Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/00ddaf-3be5-420d-919f-3b4cb975a9bc/1/fwJdqgMKkMUOVvKiHMjOCcUNGwI.roa
File: fwJdqgMKkMUOVvKiHMjOCcUNGwI.roa (raw, json)
Hash identifier: dsdXXYwFoB7zH1Mno3aWcoLCJZttSD8EFWS8H36byIE=
Subject key identifier: 7F:02:5D:AA:03:0A:90:C5:0E:56:F2:A2:1C:C8:CE:09:C5:0D:1B:02
Certificate issuer: /CN=b9b87b3b09ccb69a6de20468e90ecbb18f5ecbb6
Certificate serial: 018570151FF0A1F8ECFA78FF9F6DA8CBF931
Authority key identifier: B9:B8:7B:3B:09:CC:B6:9A:6D:E2:04:68:E9:0E:CB:B1:8F:5E:CB:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ubh7OwnMtppt4gRo6Q7LsY9ey7Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/00ddaf-3be5-420d-919f-3b4cb975a9bc/1/fwJdqgMKkMUOVvKiHMjOCcUNGwI.roa
Signing time: Mon 02 Jan 2023 01:25:10 +0000
ROA not before: Mon 02 Jan 2023 01:25:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201925
IP address blocks: 94.246.168.0/21 maxlen: 24
94.246.179.0/24 maxlen: 24
94.246.180.0/23 maxlen: 23
94.246.182.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Jan 2023 09:38:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:1f:f0:a1:f8:ec:fa:78:ff:9f:6d:a8:cb:f9:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9b87b3b09ccb69a6de20468e90ecbb18f5ecbb6
Validity
Not Before: Jan 2 01:25:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f025daa030a90c50e56f2a21cc8ce09c50d1b02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:9e:f1:30:80:e6:19:83:30:26:18:4a:8a:f2:
ef:96:ee:1e:60:13:ba:6f:06:3c:31:07:5b:4c:f9:
67:a1:83:a8:e8:7c:02:5f:f9:eb:56:60:7a:be:76:
21:29:38:cb:c7:8f:92:c0:4c:70:3b:15:5f:fa:07:
ed:73:ff:f9:d0:83:74:70:6d:c0:9b:ae:ca:f0:e4:
8c:c6:c3:81:a7:3d:9a:2e:6f:c2:ad:d1:6d:6d:1b:
e5:7c:89:cc:c6:77:cb:d9:87:1b:3b:16:d0:76:fa:
16:19:9a:b9:aa:e8:4f:bd:0b:40:76:8a:34:2d:de:
68:d3:79:a9:e4:e5:96:fc:90:4d:d9:95:a8:62:b9:
96:b0:86:df:eb:90:8c:ba:2b:3f:2a:b1:02:42:c8:
6b:4b:8c:77:3f:6f:0a:97:2d:3a:3b:62:f2:da:e4:
71:03:ce:68:10:f9:00:65:51:c9:f9:4e:11:cb:7e:
0e:ec:f9:8b:44:f3:d9:08:2c:d4:92:ca:d7:68:62:
23:d9:e4:38:5a:10:30:e5:67:66:33:4f:21:53:cb:
43:75:ab:75:6e:e5:c8:e8:c2:c1:25:92:06:73:25:
3c:21:3b:56:77:fc:2f:4e:a7:a6:6c:3a:76:54:55:
9c:b1:d3:a1:b2:4f:03:91:3e:18:57:ee:74:47:d7:
d9:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:02:5D:AA:03:0A:90:C5:0E:56:F2:A2:1C:C8:CE:09:C5:0D:1B:02
X509v3 Authority Key Identifier:
keyid:B9:B8:7B:3B:09:CC:B6:9A:6D:E2:04:68:E9:0E:CB:B1:8F:5E:CB:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ubh7OwnMtppt4gRo6Q7LsY9ey7Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/00ddaf-3be5-420d-919f-3b4cb975a9bc/1/fwJdqgMKkMUOVvKiHMjOCcUNGwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/00ddaf-3be5-420d-919f-3b4cb975a9bc/1/ubh7OwnMtppt4gRo6Q7LsY9ey7Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.246.168.0/21
