Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/6519e0-b327-454e-bb7a-1a3be24b76db/1/30oF6ac0nuk8eYt3Ke3RVo4H2fo.roa
File: 30oF6ac0nuk8eYt3Ke3RVo4H2fo.roa (raw, json)
Hash identifier: U0wIIBSF2NNtVo34y+7lHW59C3gidtpckIT1dAIivKc=
Subject key identifier: DF:4A:05:E9:A7:34:9E:E9:3C:79:8B:77:29:ED:D1:56:8E:07:D9:FA
Certificate issuer: /CN=8ec18203c255a1d0bf1587542c7626f26738d6c1
Certificate serial: 018CC348FA26A19F23C01BDE092BB057BA93
Authority key identifier: 8E:C1:82:03:C2:55:A1:D0:BF:15:87:54:2C:76:26:F2:67:38:D6:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jsGCA8JVodC_FYdULHYm8mc41sE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/6519e0-b327-454e-bb7a-1a3be24b76db/1/30oF6ac0nuk8eYt3Ke3RVo4H2fo.roa
Signing time: Mon 01 Jan 2024 04:29:48 +0000
ROA not before: Mon 01 Jan 2024 04:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6799
IP address blocks: 94.232.80.0/21 maxlen: 21
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:fa:26:a1:9f:23:c0:1b:de:09:2b:b0:57:ba:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ec18203c255a1d0bf1587542c7626f26738d6c1
Validity
Not Before: Jan 1 04:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df4a05e9a7349ee93c798b7729edd1568e07d9fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:38:b5:7a:15:9b:7a:f1:62:ba:ce:f9:ad:61:
8e:9d:78:99:54:6d:36:15:e4:75:85:99:27:a4:3f:
0b:34:92:55:e1:5e:7d:64:9d:36:eb:eb:8f:d7:b4:
f6:1f:47:77:2c:c8:a1:2f:5c:33:d1:4f:f4:bd:de:
bd:3e:82:a3:11:53:56:19:f0:80:ba:6b:99:9c:20:
58:00:fa:98:9f:60:82:25:11:d7:b6:50:e4:e1:2c:
7b:49:42:b2:5d:53:bb:d9:c5:11:2d:4b:cb:0d:a8:
a0:d3:7d:92:8e:a8:71:04:6a:76:db:2c:d5:3b:76:
06:28:4d:7d:22:fa:54:51:ac:75:89:98:f8:7e:d6:
97:85:51:1e:0e:7e:79:33:06:60:d2:91:4e:8b:b6:
5a:b5:7b:f4:af:36:18:fc:a4:35:9a:4b:e8:ae:27:
81:ce:1b:de:16:30:bc:00:3a:f9:46:ca:ce:f7:77:
17:65:4e:10:39:74:d5:aa:1e:c7:39:1d:9a:b0:3b:
13:f1:25:ab:51:3d:33:2d:f8:33:0b:cd:df:3b:8b:
d4:b3:6c:09:63:86:4f:25:f0:52:f7:60:d1:29:ba:
85:bb:eb:6d:16:38:70:68:b3:8f:e7:51:12:3b:89:
d9:df:1e:1e:a6:7f:de:8e:4a:38:d5:14:8a:66:b8:
d2:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:4A:05:E9:A7:34:9E:E9:3C:79:8B:77:29:ED:D1:56:8E:07:D9:FA
X509v3 Authority Key Identifier:
keyid:8E:C1:82:03:C2:55:A1:D0:BF:15:87:54:2C:76:26:F2:67:38:D6:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jsGCA8JVodC_FYdULHYm8mc41sE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/6519e0-b327-454e-bb7a-1a3be24b76db/1/30oF6ac0nuk8eYt3Ke3RVo4H2fo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/6519e0-b327-454e-bb7a-1a3be24b76db/1/jsGCA8JVodC_FYdULHYm8mc41sE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.232.80.0/21
