Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/fkz7F5b0rP53aa7VOZ-Sfo_sOmg.roa
File: fkz7F5b0rP53aa7VOZ-Sfo_sOmg.roa (raw, json)
Hash identifier: hgkGIv1oa5dtE5rJLmvhDOOvA9dHCtViFs9O0hDVjrE=
Subject key identifier: 7E:4C:FB:17:96:F4:AC:FE:77:69:AE:D5:39:9F:92:7E:8F:EC:3A:68
Certificate issuer: /CN=b9481119afe1bff229facd4ef9c8c61b0fabeaf2
Certificate serial: 018CD63D4352FBEBB52AA7208E871C7DFF00
Authority key identifier: B9:48:11:19:AF:E1:BF:F2:29:FA:CD:4E:F9:C8:C6:1B:0F:AB:EA:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/fkz7F5b0rP53aa7VOZ-Sfo_sOmg.roa
Signing time: Thu 04 Jan 2024 20:49:48 +0000
ROA not before: Thu 04 Jan 2024 20:49:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201476
IP address blocks: 94.138.116.0/22 maxlen: 22
94.138.120.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 24 Apr 2024 17:21:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d6:3d:43:52:fb:eb:b5:2a:a7:20:8e:87:1c:7d:ff:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9481119afe1bff229facd4ef9c8c61b0fabeaf2
Validity
Not Before: Jan 4 20:49:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e4cfb1796f4acfe7769aed5399f927e8fec3a68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:bc:b5:65:c8:b6:4c:ed:75:6c:70:2c:30:3d:
4c:41:8d:d2:83:01:da:eb:ff:15:9d:8f:fe:6b:2c:
49:1a:ca:20:20:c5:48:2a:59:fa:0f:6e:c6:91:0f:
64:15:fa:41:29:cc:08:5b:6e:f6:ad:7a:32:94:0b:
e1:5e:34:6c:a9:56:df:42:96:9c:a8:8c:4b:08:6d:
bc:92:2c:93:05:d8:41:ed:2a:33:8c:61:1c:56:4f:
ea:70:c0:a9:81:a1:ec:34:01:d2:d9:f1:76:fa:52:
d2:fc:d9:d2:ac:48:9c:e6:5c:eb:9e:13:06:65:4a:
4d:1e:23:ab:96:86:fd:1d:99:b4:07:1b:d2:81:2e:
ba:5f:20:75:b1:40:a0:a6:f8:fe:62:56:27:26:73:
99:34:42:2a:c3:bb:fb:e8:91:98:11:1c:2b:c1:d1:
74:08:50:21:06:82:f8:cc:2d:46:c0:47:d6:b6:7b:
4b:3e:5a:d3:55:63:63:38:d5:36:eb:f3:10:25:90:
74:4e:d9:96:5a:a7:ab:bc:d8:6c:80:16:2f:4b:d6:
59:5a:da:4a:e4:2a:fd:0b:93:d6:55:15:93:8c:68:
59:9c:66:38:e7:18:1d:3c:d4:24:b8:67:a3:72:d4:
5a:3c:7c:3e:6f:5c:3d:74:2e:24:21:95:00:b6:3b:
97:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:4C:FB:17:96:F4:AC:FE:77:69:AE:D5:39:9F:92:7E:8F:EC:3A:68
X509v3 Authority Key Identifier:
keyid:B9:48:11:19:AF:E1:BF:F2:29:FA:CD:4E:F9:C8:C6:1B:0F:AB:EA:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/fkz7F5b0rP53aa7VOZ-Sfo_sOmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.138.116.0-94.138.123.255
Signature Algorithm: sha256WithRSAEncryption
86:b2:ac:d7:36:3f:a0:44:be:8b:43:90:b4:ea:d5:dd:56:87:
