Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/D9eQMzjJ2C26CKyLoHESTvJvhI4.roa
File: D9eQMzjJ2C26CKyLoHESTvJvhI4.roa (raw, json)
Hash identifier: Nb8KwkBnhxANr+CQHufO2XapH94LEJME1kFiKDSfVB4=
Subject key identifier: 0F:D7:90:33:38:C9:D8:2D:BA:08:AC:8B:A0:71:12:4E:F2:6F:84:8E
Certificate issuer: /CN=2588b1b560f998eccd3a6eff40543b59204d67b8
Certificate serial: 018EBE5E4408E51AC498B700018F412EFB13
Authority key identifier: 25:88:B1:B5:60:F9:98:EC:CD:3A:6E:FF:40:54:3B:59:20:4D:67:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/D9eQMzjJ2C26CKyLoHESTvJvhI4.roa
Signing time: Mon 08 Apr 2024 15:40:32 +0000
ROA not before: Mon 08 Apr 2024 15:40:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198013
IP address blocks: 94.185.96.0/19 maxlen: 19
94.185.97.0/24 maxlen: 24
94.185.98.0/24 maxlen: 24
94.185.99.0/24 maxlen: 24
94.185.100.0/24 maxlen: 24
94.185.101.0/24 maxlen: 24
94.185.102.0/24 maxlen: 24
94.185.103.0/24 maxlen: 24
94.185.104.0/22 maxlen: 22
94.185.105.0/24 maxlen: 24
94.185.106.0/24 maxlen: 24
94.185.108.0/24 maxlen: 24
94.185.109.0/24 maxlen: 24
94.185.110.0/24 maxlen: 24
94.185.112.0/24 maxlen: 24
94.185.113.0/24 maxlen: 24
94.185.116.0/24 maxlen: 24
94.185.123.0/24 maxlen: 24
2a03:4580::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 09 Apr 2024 12:36:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:be:5e:44:08:e5:1a:c4:98:b7:00:01:8f:41:2e:fb:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2588b1b560f998eccd3a6eff40543b59204d67b8
Validity
Not Before: Apr 8 15:40:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fd7903338c9d82dba08ac8ba071124ef26f848e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:68:a6:e2:56:7b:1e:1e:f8:38:13:f1:bd:e5:
f2:93:73:6c:80:ae:30:f4:e5:2a:ac:0f:68:73:a8:
fc:b6:86:38:11:f3:14:8b:a2:04:ae:d7:c6:a8:4e:
c9:76:12:16:79:96:b3:dc:dd:11:b0:ec:b6:1c:ae:
dd:b3:43:7b:a7:d9:d3:35:41:ac:6a:7d:fe:5e:2d:
d4:00:87:02:0a:10:29:79:3a:3c:5e:f2:7f:47:23:
7e:4e:1a:cd:89:f5:06:c0:b0:0b:c2:96:05:b8:29:
7c:33:b2:a8:35:dd:7b:9c:cb:8d:30:9e:e8:f5:45:
b6:11:1c:bb:23:64:32:85:a9:40:36:14:0c:84:33:
ac:2b:e4:a4:8e:a2:c3:86:5e:32:ee:19:35:c0:c6:
0f:c0:65:91:c4:39:47:fa:d2:74:6d:e5:77:87:ac:
12:f0:ba:d5:4d:99:d3:ae:db:62:3b:18:1d:ef:f2:
f9:67:c4:8e:84:81:72:e1:2b:18:31:c9:56:0e:bd:
a4:11:0f:49:36:2b:f9:1f:18:6b:ff:68:83:68:8a:
6a:dd:25:f3:23:8f:6c:6e:a8:c0:fc:a5:13:84:16:
74:e1:8a:ec:e1:a8:e0:25:13:02:8f:48:75:ed:34:
a1:0d:03:fe:6f:85:93:00:2a:bf:c5:f1:9b:00:9c:
29:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:D7:90:33:38:C9:D8:2D:BA:08:AC:8B:A0:71:12:4E:F2:6F:84:8E
X509v3 Authority Key Identifier:
keyid:25:88:B1:B5:60:F9:98:EC:CD:3A:6E:FF:40:54:3B:59:20:4D:67:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/D9eQMzjJ2C26CKyLoHESTvJvhI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.185.96.0/19
