Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/7f77bd-b302-4933-a5f9-fcb4d20bcd75/1/NU5aeLuoDlOL0w3Eap_oFccR_XU.roa
File: NU5aeLuoDlOL0w3Eap_oFccR_XU.roa (raw, json)
Hash identifier: uNeb3d/e7vpKJJXdMNfnhqq6vXaN8iB+qtb0QFmoNIE=
Subject key identifier: 35:4E:5A:78:BB:A8:0E:53:8B:D3:0D:C4:6A:9F:E8:15:C7:11:FD:75
Certificate issuer: /CN=c4a3eb175f7b57906c80f508e15f63e03f0b7ef8
Certificate serial: 0185728C9565FBD749C83ED76FF9F180EFE7
Authority key identifier: C4:A3:EB:17:5F:7B:57:90:6C:80:F5:08:E1:5F:63:E0:3F:0B:7E:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xKPrF197V5BsgPUI4V9j4D8Lfvg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/7f77bd-b302-4933-a5f9-fcb4d20bcd75/1/NU5aeLuoDlOL0w3Eap_oFccR_XU.roa
Signing time: Mon 02 Jan 2023 12:54:53 +0000
ROA not before: Mon 02 Jan 2023 12:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207590
IP address blocks: 94.154.1.0/24 maxlen: 24
94.154.1.1/32 maxlen: 32
2a0f:f3c0:1::/48 maxlen: 48
2a0f:f3c0::/29 maxlen: 29
2a0f:f3c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:95:65:fb:d7:49:c8:3e:d7:6f:f9:f1:80:ef:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4a3eb175f7b57906c80f508e15f63e03f0b7ef8
Validity
Not Before: Jan 2 12:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=354e5a78bba80e538bd30dc46a9fe815c711fd75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:9f:b8:b4:bb:b1:1d:40:92:06:84:be:29:a8:
07:72:ec:05:cc:13:35:70:00:16:d2:c4:3a:8d:e7:
0a:bf:a2:4a:a6:34:95:9d:25:80:ac:a2:36:0c:65:
29:2e:4a:0b:9f:bf:96:59:75:fd:25:57:01:26:fd:
50:d9:c5:d5:e3:0a:c0:60:48:af:ef:2c:d5:2f:65:
6d:e3:c7:5b:70:7d:a2:d9:70:dd:1f:33:d4:eb:94:
2f:c1:a3:c8:18:33:36:b5:23:88:de:22:bd:87:da:
97:ea:58:a0:c4:7e:2e:3f:b7:a4:14:2d:2b:14:a5:
02:f1:01:9a:93:7b:b1:ae:0d:fd:9f:d4:ab:12:cf:
cf:65:c7:47:7f:cd:c6:9b:a9:08:26:fb:26:ad:5d:
ae:dc:06:81:a1:54:68:a6:c8:98:d0:14:ae:f0:9c:
e0:26:53:fa:40:c9:59:73:cd:c8:24:ae:f5:41:ef:
21:b6:82:e7:17:13:ca:97:9a:20:1e:29:62:9b:46:
14:c1:12:76:4f:d4:5f:0d:a7:8b:9d:f0:ae:a6:78:
13:c0:44:ed:cd:ec:f0:0a:e9:44:0d:32:31:0b:54:
e4:cb:4e:7a:64:21:c3:aa:f6:a1:d6:b6:c5:87:9f:
39:a8:f8:67:3b:66:5f:59:a8:2b:4e:21:31:19:b4:
9d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:4E:5A:78:BB:A8:0E:53:8B:D3:0D:C4:6A:9F:E8:15:C7:11:FD:75
X509v3 Authority Key Identifier:
keyid:C4:A3:EB:17:5F:7B:57:90:6C:80:F5:08:E1:5F:63:E0:3F:0B:7E:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xKPrF197V5BsgPUI4V9j4D8Lfvg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/7f77bd-b302-4933-a5f9-fcb4d20bcd75/1/NU5aeLuoDlOL0w3Eap_oFccR_XU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/7f77bd-b302-4933-a5f9-fcb4d20bcd75/1/xKPrF197V5BsgPUI4V9j4D8Lfvg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.1.0/24
