Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/w5pA1usJ18jiUO6IVmvi4daOLN4.roa
File: w5pA1usJ18jiUO6IVmvi4daOLN4.roa (raw, json)
Hash identifier: ESwzoCXr9s4d0FyhHKahG1pntncwtf0tkSjDa9qDAyU=
Subject key identifier: C3:9A:40:D6:EB:09:D7:C8:E2:50:EE:88:56:6B:E2:E1:D6:8E:2C:DE
Certificate issuer: /CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Certificate serial: 018E770784842F4B93DC0541A58286DC2D01
Authority key identifier: E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/w5pA1usJ18jiUO6IVmvi4daOLN4.roa
Signing time: Mon 25 Mar 2024 19:12:45 +0000
ROA not before: Mon 25 Mar 2024 19:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 94.154.34.0/24 maxlen: 24
94.154.36.0/24 maxlen: 24
94.154.37.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Mar 2024 15:48:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:77:07:84:84:2f:4b:93:dc:05:41:a5:82:86:dc:2d:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7cf3884b78007a25dbe2e2cef0cc73b69921f88
Validity
Not Before: Mar 25 19:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c39a40d6eb09d7c8e250ee88566be2e1d68e2cde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:e8:55:65:86:fd:1e:fe:7d:18:7d:c3:36:6d:
9c:75:31:70:ab:01:7b:dc:3b:23:cf:4e:01:fe:f7:
d2:3d:90:de:66:5a:6b:ed:5d:d1:8a:84:a3:14:5b:
04:24:32:34:b3:b5:8a:be:b8:6a:c9:a4:26:30:ce:
ac:0f:bf:38:1d:bf:57:6f:07:4a:a9:a0:29:e7:e7:
d7:8b:31:71:0d:da:16:40:93:56:fa:6d:27:e9:52:
94:b5:4f:80:fd:07:c6:ef:8a:53:80:87:44:72:41:
f6:ea:bd:4a:29:96:65:27:b2:03:d6:33:ad:65:c3:
ec:a2:8e:ca:e9:7f:c4:55:5a:d7:c4:7b:3c:40:02:
d5:a9:6f:1e:82:0c:82:86:86:20:18:62:cd:ce:88:
16:20:46:26:5e:6d:ff:71:9d:dc:5b:6c:6a:a8:25:
cc:30:22:03:6c:4a:ba:30:91:ff:75:64:ae:58:51:
96:8b:fc:fa:f5:77:21:e5:73:58:4e:4b:26:f8:63:
71:b0:25:12:bf:a5:f4:df:89:5c:5f:f2:f8:45:39:
b3:a3:0e:5d:87:53:2c:12:db:f7:d2:7d:cf:47:82:
c4:e6:ee:36:83:9e:c3:c2:cb:16:73:cf:4b:24:54:
ef:f4:e4:00:93:36:a3:56:69:59:f9:a7:88:f4:1d:
da:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:9A:40:D6:EB:09:D7:C8:E2:50:EE:88:56:6B:E2:E1:D6:8E:2C:DE
X509v3 Authority Key Identifier:
keyid:E7:CF:38:84:B7:80:07:A2:5D:BE:2E:2C:EF:0C:C7:3B:69:92:1F:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5884hLeAB6Jdvi4s7wzHO2mSH4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/w5pA1usJ18jiUO6IVmvi4daOLN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/4e7bc7-260e-47e6-8388-a184f3556e43/1/5884hLeAB6Jdvi4s7wzHO2mSH4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.34.0/24
