Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e81e9a-74d9-4ca4-9f46-8f0f4d6b8939/1/cuX5oJXfNh_qi9aYLJhfH7C8UJc.roa
File: cuX5oJXfNh_qi9aYLJhfH7C8UJc.roa (raw, json)
Hash identifier: nMRF71NFvejZMAp7zBk/kU8owAG+5hq7AEMm3PPxnXQ=
Subject key identifier: 72:E5:F9:A0:95:DF:36:1F:EA:8B:D6:98:2C:98:5F:1F:B0:BC:50:97
Certificate issuer: /CN=44946968f2f7dd950ea49b87737df1f6aebdbb53
Certificate serial: 018CC64A9286C37A49C9A27FA0B9FA5FA64F
Authority key identifier: 44:94:69:68:F2:F7:DD:95:0E:A4:9B:87:73:7D:F1:F6:AE:BD:BB:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RJRpaPL33ZUOpJuHc33x9q69u1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e81e9a-74d9-4ca4-9f46-8f0f4d6b8939/1/cuX5oJXfNh_qi9aYLJhfH7C8UJc.roa
Signing time: Mon 01 Jan 2024 18:30:25 +0000
ROA not before: Mon 01 Jan 2024 18:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201183
IP address blocks: 94.101.108.0/24 maxlen: 24
94.156.156.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Jan 2024 11:06:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:92:86:c3:7a:49:c9:a2:7f:a0:b9:fa:5f:a6:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44946968f2f7dd950ea49b87737df1f6aebdbb53
Validity
Not Before: Jan 1 18:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72e5f9a095df361fea8bd6982c985f1fb0bc5097
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:07:a2:63:29:f5:a4:36:e8:1e:8c:08:12:5f:
ab:92:fe:b4:01:a1:1f:b4:5a:4a:aa:af:b7:84:c3:
b0:3b:37:c6:b4:9f:5c:b6:2b:30:29:2d:c2:e2:db:
14:81:59:df:07:53:0e:77:c9:d9:36:5d:23:a7:79:
0d:55:60:37:20:5f:e3:1b:b0:b8:8d:d5:fc:81:8c:
b2:1c:a4:25:ca:72:6e:f1:92:88:79:71:9f:a2:17:
7d:77:ef:5c:73:35:d3:2f:ad:38:c5:e6:f7:6d:fe:
a9:89:13:d6:bc:c9:0a:68:08:0e:9e:d1:a2:4e:ee:
5f:05:33:b4:8d:3c:46:3a:77:93:47:af:0c:ca:cb:
fe:78:04:56:93:de:30:b5:42:5a:ce:d0:de:80:d7:
7c:c4:35:91:e4:22:52:c2:dd:c4:66:83:5c:4d:9d:
17:24:93:b4:c5:eb:d1:af:d9:d5:f5:bc:db:26:d5:
24:77:15:1f:db:81:a6:95:82:75:9d:23:53:77:39:
e5:4d:b3:51:77:9f:38:63:67:af:9d:69:b4:ca:35:
1b:80:5b:9a:61:98:70:b6:f9:ad:5e:4f:8c:42:df:
69:e5:bc:e4:ff:df:a8:de:e2:16:85:93:ab:c1:9b:
69:67:5c:95:b3:5e:88:62:ac:f5:cc:10:19:22:e4:
b9:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:E5:F9:A0:95:DF:36:1F:EA:8B:D6:98:2C:98:5F:1F:B0:BC:50:97
X509v3 Authority Key Identifier:
keyid:44:94:69:68:F2:F7:DD:95:0E:A4:9B:87:73:7D:F1:F6:AE:BD:BB:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RJRpaPL33ZUOpJuHc33x9q69u1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e81e9a-74d9-4ca4-9f46-8f0f4d6b8939/1/cuX5oJXfNh_qi9aYLJhfH7C8UJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e81e9a-74d9-4ca4-9f46-8f0f4d6b8939/1/RJRpaPL33ZUOpJuHc33x9q69u1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.101.108.0/24
