Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/z91JHfYZM-4U-Y0b4nrnxON-JmE.roa
File: z91JHfYZM-4U-Y0b4nrnxON-JmE.roa (raw, json)
Hash identifier: 6dmZRyf+zLyw/NV7CEtnUSR0/uFRPxnjdEykbmP2TUc=
Subject key identifier: CF:DD:49:1D:F6:19:33:EE:14:F9:8D:1B:E2:7A:E7:C4:E3:7E:26:61
Certificate issuer: /CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Certificate serial: 018EA34DBF546495ADED7DC46A5541CD96EA
Authority key identifier: DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/z91JHfYZM-4U-Y0b4nrnxON-JmE.roa
Signing time: Wed 03 Apr 2024 09:32:45 +0000
ROA not before: Wed 03 Apr 2024 09:32:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 94.154.41.0/24 maxlen: 24
94.154.44.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 Apr 2024 09:34:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a3:4d:bf:54:64:95:ad:ed:7d:c4:6a:55:41:cd:96:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Validity
Not Before: Apr 3 09:32:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cfdd491df61933ee14f98d1be27ae7c4e37e2661
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:16:04:87:61:8d:9b:06:d2:00:0c:79:aa:bd:
ad:da:ac:2b:12:1f:81:3f:0b:8a:7f:7b:eb:8b:1b:
11:b8:e4:fb:cb:5f:6d:7a:ec:15:d0:87:63:77:a4:
2c:af:43:a0:4f:90:47:31:8c:e4:8a:ec:6d:9d:df:
77:0d:c1:35:0c:ea:02:10:ab:ab:98:4d:51:f7:4c:
36:43:a5:b2:61:2f:e1:58:0d:8f:f9:21:2f:c6:30:
74:4c:96:bd:1e:7b:31:17:a3:96:a8:36:49:67:7e:
c0:a1:ad:34:93:12:ef:0b:e0:74:d6:92:d0:ae:90:
3a:77:67:58:9f:58:9b:ac:67:b3:ea:c1:fb:47:8d:
95:f9:9d:da:0c:75:de:f8:f3:79:a2:52:d8:37:a2:
2d:59:5a:19:a6:14:a0:d2:61:66:db:80:cc:c8:cc:
e5:7f:99:b5:fd:76:12:3d:97:d5:6c:f9:08:a5:fd:
1b:28:e6:ed:97:f5:58:d9:97:c3:ec:7a:28:39:a8:
62:68:3d:13:38:28:f0:5a:f6:a4:c8:1d:69:4f:5b:
52:b8:a8:3b:e6:17:38:ac:ea:ec:21:d5:a9:b5:a4:
4c:12:73:6e:0c:30:e5:5c:d6:2b:a0:52:6d:19:e1:
87:a8:e7:e8:30:f5:6f:1c:22:54:c7:4f:fe:1e:36:
ad:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:DD:49:1D:F6:19:33:EE:14:F9:8D:1B:E2:7A:E7:C4:E3:7E:26:61
X509v3 Authority Key Identifier:
keyid:DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/z91JHfYZM-4U-Y0b4nrnxON-JmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/3BHa76_4HH5QEnjYfZvCsgTXEVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.41.0/24
94.154.44.0/23
Signature Algorithm: sha256WithRSAEncryption
17:5c:2e:15:33:90:1a:c4:31:84:81:f8:ab:13:60:22:65:74:
93:c7:45:e7:2d:1a:3f:4d:e9:76:d5:19:32:10:83:6f:25:9a:
2d:50:dc:73:5e:39:bf:97:f5:73:f3:9a:ec:d9:fe:e8:2d:78:
5e:32:2a:74:d2:28:c8:0a:22:64:e2:66:83:65:a4:42:5e:10:
59:ae:7e:74:f2:33:46:28:ec:c5:f4:64:85:42:39:01:f2:47:
b4:85:36:36:59:fc:b2:00:28:c8:ba:6e:5c:4a:f9:0b:b1:b0:
2b:15:a4:0c:eb:bf:00:01:cf:20:03:e3:a8:88:9b:4f:7a:88:
df:00:fe:1f:d4:90:02:e1:5e:05:fd:0f:29:ab:c1:ff:4c:fb:
7f:a6:5e:f9:ad:e3:1a:c3:c4:66:86:5a:d6:e9:3e:c2:18:c2:
20:e8:41:ee:f5:c8:49:13:33:bc:07:76:f2:25:08:8e:18:9b:
35:d2:8f:d3:53:44:da:49:12:b8:27:b6:2e:6d:97:23:2b:f9:
78:33:a2:ab:a9:59:a6:79:96:d0:b9:88:99:b8:54:04:67:2f:
02:b5:33:ea:d1:47:fc:d5:d4:6f:86:ed:33:2a:08:9c:c4:81:
07:4e:a0:f4:95:5b:88:ce:41:81:cb:e7:c5:1b:03:9b:e2:75:
16:8b:d7:9a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6jTb9UZJWt7X3EalVBzZbqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTFkYWVmYWZmODFjN2U1MDEyNzhkODdkOWJjMmIyMDRk
NzExNTUwHhcNMjQwNDAzMDkzMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmRkNDkxZGY2MTkzM2VlMTRmOThkMWJlMjdhZTdjNGUzN2UyNjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghYEh2GNmwbSAAx5qr2t2qwrEh+B
PwuKf3vrixsRuOT7y19teuwV0Idjd6Qsr0OgT5BHMYzkiuxtnd93DcE1DOoCEKur
mE1R90w2Q6WyYS/hWA2P+SEvxjB0TJa9HnsxF6OWqDZJZ37Aoa00kxLvC+B01pLQ
rpA6d2dYn1ibrGez6sH7R42V+Z3aDHXe+PN5olLYN6ItWVoZphSg0mFm24DMyMzl
f5m1/XYSPZfVbPkIpf0bKObtl/VY2ZfD7HooOahiaD0TOCjwWvakyB1pT1tSuKg7
5hc4rOrsIdWptaRMEnNuDDDlXNYroFJtGeGHqOfoMPVvHCJUx0/+HjatBwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM/dSR32GTPuFPmNG+J658TjfiZhMB8GA1UdIwQY
MBaAFNwR2u+v+Bx+UBJ42H2bwrIE1xFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYt
NjUyNDljYmM1NzNjLzEvejkxSkhmWVpNLTRVLVkwYjRucm54T04tSm1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYtNjUyNDljYmM1NzNj
LzEvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXpopAwQB
XposMA0GCSqGSIb3DQEBCwUAA4IBAQAXXC4VM5AaxDGEgfirE2AiZXSTx0XnLRo/
Tel21RkyEINvJZotUNxzXjm/l/Vz85rs2f7oLXheMip00ijICiJk4maDZaRCXhBZ
rn508jNGKOzF9GSFQjkB8ke0hTY2WfyyACjIum5cSvkLsbArFaQM678AAc8gA+Oo
iJtPeojfAP4f1JAC4V4F/Q8pq8H/TPt/pl75reMaw8RmhlrW6T7CGMIg6EHu9chJ
EzO8B3byJQiOGJs10o/TU0TaSRK4J7YubZcjK/l4M6KrqVmmeZbQuYiZuFQEZy8C
tTPq0Uf81dRvhu0zKgicxIEHTqD0lVuIzkGBy+fFGwOb4nUWi9ea
-----END CERTIFICATE-----
Generated at Fri Apr 5 13:05:18 2024 by rpki-client on console-fra.rpki-client.org