Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/xkZ_eC1oAehl9IOw2DqOBa3gsqw.roa
File: xkZ_eC1oAehl9IOw2DqOBa3gsqw.roa (raw, json)
Hash identifier: vX4q5Mh7CpbZWhmCVGc19IL0xJlQAd6pafGQyGd7u8s=
Subject key identifier: C6:46:7F:78:2D:68:01:E8:65:F4:83:B0:D8:3A:8E:05:AD:E0:B2:AC
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018F301D770FDB070B61F9420411867873AD
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/xkZ_eC1oAehl9IOw2DqOBa3gsqw.roa
Signing time: Tue 30 Apr 2024 17:46:28 +0000
ROA not before: Tue 30 Apr 2024 17:46:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215163
IP address blocks: 94.247.43.0/24 maxlen: 24
2a09:e1c2::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 16 Jul 2024 20:44:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:30:1d:77:0f:db:07:0b:61:f9:42:04:11:86:78:73:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Apr 30 17:46:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6467f782d6801e865f483b0d83a8e05ade0b2ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:96:fe:98:40:a1:a4:48:d4:7e:0f:4e:64:d1:
18:a5:3e:35:f6:5e:41:1c:37:0b:9c:64:62:cb:cd:
5c:54:e9:6b:58:dd:62:cc:ed:2b:f8:fb:b0:d9:89:
48:40:2a:1b:dd:be:43:56:21:1c:ef:0e:1d:58:88:
47:e1:d9:c8:ff:00:8c:11:db:45:fb:88:38:cd:1c:
47:c5:5a:77:6d:06:86:4c:54:3d:d2:df:0a:2f:f0:
7f:ec:ef:55:2f:e1:bd:0a:7b:7c:6a:ee:4b:11:c4:
27:6f:8b:22:66:fa:20:1c:d8:fd:b1:6c:99:bd:8c:
0a:ef:6b:60:2f:b8:79:fc:c5:0c:8a:92:28:50:a6:
ff:49:44:ee:0c:dd:f3:d7:fd:e5:1b:5c:e1:17:fd:
3d:57:0c:e4:17:86:f0:1c:61:6a:3d:c1:cd:a9:7e:
92:c9:2a:3b:ea:a9:45:93:dd:1f:60:b2:f8:38:0b:
f5:8e:56:34:b8:eb:a3:7e:fc:1c:09:31:37:29:25:
38:a1:91:22:0c:7e:d5:f1:39:ff:be:b7:93:bb:39:
1d:ee:68:76:94:5e:ff:c4:7c:91:89:5b:08:61:74:
69:d0:15:48:4c:e0:39:28:1f:29:aa:6c:70:99:03:
1e:4b:e7:37:dc:de:68:12:25:b3:93:ce:fd:b7:2c:
8a:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:46:7F:78:2D:68:01:E8:65:F4:83:B0:D8:3A:8E:05:AD:E0:B2:AC
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/xkZ_eC1oAehl9IOw2DqOBa3gsqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.247.43.0/24
IPv6:
2a09:e1c2::/32
Signature Algorithm: sha256WithRSAEncryption
47:35:4f:f4:95:7d:2b:d2:69:be:c1:1d:92:57:64:60:ac:bf:
03:39:04:7b:66:d9:31:87:f9:fb:f2:fb:56:5a:df:3a:ad:6a:
87:4f:fe:f5:2a:58:db:b0:c5:4d:41:65:b7:b6:0e:62:c2:f6:
04:b8:95:f3:d0:2e:9f:91:f3:ff:75:19:cd:63:c8:41:fb:70:
7c:2c:d4:74:78:25:65:f1:57:1d:bb:89:58:26:bb:85:93:35:
00:ca:44:58:86:0e:88:6c:17:3c:74:e3:a1:66:ce:d3:a9:84:
2d:2b:c8:86:02:92:eb:bc:9e:09:45:24:5a:07:d5:3f:34:14:
97:2d:ca:51:51:1c:ed:bb:03:42:34:d6:0e:b7:92:d5:68:e1:
bc:7c:e3:1a:42:c0:62:56:66:25:6f:ba:35:e1:2e:0a:9b:f9:
6f:db:d0:6b:6d:a3:b4:40:92:c8:26:2d:80:eb:54:7d:c8:b0:
2e:80:d4:2a:8a:40:db:11:61:9e:f4:f7:15:5f:a7:0b:64:d8:
ff:e9:da:1b:b5:24:d7:c6:4b:3c:48:f9:85:10:de:2f:d4:19:
bd:07:0c:df:79:28:b8:0b:13:17:0b:90:98:38:09:61:1f:da:
d9:51:2d:37:ce:2f:ff:d5:ac:dc:b8:89:47:2a:34:f8:45:c5:
32:42:66:f4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY8wHXcP2wcLYflCBBGGeHOtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjQwNDMwMTc0NjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjQ2N2Y3ODJkNjgwMWU4NjVmNDgzYjBkODNhOGUwNWFkZTBiMmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupb+mEChpEjUfg9OZNEYpT419l5B
HDcLnGRiy81cVOlrWN1izO0r+Puw2YlIQCob3b5DViEc7w4dWIhH4dnI/wCMEdtF
+4g4zRxHxVp3bQaGTFQ90t8KL/B/7O9VL+G9Cnt8au5LEcQnb4siZvogHNj9sWyZ
vYwK72tgL7h5/MUMipIoUKb/SUTuDN3z1/3lG1zhF/09VwzkF4bwHGFqPcHNqX6S
ySo76qlFk90fYLL4OAv1jlY0uOujfvwcCTE3KSU4oZEiDH7V8Tn/vreTuzkd7mh2
lF7/xHyRiVsIYXRp0BVITOA5KB8pqmxwmQMeS+c33N5oEiWzk879tyyKIQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMZGf3gtaAHoZfSDsNg6jgWt4LKsMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEveGtaX2VDMW9BZWhsOUlPdzJEcU9CYTNnc3F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAXvcrMA0E
AgACMAcDBQAqCeHCMA0GCSqGSIb3DQEBCwUAA4IBAQBHNU/0lX0r0mm+wR2SV2Rg
rL8DOQR7Ztkxh/n78vtWWt86rWqHT/71KljbsMVNQWW3tg5iwvYEuJXz0C6fkfP/
dRnNY8hB+3B8LNR0eCVl8Vcdu4lYJruFkzUAykRYhg6IbBc8dOOhZs7TqYQtK8iG
ApLrvJ4JRSRaB9U/NBSXLcpRURztuwNCNNYOt5LVaOG8fOMaQsBiVmYlb7o14S4K
m/lv29BrbaO0QJLIJi2A61R9yLAugNQqikDbEWGe9PcVX6cLZNj/6dobtSTXxks8
SPmFEN4v1Bm9BwzfeSi4CxMXC5CYOAlhH9rZUS03zi//1azcuIlHKjT4RcUyQmb0
-----END CERTIFICATE-----
Generated at Wed Jul 17 00:09:09 2024 by rpki-client on console-fra.rpki-client.org