Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/373eca-ca43-4d62-a10f-bc7fc719d31b/1/Ay43GhGvfIJXoieuzjKv4I_ImZg.roa
File: Ay43GhGvfIJXoieuzjKv4I_ImZg.roa (raw, json)
Hash identifier: W4ytl0o4zXqJvhiiO+6+9lJ8T4PAbSb/PSvVkWohjM0=
Subject key identifier: 03:2E:37:1A:11:AF:7C:82:57:A2:27:AE:CE:32:AF:E0:8F:C8:99:98
Certificate issuer: /CN=5a1d45edd7edde9a8b862a739ada8e78b7dc82b9
Certificate serial: 018D59FA693B0D599B8D30F7E10400697398
Authority key identifier: 5A:1D:45:ED:D7:ED:DE:9A:8B:86:2A:73:9A:DA:8E:78:B7:DC:82:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wh1F7dft3pqLhipzmtqOeLfcgrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/373eca-ca43-4d62-a10f-bc7fc719d31b/1/Ay43GhGvfIJXoieuzjKv4I_ImZg.roa
Signing time: Tue 30 Jan 2024 10:46:39 +0000
ROA not before: Tue 30 Jan 2024 10:46:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211113
IP address blocks: 94.101.102.0/24 maxlen: 24
2a06:ea80::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 26 Mar 2024 12:26:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:59:fa:69:3b:0d:59:9b:8d:30:f7:e1:04:00:69:73:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a1d45edd7edde9a8b862a739ada8e78b7dc82b9
Validity
Not Before: Jan 30 10:46:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=032e371a11af7c8257a227aece32afe08fc89998
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:b9:a9:b0:63:83:bd:0c:1b:29:6e:54:2f:fd:
a3:41:2e:0b:2f:28:a5:1f:37:f6:c6:b2:3c:51:36:
10:e7:7f:94:a0:fc:2e:12:10:a9:5b:f0:03:0a:51:
c5:0b:fb:de:02:4a:43:99:96:74:b2:84:d8:e0:56:
91:18:50:89:d8:92:ff:02:ca:38:a6:52:4c:07:d1:
5f:85:0f:09:e0:e2:7d:44:dd:76:99:14:7d:43:7d:
cb:5f:57:e8:f3:cd:c7:1c:12:bb:15:ba:c5:17:b3:
00:e3:b3:72:ed:91:6a:08:b0:f6:7b:f0:22:5d:c7:
03:11:70:43:66:93:df:0c:79:71:49:8f:a2:d5:92:
6c:aa:05:d8:b1:95:00:4c:02:4c:da:dd:09:f7:f6:
ab:b7:c1:f5:c5:32:97:af:03:33:9c:6b:98:c3:91:
65:4a:e3:fd:e9:ea:6a:2b:60:0e:71:3f:cb:05:fe:
c8:05:38:84:be:86:9c:2d:7b:6e:50:43:89:bd:a2:
55:bb:bf:a1:bd:61:43:81:1c:57:35:89:12:52:0d:
74:8b:e9:88:bd:f8:35:bd:d4:de:cf:98:5e:ff:b2:
9d:ec:df:7a:8a:a2:97:ed:a7:6d:6e:94:ae:65:b2:
3f:b0:7c:fb:0e:b3:84:6b:87:25:1d:08:fe:fa:c4:
f3:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:2E:37:1A:11:AF:7C:82:57:A2:27:AE:CE:32:AF:E0:8F:C8:99:98
X509v3 Authority Key Identifier:
keyid:5A:1D:45:ED:D7:ED:DE:9A:8B:86:2A:73:9A:DA:8E:78:B7:DC:82:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wh1F7dft3pqLhipzmtqOeLfcgrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/373eca-ca43-4d62-a10f-bc7fc719d31b/1/Ay43GhGvfIJXoieuzjKv4I_ImZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/373eca-ca43-4d62-a10f-bc7fc719d31b/1/Wh1F7dft3pqLhipzmtqOeLfcgrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.101.102.0/24