94.246.179.0-94.246.182.255
Signature Algorithm: sha256WithRSAEncryption
63:d8:74:8a:3a:ba:9e:6e:8b:0e:d7:fa:51:cb:a7:d7:fc:e1:
75:9a:54:ce:0c:b4:c2:a6:50:80:ca:ed:7d:67:95:c2:b2:4e:
b4:a1:4c:79:81:6a:40:55:34:3b:43:23:40:9b:a6:9c:f6:fa:
ab:3f:aa:02:8c:5c:2a:46:99:f4:cc:7e:c5:a2:33:11:de:74:
ee:ed:7f:62:15:31:e0:27:f8:b1:ee:ec:62:ce:5b:ab:62:80:
1e:a2:89:e9:81:35:e3:55:70:18:73:e5:ac:57:41:3d:cd:93:
47:fc:84:49:e6:58:59:ea:1e:63:d8:c3:f1:5d:c2:5a:7b:78:
1b:34:69:52:b7:4a:f3:16:79:5e:ee:ea:6c:cf:cc:f3:b1:e3:
c3:10:ab:78:de:39:2d:49:6d:a1:c5:13:71:07:6f:e5:f7:42:
7d:97:54:3a:ba:93:75:a5:88:95:95:e9:62:6a:ef:05:69:b4:
b4:17:0f:64:40:ff:60:c8:48:74:da:6f:ab:1e:37:ec:52:96:
6e:0a:d6:47:08:8a:d9:0d:e6:ee:af:f5:5a:2e:d8:72:12:85:
fb:8c:e5:ff:03:12:09:89:83:92:bc:da:09:3d:5d:86:97:27:
ef:de:7f:35:de:f9:5e:a9:29:53:0f:f9:01:05:23:17:4d:6a:
c1:57:ef:b3
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVwFR/wofjs+nj/n22oy/kxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5Yjg3YjNiMDljY2I2OWE2ZGUyMDQ2OGU5MGVjYmIxOGY1
ZWNiYjYwHhcNMjMwMTAyMDEyNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjAyNWRhYTAzMGE5MGM1MGU1NmYyYTIxY2M4Y2UwOWM1MGQxYjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg57xMIDmGYMwJhhKivLvlu4eYBO6
bwY8MQdbTPlnoYOo6HwCX/nrVmB6vnYhKTjLx4+SwExwOxVf+gftc//50IN0cG3A
m67K8OSMxsOBpz2aLm/CrdFtbRvlfInMxnfL2YcbOxbQdvoWGZq5quhPvQtAdoo0
Ld5o03mp5OWW/JBN2ZWoYrmWsIbf65CMuis/KrECQshrS4x3P28Kly06O2Ly2uRx
A85oEPkAZVHJ+U4Ry34O7PmLRPPZCCzUksrXaGIj2eQ4WhAw5WdmM08hU8tDdat1
buXI6MLBJZIGcyU8ITtWd/wvTqembDp2VFWcsdOhsk8DkT4YV+50R9fZQQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFH8CXaoDCpDFDlbyohzIzgnFDRsCMB8GA1UdIwQY
MBaAFLm4ezsJzLaabeIEaOkOy7GPXsu2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWJoN093bk10cHB0NGdSbzZRN0xzWTlleTdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8wMGRkYWYtM2JlNS00MjBkLTkxOWYt
M2I0Y2I5NzVhOWJjLzEvZndKZHFnTUtrTVVPVnZLaUhNak9DY1VOR3dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8wMGRkYWYtM2JlNS00MjBkLTkxOWYtM2I0Y2I5NzVhOWJj
LzEvdWJoN093bk10cHB0NGdSbzZRN0xzWTlleTdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDXvaoMAwD
BABe9rMDBABe9rYwDQYJKoZIhvcNAQELBQADggEBAGPYdIo6up5uiw7X+lHLp9f8
4XWaVM4MtMKmUIDK7X1nlcKyTrShTHmBakBVNDtDI0Cbppz2+qs/qgKMXCpGmfTM
fsWiMxHedO7tf2IVMeAn+LHu7GLOW6tigB6iiemBNeNVcBhz5axXQT3Nk0f8hEnm
WFnqHmPYw/Fdwlp7eBs0aVK3SvMWeV7u6mzPzPOx48MQq3jeOS1JbaHFE3EHb+X3
Qn2XVDq6k3WliJWV6WJq7wVptLQXD2RA/2DISHTab6seN+xSlm4K1kcIitkN5u6v
9Vou2HIShfuM5f8DEgmJg5K82gk9XYaXJ+/efzXe+V6pKVMP+QEFIxdNasFX77M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:38 2024 by rpki-client on console-ams.rpki-client.org