Signature Algorithm: sha256WithRSAEncryption
8c:9b:9f:86:0f:fb:63:09:ef:ed:f9:6b:b7:7a:c1:20:69:e1:
60:9b:32:59:4b:49:13:f7:a5:49:0c:0d:f9:24:3d:c4:2a:8d:
e4:05:2f:2f:76:47:ce:aa:5a:42:b8:23:7c:7f:e4:ee:d4:cb:
35:28:98:e3:cf:99:26:7b:99:22:2f:da:1d:22:ea:ce:65:d1:
36:f1:6a:49:c5:aa:68:26:c3:67:d7:b5:4e:62:a5:f7:35:bd:
17:5a:1d:f6:2f:48:f8:51:2c:6f:58:36:e2:26:2a:39:a2:f4:
53:fe:ab:4e:1a:c8:aa:ed:36:b8:00:1d:ac:66:80:9e:f2:e3:
83:93:7c:97:1c:14:57:8f:94:ba:31:ab:a2:14:ed:54:cd:6d:
87:85:80:c3:b6:94:63:30:67:2c:58:b4:d6:26:aa:14:35:76:
53:9d:27:ae:00:c4:10:74:7a:b2:93:fd:3d:3d:4a:ac:f8:40:
ed:a6:40:9d:87:dd:62:2b:90:de:c9:27:aa:44:39:d7:67:ee:
7b:fd:ee:f9:df:d9:a2:c5:63:ad:9c:60:19:53:84:bc:c8:01:
f2:28:28:af:a0:39:65:4a:60:70:01:bb:48:a7:61:c8:b7:83:
84:c5:2d:9c:9e:67:bd:97:9d:94:73:e4:dd:a7:5a:4f:33:70:
c0:b2:7b:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSPomoZ8jwBveCSuwV7qTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYzE4MjAzYzI1NWExZDBiZjE1ODc1NDJjNzYyNmYyNjcz
OGQ2YzEwHhcNMjQwMTAxMDQyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjRhMDVlOWE3MzQ5ZWU5M2M3OThiNzcyOWVkZDE1NjhlMDdkOWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDi1ehWbevFius75rWGOnXiZVG02
FeR1hZknpD8LNJJV4V59ZJ026+uP17T2H0d3LMihL1wz0U/0vd69PoKjEVNWGfCA
umuZnCBYAPqYn2CCJRHXtlDk4Sx7SUKyXVO72cURLUvLDaig032SjqhxBGp22yzV
O3YGKE19IvpUUax1iZj4ftaXhVEeDn55MwZg0pFOi7ZatXv0rzYY/KQ1mkvorieB
zhveFjC8ADr5RsrO93cXZU4QOXTVqh7HOR2asDsT8SWrUT0zLfgzC83fO4vUs2wJ
Y4ZPJfBS92DRKbqFu+ttFjhwaLOP51ESO4nZ3x4epn/ejko41RSKZrjSbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN9KBemnNJ7pPHmLdynt0VaOB9n6MB8GA1UdIwQY
MBaAFI7BggPCVaHQvxWHVCx2JvJnONbBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanNHQ0E4SlZvZENfRllkVUxIWW04bWM0MXNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC82NTE5ZTAtYjMyNy00NTRlLWJiN2Et
MWEzYmUyNGI3NmRiLzEvMzBvRjZhYzBudWs4ZVl0M0tlM1JWbzRIMmZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC82NTE5ZTAtYjMyNy00NTRlLWJiN2EtMWEzYmUyNGI3NmRi
LzEvanNHQ0E4SlZvZENfRllkVUxIWW04bWM0MXNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDXuhQMA0G
CSqGSIb3DQEBCwUAA4IBAQCMm5+GD/tjCe/t+Wu3esEgaeFgmzJZS0kT96VJDA35
JD3EKo3kBS8vdkfOqlpCuCN8f+Tu1Ms1KJjjz5kme5kiL9odIurOZdE28WpJxapo
JsNn17VOYqX3Nb0XWh32L0j4USxvWDbiJio5ovRT/qtOGsiq7Ta4AB2sZoCe8uOD
k3yXHBRXj5S6MauiFO1UzW2HhYDDtpRjMGcsWLTWJqoUNXZTnSeuAMQQdHqyk/09
PUqs+EDtpkCdh91iK5DeySeqRDnXZ+57/e7539mixWOtnGAZU4S8yAHyKCivoDll
SmBwAbtIp2HIt4OExS2cnme9l52Uc+Tdp1pPM3DAsnu/
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:24 2025 by rpki-client