Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/1776cb-1c78-4dcc-b43b-36d7b4f84e5c/1/iuQdgx4-51ldfhhaHNRcUVaj7es.roa
File: iuQdgx4-51ldfhhaHNRcUVaj7es.roa (raw, json)
Hash identifier: v7GxeRFK7mUCSb9Gfnq+YXDpBwYHcRqSvsRDL+U9nAg=
Subject key identifier: 8A:E4:1D:83:1E:3E:E7:59:5D:7E:18:5A:1C:D4:5C:51:56:A3:ED:EB
Certificate issuer: /CN=7cfc92b0a75b89ad2e3c57f7cba0e478684219ce
Certificate serial: 01856FF05347808255CF8834B18BCCF6EF38
Authority key identifier: 7C:FC:92:B0:A7:5B:89:AD:2E:3C:57:F7:CB:A0:E4:78:68:42:19:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fPySsKdbia0uPFf3y6DkeGhCGc4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/1776cb-1c78-4dcc-b43b-36d7b4f84e5c/1/iuQdgx4-51ldfhhaHNRcUVaj7es.roa
Signing time: Mon 02 Jan 2023 00:44:59 +0000
ROA not before: Mon 02 Jan 2023 00:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62178
IP address blocks: 94.229.85.0/24 maxlen: 24
94.229.81.0/24 maxlen: 24
94.229.82.0/24 maxlen: 24
94.229.83.0/24 maxlen: 24
94.229.84.0/24 maxlen: 24
94.229.80.0/24 maxlen: 24
94.229.88.0/24 maxlen: 24
94.229.89.0/24 maxlen: 24
94.229.90.0/24 maxlen: 24
94.229.86.0/24 maxlen: 24
94.229.87.0/24 maxlen: 24
94.229.91.0/24 maxlen: 24
94.229.95.0/24 maxlen: 24
94.229.92.0/24 maxlen: 24
94.229.93.0/24 maxlen: 24
94.229.94.0/24 maxlen: 24
2a05:2c0::/34 maxlen: 34
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:30:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:53:47:80:82:55:cf:88:34:b1:8b:cc:f6:ef:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7cfc92b0a75b89ad2e3c57f7cba0e478684219ce
Validity
Not Before: Jan 2 00:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ae41d831e3ee7595d7e185a1cd45c5156a3edeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a0:46:b3:7c:60:d8:cb:b8:fd:a8:6d:4f:c2:
9d:1d:0d:4d:28:d7:fa:1e:2f:a2:0c:cb:87:53:3c:
e4:10:6e:74:ed:61:9a:61:9d:d3:c8:42:da:8a:fc:
4b:cd:cd:eb:1c:77:96:ad:23:e0:b3:92:4d:56:d7:
ff:b8:c6:85:5c:0f:bc:20:27:19:74:df:54:ce:6f:
de:69:3a:f8:2c:88:20:7c:46:fa:19:af:a5:4e:e1:
c1:ee:53:97:c4:1d:46:31:4a:ab:a3:9f:1a:06:41:
82:54:10:53:12:84:84:f8:97:59:52:cc:99:86:1f:
26:29:2c:c4:97:9b:53:25:77:5b:15:98:b8:57:d2:
d3:0e:dd:82:f7:be:76:3f:b4:ae:f2:ca:aa:71:86:
4e:e2:4e:fc:16:b9:4e:0f:fa:5b:bc:c4:f4:97:ed:
89:8d:59:f7:40:d4:d7:25:be:04:68:26:85:1c:6e:
a6:18:92:ca:5e:9a:a4:ea:59:8a:cd:e6:a6:61:d9:
15:c3:3d:e9:8a:d1:39:c0:ba:0c:c5:fe:c6:ed:e4:
2c:df:30:07:d1:eb:bc:b2:ff:62:12:31:d2:10:05:
c1:75:09:92:7c:bd:e4:ba:28:56:01:b0:7d:a0:60:
dd:a0:16:82:46:5f:26:3c:22:c3:d3:4d:18:34:6e:
b8:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:E4:1D:83:1E:3E:E7:59:5D:7E:18:5A:1C:D4:5C:51:56:A3:ED:EB
X509v3 Authority Key Identifier:
keyid:7C:FC:92:B0:A7:5B:89:AD:2E:3C:57:F7:CB:A0:E4:78:68:42:19:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fPySsKdbia0uPFf3y6DkeGhCGc4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/1776cb-1c78-4dcc-b43b-36d7b4f84e5c/1/iuQdgx4-51ldfhhaHNRcUVaj7es.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/1776cb-1c78-4dcc-b43b-36d7b4f84e5c/1/fPySsKdbia0uPFf3y6DkeGhCGc4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.229.80.0/20
IPv6:
2a05:2c0::/34
Signature Algorithm: sha256WithRSAEncryption
42:b3:48:25:6f:c8:70:8b:69:98:ee:da:e2:e9:bd:ba:ee:2c:
dd:33:26:cb:3f:30:f8:65:c8:dc:71:59:d0:5b:50:f2:64:9c:
6f:5b:9a:aa:6e:66:43:46:ee:ee:50:fb:cf:6b:3d:6f:72:6c:
e3:d6:96:78:d4:13:32:db:05:e4:5c:88:66:83:40:b6:8a:9c:
3b:ee:12:84:fe:f0:a3:8c:fb:47:e4:50:a9:73:5d:79:7a:fd:
2d:43:b4:88:8f:d6:8c:8d:80:f1:4f:c7:73:32:b8:49:32:a2:
a4:2f:41:28:5f:eb:70:c3:3e:6e:79:5b:57:15:68:79:43:ea:
29:70:e0:5f:9f:e6:8b:f5:5c:eb:0e:83:87:b9:66:3a:ca:2f:
1f:6c:cf:ad:41:e3:02:ab:34:02:37:d3:3d:7c:89:1c:22:33:
43:ce:34:c0:72:c7:e5:ce:10:77:41:bb:6f:38:81:d7:c3:40:
9d:99:66:4c:53:73:48:7e:5a:48:07:b1:49:9d:39:f9:2f:05:
f5:e1:14:bb:11:a3:09:fa:c3:3d:df:c7:61:82:8e:58:c9:32:
29:1b:d8:e2:36:25:51:99:fd:fc:aa:37:f7:ea:0c:ed:ba:c0:
18:7a:7e:fd:1e:fa:02:57:45:5b:68:60:04:a3:fb:35:f5:f1:
31:a3:b5:81
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVv8FNHgIJVz4g0sYvM9u84MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjZmM5MmIwYTc1Yjg5YWQyZTNjNTdmN2NiYTBlNDc4Njg0
MjE5Y2UwHhcNMjMwMTAyMDA0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWU0MWQ4MzFlM2VlNzU5NWQ3ZTE4NWExY2Q0NWM1MTU2YTNlZGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6BGs3xg2Mu4/ahtT8KdHQ1NKNf6
Hi+iDMuHUzzkEG507WGaYZ3TyELaivxLzc3rHHeWrSPgs5JNVtf/uMaFXA+8ICcZ
dN9Uzm/eaTr4LIggfEb6Ga+lTuHB7lOXxB1GMUqro58aBkGCVBBTEoSE+JdZUsyZ
hh8mKSzEl5tTJXdbFZi4V9LTDt2C9752P7Su8sqqcYZO4k78FrlOD/pbvMT0l+2J
jVn3QNTXJb4EaCaFHG6mGJLKXpqk6lmKzeamYdkVwz3pitE5wLoMxf7G7eQs3zAH
0eu8sv9iEjHSEAXBdQmSfL3kuihWAbB9oGDdoBaCRl8mPCLD000YNG645wIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFIrkHYMePudZXX4YWhzUXFFWo+3rMB8GA1UdIwQY
MBaAFHz8krCnW4mtLjxX98ug5HhoQhnOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlB5U3NLZGJpYTB1UEZmM3k2RGtlR2hDR2M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8xNzc2Y2ItMWM3OC00ZGNjLWI0M2It
MzZkN2I0Zjg0ZTVjLzEvaXVRZGd4NC01MWxkZmhoYUhOUmNVVmFqN2VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8xNzc2Y2ItMWM3OC00ZGNjLWI0M2ItMzZkN2I0Zjg0ZTVj
LzEvZlB5U3NLZGJpYTB1UEZmM3k2RGtlR2hDR2M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQEXuVQMA4E
AgACMAgDBgYqBQLAADANBgkqhkiG9w0BAQsFAAOCAQEAQrNIJW/IcItpmO7a4um9
uu4s3TMmyz8w+GXI3HFZ0FtQ8mScb1uaqm5mQ0bu7lD7z2s9b3Js49aWeNQTMtsF
5FyIZoNAtoqcO+4ShP7wo4z7R+RQqXNdeXr9LUO0iI/WjI2A8U/HczK4STKipC9B
KF/rcMM+bnlbVxVoeUPqKXDgX5/mi/Vc6w6Dh7lmOsovH2zPrUHjAqs0AjfTPXyJ
HCIzQ840wHLH5c4Qd0G7bziB18NAnZlmTFNzSH5aSAexSZ05+S8F9eEUuxGjCfrD
Pd/HYYKOWMkyKRvY4jYlUZn9/Ko39+oM7brAGHp+/R76AldFW2hgBKP7NfXxMaO1
gQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:04 2024 by rpki-client on console-ams.rpki-client.org