Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/1nFB91BDyXO-etJ3bQMD9vKqvYY.roa
File: 1nFB91BDyXO-etJ3bQMD9vKqvYY.roa (raw, json)
Hash identifier: /jzhppVI5Awrh+p/BMf0lQjzegVj49H9SLF2S5tbkms=
Subject key identifier: D6:71:41:F7:50:43:C9:73:BE:7A:D2:77:6D:03:03:F6:F2:AA:BD:86
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 018649558C8C03BF0BACE66D1B4736F9FE2F
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/1nFB91BDyXO-etJ3bQMD9vKqvYY.roa
Signing time: Mon 13 Feb 2023 05:53:08 +0000
ROA not before: Mon 13 Feb 2023 05:53:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210515
IP address blocks: 94.188.174.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:49:55:8c:8c:03:bf:0b:ac:e6:6d:1b:47:36:f9:fe:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Feb 13 05:53:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d67141f75043c973be7ad2776d0303f6f2aabd86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ea:9f:12:9b:89:df:71:7b:35:c6:ce:c0:3d:
76:a8:e0:58:4f:88:08:3c:24:47:49:a3:cd:9d:57:
f7:f6:21:c1:de:ac:99:ab:38:d4:90:4e:e3:73:15:
62:1e:86:cd:76:12:15:83:85:74:11:68:01:db:9e:
96:14:1b:9b:f4:b6:6f:d4:7f:76:db:ce:22:98:d9:
c9:55:dd:37:16:3a:5f:7b:5b:da:f8:18:4f:90:92:
03:f3:03:ad:06:4c:37:53:45:4c:d6:f9:08:a6:1c:
d3:e0:33:62:2f:f6:b8:8b:f3:8d:22:c4:60:2e:ee:
ee:e0:e0:c0:d5:1a:ea:b6:08:39:bb:5c:61:af:82:
cc:1e:58:af:b5:52:6e:c7:f1:0f:cc:ba:99:d3:8d:
50:9a:57:24:84:28:e4:ee:95:1b:8b:41:59:ce:f4:
1e:95:b4:20:69:43:d7:2f:51:aa:73:f4:0b:69:26:
e8:45:33:bd:e3:0a:55:4c:35:80:ae:f4:08:f6:57:
50:ee:90:cf:62:b9:6f:eb:07:21:fa:3b:4b:5e:4b:
59:e0:df:ac:7f:10:8c:8d:0e:e7:8b:2f:db:85:ac:
29:44:2f:80:0e:5c:9c:c9:94:16:ed:4a:c0:10:7a:
fa:e7:84:83:8e:68:64:5f:7d:42:4c:59:20:8b:ab:
55:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:71:41:F7:50:43:C9:73:BE:7A:D2:77:6D:03:03:F6:F2:AA:BD:86
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/1nFB91BDyXO-etJ3bQMD9vKqvYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.188.174.0/24
Signature Algorithm: sha256WithRSAEncryption
00:6b:a7:1f:34:69:71:6f:50:7b:21:92:24:9b:b6:e6:54:2e:
e0:3c:d6:11:7c:ee:9c:3a:c3:7e:f5:5d:8d:2b:52:8f:94:4f:
e6:f5:04:03:6a:5c:44:a7:c1:7e:12:84:0b:48:0f:c8:19:d9:
4e:3d:46:41:8d:98:70:d7:eb:1b:b4:39:11:7c:1c:8e:de:4d:
3e:1d:39:96:ea:59:cd:00:a3:0f:03:f5:5a:8e:5b:d8:2e:25:
10:00:54:ef:ef:b4:b2:81:d0:da:20:47:aa:b5:b0:9c:f6:00:
66:54:0b:57:32:81:76:8c:89:58:1f:ca:46:0d:60:97:28:bc:
6c:3c:6b:ba:19:36:80:51:7d:c5:05:a4:c8:02:d0:89:82:1a:
bb:94:67:2e:ef:fd:08:99:be:fa:6b:73:79:8c:d1:56:c5:07:
21:85:13:7e:71:15:21:f5:b2:7c:97:6c:96:c7:18:76:27:f2:
55:00:f9:bf:7d:52:a9:fe:3d:8a:95:63:a3:8d:d2:94:88:cf:
ad:41:0b:49:2c:cd:74:f4:61:95:f8:6e:3d:9d:d6:76:a1:82:
5c:50:94:ae:46:59:3c:dc:bf:42:06:09:54:64:aa:c4:c9:28:
43:be:c3:7a:33:c6:31:f2:92:c9:c7:63:62:0c:59:29:9e:9b:
b6:a1:9f:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZJVYyMA78LrOZtG0c2+f4vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjMwMjEzMDU1MzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjcxNDFmNzUwNDNjOTczYmU3YWQyNzc2ZDAzMDNmNmYyYWFiZDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+qfEpuJ33F7NcbOwD12qOBYT4gI
PCRHSaPNnVf39iHB3qyZqzjUkE7jcxViHobNdhIVg4V0EWgB256WFBub9LZv1H92
284imNnJVd03Fjpfe1va+BhPkJID8wOtBkw3U0VM1vkIphzT4DNiL/a4i/ONIsRg
Lu7u4ODA1Rrqtgg5u1xhr4LMHlivtVJux/EPzLqZ041QmlckhCjk7pUbi0FZzvQe
lbQgaUPXL1Gqc/QLaSboRTO94wpVTDWArvQI9ldQ7pDPYrlv6wch+jtLXktZ4N+s
fxCMjQ7niy/bhawpRC+ADlycyZQW7UrAEHr654SDjmhkX31CTFkgi6tVcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNZxQfdQQ8lzvnrSd20DA/byqr2GMB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvMW5GQjkxQkR5WE8tZXRKM2JRTUQ5dktxdllZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXryuMA0G
CSqGSIb3DQEBCwUAA4IBAQAAa6cfNGlxb1B7IZIkm7bmVC7gPNYRfO6cOsN+9V2N
K1KPlE/m9QQDalxEp8F+EoQLSA/IGdlOPUZBjZhw1+sbtDkRfByO3k0+HTmW6lnN
AKMPA/VajlvYLiUQAFTv77SygdDaIEeqtbCc9gBmVAtXMoF2jIlYH8pGDWCXKLxs
PGu6GTaAUX3FBaTIAtCJghq7lGcu7/0Imb76a3N5jNFWxQchhRN+cRUh9bJ8l2yW
xxh2J/JVAPm/fVKp/j2KlWOjjdKUiM+tQQtJLM109GGV+G49ndZ2oYJcUJSuRlk8
3L9CBglUZKrEyShDvsN6M8Yx8pLJx2NiDFkpnpu2oZ8z
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:00:38 2024 by rpki-client on console-ams.rpki-client.org