Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e81e9a-74d9-4ca4-9f46-8f0f4d6b8939/1/jR5HXNgT1pMJx2ufQKWRFk6CHJ4.roa
File: jR5HXNgT1pMJx2ufQKWRFk6CHJ4.roa (raw, json)
Hash identifier: 84p6ULxYOeBm2y3eBGR1fs1dfKEgUPx4Vx3cStFRRHE=
Subject key identifier: 8D:1E:47:5C:D8:13:D6:93:09:C7:6B:9F:40:A5:91:16:4E:82:1C:9E
Certificate issuer: /CN=44946968f2f7dd950ea49b87737df1f6aebdbb53
Certificate serial: 018F0BCFA53E62C55D64DDAD2CEE3716DF37
Authority key identifier: 44:94:69:68:F2:F7:DD:95:0E:A4:9B:87:73:7D:F1:F6:AE:BD:BB:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RJRpaPL33ZUOpJuHc33x9q69u1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e81e9a-74d9-4ca4-9f46-8f0f4d6b8939/1/jR5HXNgT1pMJx2ufQKWRFk6CHJ4.roa
Signing time: Tue 23 Apr 2024 16:35:08 +0000
ROA not before: Tue 23 Apr 2024 16:35:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201183
IP address blocks: 94.101.108.0/24 maxlen: 24
94.156.72.0/23 maxlen: 24
94.156.156.0/23 maxlen: 24
94.156.160.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Aug 2024 15:12:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0b:cf:a5:3e:62:c5:5d:64:dd:ad:2c:ee:37:16:df:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44946968f2f7dd950ea49b87737df1f6aebdbb53
Validity
Not Before: Apr 23 16:35:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8d1e475cd813d69309c76b9f40a591164e821c9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:81:d9:eb:4f:a8:72:64:99:29:a1:69:04:3d:
48:7b:ec:10:bd:98:d5:34:9f:e3:36:45:1b:01:71:
31:7b:47:ba:d6:78:6e:a1:f3:cb:84:9f:dd:2e:35:
41:9f:28:3b:63:e0:45:cd:25:43:dd:fb:13:bf:da:
1b:1f:66:fa:15:5b:26:89:2f:93:6e:3c:31:4f:38:
62:7a:d7:a7:43:c0:bc:36:e5:20:ea:61:5d:fc:d3:
18:c2:66:83:6b:52:4e:64:4e:c8:1a:cb:5c:6d:f7:
1f:62:65:a5:85:c1:b9:30:4e:a6:bf:36:73:2e:d4:
23:a6:46:d4:9a:a5:02:de:a0:03:9f:51:3d:2a:57:
f5:9e:53:10:c1:98:a0:63:6d:e8:4e:ae:c5:e1:ac:
f4:03:86:8f:b2:1c:08:95:7f:b6:7d:92:ee:8d:10:
f0:f5:25:1f:64:95:e5:25:f2:bf:ef:6b:56:da:ab:
36:17:2e:b3:bc:3f:19:f3:7b:11:45:96:34:ea:ed:
cf:6e:a0:1e:43:5b:bc:7e:44:c3:fb:58:b3:c0:b4:
2a:ee:e4:9a:91:0c:1a:33:0b:d0:08:54:b8:a5:6f:
fd:1d:5f:0f:83:eb:6d:98:b4:c5:cd:af:51:e4:66:
5c:3d:57:db:3e:95:04:a7:f0:ff:26:04:ed:f7:20:
d5:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:1E:47:5C:D8:13:D6:93:09:C7:6B:9F:40:A5:91:16:4E:82:1C:9E
X509v3 Authority Key Identifier:
keyid:44:94:69:68:F2:F7:DD:95:0E:A4:9B:87:73:7D:F1:F6:AE:BD:BB:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RJRpaPL33ZUOpJuHc33x9q69u1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e81e9a-74d9-4ca4-9f46-8f0f4d6b8939/1/jR5HXNgT1pMJx2ufQKWRFk6CHJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e81e9a-74d9-4ca4-9f46-8f0f4d6b8939/1/RJRpaPL33ZUOpJuHc33x9q69u1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.101.108.0/24
