Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/hL9XKt3tZjkaOfKwZ9aezyV6rew.roa
File: hL9XKt3tZjkaOfKwZ9aezyV6rew.roa (raw, json)
Hash identifier: Sf1VoXR9Lv3CZrMdlh9EzJQ9jaGTE3r8LBfNj8hfeuI=
Subject key identifier: 84:BF:57:2A:DD:ED:66:39:1A:39:F2:B0:67:D6:9E:CF:25:7A:AD:EC
Certificate issuer: /CN=dbb396dfa951ec4157f211e5ed740ed97e1b0f3f
Certificate serial: 018CC94C362825FF49F47776B3D08E7E01BC
Authority key identifier: DB:B3:96:DF:A9:51:EC:41:57:F2:11:E5:ED:74:0E:D9:7E:1B:0F:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/27OW36lR7EFX8hHl7XQO2X4bDz8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/hL9XKt3tZjkaOfKwZ9aezyV6rew.roa
Signing time: Tue 02 Jan 2024 08:31:04 +0000
ROA not before: Tue 02 Jan 2024 08:31:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61371
IP address blocks: 94.131.198.0/23 maxlen: 23
94.131.196.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 06 Jun 2024 20:14:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:36:28:25:ff:49:f4:77:76:b3:d0:8e:7e:01:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbb396dfa951ec4157f211e5ed740ed97e1b0f3f
Validity
Not Before: Jan 2 08:31:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84bf572added66391a39f2b067d69ecf257aadec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:2e:18:45:1f:f9:80:26:0a:cf:92:d0:5e:b7:
7e:29:bd:f4:2c:5a:ec:0c:b6:f7:e0:d1:c4:da:8e:
33:de:bc:9f:29:80:14:68:3d:69:66:ac:d8:0e:4d:
7c:9a:cf:5a:83:f9:70:78:e4:06:e2:87:20:20:96:
3f:9f:2d:28:8c:36:18:cc:78:84:86:bd:62:b5:1f:
7f:87:c7:50:91:00:be:2e:cc:6b:63:fb:11:23:b9:
88:af:7a:05:8d:6a:e9:19:30:68:a4:be:91:24:5b:
7f:07:3b:1a:a7:bf:e0:44:4b:c5:88:63:c6:c5:2b:
73:d6:3a:d9:1b:33:68:88:c0:97:02:51:70:9c:88:
86:25:65:21:36:36:f2:a7:d7:b7:c7:c4:b2:a9:e0:
5a:b7:82:70:b3:d6:bd:91:33:02:19:54:00:b9:f0:
d1:76:fa:15:2c:bf:30:9a:e7:94:01:af:e8:94:32:
3f:5a:4f:c3:14:45:25:41:7a:7c:f0:b3:3f:b9:52:
83:94:07:03:36:ca:3d:c5:bc:84:22:77:5c:24:a4:
d6:cd:2f:71:ac:0f:46:49:bb:2a:e5:51:71:1a:0a:
14:47:c6:a1:ff:6d:2a:ac:d6:34:16:73:b9:e7:aa:
82:44:a2:69:c6:56:43:f7:78:64:0b:2d:88:00:36:
87:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:BF:57:2A:DD:ED:66:39:1A:39:F2:B0:67:D6:9E:CF:25:7A:AD:EC
X509v3 Authority Key Identifier:
keyid:DB:B3:96:DF:A9:51:EC:41:57:F2:11:E5:ED:74:0E:D9:7E:1B:0F:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/27OW36lR7EFX8hHl7XQO2X4bDz8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/hL9XKt3tZjkaOfKwZ9aezyV6rew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b3987a-4504-4749-9d73-df572fe9672a/1/27OW36lR7EFX8hHl7XQO2X4bDz8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.196.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:16:3b:a8:bf:de:e4:6f:d1:55:d7:92:81:a7:d5:95:3e:4b:
