Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/36715a-32fc-4e9f-a577-5ac74dba17b8/1/9aZ1MIyIafT7WmLXWxjjsgzvD1E.roa
File: 9aZ1MIyIafT7WmLXWxjjsgzvD1E.roa (raw, json)
Hash identifier: QDwdRz3I8mWUKrWH1j9qd0OOB0cZF+H5OplTEX/1tWE=
Subject key identifier: F5:A6:75:30:8C:88:69:F4:FB:5A:62:D7:5B:18:E3:B2:0C:EF:0F:51
Certificate issuer: /CN=456ecb3be1065e1e71589508bec6d74b5a7b1ed7
Certificate serial: 0185708CB4CD58BA6EC6DBB5F3F4AECA504C
Authority key identifier: 45:6E:CB:3B:E1:06:5E:1E:71:58:95:08:BE:C6:D7:4B:5A:7B:1E:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RW7LO-EGXh5xWJUIvsbXS1p7Htc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/36715a-32fc-4e9f-a577-5ac74dba17b8/1/9aZ1MIyIafT7WmLXWxjjsgzvD1E.roa
Signing time: Mon 02 Jan 2023 03:35:47 +0000
ROA not before: Mon 02 Jan 2023 03:35:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21050
IP address blocks: 94.187.163.0/24 maxlen: 24
94.187.161.0/24 maxlen: 24
94.187.162.0/24 maxlen: 24
94.187.160.0/24 maxlen: 24
94.187.164.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:b4:cd:58:ba:6e:c6:db:b5:f3:f4:ae:ca:50:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=456ecb3be1065e1e71589508bec6d74b5a7b1ed7
Validity
Not Before: Jan 2 03:35:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f5a675308c8869f4fb5a62d75b18e3b20cef0f51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f2:ed:61:d1:f3:88:4b:e7:04:e4:c5:ce:3d:
d8:be:05:c9:2a:74:10:84:2e:b7:dd:f5:ec:70:f4:
73:2c:8d:07:d3:7a:e8:4a:4e:fa:97:32:fe:30:3d:
b1:4c:fb:d4:59:eb:95:82:f6:56:df:2e:8b:8f:50:
4e:83:a4:7e:b2:f6:a0:ca:f2:b8:8a:8b:02:e1:73:
f0:3a:be:86:24:fa:b8:1f:20:a9:16:18:b6:5d:89:
44:3c:37:35:4f:0f:06:fe:3f:72:e2:02:66:04:54:
5a:b9:e4:41:71:a7:4e:3e:95:5d:7d:b9:3e:78:25:
58:e8:7b:16:71:35:af:c8:1c:5d:5b:d6:e6:37:29:
31:5e:67:d5:61:0e:2a:6f:18:f7:f0:12:e2:ca:5e:
71:69:a4:32:46:f9:a3:c1:f3:28:81:f3:90:62:88:
4f:81:32:a3:c0:a0:ad:1a:47:bb:bd:b1:9b:67:c7:
29:bc:e1:27:c0:de:2e:ec:6a:c9:d2:ac:50:45:32:
b4:84:14:9c:28:d1:a6:30:6e:db:a1:ea:bb:c6:a3:
67:40:cd:02:b1:ca:41:d2:35:3d:de:cb:2d:72:51:
f6:1a:88:5b:53:20:2c:9d:6e:4e:06:da:ca:1d:57:
2c:26:c1:bc:44:ef:14:f7:80:48:73:72:72:dd:1b:
28:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:A6:75:30:8C:88:69:F4:FB:5A:62:D7:5B:18:E3:B2:0C:EF:0F:51
X509v3 Authority Key Identifier:
keyid:45:6E:CB:3B:E1:06:5E:1E:71:58:95:08:BE:C6:D7:4B:5A:7B:1E:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RW7LO-EGXh5xWJUIvsbXS1p7Htc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/36715a-32fc-4e9f-a577-5ac74dba17b8/1/9aZ1MIyIafT7WmLXWxjjsgzvD1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/36715a-32fc-4e9f-a577-5ac74dba17b8/1/RW7LO-EGXh5xWJUIvsbXS1p7Htc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.187.160.0-94.187.164.255
