Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/6ff230-e012-4531-866c-0a8bd2f36c72/1/Dz2NdqV8uweR3BL1ybRDaaPqYtE.roa
File: Dz2NdqV8uweR3BL1ybRDaaPqYtE.roa (raw, json)
Hash identifier: 27jmqRRpddlDuoUCufKS4bBaRNPQA0RZVNjntUNKaIY=
Subject key identifier: 0F:3D:8D:76:A5:7C:BB:07:91:DC:12:F5:C9:B4:43:69:A3:EA:62:D1
Certificate issuer: /CN=77001bcc69a16503421b88851f47aa16c5cf2dbc
Certificate serial: 018B84D8172E3FB453864B39AA5153B7AEE6
Authority key identifier: 77:00:1B:CC:69:A1:65:03:42:1B:88:85:1F:47:AA:16:C5:CF:2D:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dwAbzGmhZQNCG4iFH0eqFsXPLbw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/6ff230-e012-4531-866c-0a8bd2f36c72/1/Dz2NdqV8uweR3BL1ybRDaaPqYtE.roa
Signing time: Tue 31 Oct 2023 08:27:16 +0000
ROA not before: Tue 31 Oct 2023 08:27:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6730
IP address blocks: 94.154.9.0/24 maxlen: 24
2a0f:f0c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:84:d8:17:2e:3f:b4:53:86:4b:39:aa:51:53:b7:ae:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77001bcc69a16503421b88851f47aa16c5cf2dbc
Validity
Not Before: Oct 31 08:27:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f3d8d76a57cbb0791dc12f5c9b44369a3ea62d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e5:40:fc:c3:6a:2f:c7:63:7f:14:84:dd:46:
f5:08:3d:2f:f8:bc:0f:d9:d2:9f:43:87:20:55:e9:
11:a6:78:61:f7:e6:ee:c6:0e:55:f6:dd:ce:f9:5c:
ea:15:49:80:04:b1:82:c6:b0:6f:81:aa:da:6d:45:
e4:b2:2a:13:fa:fc:ad:cc:d1:f6:16:f6:63:2d:14:
33:94:24:12:4d:33:14:46:27:db:b9:97:ce:ed:6f:
90:14:b7:3c:91:01:30:e3:ed:3f:64:8b:ba:7c:aa:
18:e7:db:0b:52:b4:c3:09:54:43:9d:62:63:b7:9a:
d5:c1:84:28:80:a6:da:10:8d:e2:7b:86:b8:36:40:
d8:42:85:3f:18:c5:41:06:d0:d8:67:49:a5:04:91:
00:07:6f:e2:65:e6:1a:15:f8:dc:e9:80:54:70:90:
df:f8:b6:ea:d8:d8:4d:3e:de:d0:b0:bc:b7:c6:d1:
05:85:af:18:d1:2e:3c:2d:a5:8a:50:ce:ff:63:31:
18:13:05:2f:97:e1:79:c6:dd:00:d4:a7:c2:4c:6c:
41:d2:e7:9c:2c:d2:9b:d3:d7:02:40:ae:59:9d:3d:
f9:02:8e:6a:f0:c4:a8:bb:6b:00:84:c0:ec:d2:e4:
0d:d7:b5:4b:af:31:86:d4:8a:08:cb:48:ed:ff:61:
2b:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:3D:8D:76:A5:7C:BB:07:91:DC:12:F5:C9:B4:43:69:A3:EA:62:D1
X509v3 Authority Key Identifier:
keyid:77:00:1B:CC:69:A1:65:03:42:1B:88:85:1F:47:AA:16:C5:CF:2D:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dwAbzGmhZQNCG4iFH0eqFsXPLbw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/6ff230-e012-4531-866c-0a8bd2f36c72/1/Dz2NdqV8uweR3BL1ybRDaaPqYtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/6ff230-e012-4531-866c-0a8bd2f36c72/1/dwAbzGmhZQNCG4iFH0eqFsXPLbw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.9.0/24
