Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/A7kqz_wTUJDgVPpXaS2DpDI60tU.roa
File: A7kqz_wTUJDgVPpXaS2DpDI60tU.roa (raw, json)
Hash identifier: xM2j0WedInx83N4B8GzDIdzSvz/g2ZgIlwL9pok4NaI=
Subject key identifier: 03:B9:2A:CF:FC:13:50:90:E0:54:FA:57:69:2D:83:A4:32:3A:D2:D5
Certificate issuer: /CN=db14e7a6be97cec6f5bc1a678a76ea6d1619c306
Certificate serial: 0190E773CDA2E26F77C476B12F0FF2A0963F
Authority key identifier: DB:14:E7:A6:BE:97:CE:C6:F5:BC:1A:67:8A:76:EA:6D:16:19:C3:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2xTnpr6Xzsb1vBpninbqbRYZwwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/A7kqz_wTUJDgVPpXaS2DpDI60tU.roa
Signing time: Thu 25 Jul 2024 01:14:04 +0000
ROA not before: Thu 25 Jul 2024 01:14:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209839
IP address blocks: 94.154.152.0/22 maxlen: 22
94.154.152.0/24 maxlen: 24
94.154.153.0/24 maxlen: 24
94.154.154.0/24 maxlen: 24
94.154.155.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e7:73:cd:a2:e2:6f:77:c4:76:b1:2f:0f:f2:a0:96:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db14e7a6be97cec6f5bc1a678a76ea6d1619c306
Validity
Not Before: Jul 25 01:14:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03b92acffc135090e054fa57692d83a4323ad2d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a4:10:2d:4b:a3:54:95:dd:02:e9:8d:20:2d:
53:b9:b0:85:93:99:29:17:56:1b:24:61:a5:20:b4:
c1:83:18:99:7e:72:2e:b5:6e:66:1f:56:e5:4b:97:
6b:8b:92:90:e3:cd:ae:d6:d7:fc:1d:d7:ae:e4:72:
3d:2e:70:2f:d3:a8:8a:a6:9c:31:ff:67:25:06:39:
83:04:07:bc:17:d8:f8:79:2e:c9:7a:38:1a:ea:52:
ea:9a:50:80:89:e0:a0:b0:4a:c1:60:7e:7f:14:f1:
8d:65:22:d9:04:3c:77:d0:21:70:b9:9c:63:a5:c6:
b7:c7:f9:8d:50:22:97:60:fb:a2:47:bb:5d:cc:50:
b2:86:41:e9:c2:96:dc:bb:25:5d:3c:a6:85:a1:7e:
1a:65:af:56:1b:01:b0:ac:41:27:95:94:5f:4e:5c:
18:7f:59:d9:54:86:cb:e2:9a:69:45:0e:ec:50:a2:
5a:3f:0c:4e:8f:02:ea:8a:7c:77:07:63:38:a1:a7:
e8:eb:d3:0c:43:48:ed:ae:72:71:c3:5a:1c:a9:4f:
3f:e7:99:9a:e2:42:07:c7:da:7a:1f:03:6c:ea:fb:
95:34:6b:9c:bd:c6:e2:3f:67:b3:eb:08:1e:9b:52:
2d:91:f8:d5:54:a7:9f:86:e3:d0:95:1d:a8:e5:15:
de:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:B9:2A:CF:FC:13:50:90:E0:54:FA:57:69:2D:83:A4:32:3A:D2:D5
X509v3 Authority Key Identifier:
keyid:DB:14:E7:A6:BE:97:CE:C6:F5:BC:1A:67:8A:76:EA:6D:16:19:C3:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2xTnpr6Xzsb1vBpninbqbRYZwwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/A7kqz_wTUJDgVPpXaS2DpDI60tU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/2xTnpr6Xzsb1vBpninbqbRYZwwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.152.0/22
