Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/hlBF2vGgSVeSV_8hAqNdqu-rD_k.roa
File: hlBF2vGgSVeSV_8hAqNdqu-rD_k.roa (raw, json)
Hash identifier: l4ygTxNB/JZiSKi9fdopBG7fm2Ke4sRMc5OomdJCRis=
Subject key identifier: 86:50:45:DA:F1:A0:49:57:92:57:FF:21:02:A3:5D:AA:EF:AB:0F:F9
Certificate issuer: /CN=297ae7592ca52491dc166a30fe1477d712bd465d
Certificate serial: 0192B2BF56EEC9BE063AD10C7BFDD5FA5BA7
Authority key identifier: 29:7A:E7:59:2C:A5:24:91:DC:16:6A:30:FE:14:77:D7:12:BD:46:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXrnWSylJJHcFmow_hR31xK9Rl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/hlBF2vGgSVeSV_8hAqNdqu-rD_k.roa
Signing time: Tue 22 Oct 2024 05:42:16 +0000
ROA not before: Tue 22 Oct 2024 05:42:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29076
IP address blocks: 94.159.71.0/24 maxlen: 24
94.159.84.0/24 maxlen: 24
94.159.87.0/24 maxlen: 24
94.159.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 31 Oct 2024 12:23:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b2:bf:56:ee:c9:be:06:3a:d1:0c:7b:fd:d5:fa:5b:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ae7592ca52491dc166a30fe1477d712bd465d
Validity
Not Before: Oct 22 05:42:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=865045daf1a049579257ff2102a35daaefab0ff9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ec:83:32:1a:03:61:2a:1a:bc:c1:bc:63:e3:
d8:d4:15:46:cd:03:34:8f:f6:eb:b8:bd:f0:3c:79:
fb:9c:e6:4c:59:86:d1:92:35:da:dd:0d:82:f7:3f:
d0:c2:2d:28:ed:02:89:29:e5:a9:74:21:43:e1:06:
9e:d4:24:90:69:93:55:35:50:a2:ce:7b:2d:c9:68:
01:3b:45:14:e2:8b:db:52:e5:cf:79:32:57:aa:78:
51:99:7b:f1:a6:89:a7:f8:d0:78:9c:07:2c:0d:2f:
7c:44:63:49:3b:bc:87:99:7a:c0:7c:4f:5c:6d:2a:
30:f7:e3:f5:4a:ed:25:7c:77:81:1f:57:d8:7e:53:
ed:e2:49:55:98:a5:66:04:5e:73:d0:a6:4d:68:99:
78:22:0f:1c:46:d3:ec:60:28:31:b2:29:74:4a:d5:
3b:34:1a:83:08:ac:46:7a:47:75:ba:ba:70:7d:5d:
94:7e:80:f5:8f:a4:92:42:cd:e9:85:ea:df:81:4f:
e5:49:67:df:63:d0:30:9e:ac:ae:6b:10:0f:6c:1d:
1c:1c:7c:f8:65:e1:e7:66:bb:03:97:20:53:f2:cf:
9a:7d:af:b4:51:bc:6c:92:fd:7b:c3:db:ec:89:8d:
9c:bb:a6:ab:6e:12:a0:10:fe:69:0c:94:8a:76:19:
63:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:50:45:DA:F1:A0:49:57:92:57:FF:21:02:A3:5D:AA:EF:AB:0F:F9
X509v3 Authority Key Identifier:
keyid:29:7A:E7:59:2C:A5:24:91:DC:16:6A:30:FE:14:77:D7:12:BD:46:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXrnWSylJJHcFmow_hR31xK9Rl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/hlBF2vGgSVeSV_8hAqNdqu-rD_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/48e1e8-328d-4f82-9398-3910a59a1121/1/KXrnWSylJJHcFmow_hR31xK9Rl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.159.71.0/24