51:de:1e:f5:ad:02:ae:9f:be:01:67:70:2c:dd:1a:4a:5f:2a:
50:25:6c:0e:df:a4:3d:db:0d:a7:06:d8:4c:be:6c:96:75:02:
1e:5b:9b:0b:75:6c:44:99:be:3a:b1:59:b5:ec:9a:89:85:54:
e7:77:f7:b2:6d:89:4e:26:39:bc:05:fe:04:08:65:9c:e7:50:
63:f3:5f:af:cb:a8:d2:3d:c9:6c:a9:27:c7:7b:ad:bd:26:96:
18:c6:16:19:d3:16:7a:c3:fc:ff:cf:28:43:7a:a2:d5:60:12:
78:4f:d2:8c:82:41:a3:1f:2a:4e:c6:f3:c8:be:fd:6b:fc:7a:
82:2f:ce:8a:2b:1e:4c:a1:ad:c4:49:9c:89:27:69:63:06:4b:
ac:d8:fb:bb:e2:33:c3:a6:44:42:a6:dd:5f:b4:ad:72:86:43:
a8:f0:af:3d:74:2d:87:85:9d:6a:a7:36:c4:d7:57:19:fe:70:
bd:3f:8b:71:ef:d9:b6:8c:ba:ab:1f:88:9e:92:e2:76:52:ee:
4d:a5:ea:12:d0:0d:36:9e:78:51:4b:48:de:dd:69:96:fd:13:
ca:52:ff:42:5a:ee:4c:53:a4:30:07:49:23:6f:88:85:0b:60:
de:bf:03:6c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzWPUNS++u1Kqcgjoccff8AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NDgxMTE5YWZlMWJmZjIyOWZhY2Q0ZWY5YzhjNjFiMGZh
YmVhZjIwHhcNMjQwMTA0MjA0OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTRjZmIxNzk2ZjRhY2ZlNzc2OWFlZDUzOTlmOTI3ZThmZWMzYTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7y1Zci2TO11bHAsMD1MQY3SgwHa
6/8VnY/+ayxJGsogIMVIKln6D27GkQ9kFfpBKcwIW272rXoylAvhXjRsqVbfQpac
qIxLCG28kiyTBdhB7SozjGEcVk/qcMCpgaHsNAHS2fF2+lLS/NnSrEic5lzrnhMG
ZUpNHiOrlob9HZm0BxvSgS66XyB1sUCgpvj+YlYnJnOZNEIqw7v76JGYERwrwdF0
CFAhBoL4zC1GwEfWtntLPlrTVWNjONU26/MQJZB0TtmWWqervNhsgBYvS9ZZWtpK
5Cr9C5PWVRWTjGhZnGY45xgdPNQkuGejctRaPHw+b1w9dC4kIZUAtjuXowIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFH5M+xeW9Kz+d2mu1Tmfkn6P7DpoMB8GA1UdIwQY
MBaAFLlIERmv4b/yKfrNTvnIxhsPq+ryMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVVnUkdhX2h2X0lwLXMxTy1jakdHdy1yNnZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jYjAwMDctM2VhOS00NzU5LThkNzAt
OWI5YmNlMTVlMGM2LzEvZmt6N0Y1YjByUDUzYWE3Vk9aLVNmb19zT21nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jYjAwMDctM2VhOS00NzU5LThkNzAtOWI5YmNlMTVlMGM2
LzEvdVVnUkdhX2h2X0lwLXMxTy1jakdHdy1yNnZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJeinQD
BAJeingwDQYJKoZIhvcNAQELBQADggEBAIayrNc2P6BEvotDkLTq1d1Wh1HeHvWt
Aq6fvgFncCzdGkpfKlAlbA7fpD3bDacG2Ey+bJZ1Ah5bmwt1bESZvjqxWbXsmomF
VOd397JtiU4mObwF/gQIZZznUGPzX6/LqNI9yWypJ8d7rb0mlhjGFhnTFnrD/P/P
KEN6otVgEnhP0oyCQaMfKk7G88i+/Wv8eoIvzoorHkyhrcRJnIknaWMGS6zY+7vi
M8OmREKm3V+0rXKGQ6jwrz10LYeFnWqnNsTXVxn+cL0/i3Hv2baMuqsfiJ6S4nZS
7k2l6hLQDTaeeFFLSN7daZb9E8pS/0Ja7kxTpDAHSSNviIULYN6/A2w=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:40 2025 by rpki-client