Signature Algorithm: sha256WithRSAEncryption
86:83:3e:11:9c:28:26:6d:8f:5a:5b:9a:fa:e0:8b:5f:ae:13:
36:74:a6:aa:54:4c:83:bc:71:48:f6:4d:98:45:a7:91:12:83:
52:d1:42:5a:60:81:92:cc:87:38:94:bf:0a:32:8c:4b:51:fb:
72:d2:15:67:a3:58:7b:97:71:d0:f0:f2:c5:24:7b:42:8d:00:
ee:83:e4:6a:e0:d6:60:31:f1:23:1e:f0:59:5a:f5:44:a8:35:
e2:8d:2f:7a:69:0a:92:ee:3f:f0:cb:b1:8c:5e:b6:3e:81:17:
4e:3e:28:5f:60:d2:81:58:47:c1:02:00:05:33:94:17:d5:9c:
46:70:d1:2e:0f:fe:ac:17:8d:a1:f1:79:8d:c8:de:f0:39:de:
68:6f:53:73:b4:ba:43:9a:48:50:28:3b:2f:d4:1c:44:77:fe:
96:b3:86:41:5d:b8:b7:ee:96:8e:33:9c:6c:b3:54:43:60:fc:
d1:de:8c:cf:5f:06:ae:0b:1c:c4:b6:0e:bb:fe:33:9e:0e:91:
af:0b:e4:0a:02:a6:c4:d1:93:41:b3:03:e6:5a:0a:e5:89:e1:
e9:85:6e:41:ae:29:45:77:56:cf:11:19:85:b8:a1:a4:7b:01:
f9:9d:12:a8:7c:00:e5:94:0b:22:cf:ec:e1:0c:53:12:e1:1b:
dd:6d:74:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZDnc82i4m93xHaxLw/yoJY/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMTRlN2E2YmU5N2NlYzZmNWJjMWE2NzhhNzZlYTZkMTYx
OWMzMDYwHhcNMjQwNzI1MDExNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2I5MmFjZmZjMTM1MDkwZTA1NGZhNTc2OTJkODNhNDMyM2FkMmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKQQLUujVJXdAumNIC1TubCFk5kp
F1YbJGGlILTBgxiZfnIutW5mH1blS5dri5KQ482u1tf8Hdeu5HI9LnAv06iKppwx
/2clBjmDBAe8F9j4eS7Jejga6lLqmlCAieCgsErBYH5/FPGNZSLZBDx30CFwuZxj
pca3x/mNUCKXYPuiR7tdzFCyhkHpwpbcuyVdPKaFoX4aZa9WGwGwrEEnlZRfTlwY
f1nZVIbL4pppRQ7sUKJaPwxOjwLqinx3B2M4oafo69MMQ0jtrnJxw1ocqU8/55ma
4kIHx9p6HwNs6vuVNGucvcbiP2ez6wgem1ItkfjVVKefhuPQlR2o5RXeqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAO5Ks/8E1CQ4FT6V2ktg6QyOtLVMB8GA1UdIwQY
MBaAFNsU56a+l87G9bwaZ4p26m0WGcMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnhUbnByNlh6c2IxdkJwbmluYnFiUllad3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8xMDY0NWQtMzU0Mi00ZTVkLThlNzAt
MTFmOTFkMDczOWM5LzEvQTdrcXpfd1RVSkRnVlBwWGFTMkRwREk2MHRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8xMDY0NWQtMzU0Mi00ZTVkLThlNzAtMTFmOTFkMDczOWM5
LzEvMnhUbnByNlh6c2IxdkJwbmluYnFiUllad3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXpqYMA0G
CSqGSIb3DQEBCwUAA4IBAQCGgz4RnCgmbY9aW5r64ItfrhM2dKaqVEyDvHFI9k2Y
RaeREoNS0UJaYIGSzIc4lL8KMoxLUfty0hVno1h7l3HQ8PLFJHtCjQDug+Rq4NZg
MfEjHvBZWvVEqDXijS96aQqS7j/wy7GMXrY+gRdOPihfYNKBWEfBAgAFM5QX1ZxG
cNEuD/6sF42h8XmNyN7wOd5ob1NztLpDmkhQKDsv1BxEd/6Ws4ZBXbi37paOM5xs
s1RDYPzR3ozPXwauCxzEtg67/jOeDpGvC+QKAqbE0ZNBswPmWgrlieHphW5BrilF
d1bPERmFuKGkewH5nRKofADllAsiz+zhDFMS4RvdbXQm
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:49:14 2025 by rpki-client