Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/lDY21UljTLmhY4NsGeNSHbYg2og.roa
File: lDY21UljTLmhY4NsGeNSHbYg2og.roa (raw, json)
Hash identifier: 9sSplmIFmmMHxxsNEJeWw1652Z7yDpJjeot+vQ52qhI=
Subject key identifier: 94:36:36:D5:49:63:4C:B9:A1:63:83:6C:19:E3:52:1D:B6:20:DA:88
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018E3C0ACF292CDE6AFD4D48713725DDE540
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/lDY21UljTLmhY4NsGeNSHbYg2og.roa
Signing time: Thu 14 Mar 2024 08:18:45 +0000
ROA not before: Thu 14 Mar 2024 08:18:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 94.154.34.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
94.154.37.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Mar 2024 13:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3c:0a:cf:29:2c:de:6a:fd:4d:48:71:37:25:dd:e5:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Mar 14 08:18:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=943636d549634cb9a163836c19e3521db620da88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:3e:ef:c1:d4:15:39:d2:98:85:05:3c:2b:8c:
b3:e6:5c:87:82:c7:b9:d8:d7:08:6e:82:79:46:c7:
14:6e:35:46:8f:f6:6e:a3:75:0d:dd:f7:b4:a6:ea:
65:54:32:94:25:68:50:24:3e:56:d0:82:91:2b:d4:
8f:30:ed:94:5a:e5:61:5e:7e:1e:43:1f:07:6f:1d:
4b:bc:8a:6e:00:bf:cc:bf:3f:45:6d:e8:97:a1:10:
ad:2f:75:59:98:51:b1:56:1a:ec:38:5b:70:f3:d7:
5c:d2:f3:53:e4:90:69:be:a7:31:e4:5f:47:c0:df:
11:3a:7a:c9:9b:71:ec:67:53:12:9b:20:7f:1a:cf:
b0:bf:04:d8:9e:23:0a:40:c2:b8:ce:d0:62:1e:49:
76:e5:eb:c7:88:a1:b5:46:3c:ea:55:7a:9d:25:0f:
49:6f:8d:07:d9:63:a0:0a:cf:02:7c:58:74:e8:c9:
a1:9f:96:e0:32:e4:a7:b5:9e:4c:b4:9a:f2:3f:9d:
0d:df:59:45:d5:e6:22:15:f8:e3:48:9a:18:76:b3:
4c:8b:6c:36:b7:03:01:9e:66:ea:ad:61:30:40:0f:
2c:0d:72:8c:d6:c0:5b:7e:a2:a5:92:f8:ae:00:9b:
a1:1c:3b:bb:a8:a9:de:db:75:48:17:7e:6a:89:e6:
78:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:36:36:D5:49:63:4C:B9:A1:63:83:6C:19:E3:52:1D:B6:20:DA:88
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/lDY21UljTLmhY4NsGeNSHbYg2og.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.34.0/24
94.154.36.0/23
Signature Algorithm: sha256WithRSAEncryption
7b:56:51:13:88:86:31:7b:b1:0d:59:d7:d6:f1:aa:25:39:c2:
36:57:01:de:fa:6e:86:ce:f3:63:ec:08:6f:fe:5b:e0:d7:7b:
38:7c:06:23:8d:0f:61:9f:c3:0d:f1:39:87:22:31:4f:01:e9:
79:f1:94:7d:39:fc:d4:fe:d0:2b:5d:a1:fb:04:e4:4d:9d:bc:
f6:49:27:58:bd:94:82:16:8d:1b:85:f3:b0:bc:c8:64:f1:90:
ff:ed:68:06:c8:90:e4:e9:f2:80:18:47:c7:01:05:77:82:2a:
3b:9f:1f:ad:1b:15:57:44:85:df:f9:80:ce:fc:10:cf:fb:fb:
7e:64:f4:8d:c8:e3:e3:11:1c:09:59:32:dd:20:8f:03:62:44:
2d:4a:85:9c:3c:e5:f7:d3:b7:8b:25:34:5c:bb:00:2f:d4:ff:
81:38:68:48:17:2b:89:04:73:d3:55:d0:19:8b:8a:00:3d:05:
ed:aa:80:39:d1:54:a3:67:f0:8d:1d:83:35:a7:80:91:7a:cc:
d8:86:e7:02:21:d2:64:07:ae:f3:37:b8:88:3a:f2:59:f1:53:
9f:d2:7e:5c:27:ad:d7:2e:d2:90:d6:8d:4a:11:08:2a:2b:08:
fc:5c:a0:f8:09:96:1a:ac:84:cc:eb:f3:8f:95:52:7d:1a:66:
d3:6a:e6:bd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY48Cs8pLN5q/U1IcTcl3eVAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwMzE0MDgxODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDM2MzZkNTQ5NjM0Y2I5YTE2MzgzNmMxOWUzNTIxZGI2MjBkYTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjT7vwdQVOdKYhQU8K4yz5lyHgse5
2NcIboJ5RscUbjVGj/Zuo3UN3fe0puplVDKUJWhQJD5W0IKRK9SPMO2UWuVhXn4e
Qx8Hbx1LvIpuAL/Mvz9FbeiXoRCtL3VZmFGxVhrsOFtw89dc0vNT5JBpvqcx5F9H
wN8ROnrJm3HsZ1MSmyB/Gs+wvwTYniMKQMK4ztBiHkl25evHiKG1RjzqVXqdJQ9J
b40H2WOgCs8CfFh06Mmhn5bgMuSntZ5MtJryP50N31lF1eYiFfjjSJoYdrNMi2w2
twMBnmbqrWEwQA8sDXKM1sBbfqKlkviuAJuhHDu7qKne23VIF35qieZ4gwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJQ2NtVJY0y5oWODbBnjUh22INqIMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvbERZMjFVbGpUTG1oWTROc0dlTlNIYllnMm9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXpoiAwQB
XpokMA0GCSqGSIb3DQEBCwUAA4IBAQB7VlETiIYxe7ENWdfW8aolOcI2VwHe+m6G
zvNj7Ahv/lvg13s4fAYjjQ9hn8MN8TmHIjFPAel58ZR9OfzU/tArXaH7BORNnbz2
SSdYvZSCFo0bhfOwvMhk8ZD/7WgGyJDk6fKAGEfHAQV3gio7nx+tGxVXRIXf+YDO
/BDP+/t+ZPSNyOPjERwJWTLdII8DYkQtSoWcPOX307eLJTRcuwAv1P+BOGhIFyuJ
BHPTVdAZi4oAPQXtqoA50VSjZ/CNHYM1p4CReszYhucCIdJkB67zN7iIOvJZ8VOf
0n5cJ63XLtKQ1o1KEQgqKwj8XKD4CZYarITM6/OPlVJ9GmbTaua9
-----END CERTIFICATE-----
Generated at Wed Mar 20 17:15:32 2024 by rpki-client on console-ams.rpki-client.org