Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/2e6613-4332-4c19-addf-dedaf79356ce/1/cgGmaoFB9yB_S5-yoInZcfbZEyQ.roa
File: cgGmaoFB9yB_S5-yoInZcfbZEyQ.roa (raw, json)
Hash identifier: bP4tT8qlnNkslAPKxFUnoQWh3JhKxnqlXpUi/YQsyb4=
Subject key identifier: 72:01:A6:6A:81:41:F7:20:7F:4B:9F:B2:A0:89:D9:71:F6:D9:13:24
Certificate issuer: /CN=b78380b41e37b5757d3d4e2eecdf06d930a70b9d
Certificate serial: 0190107DBE7629AED2AA43F95FC13ED0E304
Authority key identifier: B7:83:80:B4:1E:37:B5:75:7D:3D:4E:2E:EC:DF:06:D9:30:A7:0B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t4OAtB43tXV9PU4u7N8G2TCnC50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/2e6613-4332-4c19-addf-dedaf79356ce/1/cgGmaoFB9yB_S5-yoInZcfbZEyQ.roa
Signing time: Thu 13 Jun 2024 07:26:34 +0000
ROA not before: Thu 13 Jun 2024 07:26:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61213
IP address blocks: 94.140.17.0/24 maxlen: 24
185.206.4.0/22 maxlen: 23
2a02:d60::/32 maxlen: 48
Validation: Failed, certificate revoked on Fri 14 Jun 2024 11:17:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:10:7d:be:76:29:ae:d2:aa:43:f9:5f:c1:3e:d0:e3:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b78380b41e37b5757d3d4e2eecdf06d930a70b9d
Validity
Not Before: Jun 13 07:26:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7201a66a8141f7207f4b9fb2a089d971f6d91324
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:dc:1c:5e:d8:5f:32:c8:50:0e:13:9b:fe:82:
a8:e3:de:db:57:be:7d:cf:3a:57:11:5c:76:af:b2:
05:82:15:65:b9:bf:5a:50:00:86:5e:80:94:5e:d2:
f8:f4:50:21:3a:ec:d4:af:cd:a3:aa:4d:59:f0:81:
87:82:79:80:61:39:29:80:45:a4:c5:c0:45:c2:47:
ec:5c:1e:0d:c9:b8:77:44:70:9e:f5:33:91:35:6d:
b2:3b:0c:60:d4:69:a3:19:52:a5:93:0c:f6:2e:45:
40:6a:26:3c:78:57:0f:8f:8a:b3:33:5a:42:bc:e2:
92:7e:7f:60:d1:d0:14:70:58:35:64:ea:d2:5c:4f:
34:56:4a:75:b7:3c:d2:a6:31:bc:75:4c:86:98:2b:
ba:11:54:c4:cf:5e:cc:0e:5c:bc:56:82:e7:5b:86:
34:79:34:ef:7b:00:0f:fd:10:bb:c9:fd:15:12:fc:
41:80:a2:38:48:b7:fa:ff:5c:0e:e9:e1:27:d8:4b:
cd:d1:eb:45:7c:a1:9c:a6:cc:f4:de:20:9a:0d:86:
2f:e7:75:49:8d:0a:a1:0f:1e:54:68:19:92:2f:74:
ef:a3:04:ac:1d:12:8e:fd:0f:b5:f7:20:9b:70:dc:
33:29:99:13:08:26:51:ec:e6:a7:31:8b:5f:4b:ef:
06:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:01:A6:6A:81:41:F7:20:7F:4B:9F:B2:A0:89:D9:71:F6:D9:13:24
X509v3 Authority Key Identifier:
keyid:B7:83:80:B4:1E:37:B5:75:7D:3D:4E:2E:EC:DF:06:D9:30:A7:0B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t4OAtB43tXV9PU4u7N8G2TCnC50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/2e6613-4332-4c19-addf-dedaf79356ce/1/cgGmaoFB9yB_S5-yoInZcfbZEyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/2e6613-4332-4c19-addf-dedaf79356ce/1/t4OAtB43tXV9PU4u7N8G2TCnC50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.140.17.0/24
