Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/bc3ff7-aa87-4297-adf0-240d1ffd09b8/1/CtWQ7sq9Td7hlDpRm_djLU8mYH0.roa
File: CtWQ7sq9Td7hlDpRm_djLU8mYH0.roa (raw, json)
Hash identifier: i2jiYWQRZ1/YrcpHqrCGR63uk9wHymq9FKX/M/dpYI4=
Subject key identifier: 0A:D5:90:EE:CA:BD:4D:DE:E1:94:3A:51:9B:F7:63:2D:4F:26:60:7D
Certificate issuer: /CN=4116f0e9aff39a8b196c483e085de79f246d9fdd
Certificate serial: 01856F3019880D53E5F11E30991DEE4E6085
Authority key identifier: 41:16:F0:E9:AF:F3:9A:8B:19:6C:48:3E:08:5D:E7:9F:24:6D:9F:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QRbw6a_zmosZbEg-CF3nnyRtn90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/bc3ff7-aa87-4297-adf0-240d1ffd09b8/1/CtWQ7sq9Td7hlDpRm_djLU8mYH0.roa
Signing time: Sun 01 Jan 2023 21:15:01 +0000
ROA not before: Sun 01 Jan 2023 21:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209659
IP address blocks: 94.142.251.0/24 maxlen: 24
2a12:5bc1::/48 maxlen: 48
2a12:5bc0::/32 maxlen: 48
Validation: Failed, certificate revoked on Fri 22 Sep 2023 12:52:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:30:19:88:0d:53:e5:f1:1e:30:99:1d:ee:4e:60:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4116f0e9aff39a8b196c483e085de79f246d9fdd
Validity
Not Before: Jan 1 21:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ad590eecabd4ddee1943a519bf7632d4f26607d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:06:6d:d4:83:c1:72:b8:bd:fa:dd:e8:a3:9e:
3a:ec:1d:b0:32:c6:d3:c2:71:16:68:48:c5:e9:ce:
76:35:ce:27:4d:b7:73:df:66:e9:c9:fd:bb:19:3d:
10:ba:2a:3f:1b:65:01:9c:39:ad:c1:9c:a7:cd:f7:
a0:37:0a:6e:ff:59:21:7f:23:2f:48:7e:27:7c:0e:
df:69:50:8c:51:59:4d:2a:53:f9:3b:ef:07:ad:76:
d4:78:ed:8b:f9:1a:88:f5:1a:11:dc:ff:6d:e9:b5:
60:5e:41:f3:02:0e:6a:a8:34:d6:53:60:40:c0:d7:
25:4a:30:cf:84:20:0d:87:4d:fd:80:c8:38:cb:12:
f4:83:91:88:05:69:f7:ac:de:f4:47:2b:88:12:37:
c5:a4:e9:60:25:bc:65:ab:a1:eb:f0:ac:35:4e:f4:
b6:d0:24:86:a9:cb:a5:4a:0c:d6:c8:bc:57:7d:3b:
52:fb:fd:12:24:e5:85:a7:9c:07:9d:6c:53:de:0a:
5b:c6:70:91:49:92:c5:32:f4:cf:d5:66:2f:aa:8e:
59:84:b6:c0:11:08:ad:ed:af:2e:02:1b:b5:fe:a7:
23:dc:3a:83:e5:bf:f3:9a:76:d7:7d:e7:a5:fb:59:
0c:dd:60:ff:b0:bf:5c:db:83:27:1a:02:bc:f9:24:
42:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:D5:90:EE:CA:BD:4D:DE:E1:94:3A:51:9B:F7:63:2D:4F:26:60:7D
X509v3 Authority Key Identifier:
keyid:41:16:F0:E9:AF:F3:9A:8B:19:6C:48:3E:08:5D:E7:9F:24:6D:9F:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QRbw6a_zmosZbEg-CF3nnyRtn90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/bc3ff7-aa87-4297-adf0-240d1ffd09b8/1/CtWQ7sq9Td7hlDpRm_djLU8mYH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/bc3ff7-aa87-4297-adf0-240d1ffd09b8/1/QRbw6a_zmosZbEg-CF3nnyRtn90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.142.251.0/24
