Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/L0nThDGQMxcUNDavNDGJ-DK9SQk.roa
File: L0nThDGQMxcUNDavNDGJ-DK9SQk.roa (raw, json)
Hash identifier: 3iRBP6Uf40QTliJmU3aBwZdRupugeZkRL/0ECwIOhFk=
Subject key identifier: 2F:49:D3:84:31:90:33:17:14:34:36:AF:34:31:89:F8:32:BD:49:09
Certificate issuer: /CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Certificate serial: 018CC4246FFBA55278F9741190152DC84DA3
Authority key identifier: 29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/L0nThDGQMxcUNDavNDGJ-DK9SQk.roa
Signing time: Mon 01 Jan 2024 08:29:31 +0000
ROA not before: Mon 01 Jan 2024 08:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198252
IP address blocks: 94.250.38.0/24 maxlen: 24
94.250.37.0/24 maxlen: 24
94.250.39.0/24 maxlen: 24
94.250.44.0/22 maxlen: 22
94.250.42.0/23 maxlen: 23
94.250.40.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 21 Feb 2024 07:25:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:6f:fb:a5:52:78:f9:74:11:90:15:2d:c8:4d:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Validity
Not Before: Jan 1 08:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f49d38431903317143436af343189f832bd4909
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a2:b9:b1:03:48:8d:08:7e:df:e7:64:cc:b9:
dd:d8:26:75:d4:09:93:ca:d8:d0:0f:28:07:24:cc:
82:73:98:d9:76:d3:f9:d9:81:90:88:15:61:e7:76:
34:25:0b:e5:09:e6:a8:b4:1e:87:9f:b1:6e:49:ec:
61:26:da:19:f7:5e:ea:8e:83:7b:4f:ba:40:0d:6f:
dd:a7:ed:20:c7:66:ae:72:40:8a:b5:f4:e2:1b:12:
21:67:c7:5f:27:20:9a:da:f6:6b:d5:2b:9d:53:de:
01:b7:9e:3e:bb:6b:b5:8b:8b:b5:e4:c8:f9:b0:06:
da:b5:f5:5f:40:1b:d3:29:87:3d:c4:4e:ed:d6:36:
9f:33:4a:6f:70:c0:b0:82:32:a6:1a:be:99:0b:16:
c1:41:e7:7f:0a:c0:c6:33:78:ca:36:4c:86:f5:86:
ab:2a:eb:7b:86:0e:c8:0d:ce:84:c5:40:d8:e6:27:
c2:35:d1:1c:e8:bf:01:02:40:22:36:43:4f:f9:9a:
cc:a5:a1:4e:18:b2:c0:d5:1b:51:e6:65:be:3a:a0:
04:0a:36:96:23:a6:0a:c6:78:66:e2:1d:7c:c3:42:
f3:3a:3b:e2:87:1f:a1:36:a7:11:b5:20:29:18:09:
62:20:b8:7c:ce:7c:b9:12:2d:22:56:b2:6a:56:04:
d8:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:49:D3:84:31:90:33:17:14:34:36:AF:34:31:89:F8:32:BD:49:09
X509v3 Authority Key Identifier:
keyid:29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/L0nThDGQMxcUNDavNDGJ-DK9SQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.250.37.0-94.250.47.255
Signature Algorithm: sha256WithRSAEncryption
1c:0f:a4:93:33:7f:00:45:94:6b:5b:21:b3:e1:1e:4c:5e:03:
44:ad:97:89:24:ed:e6:6e:0a:ce:e3:3f:40:ee:ef:c9:6e:46:
9c:46:fb:a2:c4:7b:52:98:d2:04:a5:ab:a7:36:aa:e8:0c:10:
70:4d:3d:c4:14:dd:e7:bf:1f:eb:43:d7:b1:d7:02:13:72:b0:
06:bd:b4:d1:0c:f5:9a:e5:51:7a:f1:66:09:26:9b:4f:31:99:
2e:da:3c:ca:1b:a8:87:fa:6d:9c:f9:a8:77:29:bd:1a:73:3e:
ed:5d:db:66:f4:2e:d8:e1:06:ec:15:0a:e4:ed:e7:37:4f:96:
e7:16:f5:6b:b0:0b:4b:1e:4d:61:4b:81:76:74:15:d8:d8:f9:
2c:02:1f:27:1f:f9:9b:7e:7d:02:62:28:60:d0:54:84:7d:38:
34:e1:80:83:60:93:9c:b6:fd:d0:94:8a:f4:5d:f4:2d:34:63:
e6:3a:0a:98:c0:a2:fa:06:2b:47:89:1d:ad:76:a9:df:a1:15:
0b:5a:5f:a3:2d:4e:dd:48:3c:a1:aa:0f:90:23:f7:3d:47:23:
f2:4c:11:26:e4:1f:96:d5:dd:6e:51:83:59:bf:bc:53:d0:93:
88:8c:bb:35:5d:b3:f7:8a:9d:7a:d5:e7:e7:6a:c0:09:42:c9:
45:09:10:46
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzEJG/7pVJ4+XQRkBUtyE2jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YTk5NjRlMGNkMzVmYjM2NzU3ZTU2NTNmZmE3NjI2YWM1
ZGVlZTgwHhcNMjQwMTAxMDgyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjQ5ZDM4NDMxOTAzMzE3MTQzNDM2YWYzNDMxODlmODMyYmQ0OTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqK5sQNIjQh+3+dkzLnd2CZ11AmT
ytjQDygHJMyCc5jZdtP52YGQiBVh53Y0JQvlCeaotB6Hn7FuSexhJtoZ917qjoN7
T7pADW/dp+0gx2auckCKtfTiGxIhZ8dfJyCa2vZr1SudU94Bt54+u2u1i4u15Mj5
sAbatfVfQBvTKYc9xE7t1jafM0pvcMCwgjKmGr6ZCxbBQed/CsDGM3jKNkyG9Yar
Kut7hg7IDc6ExUDY5ifCNdEc6L8BAkAiNkNP+ZrMpaFOGLLA1RtR5mW+OqAECjaW
I6YKxnhm4h18w0LzOjvihx+hNqcRtSApGAliILh8zny5Ei0iVrJqVgTY0QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFC9J04QxkDMXFDQ2rzQxifgyvUkJMB8GA1UdIwQY
MBaAFCmplk4M01+zZ1flZT/6diasXe7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTIt
ZDliNTMzZjdmYmMzLzEvTDBuVGhER1FNeGNVTkRhdk5ER0otREs5U1FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTItZDliNTMzZjdmYmMz
LzEvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABe+iUD
BARe+iAwDQYJKoZIhvcNAQELBQADggEBABwPpJMzfwBFlGtbIbPhHkxeA0Stl4kk
7eZuCs7jP0Du78luRpxG+6LEe1KY0gSlq6c2qugMEHBNPcQU3ee/H+tD17HXAhNy
sAa9tNEM9ZrlUXrxZgkmm08xmS7aPMobqIf6bZz5qHcpvRpzPu1d22b0LtjhBuwV
CuTt5zdPlucW9WuwC0seTWFLgXZ0FdjY+SwCHycf+Zt+fQJiKGDQVIR9ODThgINg
k5y2/dCUivRd9C00Y+Y6CpjAovoGK0eJHa12qd+hFQtaX6MtTt1IPKGqD5Aj9z1H
I/JMESbkH5bV3W5Rg1m/vFPQk4iMuzVds/eKnXrV5+dqwAlCyUUJEEY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:11 2025 by rpki-client