IPv6:
2a06:ea80::/29
Signature Algorithm: sha256WithRSAEncryption
94:bd:b1:48:41:63:fe:f4:cc:f1:99:40:a8:e1:6d:4f:7b:03:
fd:8e:4f:ee:3b:a4:06:b4:eb:a3:ff:3f:da:d7:af:0a:2e:96:
f6:fc:60:7d:e0:cd:03:48:71:b5:96:a7:34:40:67:b0:4f:b6:
a3:eb:6e:fa:48:79:65:27:f0:ae:a8:94:14:02:f9:e7:b4:0d:
c0:45:5e:2a:3e:26:33:92:b5:a8:f1:11:2f:ac:b4:0a:d4:8e:
93:ab:2b:01:fb:86:2e:47:3a:4b:63:af:5a:d4:d8:96:f9:0f:
68:94:b2:76:ae:7b:c4:9d:a9:17:31:ca:e9:66:f6:82:4a:da:
21:b2:31:36:99:d0:81:e9:81:83:e4:3a:6c:59:d8:66:33:7c:
46:c6:86:75:d4:af:dc:b3:80:27:10:6f:4a:5c:df:9f:2b:5a:
5a:20:89:74:69:f4:8f:cf:46:e7:fd:50:ea:5c:3b:31:ae:60:
a9:6e:ee:d7:77:88:69:89:86:11:6b:9a:d0:e6:e5:ed:4a:bd:
3b:48:c4:a1:1c:9e:d9:60:e9:72:aa:bc:c1:68:a5:88:a5:82:
7b:84:32:0d:fd:89:04:bd:85:0d:f6:af:aa:b3:54:1a:56:6a:
cb:c7:a1:1b:fa:ea:0c:8c:fc:6a:a4:56:7a:be:02:81:d0:d1:
0f:4b:17:16
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY1Z+mk7DVmbjTD34QQAaXOYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMWQ0NWVkZDdlZGRlOWE4Yjg2MmE3MzlhZGE4ZTc4Yjdk
YzgyYjkwHhcNMjQwMTMwMTA0NjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzJlMzcxYTExYWY3YzgyNTdhMjI3YWVjZTMyYWZlMDhmYzg5OTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrmpsGODvQwbKW5UL/2jQS4LLyil
Hzf2xrI8UTYQ53+UoPwuEhCpW/ADClHFC/veAkpDmZZ0soTY4FaRGFCJ2JL/Aso4
plJMB9FfhQ8J4OJ9RN12mRR9Q33LX1fo883HHBK7FbrFF7MA47Ny7ZFqCLD2e/Ai
XccDEXBDZpPfDHlxSY+i1ZJsqgXYsZUATAJM2t0J9/art8H1xTKXrwMznGuYw5Fl
SuP96epqK2AOcT/LBf7IBTiEvoacLXtuUEOJvaJVu7+hvWFDgRxXNYkSUg10i+mI
vfg1vdTez5he/7Kd7N96iqKX7adtbpSuZbI/sHz7DrOEa4clHQj++sTzBQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAMuNxoRr3yCV6Inrs4yr+CPyJmYMB8GA1UdIwQY
MBaAFFodRe3X7d6ai4Yqc5rajni33IK5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2gxRjdkZnQzcHFMaGlwem10cU9lTGZjZ3JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8zNzNlY2EtY2E0My00ZDYyLWExMGYt
YmM3ZmM3MTlkMzFiLzEvQXk0M0doR3ZmSUpYb2lldXpqS3Y0SV9JbVpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8zNzNlY2EtY2E0My00ZDYyLWExMGYtYmM3ZmM3MTlkMzFi
LzEvV2gxRjdkZnQzcHFMaGlwem10cU9lTGZjZ3JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAXmVmMA0E
AgACMAcDBQMqBuqAMA0GCSqGSIb3DQEBCwUAA4IBAQCUvbFIQWP+9MzxmUCo4W1P
ewP9jk/uO6QGtOuj/z/a168KLpb2/GB94M0DSHG1lqc0QGewT7aj6276SHllJ/Cu
qJQUAvnntA3ARV4qPiYzkrWo8REvrLQK1I6TqysB+4YuRzpLY69a1NiW+Q9olLJ2
rnvEnakXMcrpZvaCStohsjE2mdCB6YGD5DpsWdhmM3xGxoZ11K/cs4AnEG9KXN+f
K1paIIl0afSPz0bn/VDqXDsxrmCpbu7Xd4hpiYYRa5rQ5uXtSr07SMShHJ7ZYOly
qrzBaKWIpYJ7hDIN/YkEvYUN9q+qs1QaVmrLx6Eb+uoMjPxqpFZ6vgKB0NEPSxcW
-----END CERTIFICATE-----
Generated at Thu Apr 17 20:15:55 2025 by rpki-client