Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/fQfJb8tSE6BL7VqKkntMPgaP9ok.roa
File: fQfJb8tSE6BL7VqKkntMPgaP9ok.roa (raw, json)
Hash identifier: QTrqgpasWobOvP7XnRD4Q7UEbiZ6v15kAT604qDXtb4=
Subject key identifier: 7D:07:C9:6F:CB:52:13:A0:4B:ED:5A:8A:92:7B:4C:3E:06:8F:F6:89
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 0185C47636E2E8C5E9F862F49230BF064AF9
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/fQfJb8tSE6BL7VqKkntMPgaP9ok.roa
Signing time: Wed 18 Jan 2023 10:39:19 +0000
ROA not before: Wed 18 Jan 2023 10:39:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 94.241.164.0/23 maxlen: 24
94.241.160.0/22 maxlen: 24
178.253.26.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Jan 2023 19:41:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c4:76:36:e2:e8:c5:e9:f8:62:f4:92:30:bf:06:4a:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 18 10:39:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7d07c96fcb5213a04bed5a8a927b4c3e068ff689
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:6a:0f:ea:49:d1:a7:c9:86:66:d3:0b:cd:4f:
eb:5f:5a:05:79:c5:d1:dd:54:02:23:39:a6:8b:49:
19:98:13:ec:6c:f9:91:49:88:64:04:44:1a:61:fa:
11:4a:a1:0a:51:61:00:70:08:60:6c:20:50:c4:75:
c6:9a:9d:90:25:15:29:c7:53:da:ab:14:63:d1:2b:
ff:b1:77:46:24:d7:1d:7f:c6:70:b1:75:88:8a:80:
f9:66:d4:45:a5:4e:c1:32:d6:29:02:45:dd:f8:bb:
69:29:af:e8:22:c4:a8:bf:84:df:d2:55:3a:16:a1:
a1:5e:a6:43:dc:54:bb:40:0e:19:2a:c3:64:f4:ad:
3b:ae:c8:e8:a3:fb:55:d1:cf:fc:9d:8a:b3:42:19:
50:11:7c:fc:da:d9:f2:93:b1:7b:cb:ee:30:3a:89:
a0:5c:7b:51:8e:a0:8f:67:e0:4a:a0:19:ba:49:13:
c1:9b:8e:99:70:84:2f:cd:d0:94:ff:99:09:a3:79:
f9:ff:61:0d:74:7b:0e:98:e9:8b:86:0d:c7:cf:be:
4d:5a:74:01:a3:7b:45:77:00:ce:5e:0a:a9:84:a2:
62:ca:0a:05:08:f2:c1:6b:6f:42:f4:79:b3:f9:83:
b6:f2:be:52:c1:ad:63:1c:23:0b:5a:e6:2b:5e:42:
28:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:07:C9:6F:CB:52:13:A0:4B:ED:5A:8A:92:7B:4C:3E:06:8F:F6:89
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/fQfJb8tSE6BL7VqKkntMPgaP9ok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.241.160.0-94.241.165.255
178.253.26.0/23
Signature Algorithm: sha256WithRSAEncryption
95:34:a2:1f:4c:6c:be:a3:5b:92:06:71:11:a0:86:2d:fb:dd:
d6:6d:5c:b1:ff:47:2f:89:7c:06:e8:70:03:e9:74:24:0a:04:
9f:eb:4b:c8:0e:92:71:bd:a1:15:75:54:e5:df:d4:16:2c:4b:
03:c1:bc:c2:62:02:49:7e:da:d6:df:ec:5e:1d:e9:5c:61:5f:
d6:56:c2:67:6b:0e:dc:47:37:b1:9b:88:1c:93:18:15:00:bc:
28:09:e9:91:19:51:04:a8:9b:f1:4b:d7:42:25:04:9e:20:9a:
fe:0d:48:8c:e1:04:20:f2:e0:36:58:8d:7e:7b:7f:67:b1:a6:
22:d5:d1:5a:b0:98:83:22:67:7e:17:c4:6c:b5:94:16:73:ab:
f7:8b:19:4f:5e:ba:87:5c:05:97:bd:78:97:33:bc:81:d7:88:
ca:bb:3a:96:a5:bc:6a:14:42:8b:b7:7e:f8:15:ec:b2:14:67:
3c:71:76:0a:f2:4a:95:f4:19:b4:46:8e:d5:c6:71:e2:70:9f:
90:1c:da:82:8b:a9:0c:55:e3:26:35:1a:99:ed:d4:00:dc:02:
92:59:b5:51:ef:41:07:69:71:d7:c4:9f:9a:96:b7:7f:a8:e7:
48:4e:13:b5:58:ce:ee:12:28:43:21:3c:30:60:a6:5e:81:4d:
a2:12:8e:17
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYXEdjbi6MXp+GL0kjC/Bkr5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwMTE4MTAzOTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDA3Yzk2ZmNiNTIxM2EwNGJlZDVhOGE5MjdiNGMzZTA2OGZmNjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGoP6knRp8mGZtMLzU/rX1oFecXR
3VQCIzmmi0kZmBPsbPmRSYhkBEQaYfoRSqEKUWEAcAhgbCBQxHXGmp2QJRUpx1Pa
qxRj0Sv/sXdGJNcdf8ZwsXWIioD5ZtRFpU7BMtYpAkXd+LtpKa/oIsSov4Tf0lU6
FqGhXqZD3FS7QA4ZKsNk9K07rsjoo/tV0c/8nYqzQhlQEXz82tnyk7F7y+4wOomg
XHtRjqCPZ+BKoBm6SRPBm46ZcIQvzdCU/5kJo3n5/2ENdHsOmOmLhg3Hz75NWnQB
o3tFdwDOXgqphKJiygoFCPLBa29C9Hmz+YO28r5Swa1jHCMLWuYrXkIoDwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFH0HyW/LUhOgS+1aipJ7TD4Gj/aJMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvZlFmSmI4dFNFNkJMN1ZxS2tudE1QZ2FQOW9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAVe8aAD
BAFe8aQDBAGy/RowDQYJKoZIhvcNAQELBQADggEBAJU0oh9MbL6jW5IGcRGghi37
3dZtXLH/Ry+JfAbocAPpdCQKBJ/rS8gOknG9oRV1VOXf1BYsSwPBvMJiAkl+2tbf
7F4d6VxhX9ZWwmdrDtxHN7GbiByTGBUAvCgJ6ZEZUQSom/FL10IlBJ4gmv4NSIzh
BCDy4DZYjX57f2expiLV0VqwmIMiZ34XxGy1lBZzq/eLGU9euodcBZe9eJczvIHX
iMq7OpalvGoUQou3fvgV7LIUZzxxdgrySpX0GbRGjtXGceJwn5Ac2oKLqQxV4yY1
Gpnt1ADcApJZtVHvQQdpcdfEn5qWt3+o50hOE7VYzu4SKEMhPDBgpl6BTaISjhc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:19 2024 by rpki-client on console-ams.rpki-client.org