Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/OX2bSsltEM7iZlo6i10rgTk0kKE.roa
File: OX2bSsltEM7iZlo6i10rgTk0kKE.roa (raw, json)
Hash identifier: 7NxqJIOt7hWl7Z0x7MVh4mqWp4HgqTDw33rTiqMJNRY=
Subject key identifier: 39:7D:9B:4A:C9:6D:10:CE:E2:66:5A:3A:8B:5D:2B:81:39:34:90:A1
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018CC7257D5B718EB4C3C34E8E32628400F1
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/OX2bSsltEM7iZlo6i10rgTk0kKE.roa
Signing time: Mon 01 Jan 2024 22:29:32 +0000
ROA not before: Mon 01 Jan 2024 22:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205733
IP address blocks: 94.154.34.0/24 maxlen: 24
94.154.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Jan 2024 14:44:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:7d:5b:71:8e:b4:c3:c3:4e:8e:32:62:84:00:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Jan 1 22:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=397d9b4ac96d10cee2665a3a8b5d2b81393490a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:49:09:41:b9:90:c6:5b:35:eb:cf:98:cd:bd:
e0:60:6f:41:96:ae:8d:7c:20:e7:11:7c:9e:31:cb:
a5:78:0c:3b:dd:4c:4e:11:be:a0:6f:94:29:12:06:
e7:6d:97:48:92:83:db:cc:94:68:cb:c9:ef:70:a4:
a4:5b:09:96:b2:54:8b:47:7b:d1:0c:5d:d8:b8:4a:
24:f4:f5:ab:cf:37:51:ab:be:63:a8:6f:90:76:61:
d0:32:9b:9d:30:4a:fb:76:2e:35:ad:51:0d:32:71:
fd:e0:25:83:71:59:41:13:00:61:da:d3:ef:39:61:
fe:20:9d:db:8d:f4:b9:13:2f:7f:f5:fd:6c:24:21:
0a:e9:a1:19:16:4f:75:d9:7e:e0:50:e6:a1:90:93:
bf:f9:76:76:6e:c0:b4:df:9a:f0:ba:30:6f:84:f9:
44:20:e5:20:a7:d6:f3:98:96:33:10:38:8d:dc:f7:
19:56:9f:56:3b:56:e8:f0:7a:d8:98:4d:0b:14:a9:
fe:66:ec:37:48:3f:ea:a8:bd:7c:98:a4:1c:9b:42:
26:75:22:ae:3f:e3:3c:84:56:e6:a3:9f:65:09:f9:
70:7b:9b:4c:c1:11:d2:a2:08:93:bb:d1:8a:2d:f6:
b7:6f:c0:62:65:51:14:47:d7:2f:00:69:99:20:5c:
53:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:7D:9B:4A:C9:6D:10:CE:E2:66:5A:3A:8B:5D:2B:81:39:34:90:A1
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/OX2bSsltEM7iZlo6i10rgTk0kKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.34.0/23
Signature Algorithm: sha256WithRSAEncryption
b7:3b:f1:b4:d3:88:ba:9a:51:6f:c2:b4:1a:d3:75:8b:fb:72:
c8:5b:86:a8:8b:5e:2a:e2:17:29:ef:37:40:20:38:f8:bc:7b:
23:12:1c:67:5a:5f:f0:71:1e:4d:00:1a:7d:bc:66:ae:f1:d7:
ac:fd:19:c1:b9:24:8e:d1:43:23:25:06:1b:a3:dd:1a:b9:b4:
4a:b5:e8:04:fc:47:ed:d9:92:58:68:09:63:ab:70:28:e6:16:
ee:2f:d3:ea:58:c4:d4:69:bb:be:e1:24:8b:d2:0c:e7:c2:4b:
66:31:a6:6f:22:0f:25:9f:90:b1:6d:00:02:00:69:94:17:c6:
a3:be:12:fc:6a:f8:22:38:8b:02:eb:60:d7:cb:81:a3:4f:b0:
c0:e0:11:34:41:e9:fe:fc:31:60:ab:79:b5:ec:e3:88:ea:cc:
81:8c:f7:4d:fd:f2:80:2f:3a:51:b4:03:b3:52:5d:b9:b4:ad:
dc:d4:83:5d:d4:71:a5:7d:c4:28:0e:27:f0:a6:02:65:41:c6:
a6:58:b7:a0:87:be:db:2a:b7:2c:9d:68:92:20:ae:7c:ae:c4:
d3:91:40:b5:fc:c7:52:e8:41:47:5d:ed:ab:ef:c9:8f:3f:98:
0a:09:6d:8f:bc:33:26:60:2a:9c:e7:8a:17:21:21:b0:69:17:
10:c9:f6:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJX1bcY60w8NOjjJihADxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwMTAxMjIyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTdkOWI0YWM5NmQxMGNlZTI2NjVhM2E4YjVkMmI4MTM5MzQ5MGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0UkJQbmQxls168+Yzb3gYG9Blq6N
fCDnEXyeMculeAw73UxOEb6gb5QpEgbnbZdIkoPbzJRoy8nvcKSkWwmWslSLR3vR
DF3YuEok9PWrzzdRq75jqG+QdmHQMpudMEr7di41rVENMnH94CWDcVlBEwBh2tPv
OWH+IJ3bjfS5Ey9/9f1sJCEK6aEZFk912X7gUOahkJO/+XZ2bsC035rwujBvhPlE
IOUgp9bzmJYzEDiN3PcZVp9WO1bo8HrYmE0LFKn+Zuw3SD/qqL18mKQcm0ImdSKu
P+M8hFbmo59lCflwe5tMwRHSogiTu9GKLfa3b8BiZVEUR9cvAGmZIFxT9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDl9m0rJbRDO4mZaOotdK4E5NJChMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvT1gyYlNzbHRFTTdpWmxvNmkxMHJnVGswa0tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXpoiMA0G
CSqGSIb3DQEBCwUAA4IBAQC3O/G004i6mlFvwrQa03WL+3LIW4aoi14q4hcp7zdA
IDj4vHsjEhxnWl/wcR5NABp9vGau8des/RnBuSSO0UMjJQYbo90aubRKtegE/Eft
2ZJYaAljq3Ao5hbuL9PqWMTUabu+4SSL0gznwktmMaZvIg8ln5CxbQACAGmUF8aj
vhL8avgiOIsC62DXy4GjT7DA4BE0Qen+/DFgq3m17OOI6syBjPdN/fKALzpRtAOz
Ul25tK3c1INd1HGlfcQoDifwpgJlQcamWLegh77bKrcsnWiSIK58rsTTkUC1/MdS
6EFHXe2r78mPP5gKCW2PvDMmYCqc54oXISGwaRcQyfY5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:26 2024 by rpki-client on console-ams.rpki-client.org