IPv6:
2a12:5bc0::-2a12:5bc1:0:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
29:31:d0:f7:6d:80:f2:d9:cc:75:6a:ec:57:25:32:2b:5d:bf:
38:17:42:a8:1a:21:75:98:77:f8:06:6b:84:29:58:7d:b8:93:
b3:0f:48:2e:a0:b1:2b:9e:ae:fc:d6:09:9c:0d:ca:fa:19:71:
09:83:4b:a1:f3:d4:8a:14:bd:32:00:2d:bb:bb:4f:8e:9c:82:
7f:b8:4f:5f:5a:47:58:c8:50:e0:96:81:39:48:51:8c:5d:c7:
c2:90:1a:1c:ba:ef:78:bb:09:7e:39:d6:eb:4a:ec:aa:c4:be:
97:85:63:d7:55:73:f7:b7:86:bb:ba:5b:86:8e:89:5e:66:57:
70:09:1a:16:7b:8b:96:69:ce:46:66:fb:bd:a5:92:2b:3c:8d:
f6:cc:3c:30:85:6a:da:0f:bd:dc:f4:54:0d:85:07:c1:00:34:
d0:b3:85:2b:2d:56:f0:5e:b4:2d:4f:87:7c:3c:1c:3d:fb:84:
ad:4c:db:ce:fe:90:fe:c9:f3:c0:d9:60:35:52:09:9e:33:d4:
cb:b4:54:b4:8c:26:fe:f9:ed:3c:de:47:2a:9d:31:1b:6f:a6:
57:4b:c8:3b:46:70:8a:7e:80:a3:e7:98:71:a5:c7:3e:0b:74:
29:a1:75:59:73:6f:3a:08:e2:9b:aa:47:96:22:74:b6:c6:16:
ee:51:4c:8d
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVvMBmIDVPl8R4wmR3uTmCFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMTZmMGU5YWZmMzlhOGIxOTZjNDgzZTA4NWRlNzlmMjQ2
ZDlmZGQwHhcNMjMwMTAxMjExNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWQ1OTBlZWNhYmQ0ZGRlZTE5NDNhNTE5YmY3NjMyZDRmMjY2MDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQZt1IPBcri9+t3oo5467B2wMsbT
wnEWaEjF6c52Nc4nTbdz32bpyf27GT0Quio/G2UBnDmtwZynzfegNwpu/1khfyMv
SH4nfA7faVCMUVlNKlP5O+8HrXbUeO2L+RqI9RoR3P9t6bVgXkHzAg5qqDTWU2BA
wNclSjDPhCANh039gMg4yxL0g5GIBWn3rN70RyuIEjfFpOlgJbxlq6Hr8Kw1TvS2
0CSGqculSgzWyLxXfTtS+/0SJOWFp5wHnWxT3gpbxnCRSZLFMvTP1WYvqo5ZhLbA
EQit7a8uAhu1/qcj3DqD5b/zmnbXfeel+1kM3WD/sL9c24MnGgK8+SRCMQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFArVkO7KvU3e4ZQ6UZv3Yy1PJmB9MB8GA1UdIwQY
MBaAFEEW8Omv85qLGWxIPghd558kbZ/dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVJidzZhX3ptb3NaYkVnLUNGM25ueVJ0bjkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9iYzNmZjctYWE4Ny00Mjk3LWFkZjAt
MjQwZDFmZmQwOWI4LzEvQ3RXUTdzcTlUZDdobERwUm1fZGpMVThtWUgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9iYzNmZjctYWE4Ny00Mjk3LWFkZjAtMjQwZDFmZmQwOWI4
LzEvUVJidzZhX3ptb3NaYkVnLUNGM25ueVJ0bjkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAXo77MBgE
AgACMBIwEAMFBioSW8ADBwAqElvBAAAwDQYJKoZIhvcNAQELBQADggEBACkx0Pdt
gPLZzHVq7FclMitdvzgXQqgaIXWYd/gGa4QpWH24k7MPSC6gsSuervzWCZwNyvoZ
cQmDS6Hz1IoUvTIALbu7T46cgn+4T19aR1jIUOCWgTlIUYxdx8KQGhy673i7CX45
1utK7KrEvpeFY9dVc/e3hru6W4aOiV5mV3AJGhZ7i5ZpzkZm+72lkis8jfbMPDCF
atoPvdz0VA2FB8EANNCzhSstVvBetC1Ph3w8HD37hK1M287+kP7J88DZYDVSCZ4z
1Mu0VLSMJv757TzeRyqdMRtvpldLyDtGcIp+gKPnmHGlxz4LdCmhdVlzbzoI4puq
R5YidLbGFu5RTI0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:43 2024 by rpki-client on console-fra.rpki-client.org