Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e81e9a-74d9-4ca4-9f46-8f0f4d6b8939/1/8j4GjJlV1nDhZMD6bDjUns5McUQ.roa
File: 8j4GjJlV1nDhZMD6bDjUns5McUQ.roa (raw, json)
Hash identifier: HOLcAG832xVVEcMPsszGvCN2G0GK2Ijj2do6sXB5B/U=
Subject key identifier: F2:3E:06:8C:99:55:D6:70:E1:64:C0:FA:6C:38:D4:9E:CE:4C:71:44
Certificate issuer: /CN=44946968f2f7dd950ea49b87737df1f6aebdbb53
Certificate serial: 018A3D9D715AA04D5B28E9B3B9216D549B97
Authority key identifier: 44:94:69:68:F2:F7:DD:95:0E:A4:9B:87:73:7D:F1:F6:AE:BD:BB:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RJRpaPL33ZUOpJuHc33x9q69u1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e81e9a-74d9-4ca4-9f46-8f0f4d6b8939/1/8j4GjJlV1nDhZMD6bDjUns5McUQ.roa
Signing time: Mon 28 Aug 2023 19:27:22 +0000
ROA not before: Mon 28 Aug 2023 19:27:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201183
IP address blocks: 94.101.108.0/24 maxlen: 24
94.156.156.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3d:9d:71:5a:a0:4d:5b:28:e9:b3:b9:21:6d:54:9b:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44946968f2f7dd950ea49b87737df1f6aebdbb53
Validity
Not Before: Aug 28 19:27:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f23e068c9955d670e164c0fa6c38d49ece4c7144
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:47:d9:83:69:4f:11:72:e4:41:c6:5e:97:e8:
23:00:f8:fb:8a:03:84:b0:ee:b3:0a:57:a7:53:cd:
03:70:c0:e8:7b:c4:66:c1:3b:92:3f:c9:1a:75:21:
22:60:62:e5:0a:cd:9a:6b:bf:ae:46:17:0e:69:68:
dd:c0:05:6b:f3:fe:ff:c1:57:80:39:43:df:1e:59:
28:34:93:4f:bb:fe:33:a0:68:74:b4:f8:a0:38:f9:
ca:d1:fd:ba:51:d5:4b:da:2e:c8:40:66:29:ac:c6:
da:f4:3a:3f:86:48:d2:49:c6:f5:ab:b8:66:49:16:
a1:1b:f0:e2:05:3b:c6:e5:a5:5d:61:0f:83:03:32:
03:ef:89:0d:20:77:75:20:80:3c:46:2a:38:9a:e9:
5f:b4:c3:fe:62:c4:8a:f7:44:2c:79:c7:08:77:3d:
ef:53:13:75:e4:25:16:63:08:72:39:6d:9b:e9:c6:
c7:8a:e7:38:93:77:0f:ef:ef:d7:59:c0:20:77:bb:
95:a2:0d:3e:c9:a8:a6:e8:52:c1:7f:80:1b:24:b2:
2b:0d:bd:a7:cb:bc:e2:e3:a0:73:93:32:2a:8e:f1:
70:d0:28:8f:5e:36:ba:ea:90:01:1f:5c:e0:e5:4f:
79:0d:d2:0a:73:d4:29:91:47:ee:dd:8d:55:81:50:
bb:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:3E:06:8C:99:55:D6:70:E1:64:C0:FA:6C:38:D4:9E:CE:4C:71:44
X509v3 Authority Key Identifier:
keyid:44:94:69:68:F2:F7:DD:95:0E:A4:9B:87:73:7D:F1:F6:AE:BD:BB:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RJRpaPL33ZUOpJuHc33x9q69u1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e81e9a-74d9-4ca4-9f46-8f0f4d6b8939/1/8j4GjJlV1nDhZMD6bDjUns5McUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e81e9a-74d9-4ca4-9f46-8f0f4d6b8939/1/RJRpaPL33ZUOpJuHc33x9q69u1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.101.108.0/24