Signature Algorithm: sha256WithRSAEncryption
09:84:6a:72:6f:17:5c:38:f6:05:da:d7:d9:c5:8b:53:5a:3c:
77:06:b8:0f:89:c6:46:dd:e5:29:11:8c:80:cf:4d:5c:f9:73:
d4:a6:4a:ae:84:60:b0:00:a3:aa:90:97:33:68:6a:21:97:e9:
33:c8:26:a7:0e:55:a0:30:49:39:58:d3:9d:78:e6:f5:67:20:
f3:7e:d3:8a:b0:89:d8:89:c7:fa:cd:e9:09:96:c6:6f:54:eb:
05:2b:63:cb:86:85:fd:ff:ab:e6:19:35:cf:73:c2:62:3f:eb:
90:0b:fe:cf:db:34:ed:da:18:4e:33:de:cc:f3:48:5f:5a:c0:
9a:77:8a:fa:52:34:68:12:0f:89:83:4b:6d:c7:fe:45:9d:dd:
20:26:0b:8b:57:72:c2:f0:bc:b5:5f:5e:20:ed:4c:4c:2c:1a:
cd:2f:e4:4d:a0:d2:c4:38:37:56:e8:40:d3:1d:f0:50:c8:0e:
fc:11:3d:7b:2d:48:07:2a:3a:50:a8:85:1c:15:46:fb:94:78:
d0:95:63:0f:67:65:76:99:1d:a4:4d:0e:27:16:37:81:9a:74:
bf:d3:88:80:7e:0b:ba:a8:22:2b:28:0e:34:db:65:76:fc:f6:
42:54:5e:8b:93:e9:e2:71:53:01:dc:07:66:3c:83:2c:c4:20:
c8:72:6c:eb
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVwjLTNWLpuxtu18/SuylBMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NmVjYjNiZTEwNjVlMWU3MTU4OTUwOGJlYzZkNzRiNWE3
YjFlZDcwHhcNMjMwMTAyMDMzNTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWE2NzUzMDhjODg2OWY0ZmI1YTYyZDc1YjE4ZTNiMjBjZWYwZjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPLtYdHziEvnBOTFzj3YvgXJKnQQ
hC633fXscPRzLI0H03roSk76lzL+MD2xTPvUWeuVgvZW3y6Lj1BOg6R+svagyvK4
iosC4XPwOr6GJPq4HyCpFhi2XYlEPDc1Tw8G/j9y4gJmBFRaueRBcadOPpVdfbk+
eCVY6HsWcTWvyBxdW9bmNykxXmfVYQ4qbxj38BLiyl5xaaQyRvmjwfMogfOQYohP
gTKjwKCtGke7vbGbZ8cpvOEnwN4u7GrJ0qxQRTK0hBScKNGmMG7boeq7xqNnQM0C
scpB0jU93sstclH2GohbUyAsnW5OBtrKHVcsJsG8RO8U94BIc3Jy3Rso/wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPWmdTCMiGn0+1pi11sY47IM7w9RMB8GA1UdIwQY
MBaAFEVuyzvhBl4ecViVCL7G10taex7XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlc3TE8tRUdYaDV4V0pVSXZzYlhTMXA3SHRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zNjcxNWEtMzJmYy00ZTlmLWE1Nzct
NWFjNzRkYmExN2I4LzEvOWFaMU1JeUlhZlQ3V21MWFd4ampzZ3p2RDFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zNjcxNWEtMzJmYy00ZTlmLWE1NzctNWFjNzRkYmExN2I4
LzEvUlc3TE8tRUdYaDV4V0pVSXZzYlhTMXA3SHRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAVeu6AD
BABeu6QwDQYJKoZIhvcNAQELBQADggEBAAmEanJvF1w49gXa19nFi1NaPHcGuA+J
xkbd5SkRjIDPTVz5c9SmSq6EYLAAo6qQlzNoaiGX6TPIJqcOVaAwSTlY05145vVn
IPN+04qwidiJx/rN6QmWxm9U6wUrY8uGhf3/q+YZNc9zwmI/65AL/s/bNO3aGE4z
3szzSF9awJp3ivpSNGgSD4mDS23H/kWd3SAmC4tXcsLwvLVfXiDtTEwsGs0v5E2g
0sQ4N1boQNMd8FDIDvwRPXstSAcqOlCohRwVRvuUeNCVYw9nZXaZHaRNDicWN4Ga
dL/TiIB+C7qoIisoDjTbZXb89kJUXouT6eJxUwHcB2Y8gyzEIMhybOs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:11 2024 by rpki-client on console-ams.rpki-client.org