Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/ezQemYHcqN-Itwmhtsj5J0HJAt0.roa
File: ezQemYHcqN-Itwmhtsj5J0HJAt0.roa (raw, json)
Hash identifier: YvjWXlY2iF/vZ6d4+M+LUWRcj+60t3PTfnwkEaIzz7w=
Subject key identifier: 7B:34:1E:99:81:DC:A8:DF:88:B7:09:A1:B6:C8:F9:27:41:C9:02:DD
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 01856CE66B683AB6BDAB07B29C048456A55A
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/ezQemYHcqN-Itwmhtsj5J0HJAt0.roa
Signing time: Sun 01 Jan 2023 10:35:18 +0000
ROA not before: Sun 01 Jan 2023 10:35:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202209
IP address blocks: 94.236.145.0/24 maxlen: 24
94.236.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:6b:68:3a:b6:bd:ab:07:b2:9c:04:84:56:a5:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 10:35:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b341e9981dca8df88b709a1b6c8f92741c902dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:72:33:45:00:31:aa:27:da:4d:2f:d8:ef:90:
49:19:7d:38:62:47:e7:82:f8:91:dc:f0:15:9c:0a:
e5:a4:d1:20:d4:0c:df:a0:2e:7e:3a:3e:2a:c7:d3:
18:d4:6f:f9:79:ef:be:69:32:da:47:af:a9:6a:1b:
6f:f5:b6:14:6c:7d:a6:50:90:37:05:2a:2a:06:4f:
db:d7:57:81:c7:8a:06:8d:63:41:65:eb:7a:44:eb:
0b:1c:b7:9b:40:74:72:b2:ae:ac:5c:10:c1:87:5b:
cd:e4:f4:53:ad:21:ce:67:23:6f:b7:08:5f:7e:ed:
e7:91:75:bc:26:42:c8:d9:0b:77:7c:f7:8c:72:04:
5f:5b:9a:55:36:09:fb:4c:8b:ae:f3:01:dc:5d:9a:
1e:c1:20:78:dd:0b:e8:8d:5a:c5:1e:91:20:68:a1:
83:2d:51:0b:e4:ac:13:0c:7c:17:ee:a9:70:b9:61:
96:51:26:51:d6:de:d0:9f:4b:34:31:08:06:ad:a7:
b0:53:5c:76:8d:85:c6:df:a3:5e:3f:fd:d1:c4:31:
55:92:65:e7:75:03:ba:7e:71:8a:15:22:a5:cf:6c:
ce:90:dc:31:62:58:26:d7:05:92:10:df:f4:35:6b:
12:79:1f:d3:89:31:46:10:ef:c4:92:70:01:a2:07:
f9:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:34:1E:99:81:DC:A8:DF:88:B7:09:A1:B6:C8:F9:27:41:C9:02:DD
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/ezQemYHcqN-Itwmhtsj5J0HJAt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.236.145.0/24
94.236.159.0/24
Signature Algorithm: sha256WithRSAEncryption
23:77:87:09:02:93:5d:33:ad:e7:ea:b5:69:c9:02:70:cb:e0:
ac:b0:d9:7f:81:52:7f:3e:81:fc:fa:fb:21:a9:de:4f:b7:1c:
f9:e7:58:52:e0:1e:c7:1c:94:bc:c9:d7:43:43:4a:53:1e:68:
77:16:df:a3:13:5a:77:6c:3c:9f:8f:ac:9c:74:7c:08:81:6b:
a3:c4:95:c1:dc:50:ec:ed:ea:a8:92:42:a4:5b:1d:71:87:db:
86:9e:f8:d3:60:0e:2a:81:2c:7a:17:f0:40:dc:93:65:aa:5e:
5d:8b:de:89:c0:44:a4:61:39:51:98:d6:4a:56:a2:5d:8a:c6:
c0:c2:21:cf:18:23:f7:6f:19:f7:26:7a:33:40:c9:87:23:28:
25:c4:92:4c:8d:51:f8:54:56:aa:be:ab:17:00:62:04:83:c4:
90:d9:24:34:8a:3c:90:49:8b:2a:34:7a:f7:f2:e1:23:07:0b:
22:9a:b7:51:71:28:5f:90:6a:0f:c2:11:b2:21:8e:d3:4f:8d:
de:92:df:5d:fb:b6:11:c0:df:3b:06:c3:81:00:00:92:59:14:
b1:bd:b5:04:bb:cd:08:64:c5:45:c6:63:ff:2d:92:97:dd:57:
44:89:87:aa:f4:30:45:ea:2d:d2:8f:f0:7e:32:83:3e:79:fe:
b9:e6:a8:33
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVs5mtoOra9qweynASEVqVaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjMwMTAxMTAzNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjM0MWU5OTgxZGNhOGRmODhiNzA5YTFiNmM4ZjkyNzQxYzkwMmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3IzRQAxqifaTS/Y75BJGX04Ykfn
gviR3PAVnArlpNEg1AzfoC5+Oj4qx9MY1G/5ee++aTLaR6+pahtv9bYUbH2mUJA3
BSoqBk/b11eBx4oGjWNBZet6ROsLHLebQHRysq6sXBDBh1vN5PRTrSHOZyNvtwhf
fu3nkXW8JkLI2Qt3fPeMcgRfW5pVNgn7TIuu8wHcXZoewSB43QvojVrFHpEgaKGD
LVEL5KwTDHwX7qlwuWGWUSZR1t7Qn0s0MQgGraewU1x2jYXG36NeP/3RxDFVkmXn
dQO6fnGKFSKlz2zOkNwxYlgm1wWSEN/0NWsSeR/TiTFGEO/EknABogf5YwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHs0HpmB3KjfiLcJobbI+SdByQLdMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvZXpRZW1ZSGNxTi1JdHdtaHRzajVKMEhKQXQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXuyRAwQA
XuyfMA0GCSqGSIb3DQEBCwUAA4IBAQAjd4cJApNdM63n6rVpyQJwy+CssNl/gVJ/
PoH8+vshqd5Ptxz551hS4B7HHJS8yddDQ0pTHmh3Ft+jE1p3bDyfj6ycdHwIgWuj
xJXB3FDs7eqokkKkWx1xh9uGnvjTYA4qgSx6F/BA3JNlql5di96JwESkYTlRmNZK
VqJdisbAwiHPGCP3bxn3JnozQMmHIyglxJJMjVH4VFaqvqsXAGIEg8SQ2SQ0ijyQ
SYsqNHr38uEjBwsimrdRcShfkGoPwhGyIY7TT43ekt9d+7YRwN87BsOBAACSWRSx
vbUEu80IZMVFxmP/LZKX3VdEiYeq9DBF6i3Sj/B+MoM+ef655qgz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:05 2024 by rpki-client on console-fra.rpki-client.org