94.156.156.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:f9:f9:2d:f3:90:c6:1f:7c:43:a0:24:be:c9:db:8f:4b:e5:
40:d5:ca:ac:d9:05:3a:bb:12:4e:a2:7d:55:b4:94:6b:38:17:
d6:ff:40:a7:93:27:f2:c0:ca:6b:67:91:9b:24:18:26:20:d2:
f6:ac:c6:b1:9c:59:f9:c2:0b:aa:f4:29:29:70:fc:d7:33:cb:
d2:7d:7f:f5:be:ff:c8:d7:0d:d0:ef:de:83:01:0e:28:ec:ee:
27:6e:36:e0:36:96:42:5e:f8:27:03:f5:60:a3:96:0b:4d:c1:
6f:e0:9d:14:82:22:2c:8d:f7:36:2f:38:9f:b5:c7:f8:ad:68:
53:dc:c1:63:9b:99:d6:15:7f:fc:9f:ad:50:ab:0e:f5:02:35:
89:b3:d7:35:b1:d1:d2:29:97:4a:8a:5c:47:97:5a:19:c2:41:
e0:a7:46:81:f5:ba:27:fc:51:80:cc:c0:b9:7e:f8:9a:20:58:
c6:27:c5:99:54:bc:c5:7f:9d:17:ed:62:d3:d1:5f:18:5e:ec:
7e:88:60:c6:b7:b8:1b:57:b4:6c:1d:42:c3:46:8d:79:0a:32:
28:bc:5f:0a:52:21:42:cd:44:e2:ac:c5:46:b7:bd:24:be:e4:
cd:fe:b3:1c:1e:2e:f0:14:b6:07:ef:4c:5a:14:45:ec:a2:04:
8b:c9:b9:57
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYo9nXFaoE1bKOmzuSFtVJuXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0OTQ2OTY4ZjJmN2RkOTUwZWE0OWI4NzczN2RmMWY2YWVi
ZGJiNTMwHhcNMjMwODI4MTkyNzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjNlMDY4Yzk5NTVkNjcwZTE2NGMwZmE2YzM4ZDQ5ZWNlNGM3MTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0fZg2lPEXLkQcZel+gjAPj7igOE
sO6zClenU80DcMDoe8RmwTuSP8kadSEiYGLlCs2aa7+uRhcOaWjdwAVr8/7/wVeA
OUPfHlkoNJNPu/4zoGh0tPigOPnK0f26UdVL2i7IQGYprMba9Do/hkjSScb1q7hm
SRahG/DiBTvG5aVdYQ+DAzID74kNIHd1IIA8Rio4mulftMP+YsSK90QseccIdz3v
UxN15CUWYwhyOW2b6cbHiuc4k3cP7+/XWcAgd7uVog0+yaim6FLBf4AbJLIrDb2n
y7zi46BzkzIqjvFw0CiPXja66pABH1zg5U95DdIKc9QpkUfu3Y1VgVC7tQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPI+BoyZVdZw4WTA+mw41J7OTHFEMB8GA1UdIwQY
MBaAFESUaWjy992VDqSbh3N98fauvbtTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkpScGFQTDMzWlVPcEp1SGMzM3g5cTY5dTFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lODFlOWEtNzRkOS00Y2E0LTlmNDYt
OGYwZjRkNmI4OTM5LzEvOGo0R2pKbFYxbkRoWk1ENmJEalVuczVNY1VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lODFlOWEtNzRkOS00Y2E0LTlmNDYtOGYwZjRkNmI4OTM5
LzEvUkpScGFQTDMzWlVPcEp1SGMzM3g5cTY5dTFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXmVsAwQB
XpycMA0GCSqGSIb3DQEBCwUAA4IBAQA6+fkt85DGH3xDoCS+yduPS+VA1cqs2QU6
uxJOon1VtJRrOBfW/0CnkyfywMprZ5GbJBgmINL2rMaxnFn5wguq9CkpcPzXM8vS
fX/1vv/I1w3Q796DAQ4o7O4nbjbgNpZCXvgnA/Vgo5YLTcFv4J0UgiIsjfc2Lzif
tcf4rWhT3MFjm5nWFX/8n61Qqw71AjWJs9c1sdHSKZdKilxHl1oZwkHgp0aB9bon
/FGAzMC5fviaIFjGJ8WZVLzFf50X7WLT0V8YXux+iGDGt7gbV7RsHULDRo15CjIo
vF8KUiFCzUTirMVGt70kvuTN/rMcHi7wFLYH70xaFEXsogSLyblX
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:28:40 2024 by rpki-client on console-fra.rpki-client.org