IPv6:
2a0f:f3c0::/29
Signature Algorithm: sha256WithRSAEncryption
1e:29:0d:3e:df:d6:6e:6b:0e:e8:23:05:12:86:74:d8:a7:b4:
8a:3d:3d:41:2b:8b:73:5e:03:cb:35:38:d5:04:85:83:5a:91:
2e:d9:a7:5b:f9:46:9e:8b:ff:b5:d6:ec:62:2f:6c:6b:a5:53:
c2:ac:6f:8d:1d:7a:0f:57:42:8b:5f:3c:62:0e:fb:18:cd:1b:
93:13:ee:ed:cc:30:37:5c:8a:fb:a9:71:4e:39:e7:50:6b:f2:
33:de:c5:61:4d:9b:d9:85:27:a1:86:7b:62:4d:08:0a:87:45:
87:30:9f:c5:d5:e0:6b:6c:be:c2:f1:50:54:81:90:1f:10:0b:
2e:48:3b:1a:6d:2f:69:8b:29:87:3f:6f:64:42:c4:57:87:e1:
79:68:d3:41:86:d5:6b:ff:47:0c:a9:d1:49:c3:93:49:55:7f:
08:11:a0:4d:69:c0:94:79:15:7e:08:af:95:91:a7:f5:5e:f6:
e0:de:ec:56:ef:bc:a9:64:d9:22:5b:5b:e3:f8:a8:36:91:5b:
83:7d:bc:6c:02:08:22:71:5b:aa:ca:c3:3c:38:87:3a:8b:7f:
00:82:00:38:0f:1e:4b:ff:b4:37:93:55:fe:29:e8:59:c6:0b:
4a:4b:22:d3:47:39:bd:d1:60:fd:1c:5a:b1:c6:aa:a4:da:87:
ea:df:e3:65
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyjJVl+9dJyD7Xb/nxgO/nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0YTNlYjE3NWY3YjU3OTA2YzgwZjUwOGUxNWY2M2UwM2Yw
YjdlZjgwHhcNMjMwMTAyMTI1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTRlNWE3OGJiYTgwZTUzOGJkMzBkYzQ2YTlmZTgxNWM3MTFmZDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5+4tLuxHUCSBoS+KagHcuwFzBM1
cAAW0sQ6jecKv6JKpjSVnSWArKI2DGUpLkoLn7+WWXX9JVcBJv1Q2cXV4wrAYEiv
7yzVL2Vt48dbcH2i2XDdHzPU65QvwaPIGDM2tSOI3iK9h9qX6ligxH4uP7ekFC0r
FKUC8QGak3uxrg39n9SrEs/PZcdHf83Gm6kIJvsmrV2u3AaBoVRopsiY0BSu8Jzg
JlP6QMlZc83IJK71Qe8htoLnFxPKl5ogHilim0YUwRJ2T9RfDaeLnfCupngTwETt
zezwCulEDTIxC1Tky056ZCHDqvah1rbFh585qPhnO2ZfWagrTiExGbSdtwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDVOWni7qA5Ti9MNxGqf6BXHEf11MB8GA1UdIwQY
MBaAFMSj6xdfe1eQbID1COFfY+A/C374MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEtQckYxOTdWNUJzZ1BVSTRWOWo0RDhMZnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS83Zjc3YmQtYjMwMi00OTMzLWE1Zjkt
ZmNiNGQyMGJjZDc1LzEvTlU1YWVMdW9EbE9MMHczRWFwX29GY2NSX1hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS83Zjc3YmQtYjMwMi00OTMzLWE1ZjktZmNiNGQyMGJjZDc1
LzEveEtQckYxOTdWNUJzZ1BVSTRWOWo0RDhMZnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAXpoBMA0E
AgACMAcDBQMqD/PAMA0GCSqGSIb3DQEBCwUAA4IBAQAeKQ0+39Zuaw7oIwUShnTY
p7SKPT1BK4tzXgPLNTjVBIWDWpEu2adb+Uaei/+11uxiL2xrpVPCrG+NHXoPV0KL
XzxiDvsYzRuTE+7tzDA3XIr7qXFOOedQa/Iz3sVhTZvZhSehhntiTQgKh0WHMJ/F
1eBrbL7C8VBUgZAfEAsuSDsabS9piymHP29kQsRXh+F5aNNBhtVr/0cMqdFJw5NJ
VX8IEaBNacCUeRV+CK+Vkaf1Xvbg3uxW77ypZNkiW1vj+Kg2kVuDfbxsAggicVuq
ysM8OIc6i38AggA4Dx5L/7Q3k1X+KehZxgtKSyLTRzm90WD9HFqxxqqk2ofq3+Nl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:40 2024 by rpki-client on console-ams.rpki-client.org