Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/4OviUf9eGyEFXb9SPUQl3C6Oz3E.roa
File: 4OviUf9eGyEFXb9SPUQl3C6Oz3E.roa (raw, json)
Hash identifier: KECHH0QnJFpamN6lds7NkAm6KJDxuJZcllSdx7B5PDo=
Subject key identifier: E0:EB:E2:51:FF:5E:1B:21:05:5D:BF:52:3D:44:25:DC:2E:8E:CF:71
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 01856CE65A74D3753F88E15FF5E49EDFA01E
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/4OviUf9eGyEFXb9SPUQl3C6Oz3E.roa
Signing time: Sun 01 Jan 2023 10:35:13 +0000
ROA not before: Sun 01 Jan 2023 10:35:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44309
IP address blocks: 94.236.164.0/24 maxlen: 24
94.236.165.0/24 maxlen: 24
94.236.166.0/24 maxlen: 24
94.236.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:5a:74:d3:75:3f:88:e1:5f:f5:e4:9e:df:a0:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 10:35:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0ebe251ff5e1b21055dbf523d4425dc2e8ecf71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:de:12:57:05:29:b1:90:b1:44:e6:e6:b0:08:
4e:dd:0d:25:bf:83:11:d5:36:1e:a4:7a:12:2b:35:
48:de:67:79:61:d0:b8:c6:32:4f:80:cd:ba:cd:4d:
a8:30:60:d1:a7:5b:6a:d8:86:c0:d3:82:de:6a:dc:
7b:34:e7:50:0b:59:c3:05:6d:2e:2a:4c:ea:5f:6b:
be:af:91:2c:0b:d7:54:22:62:7a:3b:ad:56:f6:c2:
ca:65:7e:5b:75:84:19:9c:94:c6:1d:e1:01:e9:29:
b0:ba:87:52:88:82:a3:09:34:4b:24:20:50:f0:46:
d3:a4:01:6a:78:38:c1:c8:43:87:b8:12:6f:23:7a:
4c:12:2b:5f:ea:81:c8:e7:69:5e:26:c4:1c:4f:b5:
7e:15:36:29:d1:c8:13:20:ea:02:fe:3d:3d:5d:0b:
17:37:e9:f1:7e:1d:13:b0:43:9a:7f:35:60:6f:4a:
38:ae:0c:0f:32:d8:59:96:4d:01:c0:33:e8:a6:60:
3d:8d:a8:ef:0d:49:3e:89:34:18:e1:7e:c0:3b:bc:
4c:d1:d4:53:45:d7:41:99:5c:5b:b7:bc:2c:5e:2f:
19:fe:3c:09:a3:df:94:df:ff:b1:bc:ce:eb:c2:df:
f4:58:ee:33:a7:3a:97:03:ed:a9:0f:55:60:c1:06:
e8:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:EB:E2:51:FF:5E:1B:21:05:5D:BF:52:3D:44:25:DC:2E:8E:CF:71
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/4OviUf9eGyEFXb9SPUQl3C6Oz3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.236.164.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:6a:39:bf:c7:f5:34:db:3c:ff:78:e9:5d:22:a3:88:a3:29:
31:82:31:74:c3:55:18:26:3d:ca:ff:be:72:6b:c7:83:80:87:
32:7d:0e:6d:ff:62:f5:3f:ff:cc:ff:2c:3c:86:52:c0:94:8a:
21:fc:e1:10:d8:e2:85:4c:3c:e8:bf:90:f8:ab:63:3e:91:a0:
a5:d7:b5:be:e2:18:9d:3b:9f:c4:19:89:4d:4b:9d:77:78:b9:
ed:c8:2e:e8:ad:2b:68:0d:31:ae:b9:d9:28:6c:a5:6a:56:d4:
f3:0f:e2:6a:a1:5a:13:1c:d5:20:ff:ef:bf:b6:75:b5:87:94:
a0:88:97:99:ee:ea:c9:26:22:04:5c:71:a4:3a:c9:de:51:ad:
7b:ab:b0:1c:84:b9:86:fc:49:f6:e4:5f:ff:ae:65:5a:7e:8b:
fe:74:0e:45:81:b8:83:47:65:67:b9:8c:82:3d:0f:82:13:b9:
9e:3b:63:94:3b:b5:c8:e6:bb:13:5b:01:c9:ca:72:be:bd:75:
6e:5f:c6:28:e7:1d:94:ca:d6:ef:9f:7d:f8:f2:19:fb:9a:75:
25:52:ba:17:02:48:1d:7e:81:c7:98:4f:56:96:3d:61:fa:a8:
ef:68:e0:2f:9f:b8:55:8f:ab:1a:25:03:b5:6f:26:10:f8:e9:
5d:00:94:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5lp003U/iOFf9eSe36AeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjMwMTAxMTAzNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGViZTI1MWZmNWUxYjIxMDU1ZGJmNTIzZDQ0MjVkYzJlOGVjZjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh94SVwUpsZCxRObmsAhO3Q0lv4MR
1TYepHoSKzVI3md5YdC4xjJPgM26zU2oMGDRp1tq2IbA04Leatx7NOdQC1nDBW0u
KkzqX2u+r5EsC9dUImJ6O61W9sLKZX5bdYQZnJTGHeEB6SmwuodSiIKjCTRLJCBQ
8EbTpAFqeDjByEOHuBJvI3pMEitf6oHI52leJsQcT7V+FTYp0cgTIOoC/j09XQsX
N+nxfh0TsEOafzVgb0o4rgwPMthZlk0BwDPopmA9jajvDUk+iTQY4X7AO7xM0dRT
RddBmVxbt7wsXi8Z/jwJo9+U3/+xvM7rwt/0WO4zpzqXA+2pD1VgwQbo+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFODr4lH/XhshBV2/Uj1EJdwujs9xMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvNE92aVVmOWVHeUVGWGI5U1BVUWwzQzZPejNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXuykMA0G
CSqGSIb3DQEBCwUAA4IBAQCoajm/x/U02zz/eOldIqOIoykxgjF0w1UYJj3K/75y
a8eDgIcyfQ5t/2L1P//M/yw8hlLAlIoh/OEQ2OKFTDzov5D4q2M+kaCl17W+4hid
O5/EGYlNS513eLntyC7orStoDTGuudkobKVqVtTzD+JqoVoTHNUg/++/tnW1h5Sg
iJeZ7urJJiIEXHGkOsneUa17q7AchLmG/En25F//rmVafov+dA5FgbiDR2VnuYyC
PQ+CE7meO2OUO7XI5rsTWwHJynK+vXVuX8Yo5x2Uytbvn3348hn7mnUlUroXAkgd
foHHmE9Wlj1h+qjvaOAvn7hVj6saJQO1byYQ+OldAJSf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:04 2024 by rpki-client on console-fra.rpki-client.org