a8:e9:c5:d1:a2:ba:b2:47:a7:0d:81:50:6a:5f:bd:ad:e9:b0:
a7:b2:1e:15:fb:78:be:74:44:7e:39:c9:2d:20:0a:01:12:01:
82:52:f4:65:22:b3:56:4a:96:1d:bb:28:44:e7:77:4d:e9:17:
65:33:6c:11:11:46:3d:37:22:a8:05:37:5f:08:55:aa:a4:e2:
2d:b3:fe:a3:81:b8:2c:93:3a:cc:74:e0:50:74:e9:cc:c1:ac:
f6:a1:15:f3:11:08:d6:f9:34:d0:b1:f5:b6:b9:a6:7d:f8:88:
b8:2b:9f:7e:c3:d8:b0:03:ec:b3:30:b8:82:76:b6:07:b0:8a:
50:8b:22:be:22:3d:ce:75:07:1b:57:e8:bb:2c:c0:13:28:be:
0f:12:b8:ee:1f:09:24:ee:48:6e:88:e8:33:7e:53:3d:b8:f6:
7c:c6:ad:d7:89:a7:73:e3:dc:a7:a9:72:e8:e5:1d:df:53:28:
ce:b3:ba:3a:5f:fb:41:39:2c:c1:36:26:72:ee:69:45:fa:10:
68:76:00:33:aa:33:69:6b:d6:6f:a1:04:ae:1a:a8:2a:9a:57:
c5:f1:c5:43:7d:c1:53:b3:ea:1e:df:8c:b5:f7:69:52:92:ec:
50:b1:3b:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTDYoJf9J9Hd2s9COfgG8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYjM5NmRmYTk1MWVjNDE1N2YyMTFlNWVkNzQwZWQ5N2Ux
YjBmM2YwHhcNMjQwMTAyMDgzMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGJmNTcyYWRkZWQ2NjM5MWEzOWYyYjA2N2Q2OWVjZjI1N2FhZGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvS4YRR/5gCYKz5LQXrd+Kb30LFrs
DLb34NHE2o4z3ryfKYAUaD1pZqzYDk18ms9ag/lweOQG4ocgIJY/ny0ojDYYzHiE
hr1itR9/h8dQkQC+LsxrY/sRI7mIr3oFjWrpGTBopL6RJFt/Bzsap7/gREvFiGPG
xStz1jrZGzNoiMCXAlFwnIiGJWUhNjbyp9e3x8SyqeBat4Jws9a9kTMCGVQAufDR
dvoVLL8wmueUAa/olDI/Wk/DFEUlQXp88LM/uVKDlAcDNso9xbyEIndcJKTWzS9x
rA9GSbsq5VFxGgoUR8ah/20qrNY0FnO556qCRKJpxlZD93hkCy2IADaHNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIS/Vyrd7WY5GjnysGfWns8leq3sMB8GA1UdIwQY
MBaAFNuzlt+pUexBV/IR5e10Dtl+Gw8/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjdPVzM2bFI3RUZYOGhIbDdYUU8yWDRiRHo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9iMzk4N2EtNDUwNC00NzQ5LTlkNzMt
ZGY1NzJmZTk2NzJhLzEvaEw5WEt0M3RaamthT2ZLd1o5YWV6eVY2cmV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9iMzk4N2EtNDUwNC00NzQ5LTlkNzMtZGY1NzJmZTk2NzJh
LzEvMjdPVzM2bFI3RUZYOGhIbDdYUU8yWDRiRHo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXoPEMA0G
CSqGSIb3DQEBCwUAA4IBAQBsFjuov97kb9FV15KBp9WVPkuo6cXRorqyR6cNgVBq
X72t6bCnsh4V+3i+dER+OcktIAoBEgGCUvRlIrNWSpYduyhE53dN6RdlM2wREUY9
NyKoBTdfCFWqpOIts/6jgbgskzrMdOBQdOnMwaz2oRXzEQjW+TTQsfW2uaZ9+Ii4
K59+w9iwA+yzMLiCdrYHsIpQiyK+Ij3OdQcbV+i7LMATKL4PErjuHwkk7khuiOgz
flM9uPZ8xq3Xiadz49ynqXLo5R3fUyjOs7o6X/tBOSzBNiZy7mlF+hBodgAzqjNp
a9ZvoQSuGqgqmlfF8cVDfcFTs+oe34y192lSkuxQsTth
-----END CERTIFICATE-----
Generated at Thu Jun 6 23:20:48 2024 by rpki-client on console-ams.rpki-client.org