Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/ebbeba-1b50-41e2-a8d3-ed466735ab27/1/lU4RJ960SusZthSY4djiyeeVGaQ.roa
File: lU4RJ960SusZthSY4djiyeeVGaQ.roa (raw, json)
Hash identifier: AwN+vc9Yo9Q6nBiX2/Pl/PNjlu+3WTUMaKgepj9v6s4=
Subject key identifier: 95:4E:11:27:DE:B4:4A:EB:19:B6:14:98:E1:D8:E2:C9:E7:95:19:A4
Certificate issuer: /CN=7b0978c412dab61efb2db5411b06960c09e17a77
Certificate serial: 01856D940834210DB3AAEDC526A26702326A
Authority key identifier: 7B:09:78:C4:12:DA:B6:1E:FB:2D:B5:41:1B:06:96:0C:09:E1:7A:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ewl4xBLath77LbVBGwaWDAnhenc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/ebbeba-1b50-41e2-a8d3-ed466735ab27/1/lU4RJ960SusZthSY4djiyeeVGaQ.roa
Signing time: Sun 01 Jan 2023 13:44:55 +0000
ROA not before: Sun 01 Jan 2023 13:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48710
IP address blocks: 94.125.136.0/24 maxlen: 24
94.125.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:94:08:34:21:0d:b3:aa:ed:c5:26:a2:67:02:32:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b0978c412dab61efb2db5411b06960c09e17a77
Validity
Not Before: Jan 1 13:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=954e1127deb44aeb19b61498e1d8e2c9e79519a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ed:b1:3c:2b:a0:f0:48:e0:6d:49:9b:f5:35:
37:df:68:28:cd:98:56:25:a0:0e:b4:ac:46:6b:ca:
6d:9a:dd:99:43:3a:ed:b3:08:85:f6:eb:4e:fb:77:
51:a3:fa:44:e0:ad:53:aa:f0:32:be:37:21:07:6d:
b2:e6:b6:3a:3b:28:4c:60:2d:25:e0:e3:d2:be:ad:
1d:56:7f:a4:de:1b:10:20:26:fd:67:39:a7:c1:5b:
cb:d5:08:48:b2:49:34:92:a8:20:5e:54:a9:7a:44:
1d:0f:6c:bc:fc:62:2b:14:f7:16:b1:ce:c0:5b:0a:
6b:11:37:9a:b2:d0:de:96:d3:4b:ed:33:f7:71:e9:
2d:b4:4d:e8:40:c6:19:5d:06:1f:ad:4c:43:a5:e2:
0e:60:12:b6:5d:88:c6:2f:42:d5:35:b4:fe:2f:6b:
59:44:c2:9f:7f:6e:77:94:f0:67:0f:fe:40:33:e1:
34:84:65:21:00:51:54:3b:0f:4d:a7:d3:63:24:db:
42:b4:9f:83:8d:40:7b:5a:93:18:af:d0:c1:8f:25:
51:9b:22:ab:e4:4f:a5:75:78:2c:65:bb:60:96:32:
85:12:11:ea:f0:4d:42:67:40:4a:b7:5b:79:93:07:
7c:14:c6:a9:ed:00:a2:c1:1d:05:c3:96:41:96:7f:
18:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:4E:11:27:DE:B4:4A:EB:19:B6:14:98:E1:D8:E2:C9:E7:95:19:A4
X509v3 Authority Key Identifier:
keyid:7B:09:78:C4:12:DA:B6:1E:FB:2D:B5:41:1B:06:96:0C:09:E1:7A:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ewl4xBLath77LbVBGwaWDAnhenc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/ebbeba-1b50-41e2-a8d3-ed466735ab27/1/lU4RJ960SusZthSY4djiyeeVGaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/ebbeba-1b50-41e2-a8d3-ed466735ab27/1/ewl4xBLath77LbVBGwaWDAnhenc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.125.136.0/24