IPv6:
2a03:4580::/32
Signature Algorithm: sha256WithRSAEncryption
3f:f2:94:21:ba:58:04:3a:86:36:d4:7d:90:23:8b:59:1e:eb:
72:86:08:2b:64:ba:c8:25:4b:4e:fe:5e:e9:6b:24:f4:6c:a1:
1d:d0:3a:09:8c:12:34:53:5b:70:96:30:97:c1:a3:61:26:40:
4a:af:d1:4b:ca:74:a3:d4:66:ca:54:df:4d:fa:2d:d3:19:5f:
b7:3e:22:97:fd:69:f9:45:09:3e:e2:4a:de:1a:e7:b4:eb:91:
81:83:51:d3:88:24:03:eb:a5:0c:8f:45:2b:36:c5:ef:b6:19:
ec:1a:06:03:94:a4:fd:e4:07:17:04:7c:de:26:bd:5c:43:67:
1f:d0:a3:c1:de:2d:a6:a9:f6:16:2a:1b:71:e9:2f:df:d4:d8:
d2:b1:55:03:e7:98:b8:34:87:31:5e:ec:00:85:ab:e1:9d:47:
52:98:8e:1c:b1:35:4c:be:c0:6b:da:fc:ae:f9:80:20:e2:d3:
d9:78:21:20:1b:52:d3:ab:31:0a:55:65:e3:3e:bf:da:42:d4:
74:84:13:92:35:e4:07:8c:e2:6e:38:25:29:2b:0e:72:45:d9:
7a:dc:56:c3:d6:01:39:79:57:ce:5b:20:e6:fe:6e:61:cd:a9:
72:ea:ea:6b:d4:aa:6b:99:56:fe:b3:cb:e5:35:74:2d:86:1d:
54:65:67:e0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY6+XkQI5RrEmLcAAY9BLvsTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ODhiMWI1NjBmOTk4ZWNjZDNhNmVmZjQwNTQzYjU5MjA0
ZDY3YjgwHhcNMjQwNDA4MTU0MDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmQ3OTAzMzM4YzlkODJkYmEwOGFjOGJhMDcxMTI0ZWYyNmY4NDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2im4lZ7Hh74OBPxveXyk3NsgK4w
9OUqrA9oc6j8toY4EfMUi6IErtfGqE7JdhIWeZaz3N0RsOy2HK7ds0N7p9nTNUGs
an3+Xi3UAIcCChApeTo8XvJ/RyN+ThrNifUGwLALwpYFuCl8M7KoNd17nMuNMJ7o
9UW2ERy7I2QyhalANhQMhDOsK+SkjqLDhl4y7hk1wMYPwGWRxDlH+tJ0beV3h6wS
8LrVTZnTrttiOxgd7/L5Z8SOhIFy4SsYMclWDr2kEQ9JNiv5Hxhr/2iDaIpq3SXz
I49sbqjA/KUThBZ04Yrs4ajgJRMCj0h17TShDQP+b4WTACq/xfGbAJwpmQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFA/XkDM4ydgtugisi6BxEk7yb4SOMB8GA1UdIwQY
MBaAFCWIsbVg+ZjszTpu/0BUO1kgTWe4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSllpeHRXRDVtT3pOT203X1FGUTdXU0JOWjdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8xOGQ2ZDUtNmM4Ni00MmMxLTg0ZjEt
OTlhMDE4OTg4OGI1LzEvRDllUU16akoyQzI2Q0t5TG9IRVNUdkp2aEk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8xOGQ2ZDUtNmM4Ni00MmMxLTg0ZjEtOTlhMDE4OTg4OGI1
LzEvSllpeHRXRDVtT3pOT203X1FGUTdXU0JOWjdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFXrlgMA0E
AgACMAcDBQAqA0WAMA0GCSqGSIb3DQEBCwUAA4IBAQA/8pQhulgEOoY21H2QI4tZ
HutyhggrZLrIJUtO/l7payT0bKEd0DoJjBI0U1twljCXwaNhJkBKr9FLynSj1GbK
VN9N+i3TGV+3PiKX/Wn5RQk+4kreGue065GBg1HTiCQD66UMj0UrNsXvthnsGgYD
lKT95AcXBHzeJr1cQ2cf0KPB3i2mqfYWKhtx6S/f1NjSsVUD55i4NIcxXuwAhavh
nUdSmI4csTVMvsBr2vyu+YAg4tPZeCEgG1LTqzEKVWXjPr/aQtR0hBOSNeQHjOJu
OCUpKw5yRdl63FbD1gE5eVfOWyDm/m5hzaly6upr1KprmVb+s8vlNXQthh1UZWfg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:29 2024 by rpki-client on console-fra.rpki-client.org