Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/8inh-vnRMrG9SMcTimJG7J0QDlQ.roa
File: 8inh-vnRMrG9SMcTimJG7J0QDlQ.roa (raw, json)
Hash identifier: 8m7S5RPinfiZYU8CKg4uEwEeIetrYChzCgbXDvL5Kxk=
Subject key identifier: F2:29:E1:FA:F9:D1:32:B1:BD:48:C7:13:8A:62:46:EC:9D:10:0E:54
Certificate issuer: /CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Certificate serial: 01856F02431ABD60FA1FBAAB4AB6D4CCD5CF
Authority key identifier: 29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/8inh-vnRMrG9SMcTimJG7J0QDlQ.roa
Signing time: Sun 01 Jan 2023 20:24:57 +0000
ROA not before: Sun 01 Jan 2023 20:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198252
IP address blocks: 94.250.38.0/24 maxlen: 24
94.250.37.0/24 maxlen: 24
94.250.44.0/22 maxlen: 22
94.250.40.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 18 Oct 2023 06:37:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:43:1a:bd:60:fa:1f:ba:ab:4a:b6:d4:cc:d5:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Validity
Not Before: Jan 1 20:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f229e1faf9d132b1bd48c7138a6246ec9d100e54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:4e:cd:b0:d1:e4:31:54:b6:55:40:14:bc:6c:
5e:c2:7b:d0:7f:c2:bf:48:c4:ea:f1:7c:31:3a:0c:
5c:b0:a6:95:31:aa:a6:dc:01:aa:85:54:0d:1f:bb:
de:91:88:1e:96:83:10:a7:71:f1:41:ac:e9:2a:ce:
17:d9:ea:46:b7:cf:e6:cc:61:46:df:07:8f:72:10:
25:8a:6a:d1:02:30:f1:5f:d9:bf:80:9b:3f:95:ee:
b0:1d:89:ba:94:45:10:2f:bd:cd:b0:4d:d4:58:98:
01:34:17:d8:e8:4f:d7:8f:90:45:21:4a:36:81:78:
23:ee:17:de:67:f9:6f:8e:91:3b:f4:55:3b:8c:25:
08:76:a5:f8:b4:9c:1c:72:e6:3c:05:a0:ff:d8:99:
02:06:44:a4:e1:79:e3:ab:29:b0:b9:39:a3:bf:6d:
f8:4a:d6:e5:bb:7b:5d:39:4b:12:27:a7:05:2d:86:
d3:68:28:b5:39:f8:14:a6:6a:dc:39:9f:82:77:3b:
08:9a:59:13:b2:70:c0:67:5d:7b:68:2f:5b:98:1a:
a8:60:c8:b6:22:69:05:d4:86:f5:91:b7:29:bd:f4:
da:79:0d:68:aa:e9:d4:f5:1e:ba:8f:1c:62:ec:d0:
c3:2f:80:d3:fa:66:c5:10:ee:ab:4c:ee:4b:34:49:
ab:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:29:E1:FA:F9:D1:32:B1:BD:48:C7:13:8A:62:46:EC:9D:10:0E:54
X509v3 Authority Key Identifier:
keyid:29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/8inh-vnRMrG9SMcTimJG7J0QDlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.250.37.0-94.250.38.255
94.250.40.0/23
94.250.44.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:98:cd:65:71:73:35:9d:e0:57:17:dc:8f:18:80:78:eb:ac:
45:57:46:14:24:8e:ea:62:21:7a:13:26:99:85:d9:c7:96:ac:
98:93:2a:63:68:12:88:b7:fe:ba:c5:6e:5f:31:dc:15:a6:a9:
3e:d7:03:ab:73:ac:94:af:f6:22:a9:43:4c:33:1c:ce:9b:9e:
7e:59:09:80:f3:04:f8:6e:a0:aa:2b:41:22:cb:52:d1:d7:0f:
ec:1d:72:ea:8b:b5:3f:c1:e4:15:98:ac:82:f6:dc:a3:4a:40:
c3:e3:c2:af:b4:f4:be:9b:93:b3:df:9e:5c:d2:5e:70:e9:7c:
64:2d:d0:33:0b:15:fc:a5:7c:d4:c3:7a:94:00:ad:f7:46:0b:
11:c2:33:65:99:7e:13:8c:95:d7:f5:1c:88:7b:c2:5e:02:2c:
12:94:1d:8a:f8:e2:2f:b2:53:59:85:e7:6c:41:b0:1b:9b:08:
68:7d:16:5c:00:2b:59:54:42:fb:d1:98:fa:a1:8e:b3:72:ef:
11:d2:2c:38:c4:e7:b5:28:12:d1:1e:66:a4:a6:33:0e:7a:89:
fc:06:aa:8e:1a:e4:f9:c5:bc:54:a1:e6:f2:53:63:39:07:1a:
07:98:8a:7c:13:8d:37:4b:27:c7:53:0b:60:ec:ab:60:9c:dd:
60:29:f5:a9
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVvAkMavWD6H7qrSrbUzNXPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YTk5NjRlMGNkMzVmYjM2NzU3ZTU2NTNmZmE3NjI2YWM1
ZGVlZTgwHhcNMjMwMTAxMjAyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjI5ZTFmYWY5ZDEzMmIxYmQ0OGM3MTM4YTYyNDZlYzlkMTAwZTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3E7NsNHkMVS2VUAUvGxewnvQf8K/
SMTq8XwxOgxcsKaVMaqm3AGqhVQNH7vekYgeloMQp3HxQazpKs4X2epGt8/mzGFG
3wePchAlimrRAjDxX9m/gJs/le6wHYm6lEUQL73NsE3UWJgBNBfY6E/Xj5BFIUo2
gXgj7hfeZ/lvjpE79FU7jCUIdqX4tJwccuY8BaD/2JkCBkSk4XnjqymwuTmjv234
Stblu3tdOUsSJ6cFLYbTaCi1OfgUpmrcOZ+CdzsImlkTsnDAZ117aC9bmBqoYMi2
ImkF1Ib1kbcpvfTaeQ1oqunU9R66jxxi7NDDL4DT+mbFEO6rTO5LNEmrJwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFPIp4fr50TKxvUjHE4piRuydEA5UMB8GA1UdIwQY
MBaAFCmplk4M01+zZ1flZT/6diasXe7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTIt
ZDliNTMzZjdmYmMzLzEvOGluaC12blJNckc5U01jVGltSkc3SjBRRGxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTItZDliNTMzZjdmYmMz
LzEvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABe+iUD
BABe+iYDBAFe+igDBAJe+iwwDQYJKoZIhvcNAQELBQADggEBAF+YzWVxczWd4FcX
3I8YgHjrrEVXRhQkjupiIXoTJpmF2ceWrJiTKmNoEoi3/rrFbl8x3BWmqT7XA6tz
rJSv9iKpQ0wzHM6bnn5ZCYDzBPhuoKorQSLLUtHXD+wdcuqLtT/B5BWYrIL23KNK
QMPjwq+09L6bk7PfnlzSXnDpfGQt0DMLFfylfNTDepQArfdGCxHCM2WZfhOMldf1
HIh7wl4CLBKUHYr44i+yU1mF52xBsBubCGh9FlwAK1lUQvvRmPqhjrNy7xHSLDjE
57UoEtEeZqSmMw56ifwGqo4a5PnFvFSh5vJTYzkHGgeYinwTjTdLJ8dTC2Dsq2Cc
3WAp9ak=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:58 2024 by rpki-client on console-fra.rpki-client.org