Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/oAH1HCeKvseQlmcbskNpG-CjZHQ.roa
File: oAH1HCeKvseQlmcbskNpG-CjZHQ.roa (raw, json)
Hash identifier: pCIm5q7kGv67kffUf5fQ1nTUctnNuVy6LAuq1Zn9iRw=
Subject key identifier: A0:01:F5:1C:27:8A:BE:C7:90:96:67:1B:B2:43:69:1B:E0:A3:64:74
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018BBE280D9A958961ECC357276BD85A1E6F
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/oAH1HCeKvseQlmcbskNpG-CjZHQ.roa
Signing time: Sat 11 Nov 2023 11:32:57 +0000
ROA not before: Sat 11 Nov 2023 11:32:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205733
IP address blocks: 94.154.34.0/24 maxlen: 24
94.154.35.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:be:28:0d:9a:95:89:61:ec:c3:57:27:6b:d8:5a:1e:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Nov 11 11:32:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a001f51c278abec79096671bb243691be0a36474
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b2:62:0c:c8:60:33:e0:d8:3c:f7:b0:b6:82:
8d:37:6e:34:55:11:d9:a3:0c:ac:46:5c:ee:87:06:
bf:87:2a:4f:2b:a5:99:16:b2:3c:db:e9:7d:0f:ab:
42:30:5d:39:07:51:7c:4d:8f:dd:04:ba:29:b7:d3:
e0:4e:5b:93:ad:c9:d0:9b:40:f6:25:ed:a4:d8:05:
8b:eb:c1:64:e7:4f:b6:c2:44:a3:12:ac:10:cd:16:
42:ca:1a:48:f3:56:58:4e:24:bd:45:9a:93:ed:df:
55:38:fa:25:55:d0:c8:2d:25:cc:60:ad:9e:79:f5:
42:10:57:51:87:1c:bb:8e:cb:f2:7f:ec:7b:58:ea:
33:50:c8:56:55:43:fe:ea:80:54:95:94:40:41:42:
3b:68:da:14:33:e3:6f:72:9b:63:e9:f1:0a:5c:91:
80:26:fe:d2:04:70:01:f4:f7:d4:d7:14:26:59:3b:
c3:05:39:fc:be:e3:e3:23:86:c1:73:73:da:d3:73:
17:45:e5:f0:ab:d1:35:c2:bd:ee:04:e1:f7:da:32:
f2:5b:1f:cf:ab:7d:3c:16:2f:fe:07:0d:9f:6e:53:
d7:a4:bd:f0:ac:9d:5a:22:ce:7a:aa:65:ee:7a:c5:
4d:b8:da:58:99:0b:b4:c9:e5:34:6d:06:62:97:58:
37:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:01:F5:1C:27:8A:BE:C7:90:96:67:1B:B2:43:69:1B:E0:A3:64:74
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/oAH1HCeKvseQlmcbskNpG-CjZHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.34.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:cf:86:12:b4:46:5c:0a:77:f9:6f:2d:fd:b6:13:c2:b7:b2:
aa:0c:62:9c:86:9a:cb:23:22:03:fe:c2:68:63:76:f0:64:37:
d7:7b:bd:d3:61:69:1d:8d:1f:b6:be:70:a0:aa:fe:38:51:03:
ff:7e:8f:23:92:03:d1:5d:5d:98:c7:15:a5:0e:54:04:51:97:
42:39:a7:2a:7d:66:6a:91:83:f5:ee:aa:7d:85:ba:24:95:47:
27:72:79:c0:b5:eb:98:75:9e:8a:8d:58:61:e8:db:07:6c:c8:
7e:e2:cd:04:e7:95:e9:a7:fa:12:9a:33:f1:ee:ec:b9:8b:14:
c1:80:b5:8d:d9:d2:61:0a:c7:a7:4a:6c:df:6d:6b:bb:fe:fe:
99:77:42:6e:37:5f:ae:d9:fd:0c:9d:49:4e:38:c2:f1:c6:61:
85:3f:db:af:89:5a:ff:df:9d:a2:04:3a:21:99:5d:84:cc:4e:
b7:85:bd:80:74:2d:ff:4e:e7:1f:1b:16:6b:c1:71:d2:ca:03:
06:66:6c:f0:08:a7:e2:3f:c4:b9:b7:b0:e2:36:77:32:11:50:
42:ec:38:f8:09:1f:24:42:6b:aa:d3:60:20:34:d1:10:df:64:
12:b5:e8:65:b9:ae:87:4f:3c:2f:b9:17:ef:0f:7b:73:0b:a5:
ac:e5:b1:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYu+KA2alYlh7MNXJ2vYWh5vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjMxMTExMTEzMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDAxZjUxYzI3OGFiZWM3OTA5NjY3MWJiMjQzNjkxYmUwYTM2NDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbJiDMhgM+DYPPewtoKNN240VRHZ
owysRlzuhwa/hypPK6WZFrI82+l9D6tCMF05B1F8TY/dBLopt9PgTluTrcnQm0D2
Je2k2AWL68Fk50+2wkSjEqwQzRZCyhpI81ZYTiS9RZqT7d9VOPolVdDILSXMYK2e
efVCEFdRhxy7jsvyf+x7WOozUMhWVUP+6oBUlZRAQUI7aNoUM+Nvcptj6fEKXJGA
Jv7SBHAB9PfU1xQmWTvDBTn8vuPjI4bBc3Pa03MXReXwq9E1wr3uBOH32jLyWx/P
q308Fi/+Bw2fblPXpL3wrJ1aIs56qmXuesVNuNpYmQu0yeU0bQZil1g3awIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKAB9Rwnir7HkJZnG7JDaRvgo2R0MB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvb0FIMUhDZUt2c2VRbG1jYnNrTnBHLUNqWkhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXpoiMA0G
CSqGSIb3DQEBCwUAA4IBAQAvz4YStEZcCnf5by39thPCt7KqDGKchprLIyID/sJo
Y3bwZDfXe73TYWkdjR+2vnCgqv44UQP/fo8jkgPRXV2YxxWlDlQEUZdCOacqfWZq
kYP17qp9hboklUcncnnAteuYdZ6KjVhh6NsHbMh+4s0E55Xpp/oSmjPx7uy5ixTB
gLWN2dJhCsenSmzfbWu7/v6Zd0JuN1+u2f0MnUlOOMLxxmGFP9uviVr/352iBDoh
mV2EzE63hb2AdC3/TucfGxZrwXHSygMGZmzwCKfiP8S5t7DiNncyEVBC7Dj4CR8k
Qmuq02AgNNEQ32QStehlua6HTzwvuRfvD3tzC6Ws5bGA
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:49:32 2024 by rpki-client on console-fra.rpki-client.org