Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/ba61ce-9c86-42ef-90fb-dd515e63cfcb/1/KY0cRWQfsJpiyusBxDSmoB2UZjM.roa
File: KY0cRWQfsJpiyusBxDSmoB2UZjM.roa (raw, json)
Hash identifier: L2C2HMPbJS2Kv5bJ2NLXJVSu+jStvN+1QR4ixo/zh4w=
Subject key identifier: 29:8D:1C:45:64:1F:B0:9A:62:CA:EB:01:C4:34:A6:A0:1D:94:66:33
Certificate issuer: /CN=738e65fb03e6d607d8be204345d6e05a460b9a4f
Certificate serial: 018CC26D099CDB71709A5E5FE70925E6A207
Authority key identifier: 73:8E:65:FB:03:E6:D6:07:D8:BE:20:43:45:D6:E0:5A:46:0B:9A:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c45l-wPm1gfYviBDRdbgWkYLmk8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/ba61ce-9c86-42ef-90fb-dd515e63cfcb/1/KY0cRWQfsJpiyusBxDSmoB2UZjM.roa
Signing time: Mon 01 Jan 2024 00:29:34 +0000
ROA not before: Mon 01 Jan 2024 00:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213307
IP address blocks: 94.154.12.0/24 maxlen: 24
2a05:7700::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:09:9c:db:71:70:9a:5e:5f:e7:09:25:e6:a2:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=738e65fb03e6d607d8be204345d6e05a460b9a4f
Validity
Not Before: Jan 1 00:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=298d1c45641fb09a62caeb01c434a6a01d946633
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:69:f9:e1:f3:f3:4c:e8:8a:5f:96:bd:07:bc:
74:8a:4e:b1:ff:3b:c9:2f:06:28:92:2c:b5:e2:bd:
27:e0:dc:7e:da:f2:94:cc:a8:03:1a:aa:45:5b:55:
38:dc:a6:33:6d:3f:90:3a:8a:8b:fc:09:79:58:24:
98:da:74:37:d8:e5:a5:a0:f1:91:63:56:8e:93:98:
67:05:75:5f:6e:bc:63:b2:25:75:fd:7e:ed:f1:09:
0e:bb:e4:8f:ff:42:dd:b8:cd:ec:73:ed:b9:28:e8:
85:24:d0:84:df:1f:95:b0:76:58:4e:99:c0:2a:f5:
9b:ff:b0:b6:fd:b4:bb:cf:44:3c:81:af:56:5e:fe:
6c:37:d4:c0:f1:64:14:e9:ae:28:dc:8a:3f:35:4d:
07:1d:62:86:77:5f:94:56:41:c8:6d:d3:73:7f:25:
16:ee:08:2e:f0:fc:cf:35:01:9c:aa:10:df:bd:67:
0e:79:95:eb:c4:10:85:41:93:82:5d:f7:f4:e9:32:
42:d8:a7:fb:99:77:75:8f:d6:98:e3:99:0a:b8:c4:
6c:38:ab:c5:78:b2:a5:72:78:80:77:64:15:80:68:
07:8e:c7:20:a6:1f:6f:d9:02:8e:73:d7:55:ed:9c:
c8:09:17:38:8d:64:eb:2b:c7:00:82:5d:75:60:a2:
bf:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:8D:1C:45:64:1F:B0:9A:62:CA:EB:01:C4:34:A6:A0:1D:94:66:33
X509v3 Authority Key Identifier:
keyid:73:8E:65:FB:03:E6:D6:07:D8:BE:20:43:45:D6:E0:5A:46:0B:9A:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c45l-wPm1gfYviBDRdbgWkYLmk8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/ba61ce-9c86-42ef-90fb-dd515e63cfcb/1/KY0cRWQfsJpiyusBxDSmoB2UZjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/ba61ce-9c86-42ef-90fb-dd515e63cfcb/1/c45l-wPm1gfYviBDRdbgWkYLmk8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.12.0/24
