Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/312132-2e2c-4a57-a8ac-578f02e78066/1/dLlm1p_mtooPfV5W3Cw_1QUKuEk.roa
File: dLlm1p_mtooPfV5W3Cw_1QUKuEk.roa (raw, json)
Hash identifier: 8vCMyHxNqts6vFyTkgqH6qHxMwpfErBjeohXyBdeAKU=
Subject key identifier: 74:B9:66:D6:9F:E6:B6:8A:0F:7D:5E:56:DC:2C:3F:D5:05:0A:B8:49
Certificate issuer: /CN=c207e10cbc5d249bf4d8eeb2549ec4cf843ef0ee
Certificate serial: 018B9473371DC1C62C6CB305F4DAF1C86BED
Authority key identifier: C2:07:E1:0C:BC:5D:24:9B:F4:D8:EE:B2:54:9E:C4:CF:84:3E:F0:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wgfhDLxdJJv02O6yVJ7Ez4Q-8O4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/312132-2e2c-4a57-a8ac-578f02e78066/1/dLlm1p_mtooPfV5W3Cw_1QUKuEk.roa
Signing time: Fri 03 Nov 2023 09:11:00 +0000
ROA not before: Fri 03 Nov 2023 09:11:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211914
IP address blocks: 94.158.209.0/24 maxlen: 24
94.158.210.0/24 maxlen: 24
94.158.211.0/24 maxlen: 24
94.158.208.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:94:73:37:1d:c1:c6:2c:6c:b3:05:f4:da:f1:c8:6b:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c207e10cbc5d249bf4d8eeb2549ec4cf843ef0ee
Validity
Not Before: Nov 3 09:11:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74b966d69fe6b68a0f7d5e56dc2c3fd5050ab849
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:44:da:fd:6e:13:78:60:af:7d:95:0e:d5:a4:
33:73:03:ba:ea:44:0a:4b:32:ee:83:35:7c:cb:54:
24:db:ff:94:64:3d:10:65:c4:12:f0:54:c2:e0:98:
c7:e9:1d:27:bb:0c:8e:ae:bc:6a:3c:f1:d9:e7:cf:
ef:4a:a3:c9:35:8f:71:b6:53:81:17:2e:aa:58:4c:
aa:44:ce:c8:9d:40:07:ff:3f:97:48:93:b3:20:36:
fb:f8:19:1c:1a:e6:fe:29:39:09:9a:6a:22:3b:3f:
0a:c0:72:eb:20:5d:2e:a0:b3:a7:38:81:7c:f0:43:
50:05:9a:ac:5e:b2:ab:3f:5c:83:ed:fa:f0:10:45:
cc:bf:16:aa:be:df:6b:9d:3a:11:42:70:43:56:c1:
4c:a9:62:23:30:97:14:71:6b:fd:67:4c:08:da:21:
f5:7e:e0:1f:71:79:b6:6f:6d:0a:ae:25:1b:94:ab:
97:07:8d:c8:e4:ef:52:b9:dd:a1:24:f6:cf:3f:63:
7b:a0:aa:66:19:82:f0:70:8b:83:8e:ce:9b:8f:ff:
e4:e9:25:c1:cb:1d:e0:b4:30:ca:9b:00:e7:9d:f9:
a1:6f:c8:78:32:c3:52:b2:eb:63:61:e3:ee:97:14:
87:cc:48:9a:71:11:b4:9b:bf:80:75:45:5c:c2:bf:
a4:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:B9:66:D6:9F:E6:B6:8A:0F:7D:5E:56:DC:2C:3F:D5:05:0A:B8:49
X509v3 Authority Key Identifier:
keyid:C2:07:E1:0C:BC:5D:24:9B:F4:D8:EE:B2:54:9E:C4:CF:84:3E:F0:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wgfhDLxdJJv02O6yVJ7Ez4Q-8O4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/312132-2e2c-4a57-a8ac-578f02e78066/1/dLlm1p_mtooPfV5W3Cw_1QUKuEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/312132-2e2c-4a57-a8ac-578f02e78066/1/wgfhDLxdJJv02O6yVJ7Ez4Q-8O4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.158.208.0/21
