Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/364e27-57f0-46a7-939a-654908384dd8/1/POKDbL-AkzxIj7FgRIvMrj1Ad6Q.roa
File: POKDbL-AkzxIj7FgRIvMrj1Ad6Q.roa (raw, json)
Hash identifier: pdICwjxED76xlMct7i3abRdXrJoMWDjl6hPMAKyonl4=
Subject key identifier: 3C:E2:83:6C:BF:80:93:3C:48:8F:B1:60:44:8B:CC:AE:3D:40:77:A4
Certificate issuer: /CN=6fbbb5ec127a0632d226af07fac9c4d284bd1bac
Certificate serial: 018CC3493153A0CFAF9890C83AFE9E23F420
Authority key identifier: 6F:BB:B5:EC:12:7A:06:32:D2:26:AF:07:FA:C9:C4:D2:84:BD:1B:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b7u17BJ6BjLSJq8H-snE0oS9G6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/364e27-57f0-46a7-939a-654908384dd8/1/POKDbL-AkzxIj7FgRIvMrj1Ad6Q.roa
Signing time: Mon 01 Jan 2024 04:30:03 +0000
ROA not before: Mon 01 Jan 2024 04:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204281
IP address blocks: 94.26.86.0/23 maxlen: 24
94.26.96.0/24 maxlen: 24
94.26.94.0/24 maxlen: 24
94.26.100.0/24 maxlen: 24
94.26.102.0/24 maxlen: 24
94.26.108.0/24 maxlen: 24
94.26.30.0/24 maxlen: 24
94.26.26.0/24 maxlen: 24
94.26.45.0/24 maxlen: 24
94.26.66.0/24 maxlen: 24
94.26.72.0/24 maxlen: 24
94.26.75.0/24 maxlen: 24
94.26.74.0/23 maxlen: 24
94.26.4.0/22 maxlen: 24
94.26.8.0/21 maxlen: 24
185.108.140.0/22 maxlen: 24
94.26.10.0/24 maxlen: 24
94.26.16.0/21 maxlen: 24
2a01:b760::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:31:53:a0:cf:af:98:90:c8:3a:fe:9e:23:f4:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fbbb5ec127a0632d226af07fac9c4d284bd1bac
Validity
Not Before: Jan 1 04:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ce2836cbf80933c488fb160448bccae3d4077a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:f3:a1:b9:28:5b:6d:1d:e0:be:61:da:97:9a:
eb:93:8f:8e:7a:71:78:4d:5d:f7:27:c2:1f:72:c2:
db:ac:27:c0:66:1f:8e:22:1d:01:c5:9f:94:11:1c:
10:76:19:b0:f0:14:e8:a9:aa:7b:5f:83:d3:4d:0d:
80:93:0c:87:e0:a2:d5:a9:f4:f3:82:b0:1d:ad:62:
96:4a:1c:8b:c4:61:1f:fb:51:fb:ce:3c:ee:1f:65:
08:76:6f:41:1d:eb:b8:5f:f4:68:98:2d:6e:0d:7a:
56:6e:44:10:c4:53:2f:55:31:50:fb:48:94:39:7d:
0d:72:28:91:46:b0:75:1f:e5:94:aa:94:3a:a7:43:
d6:79:9d:da:b1:c4:8c:30:44:39:7d:df:6a:7a:fa:
25:10:bf:0d:f1:80:13:83:86:33:9c:c7:6d:7d:4f:
b6:fa:4d:c8:31:c5:9a:b7:03:19:2a:24:9f:a3:f6:
29:70:6a:95:d2:82:91:de:be:56:2b:8e:06:cb:e9:
0f:97:5e:e0:86:c0:5f:ac:20:4c:4d:87:17:0e:6a:
22:dc:30:79:6a:85:b3:39:2a:19:ea:02:fd:cb:a6:
ce:7e:db:cc:c0:af:e9:c0:32:1b:45:9d:19:40:83:
8a:d5:42:43:50:c3:9c:a6:87:db:4f:2d:94:00:5c:
53:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:E2:83:6C:BF:80:93:3C:48:8F:B1:60:44:8B:CC:AE:3D:40:77:A4
X509v3 Authority Key Identifier:
keyid:6F:BB:B5:EC:12:7A:06:32:D2:26:AF:07:FA:C9:C4:D2:84:BD:1B:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7u17BJ6BjLSJq8H-snE0oS9G6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/364e27-57f0-46a7-939a-654908384dd8/1/POKDbL-AkzxIj7FgRIvMrj1Ad6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/364e27-57f0-46a7-939a-654908384dd8/1/b7u17BJ6BjLSJq8H-snE0oS9G6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.26.4.0-94.26.23.255