94.154.36.0/23
Signature Algorithm: sha256WithRSAEncryption
13:bb:49:f0:2e:e9:f0:be:99:5c:89:08:bb:a0:15:f9:c5:c8:
42:c4:be:08:1a:95:e8:06:6c:22:94:a4:1a:0f:d2:7a:fc:d8:
09:a0:b0:8d:d2:4b:8c:3b:3e:be:e8:24:b1:18:b4:c2:8e:51:
92:20:c8:10:c4:b1:1a:71:4f:6f:7f:16:48:0a:a4:4b:42:cf:
05:ab:42:89:9c:cf:1f:1b:51:6f:57:3a:c2:32:db:14:27:2e:
79:5d:29:c2:54:eb:f9:95:c2:8f:3e:69:3f:17:67:45:48:62:
a1:e3:bc:26:ec:3f:a2:23:39:7f:2b:6b:94:23:52:95:17:0a:
58:3d:62:b6:f4:37:82:d0:a4:60:52:50:0b:5e:b0:57:74:ae:
73:f8:4b:9d:d1:05:dc:2a:30:e7:22:e8:06:a3:1c:a2:3a:bc:
58:73:19:04:6c:2d:5e:9d:19:0c:7d:85:16:50:9c:52:a2:b0:
57:af:4f:22:c1:f7:62:96:57:d7:a9:11:59:48:a6:6e:eb:3e:
db:37:40:d8:53:33:5a:ac:3e:f5:1d:16:13:d8:5f:0e:43:a3:
7e:92:97:4c:d6:d6:da:33:d6:14:ee:19:5b:b7:c5:ac:a6:b0:
b4:28:1e:5e:da:e7:cd:b2:c9:de:8f:f7:6b:83:31:02:97:88:
d3:7d:42:5a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY53B4SEL0uT3AVBpYKG3C0BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Y2YzODg0Yjc4MDA3YTI1ZGJlMmUyY2VmMGNjNzNiNjk5
MjFmODgwHhcNMjQwMzI1MTkxMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzlhNDBkNmViMDlkN2M4ZTI1MGVlODg1NjZiZTJlMWQ2OGUyY2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjehVZYb9Hv59GH3DNm2cdTFwqwF7
3Dsjz04B/vfSPZDeZlpr7V3RioSjFFsEJDI0s7WKvrhqyaQmMM6sD784Hb9XbwdK
qaAp5+fXizFxDdoWQJNW+m0n6VKUtU+A/QfG74pTgIdEckH26r1KKZZlJ7ID1jOt
ZcPsoo7K6X/EVVrXxHs8QALVqW8eggyChoYgGGLNzogWIEYmXm3/cZ3cW2xqqCXM
MCIDbEq6MJH/dWSuWFGWi/z69Xch5XNYTksm+GNxsCUSv6X034lcX/L4RTmzow5d
h1MsEtv30n3PR4LE5u42g57DwssWc89LJFTv9OQAkzajVmlZ+aeI9B3abwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMOaQNbrCdfI4lDuiFZr4uHWjizeMB8GA1UdIwQY
MBaAFOfPOIS3gAeiXb4uLO8Mxztpkh+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgt
YTE4NGYzNTU2ZTQzLzEvdzVwQTF1c0oxOGppVU82SVZtdmk0ZGFPTE40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80ZTdiYzctMjYwZS00N2U2LTgzODgtYTE4NGYzNTU2ZTQz
LzEvNTg4NGhMZUFCNkpkdmk0czd3ekhPMm1TSDRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXpoiAwQB
XpokMA0GCSqGSIb3DQEBCwUAA4IBAQATu0nwLunwvplciQi7oBX5xchCxL4IGpXo
BmwilKQaD9J6/NgJoLCN0kuMOz6+6CSxGLTCjlGSIMgQxLEacU9vfxZICqRLQs8F
q0KJnM8fG1FvVzrCMtsUJy55XSnCVOv5lcKPPmk/F2dFSGKh47wm7D+iIzl/K2uU
I1KVFwpYPWK29DeC0KRgUlALXrBXdK5z+Eud0QXcKjDnIugGoxyiOrxYcxkEbC1e
nRkMfYUWUJxSorBXr08iwfdillfXqRFZSKZu6z7bN0DYUzNarD71HRYT2F8OQ6N+
kpdM1tbaM9YU7hlbt8WsprC0KB5e2ufNssnej/drgzECl4jTfUJa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:25 2024 by rpki-client on console-fra.rpki-client.org