Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/DIHguFlWP3FYq1KzS8Kh6KFE_dY.roa
File: DIHguFlWP3FYq1KzS8Kh6KFE_dY.roa (raw, json)
Hash identifier: C3IIWHGFy1A64YBlJpfP0CY3WyHpmP8A3MdSlLy8Wu0=
Subject key identifier: 0C:81:E0:B8:59:56:3F:71:58:AB:52:B3:4B:C2:A1:E8:A1:44:FD:D6
Certificate issuer: /CN=583d76051017d0afa915fcfb790a00f4667b0a88
Certificate serial: 018CCA2B825DC871DD05651739098928ADDC
Authority key identifier: 58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/DIHguFlWP3FYq1KzS8Kh6KFE_dY.roa
Signing time: Tue 02 Jan 2024 12:34:58 +0000
ROA not before: Tue 02 Jan 2024 12:34:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58104
IP address blocks: 94.184.88.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:82:5d:c8:71:dd:05:65:17:39:09:89:28:ad:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=583d76051017d0afa915fcfb790a00f4667b0a88
Validity
Not Before: Jan 2 12:34:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c81e0b859563f7158ab52b34bc2a1e8a144fdd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:1d:3a:c1:6e:d7:b1:d0:60:ac:c2:24:b9:69:
56:a5:4a:c4:01:87:04:27:1d:b8:85:e6:3f:f9:f2:
e2:1f:e9:0b:be:95:ce:f0:c5:4b:49:45:2a:16:aa:
b2:57:18:0e:b3:06:e7:5e:a9:84:f2:eb:68:5b:87:
51:81:f3:32:b0:76:67:76:6a:9c:8d:a3:2f:d7:d0:
ca:b2:c1:ef:56:a3:aa:71:91:16:45:7d:e9:ce:ae:
c2:da:00:2e:85:73:20:6c:6a:36:8e:bc:06:7e:3e:
e0:fe:1b:ce:1b:44:62:6d:ef:85:ca:e1:ad:1c:69:
c0:b6:23:cf:7e:a2:0a:97:79:f5:11:c9:06:63:dc:
00:c0:05:ca:8a:b3:75:59:44:8e:19:68:87:33:71:
64:96:57:1d:02:49:d2:14:1b:fc:b4:45:f4:b5:f2:
57:8a:fe:08:4b:b9:64:98:a6:01:2b:0a:52:71:8d:
6d:0a:79:7b:85:c0:fa:3c:43:12:64:23:0c:1f:e1:
d6:0f:4b:38:4c:75:06:f6:0c:f6:42:22:0b:85:9b:
b7:6d:b7:e5:53:b3:b6:54:b5:b8:ef:de:d8:4d:1c:
b7:d8:fc:7d:91:38:ff:c9:68:66:1d:cb:f8:6c:25:
50:f6:d7:f5:b4:8d:b0:5e:3c:f1:bb:27:1c:ce:38:
d2:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:81:E0:B8:59:56:3F:71:58:AB:52:B3:4B:C2:A1:E8:A1:44:FD:D6
X509v3 Authority Key Identifier:
keyid:58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/DIHguFlWP3FYq1KzS8Kh6KFE_dY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.184.88.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:40:ff:c4:54:12:3e:2c:c0:1c:ba:f8:d9:07:f2:7a:74:9f:
f1:7a:1f:de:2e:fe:38:4a:f3:89:22:96:76:d8:44:27:54:f7:
42:f5:e6:49:ea:d5:86:d3:87:f3:b4:9e:5e:7a:61:20:e5:54:
7d:31:e3:a2:5e:e9:7b:0e:5d:71:2f:96:87:89:75:2c:18:14:
f9:05:70:e0:fb:00:bc:53:a9:33:48:25:e2:d2:a9:b9:94:73:
72:a1:43:a4:1d:55:03:2a:43:7d:24:fc:54:4d:07:2b:40:ea:
5a:d6:24:c9:62:b2:c5:8a:dc:99:03:2d:b8:61:47:b4:0c:96:
0b:95:b6:f8:9a:a6:79:e4:fd:f9:03:fc:39:a7:5c:58:e0:a1:
1e:30:09:2f:0a:5b:c3:0a:d8:c2:b6:6a:ea:4f:af:cd:ab:50:
16:a9:3e:b3:15:a0:5f:ea:08:b3:df:d0:57:3f:d2:51:03:ca:
aa:cc:df:6f:f5:c1:20:54:d8:f3:7d:a9:6a:1e:6b:59:46:23:
a0:c7:19:5e:cb:d9:89:2b:dd:20:42:23:7a:70:74:40:78:02:
29:99:3e:3c:64:c3:8c:46:ea:39:9c:34:50:50:a5:ac:a2:1f:
59:fb:96:94:94:c8:e3:57:81:7f:9b:42:06:2f:af:8d:ca:24:
73:47:33:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK4JdyHHdBWUXOQmJKK3cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4M2Q3NjA1MTAxN2QwYWZhOTE1ZmNmYjc5MGEwMGY0NjY3
YjBhODgwHhcNMjQwMTAyMTIzNDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzgxZTBiODU5NTYzZjcxNThhYjUyYjM0YmMyYTFlOGExNDRmZGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuB06wW7XsdBgrMIkuWlWpUrEAYcE
Jx24heY/+fLiH+kLvpXO8MVLSUUqFqqyVxgOswbnXqmE8utoW4dRgfMysHZndmqc
jaMv19DKssHvVqOqcZEWRX3pzq7C2gAuhXMgbGo2jrwGfj7g/hvOG0Ribe+FyuGt
HGnAtiPPfqIKl3n1EckGY9wAwAXKirN1WUSOGWiHM3FkllcdAknSFBv8tEX0tfJX
iv4IS7lkmKYBKwpScY1tCnl7hcD6PEMSZCMMH+HWD0s4THUG9gz2QiILhZu3bbfl
U7O2VLW4797YTRy32Px9kTj/yWhmHcv4bCVQ9tf1tI2wXjzxuycczjjS2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAyB4LhZVj9xWKtSs0vCoeihRP3WMB8GA1UdIwQY
MBaAFFg9dgUQF9CvqRX8+3kKAPRmewqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGIt
ZGE2MTUzODg1ZjNiLzEvRElIZ3VGbFdQM0ZZcTFLelM4S2g2S0ZFX2RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGItZGE2MTUzODg1ZjNi
LzEvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXrhYMA0G
CSqGSIb3DQEBCwUAA4IBAQCaQP/EVBI+LMAcuvjZB/J6dJ/xeh/eLv44SvOJIpZ2
2EQnVPdC9eZJ6tWG04fztJ5eemEg5VR9MeOiXul7Dl1xL5aHiXUsGBT5BXDg+wC8
U6kzSCXi0qm5lHNyoUOkHVUDKkN9JPxUTQcrQOpa1iTJYrLFityZAy24YUe0DJYL
lbb4mqZ55P35A/w5p1xY4KEeMAkvClvDCtjCtmrqT6/Nq1AWqT6zFaBf6giz39BX
P9JRA8qqzN9v9cEgVNjzfalqHmtZRiOgxxley9mJK90gQiN6cHRAeAIpmT48ZMOM
Ruo5nDRQUKWsoh9Z+5aUlMjjV4F/m0IGL6+NyiRzRzN7
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:53:06 2025 by rpki-client