Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/o_lnFLcaXEtYnwexrT_0OqIWfwI.roa
File: o_lnFLcaXEtYnwexrT_0OqIWfwI.roa (raw, json)
Hash identifier: dGQvvenFiyOBZn23RnDWo4MOLUqMqN3VMfeJKvdeSsA=
Subject key identifier: A3:F9:67:14:B7:1A:5C:4B:58:9F:07:B1:AD:3F:F4:3A:A2:16:7F:02
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 01856FF0207692D89E1A21FFB498A41F7CE5
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/o_lnFLcaXEtYnwexrT_0OqIWfwI.roa
Signing time: Mon 02 Jan 2023 00:44:45 +0000
ROA not before: Mon 02 Jan 2023 00:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34450
IP address blocks: 94.154.37.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:20:76:92:d8:9e:1a:21:ff:b4:98:a4:1f:7c:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Jan 2 00:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3f96714b71a5c4b589f07b1ad3ff43aa2167f02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:73:48:89:8a:41:e5:89:4f:1a:76:d3:df:28:
9a:ef:07:ab:bf:af:dc:1d:56:17:bf:7e:3b:f4:67:
a3:d8:12:e7:70:6c:50:0d:ae:5a:83:3a:a3:18:e5:
e1:2f:ff:9e:3a:d2:2d:31:1c:a5:f1:4b:b9:4f:33:
13:06:39:fb:dd:37:23:d6:c4:f5:6c:af:84:1f:05:
3d:28:6b:e9:20:6c:9e:e7:86:af:79:e6:f9:5d:78:
24:70:0a:c2:2c:47:17:3b:35:a0:ee:ce:22:9d:20:
28:ea:fd:05:2e:df:dc:6a:46:2e:24:31:1b:0c:a2:
95:50:66:f3:68:35:54:a9:e2:39:97:a9:e0:61:c5:
fb:af:bb:33:a7:96:da:67:b1:b1:30:8d:ef:8a:37:
57:cb:e4:77:45:9c:b0:e8:00:3c:c6:77:11:bc:57:
71:b1:8b:16:a1:44:16:0f:9e:d1:13:6f:2e:c6:15:
2a:99:95:34:46:b7:01:bc:f6:99:b5:f8:7d:21:f9:
64:02:67:78:7a:db:df:8f:d3:d5:44:c2:e9:61:ef:
f0:72:86:0a:de:76:c3:04:10:bb:78:b9:94:89:04:
cd:90:b9:12:0e:ed:89:e3:95:2a:77:5d:f1:99:90:
37:0c:a1:85:45:2c:fe:03:72:ea:d8:38:70:a2:16:
21:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:F9:67:14:B7:1A:5C:4B:58:9F:07:B1:AD:3F:F4:3A:A2:16:7F:02
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/o_lnFLcaXEtYnwexrT_0OqIWfwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.37.0/24
Signature Algorithm: sha256WithRSAEncryption
75:a5:e9:1d:2f:3c:a1:91:fc:4e:19:c5:ba:e2:36:e0:cc:06:
7f:3c:f4:58:0e:e5:4d:9c:af:9b:6c:bb:9f:88:e7:3b:e8:12:
b3:3a:32:d6:9d:25:32:47:e6:8f:37:ce:c6:1e:0f:91:69:e7:
61:27:37:b5:53:77:87:b6:96:30:9e:74:46:10:97:ec:15:6d:
46:9c:f8:cd:a0:0a:3c:d4:ef:a3:9a:dd:69:67:3a:2e:d6:cc:
79:5b:9f:9a:00:d3:aa:52:ee:2a:c8:e8:73:ac:70:5d:98:77:
36:8b:9d:96:0e:a7:aa:f8:aa:dd:45:7b:40:28:5d:53:bc:5a:
d8:3e:10:7f:79:bc:cd:84:87:c9:21:b8:9f:65:2e:2e:9b:7b:
6f:36:5d:9a:30:25:d1:a7:fa:6f:ad:e5:74:07:c7:d0:88:fe:
27:09:60:4b:6d:b4:96:37:01:72:5b:f8:9c:0e:f1:75:39:44:
fc:be:a4:cd:45:25:08:3f:2b:82:18:1d:a1:a8:c7:0a:b9:4b:
b0:66:03:b9:b5:6a:2e:18:95:e8:af:e6:da:17:c3:b5:fc:90:
93:c5:4a:10:74:23:3e:c7:73:96:4c:c9:c3:93:1a:49:2f:78:
f9:8e:8d:9f:a6:1e:a2:9c:b5:98:7b:5f:61:ef:ea:a6:3f:63:
e8:e9:8d:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv8CB2ktieGiH/tJikH3zlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjMwMTAyMDA0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2Y5NjcxNGI3MWE1YzRiNTg5ZjA3YjFhZDNmZjQzYWEyMTY3ZjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXNIiYpB5YlPGnbT3yia7werv6/c
HVYXv3479Gej2BLncGxQDa5agzqjGOXhL/+eOtItMRyl8Uu5TzMTBjn73Tcj1sT1
bK+EHwU9KGvpIGye54aveeb5XXgkcArCLEcXOzWg7s4inSAo6v0FLt/cakYuJDEb
DKKVUGbzaDVUqeI5l6ngYcX7r7szp5baZ7GxMI3vijdXy+R3RZyw6AA8xncRvFdx
sYsWoUQWD57RE28uxhUqmZU0RrcBvPaZtfh9IflkAmd4etvfj9PVRMLpYe/wcoYK
3nbDBBC7eLmUiQTNkLkSDu2J45Uqd13xmZA3DKGFRSz+A3Lq2DhwohYhXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKP5ZxS3GlxLWJ8Hsa0/9DqiFn8CMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvb19sbkZMY2FYRXRZbndleHJUXzBPcUlXZndJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXpolMA0G
CSqGSIb3DQEBCwUAA4IBAQB1pekdLzyhkfxOGcW64jbgzAZ/PPRYDuVNnK+bbLuf
iOc76BKzOjLWnSUyR+aPN87GHg+RaedhJze1U3eHtpYwnnRGEJfsFW1GnPjNoAo8
1O+jmt1pZzou1sx5W5+aANOqUu4qyOhzrHBdmHc2i52WDqeq+KrdRXtAKF1TvFrY
PhB/ebzNhIfJIbifZS4um3tvNl2aMCXRp/pvreV0B8fQiP4nCWBLbbSWNwFyW/ic
DvF1OUT8vqTNRSUIPyuCGB2hqMcKuUuwZgO5tWouGJXor+baF8O1/JCTxUoQdCM+
x3OWTMnDkxpJL3j5jo2fph6inLWYe19h7+qmP2Po6Y3G
-----END CERTIFICATE-----
Generated at Wed Oct 25 22:43:07 2023 by rpki-client on console-ams.rpki-client.org