Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/sewoHfV6Dh7JbGhGpYJtnck3V6o.roa
File: sewoHfV6Dh7JbGhGpYJtnck3V6o.roa (raw, json)
Hash identifier: kLsEKMjZp1GXWdql56xg2oq0qsNmy8eNTPHB7yiTHdw=
Subject key identifier: B1:EC:28:1D:F5:7A:0E:1E:C9:6C:68:46:A5:82:6D:9D:C9:37:57:AA
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 0193C14A2677E9B8A6B67E7EC87DF2DEB2E9
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/sewoHfV6Dh7JbGhGpYJtnck3V6o.roa
Signing time: Fri 13 Dec 2024 18:31:22 +0000
ROA not before: Fri 13 Dec 2024 18:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208485
IP address blocks: 94.154.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Dec 2024 12:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c1:4a:26:77:e9:b8:a6:b6:7e:7e:c8:7d:f2:de:b2:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Dec 13 18:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b1ec281df57a0e1ec96c6846a5826d9dc93757aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:18:bd:39:51:4b:16:42:c6:c3:80:60:34:85:
83:5a:44:c1:20:72:32:d0:dc:21:37:fb:92:f1:cf:
bf:5e:ae:3a:c3:e2:97:07:10:25:b2:e9:5f:93:23:
3d:c4:7c:ae:c5:f4:bb:d2:95:f7:db:bd:9e:5d:0d:
72:36:7f:96:9d:20:1b:3c:35:f9:62:62:0f:1b:28:
2d:7a:5c:52:8a:4a:8a:c4:cf:38:c3:16:e8:ab:f4:
bf:1a:5c:59:58:2e:30:c0:8b:e0:c5:03:2e:d4:c8:
ce:9b:75:5a:13:db:c1:67:12:b7:0f:59:80:4c:e5:
c8:67:66:01:3c:56:05:f2:f7:f6:a0:d1:19:ad:33:
f5:a8:c7:63:48:b5:18:68:b8:d3:d1:cf:4f:86:e0:
75:d6:47:b3:93:c8:20:b2:dd:a0:0c:9d:c8:09:c9:
3e:ed:3a:50:00:52:2a:ed:f7:14:d5:7c:f0:6e:57:
dd:a0:2e:78:35:84:76:63:9b:73:c3:c7:6a:f7:d9:
c4:f3:17:21:24:34:55:f6:35:df:10:a3:50:bb:2f:
f5:28:3d:9a:e8:0a:03:9c:db:4c:16:80:25:8e:77:
07:97:dd:27:e7:de:f5:97:3c:24:d9:04:0d:ae:0f:
61:78:93:12:1d:b7:73:35:d2:83:dd:66:63:58:f5:
c4:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:EC:28:1D:F5:7A:0E:1E:C9:6C:68:46:A5:82:6D:9D:C9:37:57:AA
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/sewoHfV6Dh7JbGhGpYJtnck3V6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.35.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:63:e2:b3:32:24:f8:76:2e:48:92:b7:41:7b:77:7f:81:17:
3f:03:b8:1c:cd:c2:6b:c5:c1:45:06:e0:18:15:bf:97:35:ba:
00:b5:0f:7e:89:1c:9f:7b:85:e7:a4:e6:8c:3a:44:ae:77:66:
47:8d:c5:89:23:79:34:90:bb:29:3c:50:21:54:87:84:21:01:
a2:b9:34:82:35:93:93:89:30:c7:1d:40:2c:d6:84:14:78:1a:
80:a0:cb:84:76:98:01:5e:37:a7:b8:d4:ee:6b:17:7b:d4:6e:
57:41:5a:c2:f3:c6:ea:0a:e6:ab:36:4f:3f:d2:32:56:5c:44:
af:21:b1:3b:f9:80:27:cf:68:d3:a2:13:52:36:48:69:bf:64:
9a:55:f9:5b:aa:5d:42:b4:4f:6f:ff:38:57:03:94:fc:e9:a5:
53:81:f0:ed:29:ff:86:b6:51:e2:d0:67:b8:17:e2:96:40:7c:
4b:c0:73:9b:af:4e:7a:bf:32:62:3d:3b:cd:db:74:02:53:ae:
45:d6:35:2b:08:26:ab:d6:2c:f6:32:7c:44:1a:d8:95:7f:e3:
66:21:23:59:54:fa:3c:42:9f:09:4d:4e:c1:f5:3a:93:ef:c4:
d6:cd:e6:71:59:11:89:0f:af:64:9d:c7:08:aa:17:1a:2c:0e:
65:2a:42:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPBSiZ36bimtn5+yH3y3rLpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQxMjEzMTgzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWVjMjgxZGY1N2EwZTFlYzk2YzY4NDZhNTgyNmQ5ZGM5Mzc1N2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Bi9OVFLFkLGw4BgNIWDWkTBIHIy
0NwhN/uS8c+/Xq46w+KXBxAlsulfkyM9xHyuxfS70pX3272eXQ1yNn+WnSAbPDX5
YmIPGygtelxSikqKxM84wxboq/S/GlxZWC4wwIvgxQMu1MjOm3VaE9vBZxK3D1mA
TOXIZ2YBPFYF8vf2oNEZrTP1qMdjSLUYaLjT0c9PhuB11kezk8ggst2gDJ3ICck+
7TpQAFIq7fcU1XzwblfdoC54NYR2Y5tzw8dq99nE8xchJDRV9jXfEKNQuy/1KD2a
6AoDnNtMFoAljncHl90n5971lzwk2QQNrg9heJMSHbdzNdKD3WZjWPXEjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLHsKB31eg4eyWxoRqWCbZ3JN1eqMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvc2V3b0hmVjZEaDdKYkdoR3BZSnRuY2szVjZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXpojMA0G
CSqGSIb3DQEBCwUAA4IBAQAPY+KzMiT4di5IkrdBe3d/gRc/A7gczcJrxcFFBuAY
Fb+XNboAtQ9+iRyfe4XnpOaMOkSud2ZHjcWJI3k0kLspPFAhVIeEIQGiuTSCNZOT
iTDHHUAs1oQUeBqAoMuEdpgBXjenuNTuaxd71G5XQVrC88bqCuarNk8/0jJWXESv
IbE7+YAnz2jTohNSNkhpv2SaVflbql1CtE9v/zhXA5T86aVTgfDtKf+GtlHi0Ge4
F+KWQHxLwHObr056vzJiPTvN23QCU65F1jUrCCar1iz2MnxEGtiVf+NmISNZVPo8
Qp8JTU7B9TqT78TWzeZxWRGJD69knccIqhcaLA5lKkI9
-----END CERTIFICATE-----
Generated at Sat Apr 19 10:05:51 2025 by rpki-client