Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/1XHyRIhyB2TpqfAWfyn7QVeVF00.roa
File: 1XHyRIhyB2TpqfAWfyn7QVeVF00.roa (raw, json)
Hash identifier: RWnKQPWEZTa9/3Yn5iS3wAA5034BptR81NSlW6hsVC8=
Subject key identifier: D5:71:F2:44:88:72:07:64:E9:A9:F0:16:7F:29:FB:41:57:95:17:4D
Certificate issuer: /CN=297ae7592ca52491dc166a30fe1477d712bd465d
Certificate serial: 01927687E049896F4E0A3BB6FF6A987205A7
Authority key identifier: 29:7A:E7:59:2C:A5:24:91:DC:16:6A:30:FE:14:77:D7:12:BD:46:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXrnWSylJJHcFmow_hR31xK9Rl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/1XHyRIhyB2TpqfAWfyn7QVeVF00.roa
Signing time: Thu 10 Oct 2024 13:04:29 +0000
ROA not before: Thu 10 Oct 2024 13:04:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29076
IP address blocks: 94.159.71.0/24 maxlen: 24
94.159.84.0/24 maxlen: 24
94.159.87.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Oct 2024 05:42:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:76:87:e0:49:89:6f:4e:0a:3b:b6:ff:6a:98:72:05:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ae7592ca52491dc166a30fe1477d712bd465d
Validity
Not Before: Oct 10 13:04:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d571f24488720764e9a9f0167f29fb415795174d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:fd:fc:f4:a1:a1:27:a3:4b:62:76:ac:4d:93:
cb:90:df:50:41:84:1d:1f:bc:48:21:07:0b:5a:53:
06:6b:c0:b8:28:d4:d7:99:d8:59:72:20:9f:b2:55:
16:92:96:02:4b:40:aa:8a:4d:56:2c:fc:45:6e:20:
61:22:1f:5d:f3:4e:e4:25:0b:fe:44:0a:d0:dc:9a:
86:49:a1:a8:7c:86:80:62:2b:11:c4:ed:27:63:d0:
27:81:64:ec:93:ed:d7:d3:53:26:82:e2:6d:79:93:
45:59:63:ff:ff:51:1c:6b:05:dc:9d:05:2b:b7:0f:
8c:5d:61:b8:16:86:ef:87:0a:93:68:d6:8c:50:02:
6f:45:c9:e8:29:2c:00:ae:3b:31:0c:27:1a:83:30:
ad:2a:65:d5:33:c5:7a:79:d4:e1:d2:3d:1a:37:70:
1a:a7:7e:6d:32:2b:d3:4d:94:92:31:4a:21:c5:3a:
92:99:cb:7d:64:35:82:cc:bc:2b:58:66:13:23:05:
ec:87:c3:33:46:da:2e:f0:06:f7:ae:eb:31:63:24:
e5:f2:94:db:38:67:01:0e:4e:fc:2f:f8:e6:49:c6:
d9:1a:1b:20:41:a7:27:fe:c2:3d:b3:7a:e2:fb:6d:
40:42:4d:e6:c2:ad:08:46:d9:61:e0:81:73:28:27:
fc:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:71:F2:44:88:72:07:64:E9:A9:F0:16:7F:29:FB:41:57:95:17:4D
X509v3 Authority Key Identifier:
keyid:29:7A:E7:59:2C:A5:24:91:DC:16:6A:30:FE:14:77:D7:12:BD:46:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXrnWSylJJHcFmow_hR31xK9Rl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/1XHyRIhyB2TpqfAWfyn7QVeVF00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/KXrnWSylJJHcFmow_hR31xK9Rl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.159.71.0/24
