Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/c0d467-f62a-419c-be85-e38030b69d5a/1/shdKNzuwxIpQWZHqc0kdzcZG6DQ.roa
File: shdKNzuwxIpQWZHqc0kdzcZG6DQ.roa (raw, json)
Hash identifier: 1oxrt82nGSKRCV+IrJdfrGFrmgfMnSniiuXUr3EJcwo=
Subject key identifier: B2:17:4A:37:3B:B0:C4:8A:50:59:91:EA:73:49:1D:CD:C6:46:E8:34
Certificate issuer: /CN=3bd9a177bb5dfb6eabe4cad79def8f8b005df656
Certificate serial: 018CC3B6C809466A6B0A4A7791CA9C8F0612
Authority key identifier: 3B:D9:A1:77:BB:5D:FB:6E:AB:E4:CA:D7:9D:EF:8F:8B:00:5D:F6:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O9mhd7td-26r5MrXne-PiwBd9lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/c0d467-f62a-419c-be85-e38030b69d5a/1/shdKNzuwxIpQWZHqc0kdzcZG6DQ.roa
Signing time: Mon 01 Jan 2024 06:29:45 +0000
ROA not before: Mon 01 Jan 2024 06:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206720
IP address blocks: 140.94.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:c8:09:46:6a:6b:0a:4a:77:91:ca:9c:8f:06:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bd9a177bb5dfb6eabe4cad79def8f8b005df656
Validity
Not Before: Jan 1 06:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b2174a373bb0c48a505991ea73491dcdc646e834
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ea:7e:64:65:cb:8f:c2:4f:23:a8:19:0b:27:
6e:f9:a8:30:63:39:72:66:c3:d7:08:7c:36:9f:74:
ef:21:b4:64:ec:f3:3f:dc:c5:18:29:71:93:26:e1:
2f:d9:98:99:63:66:59:2b:cf:b9:3a:bb:66:93:3c:
75:e4:f6:ce:c3:71:cd:cb:9c:a6:16:bc:37:6d:53:
28:e8:f3:38:56:c4:03:5b:19:f6:f3:ee:e8:57:90:
c3:81:d4:ab:cb:df:70:c4:5e:b3:8b:11:38:33:c9:
d6:7d:5b:08:86:78:88:1c:05:ff:32:33:a8:8e:d4:
c9:62:ad:1e:af:09:1c:3e:25:72:ea:a6:e2:d6:f5:
4f:33:2a:be:b4:ce:1a:33:5f:21:77:f1:93:bb:5e:
bc:ab:f6:f2:9b:e5:b3:a3:be:79:22:e2:a0:83:c2:
60:40:bc:76:1e:8f:33:38:82:78:2f:ff:c4:3b:5f:
b6:81:c0:2a:40:a6:35:ba:3b:fb:48:7a:cc:d5:03:
2a:f5:8f:89:0a:e8:b7:f8:df:3e:5e:35:f3:dc:56:
e4:c6:a0:57:9b:72:82:43:c7:b3:ee:73:e9:ca:b9:
bc:5e:db:0b:da:99:bf:4c:9f:f5:2f:f3:6a:1b:6e:
0b:72:35:0a:b5:ba:a6:c7:ca:b2:c3:4a:8c:1d:c0:
f3:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:17:4A:37:3B:B0:C4:8A:50:59:91:EA:73:49:1D:CD:C6:46:E8:34
X509v3 Authority Key Identifier:
keyid:3B:D9:A1:77:BB:5D:FB:6E:AB:E4:CA:D7:9D:EF:8F:8B:00:5D:F6:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O9mhd7td-26r5MrXne-PiwBd9lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/c0d467-f62a-419c-be85-e38030b69d5a/1/shdKNzuwxIpQWZHqc0kdzcZG6DQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/c0d467-f62a-419c-be85-e38030b69d5a/1/O9mhd7td-26r5MrXne-PiwBd9lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.94.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4f:15:d9:1c:7e:d1:25:e7:db:5e:1c:0c:01:49:b8:82:7d:25:
07:72:c7:95:1f:38:e6:5d:3d:70:3f:69:ab:90:9e:5c:71:3c:
d6:4b:d0:cd:e8:00:6b:d8:5f:92:a1:10:8e:43:ad:44:46:1a:
95:b3:d7:60:b7:03:2b:f6:b8:9c:a8:ee:46:2b:18:d0:dd:04:
6c:13:84:50:cd:0f:0b:e0:8a:45:a1:89:8b:6d:b0:bf:d2:cb:
52:c0:75:f7:44:db:3e:c6:8f:2e:52:00:bb:19:a3:64:47:29:
72:de:0b:71:32:f5:11:dc:b5:65:c3:da:ce:bb:f6:3e:8f:1e:
01:83:4a:f6:db:f5:4a:08:a3:b0:3d:1b:8a:aa:37:f7:74:a9:
88:81:2a:b6:2c:32:5f:b6:85:33:98:26:4d:4c:91:3c:eb:3d:
09:0d:a2:28:5f:78:06:fd:df:6d:1a:4a:fd:fc:9d:2c:08:f2:
a3:7c:19:60:02:c8:34:69:f4:6c:97:51:dd:4d:c9:93:3b:fe:
77:ed:1b:8a:3a:6d:a2:c7:c8:f3:b7:29:90:62:2e:c4:7e:94:
5a:2d:43:5b:3b:aa:57:68:b8:28:01:c1:9f:56:c6:b0:ea:44:
1a:6a:bf:cf:30:ab:17:39:f1:3a:b8:1a:db:36:bb:2d:ae:74:
a1:ae:23:ca
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYzDtsgJRmprCkp3kcqcjwYSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZDlhMTc3YmI1ZGZiNmVhYmU0Y2FkNzlkZWY4ZjhiMDA1
ZGY2NTYwHhcNMjQwMTAxMDYyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjE3NGEzNzNiYjBjNDhhNTA1OTkxZWE3MzQ5MWRjZGM2NDZlODM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOp+ZGXLj8JPI6gZCydu+agwYzly
ZsPXCHw2n3TvIbRk7PM/3MUYKXGTJuEv2ZiZY2ZZK8+5Ortmkzx15PbOw3HNy5ym
Frw3bVMo6PM4VsQDWxn28+7oV5DDgdSry99wxF6zixE4M8nWfVsIhniIHAX/MjOo
jtTJYq0erwkcPiVy6qbi1vVPMyq+tM4aM18hd/GTu168q/bym+Wzo755IuKgg8Jg
QLx2Ho8zOIJ4L//EO1+2gcAqQKY1ujv7SHrM1QMq9Y+JCui3+N8+XjXz3FbkxqBX
m3KCQ8ez7nPpyrm8XtsL2pm/TJ/1L/NqG24LcjUKtbqmx8qyw0qMHcDzdQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFLIXSjc7sMSKUFmR6nNJHc3GRug0MB8GA1UdIwQY
MBaAFDvZoXe7Xftuq+TK153vj4sAXfZWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzltaGQ3dGQtMjZyNU1yWG5lLVBpd0JkOWxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9jMGQ0NjctZjYyYS00MTljLWJlODUt
ZTM4MDMwYjY5ZDVhLzEvc2hkS056dXd4SXBRV1pIcWMwa2R6Y1pHNkRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9jMGQ0NjctZjYyYS00MTljLWJlODUtZTM4MDMwYjY5ZDVh
LzEvTzltaGQ3dGQtMjZyNU1yWG5lLVBpd0JkOWxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjF4wDQYJ
KoZIhvcNAQELBQADggEBAE8V2Rx+0SXn214cDAFJuIJ9JQdyx5UfOOZdPXA/aauQ
nlxxPNZL0M3oAGvYX5KhEI5DrURGGpWz12C3Ayv2uJyo7kYrGNDdBGwThFDNDwvg
ikWhiYttsL/Sy1LAdfdE2z7Gjy5SALsZo2RHKXLeC3Ey9RHctWXD2s679j6PHgGD
Svbb9UoIo7A9G4qqN/d0qYiBKrYsMl+2hTOYJk1MkTzrPQkNoihfeAb9320aSv38
nSwI8qN8GWACyDRp9GyXUd1NyZM7/nftG4o6baLHyPO3KZBiLsR+lFotQ1s7qldo
uCgBwZ9WxrDqRBpqv88wqxc58Tq4Gts2uy2udKGuI8o=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:33:17 2025 by rpki-client