IPv6:
2a05:7700::/29
Signature Algorithm: sha256WithRSAEncryption
90:79:55:18:4d:bb:fb:7a:25:82:27:b7:3b:07:64:09:25:fb:
82:cc:c5:1c:6b:0c:da:d7:9a:15:da:ca:38:b3:59:25:63:35:
22:a2:fe:01:09:08:62:4f:be:f9:3a:c5:a1:a6:8f:42:bc:ba:
d1:65:74:0f:6d:36:76:8c:11:39:ee:40:ac:0a:55:98:0d:ae:
10:fd:5c:68:00:73:ed:ab:b8:80:40:aa:ae:4d:9a:f7:14:0d:
80:c4:2a:83:90:0d:3e:73:ec:3c:d9:f8:73:21:fa:c9:30:42:
96:04:25:44:53:3b:f7:6f:fd:37:4e:8c:e2:50:a1:6b:02:cf:
64:d2:73:85:ae:1f:85:2e:b9:89:88:5b:25:7d:73:1c:f5:86:
c8:1b:ce:d5:0c:7a:6a:10:28:45:f6:5a:40:32:8c:3a:a0:21:
71:19:5f:e4:19:e9:4e:39:c7:ec:19:83:51:4b:ec:b5:2d:44:
3f:65:43:b4:fe:bc:ac:32:f7:ce:64:bb:ea:7b:96:b3:c0:9c:
95:de:45:27:aa:ee:f5:bc:39:fd:59:da:0a:11:3a:9f:12:83:
67:dc:fb:09:75:19:3e:e6:b7:40:f8:1a:89:c0:0f:e8:cb:f5:
c1:c6:ce:66:93:86:46:b6:89:dc:6c:ab:b0:bb:b5:f1:3b:c1:
5c:b3:9d:59
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzCbQmc23Fwml5f5wkl5qIHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczOGU2NWZiMDNlNmQ2MDdkOGJlMjA0MzQ1ZDZlMDVhNDYw
YjlhNGYwHhcNMjQwMTAxMDAyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOThkMWM0NTY0MWZiMDlhNjJjYWViMDFjNDM0YTZhMDFkOTQ2NjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5mn54fPzTOiKX5a9B7x0ik6x/zvJ
LwYokiy14r0n4Nx+2vKUzKgDGqpFW1U43KYzbT+QOoqL/Al5WCSY2nQ32OWloPGR
Y1aOk5hnBXVfbrxjsiV1/X7t8QkOu+SP/0LduM3sc+25KOiFJNCE3x+VsHZYTpnA
KvWb/7C2/bS7z0Q8ga9WXv5sN9TA8WQU6a4o3Io/NU0HHWKGd1+UVkHIbdNzfyUW
7ggu8PzPNQGcqhDfvWcOeZXrxBCFQZOCXff06TJC2Kf7mXd1j9aY45kKuMRsOKvF
eLKlcniAd2QVgGgHjscgph9v2QKOc9dV7ZzICRc4jWTrK8cAgl11YKK/ywIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCmNHEVkH7CaYsrrAcQ0pqAdlGYzMB8GA1UdIwQY
MBaAFHOOZfsD5tYH2L4gQ0XW4FpGC5pPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzQ1bC13UG0xZ2ZZdmlCRFJkYmdXa1lMbWs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9iYTYxY2UtOWM4Ni00MmVmLTkwZmIt
ZGQ1MTVlNjNjZmNiLzEvS1kwY1JXUWZzSnBpeXVzQnhEU21vQjJVWmpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9iYTYxY2UtOWM4Ni00MmVmLTkwZmItZGQ1MTVlNjNjZmNi
LzEvYzQ1bC13UG0xZ2ZZdmlCRFJkYmdXa1lMbWs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAXpoMMA0E
AgACMAcDBQMqBXcAMA0GCSqGSIb3DQEBCwUAA4IBAQCQeVUYTbv7eiWCJ7c7B2QJ
JfuCzMUcawza15oV2so4s1klYzUiov4BCQhiT775OsWhpo9CvLrRZXQPbTZ2jBE5
7kCsClWYDa4Q/VxoAHPtq7iAQKquTZr3FA2AxCqDkA0+c+w82fhzIfrJMEKWBCVE
Uzv3b/03ToziUKFrAs9k0nOFrh+FLrmJiFslfXMc9YbIG87VDHpqEChF9lpAMow6
oCFxGV/kGelOOcfsGYNRS+y1LUQ/ZUO0/rysMvfOZLvqe5azwJyV3kUnqu71vDn9
WdoKETqfEoNn3PsJdRk+5rdA+BqJwA/oy/XBxs5mk4ZGtoncbKuwu7XxO8Fcs51Z
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:37 2025 by rpki-client