Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/9b2953-13b8-4706-81c4-075578c37aca/1/kze9CQHfzyuEdnS6x6qJfxs0f6I.roa
File: kze9CQHfzyuEdnS6x6qJfxs0f6I.roa (raw, json)
Hash identifier: KqCGfxuYVOcp7TRC3mLJ/E5Sq2KuWPjHE3lj6pnJDJQ=
Subject key identifier: 93:37:BD:09:01:DF:CF:2B:84:76:74:BA:C7:AA:89:7F:1B:34:7F:A2
Certificate issuer: /CN=7b47cdc21c7cb224674c0eafdec63a203eee3108
Certificate serial: 018CC4244C091A6D7C6145A41A8DBA91BB5A
Authority key identifier: 7B:47:CD:C2:1C:7C:B2:24:67:4C:0E:AF:DE:C6:3A:20:3E:EE:31:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e0fNwhx8siRnTA6v3sY6ID7uMQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/9b2953-13b8-4706-81c4-075578c37aca/1/kze9CQHfzyuEdnS6x6qJfxs0f6I.roa
Signing time: Mon 01 Jan 2024 08:29:22 +0000
ROA not before: Mon 01 Jan 2024 08:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207421
IP address blocks: 94.231.214.0/24 maxlen: 24
2a10:b00::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:4c:09:1a:6d:7c:61:45:a4:1a:8d:ba:91:bb:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b47cdc21c7cb224674c0eafdec63a203eee3108
Validity
Not Before: Jan 1 08:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9337bd0901dfcf2b847674bac7aa897f1b347fa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:70:55:43:31:2d:99:23:db:4a:47:22:c9:1b:
68:a5:76:06:7b:ac:62:36:38:4f:5d:02:a8:b6:94:
a1:79:4c:dc:3b:6a:4c:31:5f:08:73:c7:60:17:4d:
29:3e:d3:28:6a:da:51:b9:b2:bf:fc:df:15:cf:23:
9f:28:49:bf:1d:10:3f:21:05:06:8c:d3:79:c8:56:
e2:e0:2f:81:69:56:af:cb:b1:84:d5:39:d2:89:96:
05:bd:de:3e:aa:65:d3:be:12:76:bf:eb:3c:bd:3d:
08:62:a5:21:0f:12:7e:38:b0:c1:00:5d:15:95:bb:
77:0e:7a:de:09:60:88:ad:7e:00:79:df:70:ef:6f:
8e:d9:9d:a9:b3:48:8b:7f:f6:a0:3f:ca:3f:b4:8d:
f7:3a:2f:1f:04:06:9b:58:ca:0c:f7:5b:85:4d:31:
ce:73:6f:5d:4d:ce:90:65:03:f9:0e:23:7c:3d:89:
a6:9e:f7:43:c6:5e:4b:9b:36:f4:df:c4:69:cd:a1:
ff:c7:ee:81:b2:37:0f:56:c2:7d:a6:f4:72:27:49:
5d:49:19:76:f6:10:1c:50:5e:96:70:59:98:87:65:
c9:cf:92:35:dc:38:4f:ba:b7:64:92:ce:87:d6:0a:
be:fb:e4:29:83:7b:58:b2:7d:08:63:66:9c:e0:15:
e3:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:37:BD:09:01:DF:CF:2B:84:76:74:BA:C7:AA:89:7F:1B:34:7F:A2
X509v3 Authority Key Identifier:
keyid:7B:47:CD:C2:1C:7C:B2:24:67:4C:0E:AF:DE:C6:3A:20:3E:EE:31:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0fNwhx8siRnTA6v3sY6ID7uMQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9b2953-13b8-4706-81c4-075578c37aca/1/kze9CQHfzyuEdnS6x6qJfxs0f6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9b2953-13b8-4706-81c4-075578c37aca/1/e0fNwhx8siRnTA6v3sY6ID7uMQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.231.214.0/24