94.159.84.0/24
94.159.87.0/24
94.159.95.0/24
Signature Algorithm: sha256WithRSAEncryption
86:d6:eb:8c:5d:8e:1f:cd:48:d3:2a:04:4e:6c:81:45:cd:14:
24:a7:e5:b1:50:ad:eb:d1:c0:c9:fc:08:97:8d:b4:bd:40:8a:
23:4d:e2:a8:45:b5:78:7b:87:b7:7f:4c:7d:51:17:94:26:ba:
06:ae:d2:ec:c7:71:a0:f5:b1:66:01:f2:61:97:64:a0:18:5a:
93:2d:55:72:91:f9:bb:2f:8b:b9:96:ca:0f:cf:73:6b:5e:a8:
ce:49:1e:e3:21:66:d5:67:46:31:10:e3:ab:0a:af:6c:62:c9:
96:19:a8:56:6c:f7:55:8c:ba:ec:15:05:3b:6d:2c:94:07:54:
2a:ab:d7:c3:b7:29:84:ea:6e:8c:94:be:1a:98:e5:a0:e1:8f:
60:ff:63:5b:52:b9:a0:ee:f9:5b:02:6c:82:c5:9e:cc:e8:dd:
5a:65:06:0e:ac:fd:a1:7a:46:6a:40:74:ae:27:77:86:ca:e7:
fe:04:f6:f4:ae:51:25:c1:d3:32:8e:52:4f:eb:b0:b5:cc:b4:
bc:8a:e9:98:f1:8a:8f:e2:e3:5e:50:9f:d7:a5:a7:72:26:b4:
d8:01:e7:37:9a:5d:d2:2a:40:4b:16:ac:21:04:59:50:ab:92:
c1:db:49:f9:c2:73:b6:29:fd:d6:4d:50:7c:c8:85:07:67:e6:
52:5f:23:e9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZKyv1buyb4GOtEMe/3V+lunMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2FlNzU5MmNhNTI0OTFkYzE2NmEzMGZlMTQ3N2Q3MTJi
ZDQ2NWQwHhcNMjQxMDIyMDU0MjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjUwNDVkYWYxYTA0OTU3OTI1N2ZmMjEwMmEzNWRhYWVmYWIwZmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruyDMhoDYSoavMG8Y+PY1BVGzQM0
j/bruL3wPHn7nOZMWYbRkjXa3Q2C9z/Qwi0o7QKJKeWpdCFD4Qae1CSQaZNVNVCi
znstyWgBO0UU4ovbUuXPeTJXqnhRmXvxpomn+NB4nAcsDS98RGNJO7yHmXrAfE9c
bSow9+P1Su0lfHeBH1fYflPt4klVmKVmBF5z0KZNaJl4Ig8cRtPsYCgxsil0StU7
NBqDCKxGekd1urpwfV2UfoD1j6SSQs3pherfgU/lSWffY9AwnqyuaxAPbB0cHHz4
ZeHnZrsDlyBT8s+afa+0Ubxskv17w9vsiY2cu6arbhKgEP5pDJSKdhlj9wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIZQRdrxoElXklf/IQKjXarvqw/5MB8GA1UdIwQY
MBaAFCl651kspSSR3BZqMP4Ud9cSvUZdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1hybldTeWxKSkhjRm1vd19oUjMxeEs5UmwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS80OGUxZTgtMzI4ZC00ZjgyLTkzOTgt
MzkxMGE1OWExMTIxLzEvaGxCRjJ2R2dTVmVTVl84aEFxTmRxdS1yRF9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS80OGUxZTgtMzI4ZC00ZjgyLTkzOTgtMzkxMGE1OWExMTIx
LzEvS1hybldTeWxKSkhjRm1vd19oUjMxeEs5UmwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXp9HAwQA
Xp9UAwQAXp9XAwQAXp9fMA0GCSqGSIb3DQEBCwUAA4IBAQCG1uuMXY4fzUjTKgRO
bIFFzRQkp+WxUK3r0cDJ/AiXjbS9QIojTeKoRbV4e4e3f0x9UReUJroGrtLsx3Gg
9bFmAfJhl2SgGFqTLVVykfm7L4u5lsoPz3NrXqjOSR7jIWbVZ0YxEOOrCq9sYsmW
GahWbPdVjLrsFQU7bSyUB1Qqq9fDtymE6m6MlL4amOWg4Y9g/2NbUrmg7vlbAmyC
xZ7M6N1aZQYOrP2hekZqQHSuJ3eGyuf+BPb0rlElwdMyjlJP67C1zLS8iumY8YqP
4uNeUJ/XpadyJrTYAec3ml3SKkBLFqwhBFlQq5LB20n5wnO2Kf3WTVB8yIUHZ+ZS
XyPp
-----END CERTIFICATE-----
Generated at Thu Oct 31 16:45:34 2024 by rpki-client on console-ams.rpki-client.org