Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/S9kqD2mYPPTVrYou9IlG2k8AtcA.roa
File: S9kqD2mYPPTVrYou9IlG2k8AtcA.roa (raw, json)
Hash identifier: dCa8tNZgZc3Is7K4qAz1jqGxzmc4SpIY3/69LmazCIQ=
Subject key identifier: 4B:D9:2A:0F:69:98:3C:F4:D5:AD:8A:2E:F4:89:46:DA:4F:00:B5:C0
Certificate issuer: /CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Certificate serial: 019006C1AE304EA8C9D80EE542C095DAC29D
Authority key identifier: 29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/S9kqD2mYPPTVrYou9IlG2k8AtcA.roa
Signing time: Tue 11 Jun 2024 10:04:34 +0000
ROA not before: Tue 11 Jun 2024 10:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42571
IP address blocks: 94.250.64.0/24 maxlen: 24
94.250.65.0/24 maxlen: 24
94.250.66.0/24 maxlen: 24
94.250.67.0/24 maxlen: 24
94.250.68.0/22 maxlen: 22
94.250.72.0/21 maxlen: 21
94.250.80.0/23 maxlen: 24
94.250.82.0/23 maxlen: 24
94.250.96.0/20 maxlen: 24
94.250.112.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:06:c1:ae:30:4e:a8:c9:d8:0e:e5:42:c0:95:da:c2:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Validity
Not Before: Jun 11 10:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4bd92a0f69983cf4d5ad8a2ef48946da4f00b5c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:e4:4a:c6:b8:52:9a:72:8d:43:5e:06:3a:9c:
dc:6c:84:98:bb:01:34:b5:56:2a:27:88:1a:e1:0c:
04:6e:c2:6d:02:0a:a9:c8:f6:15:61:e4:37:45:21:
70:2f:10:dd:26:d6:79:64:a1:2e:34:11:95:b3:41:
a0:53:66:f0:5e:72:74:1b:2a:8a:0e:64:14:99:81:
70:19:f9:40:da:76:3b:c1:2e:cd:8b:c3:4f:e7:e4:
2e:1b:e9:74:c6:a8:9d:7b:77:e2:5e:fe:f5:8c:2c:
e1:47:3c:f4:3a:98:47:d2:c4:b1:e4:6f:13:8d:90:
37:a8:cb:79:d5:cf:12:44:5f:60:10:cc:ec:cf:17:
15:a3:21:13:90:4c:97:84:e9:f9:f7:e9:fc:7d:8c:
23:0a:b0:8d:f0:6b:59:48:ca:c4:71:28:4d:c4:53:
3d:f9:01:d4:96:ee:53:70:35:aa:25:82:af:0b:6e:
67:6f:a4:eb:87:e0:50:71:0a:01:51:1e:2f:d2:24:
c4:28:81:83:9c:a3:e2:63:1f:8f:16:0c:67:99:76:
39:de:35:de:e4:a2:b7:25:13:1e:7b:b4:45:12:5e:
a9:95:60:e7:d5:6b:f6:b3:c8:10:7d:28:ce:90:bb:
55:8f:54:93:58:0a:d7:ae:32:b2:28:a5:ed:e5:5f:
4b:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:D9:2A:0F:69:98:3C:F4:D5:AD:8A:2E:F4:89:46:DA:4F:00:B5:C0
X509v3 Authority Key Identifier:
keyid:29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/S9kqD2mYPPTVrYou9IlG2k8AtcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.250.64.0-94.250.83.255
94.250.96.0-94.250.115.255
