:bd:f2:4d:c3:84:83:15:a1:b5:
a7:10:87:42:ac:fe:0b:ce:9e:f5:cc:0e:fa:3d:a5:
54:3b:83:67:b8:8c:fb:21:cb:d9:01:85:23:f8:45:
dc:02:50:85:21:24:6b:db:2d:22:35:b2:47:0d:87:
bb:8f:e5:18:6b:7c:9a:b5:d9:c8:67:98:73:c7:e2:
65:a5:25:dc:0b:a7:a5:b3:c4:86:b4:61:e5:5f:37:
de:4b:4d:d0:a8:4a:5b:c9:3e:12:fd:75:bb:ab:e6:
71:91:06:9e:52:be:e1:97:d9:19:ac:e6:4d:95:cc:
2b:3a:db:e2:75:6b:2e:ce:d6:84:17:28:54:ca:4a:
c2:52:5f:14:8d:4a:05:65:93:7d:58:a1:58:2e:d6:
60:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:A2:DE:BE:95:B1:4E:DC:CF:C9:7C:41:6A:D4:E0:39:B2:A2:DE:20
X509v3 Authority Key Identifier:
keyid:DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/oKLevpWxTtzPyXxBatTgObKi3iA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/3BHa76_4HH5QEnjYfZvCsgTXEVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.40.0-94.154.45.255
Signature Algorithm: sha256WithRSAEncryption
61:4b:5b:27:56:d6:db:89:0a:74:c4:05:f7:f5:05:5e:1c:65:
ef:6f:a1:c8:cc:7e:34:c4:27:0e:c6:1d:ef:8d:dc:ad:49:7b:
a1:c8:3b:77:df:3d:24:9b:80:00:cd:0f:d3:09:12:c1:79:62:
00:39:99:e5:0f:50:78:08:a9:7a:e7:ca:4b:59:9c:9a:b7:28:
51:c3:1d:75:d9:37:51:bf:ca:96:1b:8c:17:0a:58:7e:31:02:
5f:45:16:a1:5c:9f:3b:bf:a0:84:05:2c:03:27:7c:9d:b7:95:
1a:f6:c4:62:4b:10:08:a7:87:6b:df:97:d7:e3:8f:6c:60:99:
52:c2:76:ea:af:d1:f5:a3:c8:b1:0f:11:e2:ab:f0:01:8b:c8:
08:9b:b9:c0:54:5c:9e:80:5e:8e:69:2d:20:2b:1f:1f:52:68:
14:e5:28:84:d4:81:b8:aa:f7:31:c6:e2:c5:b0:5e:f6:e3:fc:
f7:7b:96:05:cb:f5:f8:ee:67:3b:d7:55:6d:62:32:cf:2a:c7:
3b:43:ca:4e:ea:b1:7c:4c:06:4a:7f:dd:58:50:f2:b6:02:5f:
d6:1b:68:9f:79:5e:0b:b0:8d:33:f1:f9:21:64:e3:6e:ef:9e:
0d:12:d4:bb:d0:63:34:8d:59:16:81:2f:8c:80:26:1b:e8:b7:
3f:dc:37:5a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY6jTb+/Nn7fI/w28x9BYMs0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTFkYWVmYWZmODFjN2U1MDEyNzhkODdkOWJjMmIyMDRk
NzExNTUwHhcNMjQwNDAzMDkzMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGEyZGViZTk1YjE0ZWRjY2ZjOTdjNDE2YWQ0ZTAzOWIyYTJkZTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvIA5i9rx5SFDk5lkiH9lzG3KgUf
OSZ88YUJHj9rHx2mRnGmJJHu0o10RlykbQkoiBP9JDpIyhVyQEaPzsg2nLQVN7Ui
iAnMiQniN2Lv29/vh8Ms0cAkLxY2Wgj3WiwY5gbzZ93TobMkfOXa89y98k3DhIMV
obWnEIdCrP4Lzp71zA76PaVUO4NnuIz7IcvZAYUj+EXcAlCFISRr2y0iNbJHDYe7
j+UYa3yatdnIZ5hzx+JlpSXcC6els8SGtGHlXzfeS03QqEpbyT4S/XW7q+ZxkQae
Ur7hl9kZrOZNlcwrOtvidWsuztaEFyhUykrCUl8UjUoFZZN9WKFYLtZgrQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKCi3r6VsU7cz8l8QWrU4Dmyot4gMB8GA1UdIwQY
MBaAFNwR2u+v+Bx+UBJ42H2bwrIE1xFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYt
NjUyNDljYmM1NzNjLzEvb0tMZXZwV3hUdHpQeVh4QmF0VGdPYktpM2lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYtNjUyNDljYmM1NzNj
LzEvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBANemigD
BAFemiwwDQYJKoZIhvcNAQELBQADggEBAGFLWydW1tuJCnTEBff1BV4cZe9vocjM
fjTEJw7GHe+N3K1Je6HIO3ffPSSbgADND9MJEsF5YgA5meUPUHgIqXrnyktZnJq3
KFHDHXXZN1G/ypYbjBcKWH4xAl9FFqFcnzu/oIQFLAMnfJ23lRr2xGJLEAinh2vf
l9fjj2xgmVLCduqv0fWjyLEPEeKr8AGLyAibucBUXJ6AXo5pLSArHx9SaBTlKITU
gbiq9zHG4sWwXvbj/Pd7lgXL9fjuZzvXVW1iMs8qxztDyk7qsXxMBkp/3VhQ8rYC
X9YbaJ95XguwjTPx+SFk427vng0S1LvQYzSNWRaBL4yAJhvotz/cN1o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:31 2024 by rpki-client on console-fra.rpki-client.org