Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/tLGlrSqeWGFnNo-uzGQEOsnjc9w.roa
File: tLGlrSqeWGFnNo-uzGQEOsnjc9w.roa (raw, json)
Hash identifier: rsdXu9zziMvso+sVxzSmG45nMLIVcOIxbr9LkuPCvVQ=
Subject key identifier: B4:B1:A5:AD:2A:9E:58:61:67:36:8F:AE:CC:64:04:3A:C9:E3:73:DC
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 018F19F300D97EA9DF9C4C36D129CC0D04B6
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/tLGlrSqeWGFnNo-uzGQEOsnjc9w.roa
Signing time: Fri 26 Apr 2024 10:28:26 +0000
ROA not before: Fri 26 Apr 2024 10:28:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 94.232.248.0/24 maxlen: 24
2a06:ddc0::/29 maxlen: 29
2a0b:8040::/29 maxlen: 29
2a0c:6980::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 May 2024 15:01:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:19:f3:00:d9:7e:a9:df:9c:4c:36:d1:29:cc:0d:04:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Apr 26 10:28:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4b1a5ad2a9e586167368faecc64043ac9e373dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:71:1c:bf:1b:64:7c:df:1f:e1:cf:e6:ec:38:
32:aa:d5:01:2b:87:ba:2c:2c:b3:90:4d:b7:8a:3b:
e9:ff:7b:25:eb:77:71:6a:fd:d2:1a:04:4f:a0:ef:
1f:26:4e:1b:de:44:90:10:ed:5a:35:91:74:ad:66:
d8:64:31:33:c2:2c:b6:b0:38:41:86:b9:c8:d2:f4:
86:72:00:40:1b:89:88:54:90:73:78:9d:7d:68:bb:
b6:83:7f:c9:89:5f:20:11:9a:cd:08:2d:54:7e:b3:
d1:ab:39:4e:46:71:fd:7a:2f:3a:bc:a0:41:36:9d:
5e:86:60:c0:53:d2:06:38:5d:9a:15:24:54:bf:82:
68:4d:75:4f:63:a0:06:07:3c:e6:65:30:44:7c:5a:
b8:ef:e5:16:75:82:d0:a1:24:eb:4c:66:29:c1:d1:
90:94:b5:90:fc:67:46:b5:b9:c9:53:59:b1:be:9c:
94:94:e4:a7:9a:ee:c2:5a:3c:c3:a2:8e:01:48:84:
d7:07:87:e0:61:8f:58:02:09:55:0e:75:86:fc:64:
7e:60:a0:c4:96:20:9b:0a:60:e1:8a:14:5a:fc:8a:
40:f8:b6:ae:b8:31:62:48:14:a8:3b:51:90:89:0a:
08:f8:7f:17:fb:06:d1:bb:05:c1:e3:d1:f3:77:dd:
ff:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:B1:A5:AD:2A:9E:58:61:67:36:8F:AE:CC:64:04:3A:C9:E3:73:DC
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/tLGlrSqeWGFnNo-uzGQEOsnjc9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.232.248.0/24
IPv6:
2a06:ddc0::/29
2a0b:8040::/29
2a0c:6980::/29
Signature Algorithm: sha256WithRSAEncryption
89:f2:e9:fb:c1:a0:4b:76:89:e6:e4:26:73:aa:6a:bc:f5:63:
f0:13:77:40:ba:96:37:fe:cf:64:e9:29:39:3a:5f:e4:a0:d9:
13:38:d6:34:72:1c:3e:a2:69:3d:23:b6:6c:36:bc:c1:f9:7d:
f9:ae:0f:18:a3:76:bf:e7:fd:a0:b4:be:64:e2:6e:ab:b3:4c:
41:a6:6d:f7:b2:82:df:40:f8:34:a8:0c:7b:fb:89:18:72:c4:
1b:72:49:1e:4e:7b:fd:bb:f0:79:3e:af:e4:b2:92:8d:a5:81:
48:f3:22:95:98:b9:d2:1b:99:c8:c2:dd:c9:2a:08:28:f8:bb:
ad:3e:f9:44:e7:18:69:5e:fe:64:81:d3:e2:24:ff:b0:24:38:
81:b9:cd:9d:bb:7c:30:8b:3d:4a:f6:60:61:94:67:a3:59:7d:
d0:68:50:20:b1:43:66:c1:dc:48:ed:8d:7c:92:ef:0e:d9:e8:
ad:7e:cf:89:6d:a3:87:0b:eb:bc:20:43:de:5f:df:66:7b:07:
5d:be:74:ee:2f:72:fc:c6:83:e8:16:01:94:01:36:bd:41:d2:
d0:f7:0b:3e:32:d5:cb:1d:17:30:f8:e1:45:25:4f:f0:6a:73:
bb:9b:44:40:fe:65:2a:33:33:39:1b:36:21:40:aa:9e:6f:f7:
2a:5c:7f:57
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY8Z8wDZfqnfnEw20SnMDQS2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjQwNDI2MTAyODI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGIxYTVhZDJhOWU1ODYxNjczNjhmYWVjYzY0MDQzYWM5ZTM3M2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnEcvxtkfN8f4c/m7DgyqtUBK4e6
LCyzkE23ijvp/3sl63dxav3SGgRPoO8fJk4b3kSQEO1aNZF0rWbYZDEzwiy2sDhB
hrnI0vSGcgBAG4mIVJBzeJ19aLu2g3/JiV8gEZrNCC1UfrPRqzlORnH9ei86vKBB
Np1ehmDAU9IGOF2aFSRUv4JoTXVPY6AGBzzmZTBEfFq47+UWdYLQoSTrTGYpwdGQ
lLWQ/GdGtbnJU1mxvpyUlOSnmu7CWjzDoo4BSITXB4fgYY9YAglVDnWG/GR+YKDE
liCbCmDhihRa/IpA+LauuDFiSBSoO1GQiQoI+H8X+wbRuwXB49Hzd93/WwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFLSxpa0qnlhhZzaPrsxkBDrJ43PcMB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvdExHbHJTcWVXR0ZuTm8tdXpHUUVPc25qYzl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAMBAIAATAGAwQAXuj4MBsE
AgACMBUDBQMqBt3AAwUDKguAQAMFAyoMaYAwDQYJKoZIhvcNAQELBQADggEBAIny
6fvBoEt2iebkJnOqarz1Y/ATd0C6ljf+z2TpKTk6X+Sg2RM41jRyHD6iaT0jtmw2
vMH5ffmuDxijdr/n/aC0vmTibquzTEGmbfeygt9A+DSoDHv7iRhyxBtySR5Oe/27
8Hk+r+Syko2lgUjzIpWYudIbmcjC3ckqCCj4u60++UTnGGle/mSB0+Ik/7AkOIG5
zZ27fDCLPUr2YGGUZ6NZfdBoUCCxQ2bB3EjtjXyS7w7Z6K1+z4lto4cL67wgQ95f
32Z7B12+dO4vcvzGg+gWAZQBNr1B0tD3Cz4y1csdFzD44UUlT/Bqc7ubRED+ZSoz
MzkbNiFAqp5v9ypcf1c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:14 2024 by rpki-client on console-ams.rpki-client.org