94.159.84.0/24
94.159.87.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:4a:06:08:70:f9:7e:26:04:6d:7e:15:6d:2d:b4:9f:78:6c:
3a:df:c7:43:4e:ef:53:43:df:01:d9:54:59:06:af:17:7e:26:
bd:d9:2d:df:7b:57:a7:13:25:4f:db:b0:a1:84:03:9f:18:c0:
24:e3:5e:6a:b0:81:a2:e7:24:7f:46:83:56:78:68:72:d8:46:
d0:f4:31:d9:ec:68:bd:64:99:fa:36:c6:41:52:6a:67:1a:21:
9e:c6:8d:96:46:1f:80:5c:1c:82:7c:41:d3:e6:8b:27:c0:02:
57:03:e1:ac:c2:aa:29:00:72:78:06:3e:6d:ca:d4:7c:85:65:
ab:58:b2:06:28:71:9d:f6:d2:d1:80:58:cb:25:b3:cf:40:7d:
9e:cf:d6:c3:db:32:19:05:a4:51:5b:8d:c3:05:54:c0:31:31:
79:d9:79:16:09:b8:3a:fe:74:59:55:cb:c3:b8:73:20:5e:0c:
a1:b1:e0:db:78:b9:10:6b:de:e1:fb:45:99:d4:ea:92:84:7e:
42:20:2b:10:17:36:1a:18:01:e1:17:69:24:bf:8f:ff:da:6e:
7c:30:18:26:aa:38:51:d3:98:c0:66:90:a1:51:65:1e:35:bf:
be:bd:bf:eb:12:c5:2d:fa:e2:76:50:63:a9:1b:84:75:a6:a6:
a3:fd:47:35
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZJ2h+BJiW9OCju2/2qYcgWnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2FlNzU5MmNhNTI0OTFkYzE2NmEzMGZlMTQ3N2Q3MTJi
ZDQ2NWQwHhcNMjQxMDEwMTMwNDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTcxZjI0NDg4NzIwNzY0ZTlhOWYwMTY3ZjI5ZmI0MTU3OTUxNzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArP389KGhJ6NLYnasTZPLkN9QQYQd
H7xIIQcLWlMGa8C4KNTXmdhZciCfslUWkpYCS0Cqik1WLPxFbiBhIh9d807kJQv+
RArQ3JqGSaGofIaAYisRxO0nY9AngWTsk+3X01MmguJteZNFWWP//1EcawXcnQUr
tw+MXWG4FobvhwqTaNaMUAJvRcnoKSwArjsxDCcagzCtKmXVM8V6edTh0j0aN3Aa
p35tMivTTZSSMUohxTqSmct9ZDWCzLwrWGYTIwXsh8MzRtou8Ab3rusxYyTl8pTb
OGcBDk78L/jmScbZGhsgQacn/sI9s3ri+21AQk3mwq0IRtlh4IFzKCf8gwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNVx8kSIcgdk6anwFn8p+0FXlRdNMB8GA1UdIwQY
MBaAFCl651kspSSR3BZqMP4Ud9cSvUZdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1hybldTeWxKSkhjRm1vd19oUjMxeEs5UmwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS80OGUxZTgtMzI4ZC00ZjgyLTkzOTgt
MzkxMGE1OWExMTIxLzEvMVhIeVJJaHlCMlRwcWZBV2Z5bjdRVmVWRjAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS80OGUxZTgtMzI4ZC00ZjgyLTkzOTgtMzkxMGE1OWExMTIx
LzEvS1hybldTeWxKSkhjRm1vd19oUjMxeEs5UmwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXp9HAwQA
Xp9UAwQAXp9XMA0GCSqGSIb3DQEBCwUAA4IBAQAaSgYIcPl+JgRtfhVtLbSfeGw6
38dDTu9TQ98B2VRZBq8Xfia92S3fe1enEyVP27ChhAOfGMAk415qsIGi5yR/RoNW
eGhy2EbQ9DHZ7Gi9ZJn6NsZBUmpnGiGexo2WRh+AXByCfEHT5osnwAJXA+Gswqop
AHJ4Bj5tytR8hWWrWLIGKHGd9tLRgFjLJbPPQH2ez9bD2zIZBaRRW43DBVTAMTF5
2XkWCbg6/nRZVcvDuHMgXgyhseDbeLkQa97h+0WZ1OqShH5CICsQFzYaGAHhF2kk
v4//2m58MBgmqjhR05jAZpChUWUeNb++vb/rEsUt+uJ2UGOpG4R1pqaj/Uc1
Generated at Tue Oct 22 06:53:28 2024 by rpki-client on console-fra.rpki-client.org