185.206.4.0/22
IPv6:
2a02:d60::/32
Signature Algorithm: sha256WithRSAEncryption
16:4d:e0:d4:05:bc:ea:79:19:32:69:82:0e:6b:f9:89:37:33:
a3:9a:86:40:6b:3b:36:1e:3c:de:1b:86:ec:ee:28:95:6f:6e:
2d:6f:f2:2f:07:c9:32:13:39:d9:72:5f:5e:7f:32:93:b4:91:
99:f4:e2:33:ae:50:1c:08:ba:5a:43:f5:c6:44:8e:36:b3:a1:
4e:2f:08:b1:9d:30:ff:f4:10:aa:e6:a1:da:c7:ae:7a:b8:a2:
9c:6c:dd:98:73:92:d5:71:2c:8c:f0:18:c1:99:ba:48:e4:67:
ef:12:77:cc:3b:13:b2:39:e8:45:ef:d6:5f:ae:8b:79:a1:46:
47:b0:ea:db:73:f7:1c:6c:53:fd:8b:03:56:f3:b8:18:16:f1:
48:5f:1d:0d:b3:4f:1c:04:1f:c5:37:16:6b:33:b1:e5:4a:e2:
77:d7:6f:a3:cd:ab:46:b0:03:cc:14:47:93:8c:16:01:f3:e2:
5e:1f:67:e4:c7:6d:22:9d:fb:1a:fe:0b:ee:a3:9a:fa:8c:5a:
fe:e4:2b:22:21:ae:ed:81:4f:de:55:c5:81:38:b4:15:49:1c:
1c:59:fa:54:41:ba:9b:95:9c:b8:ad:4e:b0:04:5e:a6:86:68:
8a:8e:18:0c:0f:32:79:33:46:13:c9:be:7d:fa:79:b3:f6:dc:
5c:38:06:06
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZAQfb52Ka7SqkP5X8E+0OMEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ODM4MGI0MWUzN2I1NzU3ZDNkNGUyZWVjZGYwNmQ5MzBh
NzBiOWQwHhcNMjQwNjEzMDcyNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjAxYTY2YTgxNDFmNzIwN2Y0YjlmYjJhMDg5ZDk3MWY2ZDkxMzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitwcXthfMshQDhOb/oKo497bV759
zzpXEVx2r7IFghVlub9aUACGXoCUXtL49FAhOuzUr82jqk1Z8IGHgnmAYTkpgEWk
xcBFwkfsXB4Nybh3RHCe9TORNW2yOwxg1GmjGVKlkwz2LkVAaiY8eFcPj4qzM1pC
vOKSfn9g0dAUcFg1ZOrSXE80Vkp1tzzSpjG8dUyGmCu6EVTEz17MDly8VoLnW4Y0
eTTvewAP/RC7yf0VEvxBgKI4SLf6/1wO6eEn2EvN0etFfKGcpsz03iCaDYYv53VJ
jQqhDx5UaBmSL3TvowSsHRKO/Q+19yCbcNwzKZkTCCZR7OanMYtfS+8GXQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHIBpmqBQfcgf0ufsqCJ2XH22RMkMB8GA1UdIwQY
MBaAFLeDgLQeN7V1fT1OLuzfBtkwpwudMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDRPQXRCNDN0WFY5UFU0dTdOOEcyVENuQzUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8yZTY2MTMtNDMzMi00YzE5LWFkZGYt
ZGVkYWY3OTM1NmNlLzEvY2dHbWFvRkI5eUJfUzUteW9JblpjZmJaRXlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC8yZTY2MTMtNDMzMi00YzE5LWFkZGYtZGVkYWY3OTM1NmNl
LzEvdDRPQXRCNDN0WFY5UFU0dTdOOEcyVENuQzUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAXowRAwQC
uc4EMA0EAgACMAcDBQAqAg1gMA0GCSqGSIb3DQEBCwUAA4IBAQAWTeDUBbzqeRky
aYIOa/mJNzOjmoZAazs2HjzeG4bs7iiVb24tb/IvB8kyEznZcl9efzKTtJGZ9OIz
rlAcCLpaQ/XGRI42s6FOLwixnTD/9BCq5qHax656uKKcbN2Yc5LVcSyM8BjBmbpI
5GfvEnfMOxOyOehF79Zfrot5oUZHsOrbc/ccbFP9iwNW87gYFvFIXx0Ns08cBB/F
NxZrM7HlSuJ312+jzatGsAPMFEeTjBYB8+JeH2fkx20infsa/gvuo5r6jFr+5Csi
Ia7tgU/eVcWBOLQVSRwcWfpUQbqblZy4rU6wBF6mhmiKjhgMDzJ5M0YTyb59+nmz
9txcOAYG
-----END CERTIFICATE-----
Generated at Fri Jun 14 13:48:53 2024 by rpki-client on console-fra.rpki-client.org