Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/vAiFEOTuG87PQfMsnzE4uQgGPFk.roa
File: vAiFEOTuG87PQfMsnzE4uQgGPFk.roa (raw, json)
Hash identifier: 1dCH4XhL20luaQAwakuRPSUwxXC8OipJZuUleeFYCy4=
Subject key identifier: BC:08:85:10:E4:EE:1B:CE:CF:41:F3:2C:9F:31:38:B9:08:06:3C:59
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 018CC8DCDC852294BE19034669F20A3CEE1E
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/vAiFEOTuG87PQfMsnzE4uQgGPFk.roa
Signing time: Tue 02 Jan 2024 06:29:26 +0000
ROA not before: Tue 02 Jan 2024 06:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35392
IP address blocks: 94.188.142.0/24 maxlen: 24
94.188.198.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Feb 2024 06:33:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:dc:85:22:94:be:19:03:46:69:f2:0a:3c:ee:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Jan 2 06:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc088510e4ee1bcecf41f32c9f3138b908063c59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c9:97:38:17:cb:ae:48:80:ab:69:4c:83:db:
fa:e7:db:5a:fa:0b:9c:0f:64:71:c9:3b:05:ad:76:
22:9b:4f:e9:3c:9c:a2:c7:73:e0:90:ce:65:78:53:
2f:9c:d1:f1:43:94:d9:e9:08:91:3e:6c:4d:7e:b0:
67:c7:8f:5a:33:93:e7:9a:bf:e1:50:bc:7f:a3:e6:
e4:31:d9:21:86:c6:02:0e:5d:4d:fb:44:77:d5:31:
1d:08:da:85:bb:2b:d6:5a:89:74:d7:68:96:97:a2:
46:77:b2:1f:40:39:52:47:4f:d8:2e:dc:dc:4b:39:
e6:bd:2e:50:c9:06:67:61:e1:9e:71:70:3a:3b:0b:
9e:03:ae:6a:b6:e9:06:d1:13:6e:4b:55:07:a9:cc:
14:07:30:8b:4b:d5:53:29:bc:94:ec:d0:5a:3d:0c:
f4:2d:c9:c2:78:cb:bf:91:7f:99:f9:96:00:38:ac:
db:12:14:a9:ea:0e:32:7c:fd:81:69:f1:58:e1:13:
b3:2d:65:18:7e:c4:97:e2:90:f2:6c:73:9c:74:44:
26:57:d4:df:08:de:1e:d8:3c:4a:77:4b:84:5d:ca:
20:d6:9e:08:e3:c7:e9:df:24:09:f7:1c:be:53:d9:
c1:64:29:f5:6a:72:0d:9e:c0:1d:7c:da:50:ea:1b:
c7:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:08:85:10:E4:EE:1B:CE:CF:41:F3:2C:9F:31:38:B9:08:06:3C:59
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/vAiFEOTuG87PQfMsnzE4uQgGPFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.188.142.0/24
94.188.198.0/24
Signature Algorithm: sha256WithRSAEncryption
29:e9:d5:79:04:a7:c4:1e:8c:ea:97:87:5a:94:b1:df:e6:a8:
9e:2c:34:b5:67:af:89:3c:14:64:18:e5:99:6b:f8:84:b7:b4:
ad:3a:c9:48:d3:bc:c1:ca:bd:94:3f:a5:33:d0:57:d5:d2:37:
d0:c3:38:f0:e7:7f:dc:95:f4:9d:37:16:b5:df:a5:fe:0c:67:
4f:f1:73:57:06:44:10:07:c4:3d:2e:ae:de:b7:32:ad:89:8a:
99:06:be:20:6a:3a:e6:56:b2:60:d0:08:e7:a0:e5:08:a9:fc:
35:6d:de:a2:83:a1:d6:33:ed:f4:90:5d:b3:e9:51:ea:c2:78:
17:08:ec:ea:dd:67:c8:6f:f1:30:d9:35:a5:04:65:a5:d9:08:
07:c1:a5:76:b1:e2:18:a1:21:eb:1a:3a:90:38:e9:70:86:cc:
14:47:e2:78:2a:ac:22:ac:38:03:43:15:c9:d0:76:fa:ee:d1:
74:ca:19:eb:d6:e2:35:f8:b9:31:a1:ed:cd:88:66:cd:44:4f:
26:83:1e:38:86:d5:5c:2e:e4:fb:73:09:7a:a0:d4:b6:1f:02:
5b:38:54:59:2f:b4:29:4a:0c:a9:40:6c:35:2e:13:34:54:5d:
5a:a7:bf:20:81:bc:d9:55:87:6e:a0:99:75:49:b4:49:f2:da:
d3:d5:4e:d9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3NyFIpS+GQNGafIKPO4eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjQwMTAyMDYyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzA4ODUxMGU0ZWUxYmNlY2Y0MWYzMmM5ZjMxMzhiOTA4MDYzYzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscmXOBfLrkiAq2lMg9v659ta+guc
D2RxyTsFrXYim0/pPJyix3PgkM5leFMvnNHxQ5TZ6QiRPmxNfrBnx49aM5Pnmr/h
ULx/o+bkMdkhhsYCDl1N+0R31TEdCNqFuyvWWol012iWl6JGd7IfQDlSR0/YLtzc
SznmvS5QyQZnYeGecXA6OwueA65qtukG0RNuS1UHqcwUBzCLS9VTKbyU7NBaPQz0
LcnCeMu/kX+Z+ZYAOKzbEhSp6g4yfP2BafFY4ROzLWUYfsSX4pDybHOcdEQmV9Tf
CN4e2DxKd0uEXcog1p4I48fp3yQJ9xy+U9nBZCn1anINnsAdfNpQ6hvHTwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLwIhRDk7hvOz0HzLJ8xOLkIBjxZMB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvdkFpRkVPVHVHODdQUWZNc256RTR1UWdHUEZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXryOAwQA
XrzGMA0GCSqGSIb3DQEBCwUAA4IBAQAp6dV5BKfEHozql4dalLHf5qieLDS1Z6+J
PBRkGOWZa/iEt7StOslI07zByr2UP6Uz0FfV0jfQwzjw53/clfSdNxa136X+DGdP
8XNXBkQQB8Q9Lq7etzKtiYqZBr4gajrmVrJg0AjnoOUIqfw1bd6ig6HWM+30kF2z
6VHqwngXCOzq3WfIb/Ew2TWlBGWl2QgHwaV2seIYoSHrGjqQOOlwhswUR+J4Kqwi
rDgDQxXJ0Hb67tF0yhnr1uI1+Lkxoe3NiGbNRE8mgx44htVcLuT7cwl6oNS2HwJb
OFRZL7QpSgypQGw1LhM0VF1ap78ggbzZVYduoJl1SbRJ8trT1U7Z
-----END CERTIFICATE-----
Generated at Tue Feb 6 09:25:59 2024 by rpki-client on console-ams.rpki-client.org