Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/ohR2cG9PwjhQSSNLnyak-G856WA.roa
File: ohR2cG9PwjhQSSNLnyak-G856WA.roa (raw, json)
Hash identifier: LetaD++CAWPcEOc6w3LAEac/gIHC8acWCr2lmTlU9ao=
Subject key identifier: A2:14:76:70:6F:4F:C2:38:50:49:23:4B:9F:26:A4:F8:6F:39:E9:60
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 018D7CD86EF2882C7794C32CAC7BFA0EF107
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/ohR2cG9PwjhQSSNLnyak-G856WA.roa
Signing time: Tue 06 Feb 2024 05:16:15 +0000
ROA not before: Tue 06 Feb 2024 05:16:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205209
IP address blocks: 94.188.175.0/24 maxlen: 24
94.188.179.0/24 maxlen: 24
94.188.186.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 06 Feb 2024 06:33:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7c:d8:6e:f2:88:2c:77:94:c3:2c:ac:7b:fa:0e:f1:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Feb 6 05:16:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a21476706f4fc2385049234b9f26a4f86f39e960
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:6a:39:fd:7e:ec:ab:6d:0f:31:a9:cf:73:5b:
5d:f8:3d:57:35:f0:bc:94:15:f4:5d:aa:46:f9:3d:
93:d0:11:79:cf:19:e7:af:5b:33:a9:84:28:1e:c7:
44:af:1b:66:47:77:ae:00:d5:6f:9b:6c:cc:16:13:
67:bd:12:76:18:fe:00:6f:1d:5c:e3:8a:28:e8:26:
4c:82:e3:d9:7a:06:a7:8e:c8:23:81:5a:12:d5:6c:
63:d2:52:3f:8f:5c:5f:d5:6d:4b:fe:1d:5d:cb:04:
6f:82:3d:1a:fe:30:02:33:98:87:6c:f6:a7:4d:b5:
24:5f:c2:85:1e:aa:9a:b1:43:97:91:fc:7f:48:60:
1f:f2:92:c0:e6:91:cb:e3:86:06:ae:76:45:79:da:
73:c3:92:fb:19:9c:e9:ac:8d:28:8d:57:be:55:3d:
42:75:2a:54:cc:4e:05:8b:aa:ea:d7:98:23:f2:0f:
9a:47:74:04:bc:81:ab:e2:bf:ee:fc:0d:f7:8f:51:
bd:a6:66:cb:2b:f0:e9:4d:17:d9:f4:e7:22:67:1a:
f5:7e:88:36:c7:8b:27:f0:91:2d:b4:c3:86:c4:a0:
1e:e7:25:3b:c7:a0:f7:2b:c7:c6:e5:e9:b4:a2:ba:
2f:17:ba:84:8f:3d:0d:fa:37:2a:8c:27:65:21:73:
46:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:14:76:70:6F:4F:C2:38:50:49:23:4B:9F:26:A4:F8:6F:39:E9:60
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/ohR2cG9PwjhQSSNLnyak-G856WA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.188.175.0/24
94.188.179.0/24
94.188.186.0/23
Signature Algorithm: sha256WithRSAEncryption
26:a9:2f:6d:43:87:46:9e:f7:5d:9e:e5:88:03:12:c6:f8:21:
41:24:29:d4:9f:23:b8:36:00:46:ad:e6:37:7a:cb:e9:14:a7:
e3:64:a1:32:e6:6e:53:61:c5:11:7b:17:0b:31:04:8b:da:c3:
b3:75:e2:66:45:c3:03:84:a3:0d:d2:89:c3:41:73:2d:9d:19:
a4:ff:1d:9a:f5:7e:ab:9e:fe:e5:a2:ee:04:fb:02:a5:13:90:
57:df:63:ab:62:e9:2a:ba:06:99:29:42:64:bb:ba:7a:ef:fe:
73:cb:d2:f7:fb:90:75:c8:7e:a3:b4:f8:c6:40:aa:a2:b2:f0:
e4:f4:38:5c:0b:3f:35:87:18:36:07:3d:ba:6a:6e:8c:cf:2a:
33:0a:6a:fd:e9:12:7b:07:82:31:91:21:8e:6a:70:a1:90:ef:
22:ca:3c:b5:b7:22:57:e4:b7:56:53:b5:4c:46:5b:8a:aa:30:
fb:64:35:e4:9e:0e:ae:90:fe:4c:b8:e5:5c:1d:7b:f0:be:54:
68:5e:2f:f0:d2:40:d3:e4:56:c6:32:c0:ca:a8:0a:cd:83:16:
d1:6d:fd:e0:74:ce:d5:b3:8b:72:6a:46:19:7d:7f:19:6b:1c:
1d:4b:0a:3b:fc:e2:f5:21:d4:3a:17:9c:39:0f:58:fd:87:54:
45:85:3f:de
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY182G7yiCx3lMMsrHv6DvEHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjQwMjA2MDUxNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjE0NzY3MDZmNGZjMjM4NTA0OTIzNGI5ZjI2YTRmODZmMzllOTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmo5/X7sq20PManPc1td+D1XNfC8
lBX0XapG+T2T0BF5zxnnr1szqYQoHsdErxtmR3euANVvm2zMFhNnvRJ2GP4Abx1c
44oo6CZMguPZeganjsgjgVoS1Wxj0lI/j1xf1W1L/h1dywRvgj0a/jACM5iHbPan
TbUkX8KFHqqasUOXkfx/SGAf8pLA5pHL44YGrnZFedpzw5L7GZzprI0ojVe+VT1C
dSpUzE4Fi6rq15gj8g+aR3QEvIGr4r/u/A33j1G9pmbLK/DpTRfZ9OciZxr1fog2
x4sn8JEttMOGxKAe5yU7x6D3K8fG5em0orovF7qEjz0N+jcqjCdlIXNG0QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKIUdnBvT8I4UEkjS58mpPhvOelgMB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvb2hSMmNHOVB3amhRU1NOTG55YWstRzg1NldBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXryvAwQA
XryzAwQBXry6MA0GCSqGSIb3DQEBCwUAA4IBAQAmqS9tQ4dGnvddnuWIAxLG+CFB
JCnUnyO4NgBGreY3esvpFKfjZKEy5m5TYcURexcLMQSL2sOzdeJmRcMDhKMN0onD
QXMtnRmk/x2a9X6rnv7lou4E+wKlE5BX32OrYukqugaZKUJku7p67/5zy9L3+5B1
yH6jtPjGQKqisvDk9DhcCz81hxg2Bz26am6MzyozCmr96RJ7B4IxkSGOanChkO8i
yjy1tyJX5LdWU7VMRluKqjD7ZDXkng6ukP5MuOVcHXvwvlRoXi/w0kDT5FbGMsDK
qArNgxbRbf3gdM7Vs4tyakYZfX8ZaxwdSwo7/OL1IdQ6F5w5D1j9h1RFhT/e
-----END CERTIFICATE-----
Generated at Tue Feb 6 09:25:59 2024 by rpki-client on console-ams.rpki-client.org