94.26.26.0/24
94.26.30.0/24
94.26.45.0/24
94.26.66.0/24
94.26.72.0/24
94.26.74.0/23
94.26.86.0/23
94.26.94.0/24
94.26.96.0/24
94.26.100.0/24
94.26.102.0/24
94.26.108.0/24
185.108.140.0/22
IPv6:
2a01:b760::/32
Signature Algorithm: sha256WithRSAEncryption
82:9b:f4:e8:b6:9b:e6:3f:79:18:c7:0c:19:6f:22:ea:66:47:
93:7c:b4:a3:90:f7:b7:07:c8:bf:a6:f5:8d:e7:97:a2:c0:86:
c4:0f:34:63:c9:ea:e0:a3:93:02:ad:61:9c:3d:1b:27:34:ed:
19:2c:c0:ac:c3:69:82:d3:9f:2b:73:87:49:a8:45:4f:e4:c0:
35:49:a4:b2:8c:68:dc:84:a1:09:e8:44:cb:a3:d0:0c:c7:44:
ac:fd:52:66:b7:03:1d:66:e2:70:b1:1a:04:29:0c:4e:6a:21:
1c:5a:75:43:66:bf:a5:11:42:64:34:f3:03:ba:85:b0:1d:2f:
44:1b:ed:27:10:88:93:60:cb:6a:0a:c6:a8:a3:3b:22:d5:4b:
bd:c0:db:ed:59:18:27:9a:4b:05:85:a5:e8:cf:aa:0c:89:ae:
2d:21:60:d3:e9:d3:cd:1c:82:17:34:b3:9e:15:7f:48:b1:e6:
1f:de:4b:85:20:a4:30:b6:58:a7:9c:db:42:e0:ab:a8:8d:44:
73:08:e3:7b:f9:40:f3:98:d3:c2:5c:f9:2e:a3:61:b1:6c:de:
20:79:f4:e7:32:d8:b7:f2:e9:50:19:5c:2b:d9:7c:c0:a2:b2:
02:89:7d:c5:6d:77:9d:e2:a7:84:a7:d2:10:dd:88:25:a7:34:
8d:3c:f0:2c
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAYzDSTFToM+vmJDIOv6eI/QgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYmJiNWVjMTI3YTA2MzJkMjI2YWYwN2ZhYzljNGQyODRi
ZDFiYWMwHhcNMjQwMTAxMDQzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2UyODM2Y2JmODA5MzNjNDg4ZmIxNjA0NDhiY2NhZTNkNDA3N2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1fOhuShbbR3gvmHal5rrk4+OenF4
TV33J8IfcsLbrCfAZh+OIh0BxZ+UERwQdhmw8BToqap7X4PTTQ2AkwyH4KLVqfTz
grAdrWKWShyLxGEf+1H7zjzuH2UIdm9BHeu4X/RomC1uDXpWbkQQxFMvVTFQ+0iU
OX0NciiRRrB1H+WUqpQ6p0PWeZ3ascSMMEQ5fd9qevolEL8N8YATg4YznMdtfU+2
+k3IMcWatwMZKiSfo/YpcGqV0oKR3r5WK44Gy+kPl17ghsBfrCBMTYcXDmoi3DB5
aoWzOSoZ6gL9y6bOftvMwK/pwDIbRZ0ZQIOK1UJDUMOcpofbTy2UAFxT+wIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFDzig2y/gJM8SI+xYESLzK49QHekMB8GA1UdIwQY
MBaAFG+7tewSegYy0iavB/rJxNKEvRusMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjd1MTdCSjZCakxTSnE4SC1zbkUwb1M5RzZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8zNjRlMjctNTdmMC00NmE3LTkzOWEt
NjU0OTA4Mzg0ZGQ4LzEvUE9LRGJMLUFrenhJajdGZ1JJdk1yajFBZDZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8zNjRlMjctNTdmMC00NmE3LTkzOWEtNjU0OTA4Mzg0ZGQ4
LzEvYjd1MTdCSjZCakxTSnE4SC1zbkUwb1M5RzZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwYgQCAAEwXDAMAwQCXhoE
AwQDXhoQAwQAXhoaAwQAXhoeAwQAXhotAwQAXhpCAwQAXhpIAwQBXhpKAwQBXhpW
AwQAXhpeAwQAXhpgAwQAXhpkAwQAXhpmAwQAXhpsAwQCuWyMMA0EAgACMAcDBQAq
AbdgMA0GCSqGSIb3DQEBCwUAA4IBAQCCm/TotpvmP3kYxwwZbyLqZkeTfLSjkPe3
B8i/pvWN55eiwIbEDzRjyergo5MCrWGcPRsnNO0ZLMCsw2mC058rc4dJqEVP5MA1
SaSyjGjchKEJ6ETLo9AMx0Ss/VJmtwMdZuJwsRoEKQxOaiEcWnVDZr+lEUJkNPMD
uoWwHS9EG+0nEIiTYMtqCsaoozsi1Uu9wNvtWRgnmksFhaXoz6oMia4tIWDT6dPN
HIIXNLOeFX9IseYf3kuFIKQwtlinnNtC4KuojURzCON7+UDzmNPCXPkuo2GxbN4g
efTnMti38ulQGVwr2XzAorICiX3FbXed4qeEp9IQ3YglpzSNPPAs
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:24 2025 by rpki-client