Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/Stcc0OXNSrfzh2dhyHM5E3KlaYk.roa
File: Stcc0OXNSrfzh2dhyHM5E3KlaYk.roa (raw, json)
Hash identifier: Ua0vRGhWC8r1/XLSO4Ydp6wX05e1OarvcxvrMDWEYrw=
Subject key identifier: 4A:D7:1C:D0:E5:CD:4A:B7:F3:87:67:61:C8:73:39:13:72:A5:69:89
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 0190BD4A31849D971FFEF5E5B53713652E00
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/Stcc0OXNSrfzh2dhyHM5E3KlaYk.roa
Signing time: Tue 16 Jul 2024 20:44:34 +0000
ROA not before: Tue 16 Jul 2024 20:44:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215163
IP address blocks: 94.247.43.0/24 maxlen: 24
2a00:f826:8::/48 maxlen: 48
2a09:e1c2::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 18 Sep 2024 15:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bd:4a:31:84:9d:97:1f:fe:f5:e5:b5:37:13:65:2e:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jul 16 20:44:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ad71cd0e5cd4ab7f3876761c873391372a56989
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ec:2c:01:4b:89:7c:db:28:42:6f:db:3e:3d:
83:ee:63:2f:9f:32:6d:cf:1b:9d:65:5d:cb:bc:49:
32:c7:9c:b3:ad:42:0e:b3:3b:43:0e:8c:9b:65:d4:
8e:b5:7c:dc:1a:84:96:81:79:8c:0a:07:81:cf:42:
d4:a0:6f:aa:33:1d:6e:4d:4d:ed:94:69:9b:a3:42:
30:76:85:69:23:0f:90:88:8d:3c:9c:b5:95:f4:9f:
1a:ff:09:03:f7:6a:80:40:08:36:2f:a4:f5:2c:cc:
65:c9:ab:4e:0c:25:81:b8:68:01:94:2d:bd:d3:60:
38:18:f9:05:57:2a:2f:cd:94:8f:67:c6:69:4e:c9:
f8:06:d3:76:6f:13:26:3a:f9:dc:a4:19:ef:a8:19:
4d:9a:74:00:eb:55:96:29:79:20:50:9c:50:ab:f1:
7e:05:f1:e3:89:a3:c1:38:ec:e4:f9:77:56:be:f9:
e5:87:49:ef:ff:c4:06:15:9d:8c:d8:a8:7c:7b:85:
84:82:0c:2b:09:24:a8:a5:d7:08:66:1c:c2:12:d4:
1c:c9:dc:a1:64:8f:0f:e4:43:fd:d4:1e:14:54:1f:
5d:9d:f1:cc:1d:84:26:af:fb:63:d6:44:79:67:8a:
18:4d:6b:8d:94:16:09:17:79:86:4a:3b:b8:82:f0:
3f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:D7:1C:D0:E5:CD:4A:B7:F3:87:67:61:C8:73:39:13:72:A5:69:89
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/Stcc0OXNSrfzh2dhyHM5E3KlaYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.247.43.0/24
IPv6:
2a00:f826:8::/48
2a09:e1c2::/32
Signature Algorithm: sha256WithRSAEncryption
8d:e4:77:f8:dc:93:d5:be:0f:45:88:1d:ce:41:1d:bb:b6:99:
2b:ef:33:ef:58:da:40:01:fc:24:62:2a:d3:a4:d7:53:fc:28:
9a:74:7d:83:e4:35:54:0b:ed:69:c9:46:e4:42:b6:6d:f2:d9:
27:66:a8:fb:27:64:98:ef:bc:29:1e:a3:f1:14:cb:b2:ab:61:
4d:09:87:af:26:ff:b2:77:5c:ba:79:ed:ea:09:0f:ab:a1:e6:
3d:f2:0c:26:0d:29:2c:65:42:1b:6d:f5:4d:96:42:7b:b6:b9:
cb:ab:10:f4:58:9b:24:5d:34:29:fb:fc:df:a8:2f:e8:ad:81:
42:ab:9d:1e:17:bc:95:6e:88:f7:57:40:a3:a9:5f:a8:0a:03:
e0:21:b6:8b:e4:bb:80:e4:b9:70:5b:f4:df:46:6a:11:91:e9:
b4:4b:75:5a:f2:e4:ae:3e:b2:bc:8d:bf:94:69:b6:cd:b3:05:
98:9e:b3:22:7a:4b:ca:95:06:a7:d5:e9:86:af:22:4e:09:19:
91:13:2f:0d:0a:44:93:00:67:14:9c:f2:39:32:33:35:5a:01:
9c:bb:47:32:5c:38:60:4c:ee:42:c6:81:da:b0:a8:2b:5f:6e:
d6:a8:47:dc:3d:5e:50:fa:b6:12:46:24:a8:64:2b:2c:09:68:
4a:2f:f7:a4
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZC9SjGEnZcf/vXltTcTZS4AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjQwNzE2MjA0NDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWQ3MWNkMGU1Y2Q0YWI3ZjM4NzY3NjFjODczMzkxMzcyYTU2OTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouwsAUuJfNsoQm/bPj2D7mMvnzJt
zxudZV3LvEkyx5yzrUIOsztDDoybZdSOtXzcGoSWgXmMCgeBz0LUoG+qMx1uTU3t
lGmbo0IwdoVpIw+QiI08nLWV9J8a/wkD92qAQAg2L6T1LMxlyatODCWBuGgBlC29
02A4GPkFVyovzZSPZ8ZpTsn4BtN2bxMmOvncpBnvqBlNmnQA61WWKXkgUJxQq/F+
BfHjiaPBOOzk+XdWvvnlh0nv/8QGFZ2M2Kh8e4WEggwrCSSopdcIZhzCEtQcydyh
ZI8P5EP91B4UVB9dnfHMHYQmr/tj1kR5Z4oYTWuNlBYJF3mGSju4gvA/KQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFErXHNDlzUq384dnYchzORNypWmJMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvU3RjYzBPWE5TcmZ6aDJkaHlITTVFM0tsYVlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAXvcrMBYE
AgACMBADBwAqAPgmAAgDBQAqCeHCMA0GCSqGSIb3DQEBCwUAA4IBAQCN5Hf43JPV
vg9FiB3OQR27tpkr7zPvWNpAAfwkYirTpNdT/CiadH2D5DVUC+1pyUbkQrZt8tkn
Zqj7J2SY77wpHqPxFMuyq2FNCYevJv+yd1y6ee3qCQ+roeY98gwmDSksZUIbbfVN
lkJ7trnLqxD0WJskXTQp+/zfqC/orYFCq50eF7yVboj3V0CjqV+oCgPgIbaL5LuA
5LlwW/TfRmoRkem0S3Va8uSuPrK8jb+UabbNswWYnrMiekvKlQan1emGryJOCRmR
Ey8NCkSTAGcUnPI5MjM1WgGcu0cyXDhgTO5CxoHasKgrX27WqEfcPV5Q+rYSRiSo
ZCssCWhKL/ek
-----END CERTIFICATE-----
Generated at Wed Sep 18 19:07:31 2024 by rpki-client on console-ams.rpki-client.org