Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/oo22fvuivt8HLByYJfZGa_KFX-4.roa
File: oo22fvuivt8HLByYJfZGa_KFX-4.roa (raw, json)
Hash identifier: gPYmB9Zs22YHu2/zV9eUA8Bb7Oy3ZqexyHIVjdY8uzQ=
Subject key identifier: A2:8D:B6:7E:FB:A2:BE:DF:07:2C:1C:98:25:F6:46:6B:F2:85:5F:EE
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 0189BD21D47875AD6438D810377A8F036EC5
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/oo22fvuivt8HLByYJfZGa_KFX-4.roa
Signing time: Thu 03 Aug 2023 20:40:58 +0000
ROA not before: Thu 03 Aug 2023 20:40:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57043
IP address blocks: 94.241.172.0/24 maxlen: 24
94.241.173.0/24 maxlen: 24
94.241.174.0/24 maxlen: 24
94.241.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 04 Nov 2023 12:17:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bd:21:d4:78:75:ad:64:38:d8:10:37:7a:8f:03:6e:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Aug 3 20:40:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a28db67efba2bedf072c1c9825f6466bf2855fee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:6e:20:eb:e1:bb:f7:a3:e2:89:b2:4d:3f:0c:
30:bb:17:f0:14:c3:8f:85:ad:7d:24:64:fa:69:69:
6e:8d:8e:85:6a:f7:af:9f:a7:6d:68:20:c9:18:e9:
36:80:39:cb:6b:ad:5f:a0:39:eb:fd:ee:9e:e1:15:
04:d3:fd:00:2b:85:a7:58:f9:a7:fe:7d:ec:80:d0:
53:75:9e:56:1a:56:da:0e:02:23:82:25:01:08:27:
53:a0:98:54:17:17:d8:5c:d1:e4:eb:63:91:0d:5c:
f0:96:5b:97:c9:2e:43:0b:99:58:67:06:8d:22:d5:
dd:00:9f:26:3b:3b:aa:aa:d9:62:f4:b2:97:c6:a0:
ab:64:51:44:27:54:34:f5:92:5b:9b:a0:5c:4a:cb:
b8:06:b0:fa:3e:b5:a0:81:0d:82:59:db:87:98:28:
c1:47:79:61:23:78:5f:9b:00:7f:d8:71:9f:a3:6b:
71:6c:18:2e:65:bd:61:eb:a5:5b:53:33:61:c8:77:
26:67:bc:58:6c:b6:18:b4:ba:98:6c:8a:db:4f:9b:
0e:d4:43:d2:a3:99:e5:6f:64:1d:2b:f4:58:2b:df:
90:03:17:8d:50:f0:e0:1d:bf:6c:6c:88:b5:ec:e1:
c5:33:6c:8f:78:7b:62:fa:c6:0f:02:e9:96:99:44:
e1:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:8D:B6:7E:FB:A2:BE:DF:07:2C:1C:98:25:F6:46:6B:F2:85:5F:EE
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/oo22fvuivt8HLByYJfZGa_KFX-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.241.172.0/22
Signature Algorithm: sha256WithRSAEncryption
26:26:4f:0a:4a:9c:55:4e:48:b7:f2:c0:dd:2c:83:19:81:0b:
3e:2d:74:5f:52:c9:62:9c:42:9e:7e:7e:96:16:88:96:b8:75:
e4:0a:39:8d:73:70:2d:03:44:17:2b:8f:22:0a:22:dd:e5:99:
71:4e:af:a0:f3:c9:14:82:c1:81:12:0f:6a:72:2a:c8:43:fc:
bf:68:93:cc:d4:18:59:4c:95:b3:6f:3d:cb:e8:66:4c:43:94:
b0:4d:59:42:63:b1:bd:d0:6c:a2:a6:2e:3c:c6:30:49:78:e8:
a1:da:27:ee:13:27:c8:68:68:cd:ea:07:0b:11:0d:68:8f:60:
d5:28:e7:b0:31:5b:26:33:17:de:0d:45:fd:92:0d:61:a1:f0:
dd:78:cc:2e:f5:c3:5f:b8:58:f5:00:fb:04:12:c3:22:90:21:
8f:57:b0:50:00:c7:ed:53:9d:63:54:83:e2:10:7c:05:f8:51:
5c:1e:2c:95:87:d5:61:25:da:2c:7c:5e:aa:6b:67:5a:3b:9b:
6c:68:31:dd:e7:ac:75:7a:c2:72:69:d6:70:4b:98:01:9f:c5:
99:f4:99:42:46:f8:e2:a9:50:ea:d1:4a:b7:a0:b8:1c:d2:6a:
9c:c1:e3:cc:b2:7a:b7:b0:a4:06:c3:0b:43:10:54:85:30:1c:
40:e8:54:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYm9IdR4da1kONgQN3qPA27FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwODAzMjA0MDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjhkYjY3ZWZiYTJiZWRmMDcyYzFjOTgyNWY2NDY2YmYyODU1ZmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlm4g6+G796PiibJNPwwwuxfwFMOP
ha19JGT6aWlujY6Favevn6dtaCDJGOk2gDnLa61foDnr/e6e4RUE0/0AK4WnWPmn
/n3sgNBTdZ5WGlbaDgIjgiUBCCdToJhUFxfYXNHk62ORDVzwlluXyS5DC5lYZwaN
ItXdAJ8mOzuqqtli9LKXxqCrZFFEJ1Q09ZJbm6BcSsu4BrD6PrWggQ2CWduHmCjB
R3lhI3hfmwB/2HGfo2txbBguZb1h66VbUzNhyHcmZ7xYbLYYtLqYbIrbT5sO1EPS
o5nlb2QdK/RYK9+QAxeNUPDgHb9sbIi17OHFM2yPeHti+sYPAumWmUThCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKKNtn77or7fBywcmCX2RmvyhV/uMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvb28yMmZ2dWl2dDhITEJ5WUpmWkdhX0tGWC00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXvGsMA0G
CSqGSIb3DQEBCwUAA4IBAQAmJk8KSpxVTki38sDdLIMZgQs+LXRfUslinEKefn6W
FoiWuHXkCjmNc3AtA0QXK48iCiLd5ZlxTq+g88kUgsGBEg9qcirIQ/y/aJPM1BhZ
TJWzbz3L6GZMQ5SwTVlCY7G90Gyipi48xjBJeOih2ifuEyfIaGjN6gcLEQ1oj2DV
KOewMVsmMxfeDUX9kg1hofDdeMwu9cNfuFj1APsEEsMikCGPV7BQAMftU51jVIPi
EHwF+FFcHiyVh9VhJdosfF6qa2daO5tsaDHd56x1esJyadZwS5gBn8WZ9JlCRvji
qVDq0Uq3oLgc0mqcwePMsnq3sKQGwwtDEFSFMBxA6FRM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:19 2024 by rpki-client on console-ams.rpki-client.org