Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/5e6fd3-67ef-45ab-a420-4877fc59d319/1/9-iGnEDQsP6QrCItKTq5JeISNfo.roa
File: 9-iGnEDQsP6QrCItKTq5JeISNfo.roa (raw, json)
Hash identifier: z4EqEAfXrRNXIZqdUqpTj8T7im6VXJ920C5vqnDCZn4=
Subject key identifier: F7:E8:86:9C:40:D0:B0:FE:90:AC:22:2D:29:3A:B9:25:E2:12:35:FA
Certificate issuer: /CN=d06989a9cd6bd2f2c3c0dec608a28be3d3ba4e81
Certificate serial: 01856D13EA6B4BDB5F0622D2C7FA8656CC62
Authority key identifier: D0:69:89:A9:CD:6B:D2:F2:C3:C0:DE:C6:08:A2:8B:E3:D3:BA:4E:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0GmJqc1r0vLDwN7GCKKL49O6ToE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/5e6fd3-67ef-45ab-a420-4877fc59d319/1/9-iGnEDQsP6QrCItKTq5JeISNfo.roa
Signing time: Sun 01 Jan 2023 11:24:59 +0000
ROA not before: Sun 01 Jan 2023 11:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48661
IP address blocks: 94.230.144.0/20 maxlen: 21
185.224.112.0/22 maxlen: 23
2a00:c500::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:13:ea:6b:4b:db:5f:06:22:d2:c7:fa:86:56:cc:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d06989a9cd6bd2f2c3c0dec608a28be3d3ba4e81
Validity
Not Before: Jan 1 11:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f7e8869c40d0b0fe90ac222d293ab925e21235fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:56:ec:af:02:91:96:78:ff:9a:00:99:e0:dc:
17:cf:50:e9:bf:40:ac:4d:a5:38:da:a2:dc:19:73:
b0:b8:36:1e:ab:52:7c:6a:02:34:38:87:73:c5:89:
71:3e:82:d0:71:1e:46:4c:b7:f0:24:2a:95:ec:8c:
07:85:00:df:96:a3:e6:2d:d1:80:cf:b1:89:4a:1e:
98:bb:4c:95:d2:01:93:6e:40:78:35:b0:9d:3d:72:
72:02:27:f3:09:d5:30:f6:7b:ca:1d:02:0c:fb:1e:
c4:fb:32:b0:67:ae:5d:67:0c:ba:4e:5f:e7:01:ab:
fe:da:a2:84:af:84:4d:0d:9a:4b:f4:e1:68:bd:e9:
eb:49:ae:37:ab:0a:b3:a7:45:e9:76:2b:ff:20:92:
be:a2:b1:aa:27:09:bd:d1:4f:4f:21:fe:f9:f1:0b:
eb:f5:61:ea:02:ef:67:47:ca:0d:e2:89:89:88:be:
8e:6a:18:1c:d5:a1:b9:50:31:79:aa:88:64:6f:5c:
a5:4f:24:86:40:35:a9:14:92:82:d9:d8:b9:91:da:
d5:6f:71:6c:48:c2:ec:40:46:b1:ac:6a:50:46:26:
f8:58:51:da:96:29:85:b6:7d:51:30:e0:26:74:db:
7a:c7:68:be:bc:78:b2:11:6b:12:2a:5e:18:03:de:
66:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:E8:86:9C:40:D0:B0:FE:90:AC:22:2D:29:3A:B9:25:E2:12:35:FA
X509v3 Authority Key Identifier:
keyid:D0:69:89:A9:CD:6B:D2:F2:C3:C0:DE:C6:08:A2:8B:E3:D3:BA:4E:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0GmJqc1r0vLDwN7GCKKL49O6ToE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5e6fd3-67ef-45ab-a420-4877fc59d319/1/9-iGnEDQsP6QrCItKTq5JeISNfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5e6fd3-67ef-45ab-a420-4877fc59d319/1/0GmJqc1r0vLDwN7GCKKL49O6ToE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.230.144.0/20