94.156.156.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:c5:30:3f:b4:9f:3d:c4:65:97:99:52:a4:9b:47:d0:bc:2b:
46:a8:19:68:43:1a:47:c4:0e:d7:ae:f5:cb:bb:f5:43:c2:85:
74:d9:98:3a:65:6e:01:ba:2a:c4:a1:dd:4d:74:65:5f:53:8b:
42:77:f6:11:95:d3:83:11:b3:f0:ca:33:2d:9f:62:ad:bf:7c:
ce:9d:f6:b4:2b:ab:4c:15:96:59:31:0c:b0:a4:8a:33:63:23:
8f:64:0f:d4:3d:4e:94:e9:ab:25:44:dc:4f:f7:93:98:5f:ba:
81:44:98:b3:2e:b8:0d:d4:e9:cc:02:52:b0:24:5a:40:a5:ae:
a5:7d:ac:7d:4e:cf:bb:ea:e8:01:07:39:4b:70:5e:42:d6:28:
f1:ff:25:be:1a:f9:be:de:89:ff:a1:04:8f:37:dc:eb:6a:5f:
47:9f:5b:3a:3b:c1:b9:90:e9:66:f7:51:a2:62:11:5b:1f:58:
3a:5c:58:82:84:cb:da:e8:cd:ab:52:4d:c5:64:a2:38:c6:57:
37:d3:00:59:1d:03:15:f8:0a:8e:02:a6:48:32:7d:6e:ad:36:
7e:91:df:09:6c:d0:83:1f:0a:52:9c:7d:14:a4:78:53:d8:36:
4a:29:e4:fa:67:7a:6a:30:4e:b0:29:f0:e4:bc:f6:a7:dc:e7:
c8:fd:89:19
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGSpKGw3pJyaJ/oLn6X6ZPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0OTQ2OTY4ZjJmN2RkOTUwZWE0OWI4NzczN2RmMWY2YWVi
ZGJiNTMwHhcNMjQwMTAxMTgzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmU1ZjlhMDk1ZGYzNjFmZWE4YmQ2OTgyYzk4NWYxZmIwYmM1MDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgeiYyn1pDboHowIEl+rkv60AaEf
tFpKqq+3hMOwOzfGtJ9ctiswKS3C4tsUgVnfB1MOd8nZNl0jp3kNVWA3IF/jG7C4
jdX8gYyyHKQlynJu8ZKIeXGfohd9d+9cczXTL604xeb3bf6piRPWvMkKaAgOntGi
Tu5fBTO0jTxGOneTR68Mysv+eARWk94wtUJaztDegNd8xDWR5CJSwt3EZoNcTZ0X
JJO0xevRr9nV9bzbJtUkdxUf24GmlYJ1nSNTdznlTbNRd584Y2evnWm0yjUbgFua
YZhwtvmtXk+MQt9p5bzk/9+o3uIWhZOrwZtpZ1yVs16IYqz1zBAZIuS5lQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHLl+aCV3zYf6ovWmCyYXx+wvFCXMB8GA1UdIwQY
MBaAFESUaWjy992VDqSbh3N98fauvbtTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkpScGFQTDMzWlVPcEp1SGMzM3g5cTY5dTFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lODFlOWEtNzRkOS00Y2E0LTlmNDYt
OGYwZjRkNmI4OTM5LzEvY3VYNW9KWGZOaF9xaTlhWUxKaGZIN0M4VUpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lODFlOWEtNzRkOS00Y2E0LTlmNDYtOGYwZjRkNmI4OTM5
LzEvUkpScGFQTDMzWlVPcEp1SGMzM3g5cTY5dTFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXmVsAwQB
XpycMA0GCSqGSIb3DQEBCwUAA4IBAQBLxTA/tJ89xGWXmVKkm0fQvCtGqBloQxpH
xA7XrvXLu/VDwoV02Zg6ZW4BuirEod1NdGVfU4tCd/YRldODEbPwyjMtn2Ktv3zO
nfa0K6tMFZZZMQywpIozYyOPZA/UPU6U6aslRNxP95OYX7qBRJizLrgN1OnMAlKw
JFpApa6lfax9Ts+76ugBBzlLcF5C1ijx/yW+Gvm+3on/oQSPN9zral9Hn1s6O8G5
kOlm91GiYhFbH1g6XFiChMva6M2rUk3FZKI4xlc30wBZHQMV+AqOAqZIMn1urTZ+
kd8JbNCDHwpSnH0UpHhT2DZKKeT6Z3pqME6wKfDkvPan3OfI/YkZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:18 2024 by rpki-client on console-fra.rpki-client.org