Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/hM9ppQzP5bV-GnRIT0ZXdY3Tf04.roa
File: hM9ppQzP5bV-GnRIT0ZXdY3Tf04.roa (raw, json)
Hash identifier: Ch49/0/tUF1RYlA8GujNqGWpJx0gJVygeg5kx1iHE1w=
Subject key identifier: 84:CF:69:A5:0C:CF:E5:B5:7E:1A:74:48:4F:46:57:75:8D:D3:7F:4E
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018E15B3AF9936780BDDE8AE1FC5F0ED2EE7
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/hM9ppQzP5bV-GnRIT0ZXdY3Tf04.roa
Signing time: Wed 06 Mar 2024 21:38:01 +0000
ROA not before: Wed 06 Mar 2024 21:38:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 398465
IP address blocks: 94.241.162.0/23 maxlen: 24
94.241.164.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 08 Mar 2024 23:29:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:15:b3:af:99:36:78:0b:dd:e8:ae:1f:c5:f0:ed:2e:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Mar 6 21:38:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84cf69a50ccfe5b57e1a74484f4657758dd37f4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:91:32:89:ea:88:3a:8c:f9:ed:6d:25:37:a7:
57:2b:0c:12:f7:90:9f:54:0e:a7:ea:1e:90:cf:35:
81:53:6c:ce:3a:d7:6d:8f:61:f5:52:b5:7d:dc:5b:
5f:ed:da:88:cb:1a:e2:50:df:8d:1f:5c:3d:87:74:
67:ef:2f:12:a9:49:40:ac:a3:86:00:84:df:9c:d1:
66:f4:33:15:ec:b9:33:fc:32:08:a6:d9:97:3e:fa:
b4:1d:74:2c:11:47:ab:bd:77:07:bf:a7:4c:51:39:
4b:ef:f3:15:4a:c0:38:0d:64:4f:bc:f4:02:23:f0:
2f:1c:c5:6b:cb:3c:a8:db:c1:92:43:89:73:8a:7d:
b1:b4:cb:ad:fb:e5:3b:5e:7d:1a:bc:a1:9f:94:26:
7f:8e:5e:75:a5:62:bb:7d:f0:04:c8:b8:8b:ba:b1:
fd:ce:11:65:94:8a:c5:7d:28:ce:0d:02:5f:eb:c0:
8c:8e:14:5d:fb:52:41:b8:f2:d1:a4:ad:4c:8a:0d:
86:92:d8:96:94:29:c5:23:13:cb:1c:db:79:b9:a9:
0e:81:ce:ba:72:b2:14:2f:37:67:80:78:7f:5c:0f:
99:58:69:32:7d:29:30:1d:7d:c3:18:41:91:43:35:
ac:e2:ce:92:89:0a:ce:69:6b:6c:96:79:01:90:3a:
04:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:CF:69:A5:0C:CF:E5:B5:7E:1A:74:48:4F:46:57:75:8D:D3:7F:4E
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/hM9ppQzP5bV-GnRIT0ZXdY3Tf04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.241.162.0-94.241.165.255
Signature Algorithm: sha256WithRSAEncryption
69:b1:2f:95:e0:a9:b3:f9:9e:20:a5:97:70:6b:62:19:9c:1e:
e9:7f:38:0c:4b:ea:75:cf:a3:0d:c0:cb:cb:3a:4a:8a:90:4a:
ed:67:30:20:05:21:a7:b1:b8:b3:d3:67:0e:46:b3:e8:34:a8:
54:1f:ef:cd:d0:d5:b4:eb:dc:45:66:bb:3c:32:b7:ea:6e:29:
cf:9c:34:ef:a3:c0:3a:ee:ce:bc:43:29:4a:5e:89:57:e3:9a:
aa:c4:67:ad:f6:10:0a:8e:f1:ea:4f:bc:41:b0:4e:1c:dc:89:
db:7b:81:e8:47:35:cb:47:41:78:30:83:aa:47:cb:d7:b3:04:
9d:88:7c:8c:80:df:62:1b:35:62:e7:83:8c:da:58:9d:89:9f:
0b:63:47:0c:bd:41:d8:42:db:9a:a9:10:c1:32:cf:94:ee:db:
14:86:85:09:c6:20:38:ca:8e:a8:19:66:87:1b:71:88:d6:2f:
35:d0:22:58:1a:3e:3f:c8:02:e4:66:39:60:95:d5:4f:49:6a:
dd:ba:81:a9:66:69:08:f6:9b:05:36:1b:5b:83:8e:36:b6:6d:
91:c9:bc:10:6b:04:a9:55:e1:76:1b:f2:ee:63:45:fa:4f:5a:
71:91:a5:22:9d:1d:dc:e3:0c:6f:75:d4:d4:62:d1:f4:71:42:
05:1f:f8:d1
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY4Vs6+ZNngL3eiuH8Xw7S7nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwMzA2MjEzODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGNmNjlhNTBjY2ZlNWI1N2UxYTc0NDg0ZjQ2NTc3NThkZDM3ZjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5EyieqIOoz57W0lN6dXKwwS95Cf
VA6n6h6QzzWBU2zOOtdtj2H1UrV93Ftf7dqIyxriUN+NH1w9h3Rn7y8SqUlArKOG
AITfnNFm9DMV7Lkz/DIIptmXPvq0HXQsEUervXcHv6dMUTlL7/MVSsA4DWRPvPQC
I/AvHMVryzyo28GSQ4lzin2xtMut++U7Xn0avKGflCZ/jl51pWK7ffAEyLiLurH9
zhFllIrFfSjODQJf68CMjhRd+1JBuPLRpK1Mig2GktiWlCnFIxPLHNt5uakOgc66
crIULzdngHh/XA+ZWGkyfSkwHX3DGEGRQzWs4s6SiQrOaWtslnkBkDoE1QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFITPaaUMz+W1fhp0SE9GV3WN039OMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvaE05cHBRelA1YlYtR25SSVQwWlhkWTNUZjA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAFe8aID
BAFe8aQwDQYJKoZIhvcNAQELBQADggEBAGmxL5XgqbP5niCll3BrYhmcHul/OAxL
6nXPow3Ay8s6SoqQSu1nMCAFIaexuLPTZw5Gs+g0qFQf783Q1bTr3EVmuzwyt+pu
Kc+cNO+jwDruzrxDKUpeiVfjmqrEZ632EAqO8epPvEGwThzcidt7gehHNctHQXgw
g6pHy9ezBJ2IfIyA32IbNWLng4zaWJ2JnwtjRwy9QdhC25qpEMEyz5Tu2xSGhQnG
IDjKjqgZZocbcYjWLzXQIlgaPj/IAuRmOWCV1U9Jat26galmaQj2mwU2G1uDjja2
bZHJvBBrBKlV4XYb8u5jRfpPWnGRpSKdHdzjDG911NRi0fRxQgUf+NE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:10 2024 by rpki-client on console-fra.rpki-client.org