IPv6:
2a0f:f0c0::/32
Signature Algorithm: sha256WithRSAEncryption
42:01:76:62:9b:8b:ca:4b:1d:5a:23:86:fd:57:97:72:27:00:
9f:80:b5:a4:2a:9c:de:35:76:f8:cd:48:43:07:20:4e:e1:4e:
de:19:8c:9e:47:11:75:eb:2c:dc:a2:c5:e6:90:78:a5:21:a7:
88:93:80:f6:88:da:af:ea:c2:7b:99:52:16:cb:da:92:9d:81:
bb:96:ba:fa:e1:60:bf:55:1d:62:ac:cf:e7:5e:05:16:fa:54:
50:50:c2:48:7b:33:e8:2a:1b:17:e2:52:2f:87:70:b2:9f:66:
a2:3d:f1:1a:a7:ed:73:6b:d0:ff:b7:1c:b8:b3:c5:85:42:c5:
57:d1:44:d0:be:71:3a:87:cd:7f:8d:e9:f3:51:c9:c3:12:8c:
b2:43:b9:64:f9:a4:cd:8c:ee:99:c3:cb:46:06:ee:0b:f6:b6:
f6:4a:9a:8d:1e:06:8a:4a:98:59:0b:59:b1:58:57:03:f0:93:
53:6e:ce:4f:fa:6c:be:db:a5:db:d7:4a:71:e0:c6:b3:aa:ac:
9a:56:c8:29:1b:cc:71:8c:06:62:e5:c9:39:ae:32:88:38:bd:
c6:6e:63:85:c2:41:9e:eb:5c:30:f9:39:96:03:04:5f:d1:19:
0e:74:d5:d7:91:70:c8:49:15:6c:0e:f6:15:38:f9:63:e7:fb:
31:59:34:57
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYuE2BcuP7RThks5qlFTt67mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MDAxYmNjNjlhMTY1MDM0MjFiODg4NTFmNDdhYTE2YzVj
ZjJkYmMwHhcNMjMxMDMxMDgyNzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjNkOGQ3NmE1N2NiYjA3OTFkYzEyZjVjOWI0NDM2OWEzZWE2MmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneVA/MNqL8djfxSE3Ub1CD0v+LwP
2dKfQ4cgVekRpnhh9+buxg5V9t3O+VzqFUmABLGCxrBvgarabUXksioT+vytzNH2
FvZjLRQzlCQSTTMURifbuZfO7W+QFLc8kQEw4+0/ZIu6fKoY59sLUrTDCVRDnWJj
t5rVwYQogKbaEI3ie4a4NkDYQoU/GMVBBtDYZ0mlBJEAB2/iZeYaFfjc6YBUcJDf
+Lbq2NhNPt7QsLy3xtEFha8Y0S48LaWKUM7/YzEYEwUvl+F5xt0A1KfCTGxB0uec
LNKb09cCQK5ZnT35Ao5q8MSou2sAhMDs0uQN17VLrzGG1IoIy0jt/2Er3QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFA89jXalfLsHkdwS9cm0Q2mj6mLRMB8GA1UdIwQY
MBaAFHcAG8xpoWUDQhuIhR9HqhbFzy28MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHdBYnpHbWhaUU5DRzRpRkgwZXFGc1hQTGJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS82ZmYyMzAtZTAxMi00NTMxLTg2NmMt
MGE4YmQyZjM2YzcyLzEvRHoyTmRxVjh1d2VSM0JMMXliUkRhYVBxWXRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS82ZmYyMzAtZTAxMi00NTMxLTg2NmMtMGE4YmQyZjM2Yzcy
LzEvZHdBYnpHbWhaUU5DRzRpRkgwZXFGc1hQTGJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAXpoJMA0E
AgACMAcDBQAqD/DAMA0GCSqGSIb3DQEBCwUAA4IBAQBCAXZim4vKSx1aI4b9V5dy
JwCfgLWkKpzeNXb4zUhDByBO4U7eGYyeRxF16yzcosXmkHilIaeIk4D2iNqv6sJ7
mVIWy9qSnYG7lrr64WC/VR1irM/nXgUW+lRQUMJIezPoKhsX4lIvh3Cyn2aiPfEa
p+1za9D/txy4s8WFQsVX0UTQvnE6h81/jenzUcnDEoyyQ7lk+aTNjO6Zw8tGBu4L
9rb2SpqNHgaKSphZC1mxWFcD8JNTbs5P+my+26Xb10px4MazqqyaVsgpG8xxjAZi
5ck5rjKIOL3GbmOFwkGe61ww+TmWAwRf0RkOdNXXkXDISRVsDvYVOPlj5/sxWTRX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:11 2024 by rpki-client on console-fra.rpki-client.org