Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/d42Y6rppfbuDmGNKUF0TFs05t_c.roa
File: d42Y6rppfbuDmGNKUF0TFs05t_c.roa (raw, json)
Hash identifier: tBL9ZK0cwC2aCDQ70u5qMNa5dIJ7eydaLkONifQzcC4=
Subject key identifier: 77:8D:98:EA:BA:69:7D:BB:83:98:63:4A:50:5D:13:16:CD:39:B7:F7
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01941BEC506082B1D305BA8B5AF0BEF4B8AA
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/d42Y6rppfbuDmGNKUF0TFs05t_c.roa
Signing time: Tue 31 Dec 2024 08:54:19 +0000
ROA not before: Tue 31 Dec 2024 08:54:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214943
IP address blocks: 94.156.177.0/24 maxlen: 24
94.156.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:50:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1b:ec:50:60:82:b1:d3:05:ba:8b:5a:f0:be:f4:b8:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 31 08:54:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=778d98eaba697dbb8398634a505d1316cd39b7f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:aa:d2:8d:d2:c1:61:8c:02:ba:2a:2b:6b:13:
e4:eb:c3:fa:45:9f:f5:24:86:4b:cd:7a:0e:8f:40:
12:fd:64:5e:db:9f:88:4c:92:a1:64:bd:a4:65:c9:
2e:ad:da:2a:4a:c6:2f:a5:fc:c3:1e:c4:7e:9e:84:
37:6e:61:48:c8:e6:a6:29:ad:e9:e3:aa:98:ed:bd:
4a:1a:f7:6f:b7:7e:8c:c7:b5:da:78:6c:4b:67:08:
a6:69:b0:f2:2a:f4:c7:42:88:2e:bd:94:f1:2d:6f:
d4:7c:2c:39:32:cc:47:09:3e:46:3a:a6:16:24:d9:
c6:dc:0e:be:00:b7:43:78:1a:8d:f0:30:44:aa:92:
f8:ab:3b:d0:84:b5:e9:3f:be:eb:a0:4a:ae:3e:64:
24:18:33:4e:83:d6:62:83:28:14:cb:64:5a:07:05:
d2:c6:20:4b:32:63:cd:be:65:d5:c0:eb:39:87:d8:
e4:46:b5:82:4d:7c:71:2b:10:cb:15:7d:cf:b3:44:
5e:00:2b:91:44:d5:37:7b:ae:4d:24:90:77:a2:11:
fb:8b:6c:97:e0:ed:d8:5c:ee:49:ed:96:ff:f5:23:
a8:2e:74:a4:63:3b:02:31:83:4c:9c:3b:1c:7f:ed:
1d:4a:c4:6b:b0:d3:63:bf:b8:20:c4:c7:0b:38:a6:
3b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:8D:98:EA:BA:69:7D:BB:83:98:63:4A:50:5D:13:16:CD:39:B7:F7
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/d42Y6rppfbuDmGNKUF0TFs05t_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.156.177.0/24
94.156.227.0/24
Signature Algorithm: sha256WithRSAEncryption
87:61:ed:f4:78:00:55:8b:a4:7b:5f:f0:b6:66:b1:3a:30:fd:
f1:c3:ba:09:07:6c:51:0e:ab:d9:28:b2:a3:29:41:dd:00:27:
bd:af:cf:c1:90:b1:b7:3e:79:2b:86:ee:d5:cc:2a:08:8b:17:
0c:a1:6b:29:97:09:3e:a4:7f:56:a2:92:99:f5:ce:08:81:f3:
d1:26:6a:7f:5b:18:f5:01:72:17:4b:86:b5:d1:b5:57:3a:f1:
85:8a:48:00:dd:6f:ee:39:81:95:36:ff:66:a3:98:7e:ac:0d:
65:ec:27:d0:c2:fb:f6:6e:34:ce:b0:5d:54:ba:bd:bc:fd:8a:
ad:1c:a5:33:49:27:0b:93:fe:17:a8:26:c0:df:66:71:96:ed:
1d:c4:bd:25:e0:13:b0:ec:8e:fa:43:56:f8:4e:c5:1d:72:aa:
cb:38:d7:66:81:34:24:c4:57:a4:f1:21:18:0a:24:62:6d:52:
1f:07:ed:4f:1a:bc:67:c3:21:dc:45:2d:cf:ee:3f:a5:35:38:
ce:21:56:28:56:5b:3a:d6:85:7d:cc:97:73:e1:9e:98:e2:db:
25:d8:cf:e0:7d:fe:a9:d3:99:6e:c6:c8:52:c6:24:af:3a:3f:
fe:0d:03:6f:7b:f7:dd:4b:06:a5:f6:2d:71:25:81:c6:c7:35:
04:7a:85:12
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQb7FBggrHTBbqLWvC+9LiqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMjMxMDg1NDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzhkOThlYWJhNjk3ZGJiODM5ODYzNGE1MDVkMTMxNmNkMzliN2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiarSjdLBYYwCuioraxPk68P6RZ/1
JIZLzXoOj0AS/WRe25+ITJKhZL2kZckurdoqSsYvpfzDHsR+noQ3bmFIyOamKa3p
46qY7b1KGvdvt36Mx7XaeGxLZwimabDyKvTHQoguvZTxLW/UfCw5MsxHCT5GOqYW
JNnG3A6+ALdDeBqN8DBEqpL4qzvQhLXpP77roEquPmQkGDNOg9ZigygUy2RaBwXS
xiBLMmPNvmXVwOs5h9jkRrWCTXxxKxDLFX3Ps0ReACuRRNU3e65NJJB3ohH7i2yX
4O3YXO5J7Zb/9SOoLnSkYzsCMYNMnDscf+0dSsRrsNNjv7ggxMcLOKY7UwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHeNmOq6aX27g5hjSlBdExbNObf3MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZDQyWTZycHBmYnVEbUdOS1VGMFRGczA1dF9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXpyxAwQA
XpzjMA0GCSqGSIb3DQEBCwUAA4IBAQCHYe30eABVi6R7X/C2ZrE6MP3xw7oJB2xR
DqvZKLKjKUHdACe9r8/BkLG3Pnkrhu7VzCoIixcMoWsplwk+pH9WopKZ9c4IgfPR
Jmp/Wxj1AXIXS4a10bVXOvGFikgA3W/uOYGVNv9mo5h+rA1l7CfQwvv2bjTOsF1U
ur28/YqtHKUzSScLk/4XqCbA32Zxlu0dxL0l4BOw7I76Q1b4TsUdcqrLONdmgTQk
xFek8SEYCiRibVIfB+1PGrxnwyHcRS3P7j+lNTjOIVYoVls61oV9zJdz4Z6Y4tsl
2M/gff6p05luxshSxiSvOj/+DQNve/fdSwal9i1xJYHGxzUEeoUS
-----END CERTIFICATE-----
Generated at Mon Apr 28 04:00:03 2025 by rpki-client