Signature Algorithm: sha256WithRSAEncryption
57:27:2b:10:c1:ac:c4:bb:ca:93:92:35:cf:5d:3b:32:aa:4f:
79:e8:08:40:4b:4f:c0:0d:09:e1:58:54:b7:6a:2c:f0:56:00:
3f:a0:00:cf:fe:13:96:25:85:75:d7:12:b3:e4:ef:c1:18:cc:
8e:03:39:a6:11:de:d3:a8:1c:1e:b7:6b:8d:57:c4:5c:1d:b4:
66:a3:78:11:71:3c:f9:c8:c6:9b:25:4b:29:10:ed:04:c2:db:
63:5c:44:f7:2f:fd:bf:75:34:d5:48:1f:69:f4:37:e8:07:75:
0b:89:1b:9c:46:09:dc:db:45:47:28:21:64:55:18:19:04:6e:
a2:f4:f4:ea:39:3f:5f:fa:a3:ba:03:ec:87:77:54:4e:6c:9b:
75:6e:a9:d7:78:39:da:25:89:36:e5:e3:df:50:5e:eb:48:80:
df:51:ec:0c:ca:91:06:48:85:60:18:c4:27:95:34:78:55:05:
e1:cd:4c:d6:27:43:a9:3f:f5:b0:08:64:f4:fe:cf:bf:c1:31:
2b:ab:be:c6:94:b7:41:2b:07:7f:ab:53:08:46:5b:1a:bb:2e:
9f:33:84:1f:5d:3b:a7:77:ef:8e:f3:64:7e:2c:95:d7:bd:58:
d0:0a:e1:40:1a:6a:e2:6b:dc:d7:38:fc:f8:63:d3:c9:25:cb:
30:f4:19:99
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZAGwa4wTqjJ2A7lQsCV2sKdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YTk5NjRlMGNkMzVmYjM2NzU3ZTU2NTNmZmE3NjI2YWM1
ZGVlZTgwHhcNMjQwNjExMTAwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmQ5MmEwZjY5OTgzY2Y0ZDVhZDhhMmVmNDg5NDZkYTRmMDBiNWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmORKxrhSmnKNQ14GOpzcbISYuwE0
tVYqJ4ga4QwEbsJtAgqpyPYVYeQ3RSFwLxDdJtZ5ZKEuNBGVs0GgU2bwXnJ0GyqK
DmQUmYFwGflA2nY7wS7Ni8NP5+QuG+l0xqide3fiXv71jCzhRzz0OphH0sSx5G8T
jZA3qMt51c8SRF9gEMzszxcVoyETkEyXhOn59+n8fYwjCrCN8GtZSMrEcShNxFM9
+QHUlu5TcDWqJYKvC25nb6Trh+BQcQoBUR4v0iTEKIGDnKPiYx+PFgxnmXY53jXe
5KK3JRMee7RFEl6plWDn1Wv2s8gQfSjOkLtVj1STWArXrjKyKKXt5V9L1QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFEvZKg9pmDz01a2KLvSJRtpPALXAMB8GA1UdIwQY
MBaAFCmplk4M01+zZ1flZT/6diasXe7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTIt
ZDliNTMzZjdmYmMzLzEvUzlrcUQybVlQUFRWcllvdTlJbEcyazhBdGNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTItZDliNTMzZjdmYmMz
LzEvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAZe+kAD
BAJe+lAwDAMEBV76YAMEAl76cDANBgkqhkiG9w0BAQsFAAOCAQEAVycrEMGsxLvK
k5I1z107MqpPeegIQEtPwA0J4VhUt2os8FYAP6AAz/4TliWFddcSs+TvwRjMjgM5
phHe06gcHrdrjVfEXB20ZqN4EXE8+cjGmyVLKRDtBMLbY1xE9y/9v3U01UgfafQ3
6Ad1C4kbnEYJ3NtFRyghZFUYGQRuovT06jk/X/qjugPsh3dUTmybdW6p13g52iWJ
NuXj31Be60iA31HsDMqRBkiFYBjEJ5U0eFUF4c1M1idDqT/1sAhk9P7Pv8ExK6u+
xpS3QSsHf6tTCEZbGrsunzOEH107p3fvjvNkfiyV171Y0ArhQBpq4mvc1zj8+GPT
ySXLMPQZmQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:34 2025 by rpki-client