Signature Algorithm: sha256WithRSAEncryption
8d:e1:da:39:58:be:35:ee:45:6e:02:50:89:a6:38:41:52:42:
e4:52:c1:1e:ff:a1:10:49:de:65:dc:37:c4:ef:7f:b4:67:b6:
54:b5:ab:22:dd:7b:bb:d6:b1:16:92:df:9e:26:2e:1d:f1:94:
57:ba:bf:5b:61:53:ae:cc:8e:3a:1c:4b:fe:92:b1:cc:97:e1:
4c:3b:54:2e:5f:f9:36:c0:21:e5:a0:28:21:ff:50:d9:7c:04:
e9:24:06:ae:82:b9:61:55:a0:99:99:b6:2d:fd:46:eb:e2:81:
89:47:98:aa:08:73:fd:a3:65:1c:a3:45:4a:68:1e:7b:0f:89:
96:67:9b:d3:30:e4:6b:1c:65:40:24:8c:6b:24:9a:f8:fc:ac:
42:9e:fa:ca:75:6a:bb:d9:b2:c1:e6:a1:5e:7d:37:56:92:38:
b1:b2:29:17:09:b9:34:ea:51:03:5f:7c:41:1b:21:10:eb:60:
e6:c2:b3:80:0d:ab:63:0a:3e:82:17:bf:db:c8:85:f8:99:ac:
13:f8:22:b9:c8:9f:de:1a:3b:9c:d0:3b:2c:d7:f2:d3:61:7a:
dd:4e:7a:e4:40:40:3c:4a:0b:0d:f7:d5:ae:18:ac:ce:9e:58:
95:d8:57:26:5b:f3:ab:c8:7a:72:ec:50:9d:71:49:72:6a:e9:
78:2f:cf:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuUczcdwcYsbLMF9NrxyGvtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMDdlMTBjYmM1ZDI0OWJmNGQ4ZWViMjU0OWVjNGNmODQz
ZWYwZWUwHhcNMjMxMTAzMDkxMTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGI5NjZkNjlmZTZiNjhhMGY3ZDVlNTZkYzJjM2ZkNTA1MGFiODQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUTa/W4TeGCvfZUO1aQzcwO66kQK
SzLugzV8y1Qk2/+UZD0QZcQS8FTC4JjH6R0nuwyOrrxqPPHZ58/vSqPJNY9xtlOB
Fy6qWEyqRM7InUAH/z+XSJOzIDb7+BkcGub+KTkJmmoiOz8KwHLrIF0uoLOnOIF8
8ENQBZqsXrKrP1yD7frwEEXMvxaqvt9rnToRQnBDVsFMqWIjMJcUcWv9Z0wI2iH1
fuAfcXm2b20KriUblKuXB43I5O9Sud2hJPbPP2N7oKpmGYLwcIuDjs6bj//k6SXB
yx3gtDDKmwDnnfmhb8h4MsNSsutjYePulxSHzEiacRG0m7+AdUVcwr+k4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHS5Ztaf5raKD31eVtwsP9UFCrhJMB8GA1UdIwQY
MBaAFMIH4Qy8XSSb9NjuslSexM+EPvDuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2dmaERMeGRKSnYwMk82eVZKN0V6NFEtOE80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8zMTIxMzItMmUyYy00YTU3LWE4YWMt
NTc4ZjAyZTc4MDY2LzEvZExsbTFwX210b29QZlY1VzNDd18xUVVLdUVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8zMTIxMzItMmUyYy00YTU3LWE4YWMtNTc4ZjAyZTc4MDY2
LzEvd2dmaERMeGRKSnYwMk82eVZKN0V6NFEtOE80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDXp7QMA0G
CSqGSIb3DQEBCwUAA4IBAQCN4do5WL417kVuAlCJpjhBUkLkUsEe/6EQSd5l3DfE
73+0Z7ZUtasi3Xu71rEWkt+eJi4d8ZRXur9bYVOuzI46HEv+krHMl+FMO1QuX/k2
wCHloCgh/1DZfATpJAaugrlhVaCZmbYt/Ubr4oGJR5iqCHP9o2Uco0VKaB57D4mW
Z5vTMORrHGVAJIxrJJr4/KxCnvrKdWq72bLB5qFefTdWkjixsikXCbk06lEDX3xB
GyEQ62DmwrOADatjCj6CF7/byIX4mawT+CK5yJ/eGjuc0Dss1/LTYXrdTnrkQEA8
SgsN99WuGKzOnliV2FcmW/OryHpy7FCdcUlyaul4L88/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:24 2024 by rpki-client on console-ams.rpki-client.org