185.224.112.0/22
IPv6:
2a00:c500::/32
Signature Algorithm: sha256WithRSAEncryption
87:65:ce:7e:ba:3e:12:ca:1f:aa:5c:13:d1:e9:66:17:79:6f:
53:b4:ce:8f:e2:ce:5d:2e:29:36:3a:b1:5a:84:af:be:c3:d3:
f4:8f:66:07:50:43:63:db:2b:d9:a1:6d:f4:66:43:c9:fe:d8:
fa:a1:2b:10:61:a5:08:c7:e0:7e:64:3b:48:87:9c:55:9b:a7:
b2:0f:b5:e4:84:49:e5:74:18:d0:23:d1:4a:5f:60:ad:0a:d2:
27:86:26:9d:c5:e9:f2:a3:cb:ac:86:a7:b3:4e:f9:57:6d:37:
4d:ae:32:e4:c4:66:96:e2:f1:5e:ff:77:ba:29:82:77:2d:32:
ed:90:d3:a1:d9:37:02:cb:ea:37:fc:80:3c:a9:a3:cd:8c:7f:
80:de:92:f7:97:d1:b0:ca:d7:ee:3f:6e:07:4d:ed:7b:e9:ab:
9d:17:f0:ba:ac:a9:d0:85:5b:3a:74:3e:b6:88:81:8d:b7:f4:
90:ea:3d:8e:ab:7d:b9:9c:f3:58:17:9e:2d:be:e3:13:7e:92:
95:ae:1a:7b:47:46:d4:d4:74:1f:b2:a0:ce:5b:9e:dd:2d:2b:
44:87:ca:40:e9:1a:2d:2c:cf:56:54:0b:d0:a3:eb:f8:d2:22:
a0:c4:fd:3a:d0:63:62:72:83:6a:62:6b:e1:98:b1:24:d0:7e:
ca:e3:8e:fd
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtE+prS9tfBiLSx/qGVsxiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNjk4OWE5Y2Q2YmQyZjJjM2MwZGVjNjA4YTI4YmUzZDNi
YTRlODEwHhcNMjMwMTAxMTEyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2U4ODY5YzQwZDBiMGZlOTBhYzIyMmQyOTNhYjkyNWUyMTIzNWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFbsrwKRlnj/mgCZ4NwXz1Dpv0Cs
TaU42qLcGXOwuDYeq1J8agI0OIdzxYlxPoLQcR5GTLfwJCqV7IwHhQDflqPmLdGA
z7GJSh6Yu0yV0gGTbkB4NbCdPXJyAifzCdUw9nvKHQIM+x7E+zKwZ65dZwy6Tl/n
Aav+2qKEr4RNDZpL9OFovenrSa43qwqzp0Xpdiv/IJK+orGqJwm90U9PIf758Qvr
9WHqAu9nR8oN4omJiL6Oahgc1aG5UDF5qohkb1ylTySGQDWpFJKC2di5kdrVb3Fs
SMLsQEaxrGpQRib4WFHalimFtn1RMOAmdNt6x2i+vHiyEWsSKl4YA95mfwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPfohpxA0LD+kKwiLSk6uSXiEjX6MB8GA1UdIwQY
MBaAFNBpianNa9Lyw8Dexgiii+PTuk6BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEdtSnFjMXIwdkxEd043R0NLS0w0OU82VG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC81ZTZmZDMtNjdlZi00NWFiLWE0MjAt
NDg3N2ZjNTlkMzE5LzEvOS1pR25FRFFzUDZRckNJdEtUcTVKZUlTTmZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC81ZTZmZDMtNjdlZi00NWFiLWE0MjAtNDg3N2ZjNTlkMzE5
LzEvMEdtSnFjMXIwdkxEd043R0NLS0w0OU82VG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEXuaQAwQC
ueBwMA0EAgACMAcDBQAqAMUAMA0GCSqGSIb3DQEBCwUAA4IBAQCHZc5+uj4Syh+q
XBPR6WYXeW9TtM6P4s5dLik2OrFahK++w9P0j2YHUENj2yvZoW30ZkPJ/tj6oSsQ
YaUIx+B+ZDtIh5xVm6eyD7XkhEnldBjQI9FKX2CtCtInhiadxenyo8ushqezTvlX
bTdNrjLkxGaW4vFe/3e6KYJ3LTLtkNOh2TcCy+o3/IA8qaPNjH+A3pL3l9Gwytfu
P24HTe176audF/C6rKnQhVs6dD62iIGNt/SQ6j2Oq325nPNYF54tvuMTfpKVrhp7
R0bU1HQfsqDOW57dLStEh8pA6RotLM9WVAvQo+v40iKgxP060GNicoNqYmvhmLEk
0H7K4479
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:36 2024 by rpki-client on console-fra.rpki-client.org