94.125.142.0/24
Signature Algorithm: sha256WithRSAEncryption
72:32:53:c2:71:63:3a:c7:6f:55:37:e5:a5:e9:bb:28:66:7c:
61:18:eb:68:5f:fa:b8:1b:54:59:e2:aa:9d:fa:ce:21:df:63:
7b:71:94:1c:99:1e:3f:64:2c:09:c4:8a:08:54:28:b6:87:c2:
b3:a0:9b:c9:99:db:3b:fc:d7:08:da:79:9e:a3:b4:d8:8d:a1:
6c:e0:ce:55:dc:74:df:b6:36:d6:90:63:0d:11:a8:73:ad:ba:
d6:0d:c2:ce:ca:97:98:99:3d:c6:71:9d:7b:e7:b5:5d:80:1c:
b6:46:e1:c3:61:d6:50:40:85:a4:d2:48:f3:0b:0b:e9:81:61:
ff:e3:a9:50:9b:ca:48:8b:da:9e:a8:32:59:9d:ca:f4:60:21:
cf:28:b7:c0:df:9f:65:d9:f4:82:58:23:26:5a:c5:82:5c:02:
04:fc:91:6d:fb:99:17:ec:b3:ab:1d:1e:41:22:d3:8c:13:98:
3c:f0:3c:ba:1d:c3:3c:36:14:8b:2f:09:c8:90:25:92:32:b3:
ca:d4:00:1e:fd:4e:34:2d:2a:89:c3:61:c4:52:b8:18:95:26:
01:55:7f:61:84:1a:1d:fb:1f:2d:53:e7:bc:05:fe:65:ae:f6:
fc:4b:4c:95:af:42:d8:b7:ef:b2:aa:1c:40:11:7b:a0:8c:5c:
8a:39:41:d5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtlAg0IQ2zqu3FJqJnAjJqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiMDk3OGM0MTJkYWI2MWVmYjJkYjU0MTFiMDY5NjBjMDll
MTdhNzcwHhcNMjMwMTAxMTM0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTRlMTEyN2RlYjQ0YWViMTliNjE0OThlMWQ4ZTJjOWU3OTUxOWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAje2xPCug8EjgbUmb9TU332gozZhW
JaAOtKxGa8ptmt2ZQzrtswiF9utO+3dRo/pE4K1TqvAyvjchB22y5rY6OyhMYC0l
4OPSvq0dVn+k3hsQICb9ZzmnwVvL1QhIskk0kqggXlSpekQdD2y8/GIrFPcWsc7A
WwprETeastDeltNL7TP3cekttE3oQMYZXQYfrUxDpeIOYBK2XYjGL0LVNbT+L2tZ
RMKff253lPBnD/5AM+E0hGUhAFFUOw9Np9NjJNtCtJ+DjUB7WpMYr9DBjyVRmyKr
5E+ldXgsZbtgljKFEhHq8E1CZ0BKt1t5kwd8FMap7QCiwR0Fw5ZBln8YuwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJVOESfetErrGbYUmOHY4snnlRmkMB8GA1UdIwQY
MBaAFHsJeMQS2rYe+y21QRsGlgwJ4Xp3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXdsNHhCTGF0aDc3TGJWQkd3YVdEQW5oZW5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9lYmJlYmEtMWI1MC00MWUyLWE4ZDMt
ZWQ0NjY3MzVhYjI3LzEvbFU0Uko5NjBTdXNadGhTWTRkaml5ZWVWR2FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9lYmJlYmEtMWI1MC00MWUyLWE4ZDMtZWQ0NjY3MzVhYjI3
LzEvZXdsNHhCTGF0aDc3TGJWQkd3YVdEQW5oZW5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXn2IAwQA
Xn2OMA0GCSqGSIb3DQEBCwUAA4IBAQByMlPCcWM6x29VN+Wl6bsoZnxhGOtoX/q4
G1RZ4qqd+s4h32N7cZQcmR4/ZCwJxIoIVCi2h8KzoJvJmds7/NcI2nmeo7TYjaFs
4M5V3HTftjbWkGMNEahzrbrWDcLOypeYmT3GcZ1757VdgBy2RuHDYdZQQIWk0kjz
CwvpgWH/46lQm8pIi9qeqDJZncr0YCHPKLfA359l2fSCWCMmWsWCXAIE/JFt+5kX
7LOrHR5BItOME5g88Dy6HcM8NhSLLwnIkCWSMrPK1AAe/U40LSqJw2HEUrgYlSYB
VX9hhBod+x8tU+e8Bf5lrvb8S0yVr0LYt++yqhxAEXugjFyKOUHV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:46 2024 by rpki-client on console-fra.rpki-client.org