Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/RzjcAd7antQs1fQqgIdMTHDAYVc.roa
File: RzjcAd7antQs1fQqgIdMTHDAYVc.roa (raw, json)
Hash identifier: 6X+9/V6mnGQ4h6lNwkhQB5JHDT7+TABi7aj670EtqRs=
Subject key identifier: 47:38:DC:01:DE:DA:9E:D4:2C:D5:F4:2A:80:87:4C:4C:70:C0:61:57
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 01942B5CA3E0BB3B3F9CF63C21B94AA7A80A
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/RzjcAd7antQs1fQqgIdMTHDAYVc.roa
Signing time: Fri 03 Jan 2025 08:51:19 +0000
ROA not before: Fri 03 Jan 2025 08:51:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214943
IP address blocks: 94.154.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 19 Jan 2025 18:42:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:2b:5c:a3:e0:bb:3b:3f:9c:f6:3c:21:b9:4a:a7:a8:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Jan 3 08:51:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4738dc01deda9ed42cd5f42a80874c4c70c06157
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:bd:53:48:37:6d:4a:36:94:e9:5c:c8:d5:ce:
3d:c9:df:e7:1c:b9:69:6a:64:65:fa:a2:28:2e:c3:
87:a5:25:4e:8e:46:21:96:84:ec:46:92:08:d8:d2:
76:44:4f:19:cb:8b:4d:12:43:43:39:f2:29:bf:3a:
9a:a2:aa:0c:05:b2:00:dc:6c:5c:b3:98:17:1d:5e:
60:b8:49:78:f9:0f:30:57:c5:b0:60:13:fa:fd:24:
56:2a:ce:6d:44:95:5d:1f:ad:59:38:29:39:80:a4:
9d:6a:f1:de:35:02:31:70:87:6b:27:78:e7:66:8f:
25:fc:5e:b9:b7:76:36:f0:f1:08:67:22:30:f4:fb:
82:64:f5:6c:9e:ca:00:24:39:99:ec:8a:50:e8:9d:
48:6e:f9:e3:8d:49:6d:f9:05:48:1d:5b:52:fe:83:
2f:83:6f:5b:87:a6:e5:3e:0f:cf:79:4d:c3:26:ef:
78:5e:f3:e2:5a:1d:2b:ae:b3:87:08:13:e7:f7:47:
19:f6:ac:24:ae:7a:0b:84:59:67:6d:59:a6:e1:d1:
fe:7f:f0:6b:2b:02:8e:f4:31:a2:ce:23:be:83:3a:
e3:50:d3:0a:39:68:16:10:df:ce:46:53:8e:96:c7:
d0:92:bc:00:82:13:07:9f:83:1d:a8:dc:18:b4:72:
cb:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:38:DC:01:DE:DA:9E:D4:2C:D5:F4:2A:80:87:4C:4C:70:C0:61:57
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/RzjcAd7antQs1fQqgIdMTHDAYVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.35.0/24
Signature Algorithm: sha256WithRSAEncryption
36:2a:91:a3:4b:e3:c0:48:14:c1:31:7e:e9:e5:4f:e4:9c:a9:
f9:39:9e:9d:b9:9e:83:3e:82:be:37:e8:32:95:be:aa:f4:64:
ef:72:3e:c3:0f:41:d7:5a:d3:69:47:6d:b0:ff:f7:9c:ba:a7:
ee:84:07:f7:62:d2:81:73:52:85:67:bb:a5:41:28:4a:cb:6e:
54:79:ee:02:01:d7:57:9e:35:49:37:6b:0c:50:31:8f:6e:c2:
fa:43:29:a1:42:7b:e1:94:32:f5:f1:10:9b:a6:96:41:13:63:
ef:8a:5f:d5:ff:8b:bb:42:2c:14:b6:96:74:90:92:b5:08:96:
f8:06:53:dd:94:8b:bd:d3:66:29:59:1a:fb:84:c6:83:f6:66:
2f:5f:fe:a0:50:d3:82:c4:30:5e:8f:ce:ca:fa:eb:1e:11:e7:
44:65:89:16:dd:11:f8:38:d3:73:4c:07:c7:90:9a:93:8a:d5:
87:cd:3b:8e:9f:3d:11:be:38:db:54:11:0b:f9:33:d6:3b:6a:
52:8b:5c:4b:ef:32:5a:96:3a:63:a3:da:21:6f:fd:08:d1:3c:
0e:f2:b3:cc:f9:18:bf:23:c5:38:2e:c9:99:76:02:25:3d:db:
a8:88:9d:bb:de:e2:f4:01:e0:cd:2d:12:21:95:ac:85:8e:95:
22:10:79:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQrXKPguzs/nPY8IblKp6gKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjUwMTAzMDg1MTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzM4ZGMwMWRlZGE5ZWQ0MmNkNWY0MmE4MDg3NGM0YzcwYzA2MTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApr1TSDdtSjaU6VzI1c49yd/nHLlp
amRl+qIoLsOHpSVOjkYhloTsRpII2NJ2RE8Zy4tNEkNDOfIpvzqaoqoMBbIA3Gxc
s5gXHV5guEl4+Q8wV8WwYBP6/SRWKs5tRJVdH61ZOCk5gKSdavHeNQIxcIdrJ3jn
Zo8l/F65t3Y28PEIZyIw9PuCZPVsnsoAJDmZ7IpQ6J1IbvnjjUlt+QVIHVtS/oMv
g29bh6blPg/PeU3DJu94XvPiWh0rrrOHCBPn90cZ9qwkrnoLhFlnbVmm4dH+f/Br
KwKO9DGiziO+gzrjUNMKOWgWEN/ORlOOlsfQkrwAghMHn4MdqNwYtHLLwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEc43AHe2p7ULNX0KoCHTExwwGFXMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvUnpqY0FkN2FudFFzMWZRcWdJZE1USERBWVZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXpojMA0G
CSqGSIb3DQEBCwUAA4IBAQA2KpGjS+PASBTBMX7p5U/knKn5OZ6duZ6DPoK+N+gy
lb6q9GTvcj7DD0HXWtNpR22w//ecuqfuhAf3YtKBc1KFZ7ulQShKy25Uee4CAddX
njVJN2sMUDGPbsL6QymhQnvhlDL18RCbppZBE2Pvil/V/4u7QiwUtpZ0kJK1CJb4
BlPdlIu902YpWRr7hMaD9mYvX/6gUNOCxDBej87K+useEedEZYkW3RH4ONNzTAfH
kJqTitWHzTuOnz0RvjjbVBEL+TPWO2pSi1xL7zJaljpjo9ohb/0I0TwO8rPM+Ri/
I8U4LsmZdgIlPduoiJ273uL0AeDNLRIhlayFjpUiEHms
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:18:30 2025 by rpki-client