IPv6:
2a10:b00::/29
Signature Algorithm: sha256WithRSAEncryption
2a:c5:c0:ec:8c:0a:3f:27:8b:b8:65:ba:0c:84:00:0c:c5:9d:
e6:cb:ba:ba:81:f9:2c:45:8b:29:8d:cd:fe:b8:92:7a:e5:56:
79:86:cc:94:9a:18:64:98:db:08:e7:aa:b5:a9:30:6b:9d:ce:
17:50:d9:55:99:fe:79:a0:8a:69:fb:ca:51:56:ec:a5:7e:71:
07:57:7a:92:52:cd:7c:e3:24:fc:2f:09:df:e1:84:e2:ce:6f:
ab:b7:06:77:25:4a:98:8a:89:55:ae:3d:6f:a1:70:3d:5d:be:
28:42:5f:db:9d:2b:a4:04:28:fe:34:3f:79:15:4f:1e:60:83:
c6:7b:cf:d4:91:1b:4a:e5:9d:61:81:41:7e:ec:80:71:ca:01:
2b:59:58:fb:76:ff:fe:58:78:ea:64:ed:a1:ca:11:11:5b:6d:
8e:4e:93:bf:1f:78:2e:34:19:b6:44:ab:0c:9c:ed:4b:34:b8:
4f:8c:3b:b9:80:c2:87:a7:00:d7:f1:c9:e7:3d:3e:6c:9f:2a:
47:f6:1c:a3:32:58:9d:c4:f7:1e:b9:3f:d6:17:e9:85:91:32:
11:f6:0e:86:0c:48:1f:83:ac:49:f9:3f:4e:ff:d2:78:35:cf:
4f:e6:5b:c9:8e:59:21:5d:bb:45:f3:e5:34:8d:9d:e3:af:34:
f0:2e:15:7f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJEwJGm18YUWkGo26kbtaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNDdjZGMyMWM3Y2IyMjQ2NzRjMGVhZmRlYzYzYTIwM2Vl
ZTMxMDgwHhcNMjQwMTAxMDgyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzM3YmQwOTAxZGZjZjJiODQ3Njc0YmFjN2FhODk3ZjFiMzQ3ZmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnBVQzEtmSPbSkciyRtopXYGe6xi
NjhPXQKotpSheUzcO2pMMV8Ic8dgF00pPtMoatpRubK//N8VzyOfKEm/HRA/IQUG
jNN5yFbi4C+BaVavy7GE1TnSiZYFvd4+qmXTvhJ2v+s8vT0IYqUhDxJ+OLDBAF0V
lbt3DnreCWCIrX4Aed9w72+O2Z2ps0iLf/agP8o/tI33Oi8fBAabWMoM91uFTTHO
c29dTc6QZQP5DiN8PYmmnvdDxl5Lmzb038RpzaH/x+6BsjcPVsJ9pvRyJ0ldSRl2
9hAcUF6WcFmYh2XJz5I13DhPurdkks6H1gq+++Qpg3tYsn0IY2ac4BXj9QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJM3vQkB388rhHZ0useqiX8bNH+iMB8GA1UdIwQY
MBaAFHtHzcIcfLIkZ0wOr97GOiA+7jEIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTBmTndoeDhzaVJuVEE2djNzWTZJRDd1TVFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi85YjI5NTMtMTNiOC00NzA2LTgxYzQt
MDc1NTc4YzM3YWNhLzEva3plOUNRSGZ6eXVFZG5TNng2cUpmeHMwZjZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi85YjI5NTMtMTNiOC00NzA2LTgxYzQtMDc1NTc4YzM3YWNh
LzEvZTBmTndoeDhzaVJuVEE2djNzWTZJRDd1TVFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAXufWMA0E
AgACMAcDBQMqEAsAMA0GCSqGSIb3DQEBCwUAA4IBAQAqxcDsjAo/J4u4ZboMhAAM
xZ3my7q6gfksRYspjc3+uJJ65VZ5hsyUmhhkmNsI56q1qTBrnc4XUNlVmf55oIpp
+8pRVuylfnEHV3qSUs184yT8Lwnf4YTizm+rtwZ3JUqYiolVrj1voXA9Xb4oQl/b
nSukBCj+ND95FU8eYIPGe8/UkRtK5Z1hgUF+7IBxygErWVj7dv/+WHjqZO2hyhER
W22OTpO/H3guNBm2RKsMnO1LNLhPjDu5gMKHpwDX8cnnPT5snypH9hyjMlidxPce
uT/WF+mFkTIR9g6GDEgfg6xJ+T9O/9J4Nc9P5lvJjlkhXbtF8+U0jZ3jrzTwLhV/
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:48 2025 by rpki-client