94.156.72.0/23
94.156.156.0/23
94.156.160.0/23
Signature Algorithm: sha256WithRSAEncryption
c5:6e:76:d5:19:62:bf:2b:a1:f6:31:31:9d:7c:20:25:fb:cf:
d0:cc:a5:98:d7:cd:c8:15:9e:7f:a5:ab:79:35:fe:03:5b:5e:
4d:43:6e:75:f2:3e:c2:b5:00:b1:8c:18:61:a9:29:4e:c1:38:
04:cb:e5:18:01:e6:23:5c:24:93:05:94:d4:f1:cc:e1:74:b2:
bf:2c:5d:8e:f8:50:2c:e5:87:2a:56:0d:9b:58:a9:f4:c5:eb:
88:7b:76:f5:de:01:63:ca:d3:9f:79:44:74:27:93:cf:7f:da:
ab:d7:33:f0:fb:d7:6e:ce:e6:47:f2:19:ea:d7:80:c5:47:32:
94:ca:51:84:9f:7c:62:0f:8b:f8:28:de:20:df:d3:37:9d:34:
6a:4c:c4:70:6b:db:fe:a4:db:d4:28:54:d2:46:73:31:e8:ba:
dc:be:bc:c8:97:15:7a:86:11:c7:38:53:c1:dd:a8:ff:e2:d9:
a1:5d:bf:ed:95:c0:c4:53:f2:e0:e2:f9:04:5f:01:93:a7:a9:
de:2c:22:5a:49:23:d2:8b:e5:7c:11:9d:cc:53:32:6c:cb:c2:
c6:d0:cc:cd:dd:46:79:91:eb:95:24:9f:87:b6:8d:53:ef:89:
26:67:35:44:a0:a6:10:23:42:5c:a3:76:bc:2d:cd:f9:c3:80:
5f:6e:34:34
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY8Lz6U+YsVdZN2tLO43Ft83MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0OTQ2OTY4ZjJmN2RkOTUwZWE0OWI4NzczN2RmMWY2YWVi
ZGJiNTMwHhcNMjQwNDIzMTYzNTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDFlNDc1Y2Q4MTNkNjkzMDljNzZiOWY0MGE1OTExNjRlODIxYzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIHZ60+ocmSZKaFpBD1Ie+wQvZjV
NJ/jNkUbAXExe0e61nhuofPLhJ/dLjVBnyg7Y+BFzSVD3fsTv9obH2b6FVsmiS+T
bjwxTzhietenQ8C8NuUg6mFd/NMYwmaDa1JOZE7IGstcbfcfYmWlhcG5ME6mvzZz
LtQjpkbUmqUC3qADn1E9Klf1nlMQwZigY23oTq7F4az0A4aPshwIlX+2fZLujRDw
9SUfZJXlJfK/72tW2qs2Fy6zvD8Z83sRRZY06u3PbqAeQ1u8fkTD+1izwLQq7uSa
kQwaMwvQCFS4pW/9HV8Pg+ttmLTFza9R5GZcPVfbPpUEp/D/JgTt9yDVvwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFI0eR1zYE9aTCcdrn0ClkRZOghyeMB8GA1UdIwQY
MBaAFESUaWjy992VDqSbh3N98fauvbtTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkpScGFQTDMzWlVPcEp1SGMzM3g5cTY5dTFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lODFlOWEtNzRkOS00Y2E0LTlmNDYt
OGYwZjRkNmI4OTM5LzEvalI1SFhOZ1QxcE1KeDJ1ZlFLV1JGazZDSEo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lODFlOWEtNzRkOS00Y2E0LTlmNDYtOGYwZjRkNmI4OTM5
LzEvUkpScGFQTDMzWlVPcEp1SGMzM3g5cTY5dTFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXmVsAwQB
XpxIAwQBXpycAwQBXpygMA0GCSqGSIb3DQEBCwUAA4IBAQDFbnbVGWK/K6H2MTGd
fCAl+8/QzKWY183IFZ5/pat5Nf4DW15NQ2518j7CtQCxjBhhqSlOwTgEy+UYAeYj
XCSTBZTU8czhdLK/LF2O+FAs5YcqVg2bWKn0xeuIe3b13gFjytOfeUR0J5PPf9qr
1zPw+9duzuZH8hnq14DFRzKUylGEn3xiD4v4KN4g39M3nTRqTMRwa9v+pNvUKFTS
RnMx6LrcvrzIlxV6hhHHOFPB3aj/4tmhXb/tlcDEU/Lg4vkEXwGTp6neLCJaSSPS
i+V8EZ3MUzJsy8LG0MzN3UZ5keuVJJ+Hto1T74kmZzVEoKYQI0Jco3a8Lc35w4Bf
bjQ0
-----END CERTIFICATE-----
Generated at Tue Aug 20 19:58:12 2024 by rpki-client on console-fra.rpki-client.org