Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/1a72a7-277d-44f5-87de-70b2ebd51438/1/D9H_WmWxkoK0vLUuLRYfy64p8U0.roa
File: D9H_WmWxkoK0vLUuLRYfy64p8U0.roa (raw, json)
Hash identifier: jhcGYBrqG4QusHPSeOPWI10IawnYVFM74lZ7PLojaV4=
Subject key identifier: 0F:D1:FF:5A:65:B1:92:82:B4:BC:B5:2E:2D:16:1F:CB:AE:29:F1:4D
Certificate issuer: /CN=df895a3ee2211b6ee2df7202f09a426680d66269
Certificate serial: 01941C67E7D326B2D49C741C43E176F61DA4
Authority key identifier: DF:89:5A:3E:E2:21:1B:6E:E2:DF:72:02:F0:9A:42:66:80:D6:62:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/34laPuIhG27i33IC8JpCZoDWYmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/1a72a7-277d-44f5-87de-70b2ebd51438/1/D9H_WmWxkoK0vLUuLRYfy64p8U0.roa
Signing time: Tue 31 Dec 2024 11:09:19 +0000
ROA not before: Tue 31 Dec 2024 11:09:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216332
IP address blocks: 94.142.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1c:67:e7:d3:26:b2:d4:9c:74:1c:43:e1:76:f6:1d:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df895a3ee2211b6ee2df7202f09a426680d66269
Validity
Not Before: Dec 31 11:09:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fd1ff5a65b19282b4bcb52e2d161fcbae29f14d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:07:b0:6e:7e:19:2d:c9:66:65:f8:61:55:7e:
5e:0b:0d:08:81:8b:30:e4:4a:c8:29:2c:91:63:5a:
48:35:a8:2a:96:74:4c:4f:a4:3f:3e:b6:97:60:e3:
13:2b:1b:3f:e3:28:15:fe:dd:04:ec:f3:ea:4a:80:
14:3f:3d:5b:bf:ac:94:c4:0f:27:7e:51:5a:03:87:
67:d8:5d:a1:a9:8c:80:96:ab:19:ed:00:75:41:37:
ac:59:ce:69:c7:9f:5b:06:9d:01:1e:82:09:ff:9f:
33:d8:24:6f:66:12:2d:ff:f7:e5:ad:2f:11:ad:7c:
8f:72:9f:ba:01:58:84:51:44:89:04:9d:6e:5a:f5:
6d:f8:b1:61:e0:b9:fa:b9:46:9c:68:45:8a:df:5c:
bd:65:9c:10:9d:e5:74:ab:15:f6:7b:c0:59:d3:5a:
d6:f0:d2:6a:b4:42:bb:a9:d4:3e:2d:e3:a3:42:06:
59:6f:87:1d:5d:6d:4c:f2:64:c8:aa:1e:d2:6e:9d:
fa:ab:ed:c6:55:a3:de:e3:f9:00:ea:2c:fc:7c:e6:
b1:ee:82:90:ae:57:4d:5e:0e:1a:f6:8a:54:90:22:
99:5f:b7:a9:89:c8:56:bc:ed:5e:7d:62:4d:e6:77:
42:8b:71:63:54:60:a4:00:c6:74:16:82:0c:09:00:
87:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:D1:FF:5A:65:B1:92:82:B4:BC:B5:2E:2D:16:1F:CB:AE:29:F1:4D
X509v3 Authority Key Identifier:
keyid:DF:89:5A:3E:E2:21:1B:6E:E2:DF:72:02:F0:9A:42:66:80:D6:62:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/34laPuIhG27i33IC8JpCZoDWYmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/1a72a7-277d-44f5-87de-70b2ebd51438/1/D9H_WmWxkoK0vLUuLRYfy64p8U0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/1a72a7-277d-44f5-87de-70b2ebd51438/1/34laPuIhG27i33IC8JpCZoDWYmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.142.250.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:8e:ac:51:f0:58:16:00:e9:11:ad:52:93:ab:50:cc:2c:f7:
e7:7b:3c:7d:60:64:dd:20:b5:08:ad:61:11:0a:ce:9f:bf:c9:
f5:a2:39:8e:51:3e:c7:cd:7a:f9:a8:5d:eb:88:96:ec:0e:61:
f6:eb:46:c8:4e:07:55:bd:88:b0:59:f3:28:46:11:41:e7:f3:
a2:1d:d1:da:92:0d:7f:5e:9d:1c:ff:df:60:d5:29:66:d1:57:
05:c4:9c:a0:f2:65:99:29:24:75:ea:40:0f:92:a0:60:cb:e8:
91:18:17:e0:ce:13:9b:81:2d:e3:13:2d:50:f0:47:28:df:ce:
89:0a:54:96:10:17:b1:18:fd:c0:96:9b:de:21:c4:3c:7b:5e:
bb:2d:e5:38:35:d4:02:09:12:98:ac:09:16:78:7d:07:98:ad:
fa:5b:d4:97:6b:ba:3d:e2:2d:d9:a2:a0:53:2c:36:61:b7:de:
98:1a:84:ef:01:c1:74:7f:ed:43:ec:85:aa:e5:49:5a:d4:ed:
8e:64:1f:59:67:33:9d:d1:c1:5e:a1:3a:18:d0:ac:81:d4:f4:
6a:a4:2a:fb:62:ea:bb:2d:37:19:c8:a0:c6:7f:68:06:a1:b9:
86:75:73:e4:1f:1c:0b:4d:22:19:2b:01:0e:2d:8c:a7:93:35:
01:01:9c:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQcZ+fTJrLUnHQcQ+F29h2kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmODk1YTNlZTIyMTFiNmVlMmRmNzIwMmYwOWE0MjY2ODBk
NjYyNjkwHhcNMjQxMjMxMTEwOTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmQxZmY1YTY1YjE5MjgyYjRiY2I1MmUyZDE2MWZjYmFlMjlmMTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQewbn4ZLclmZfhhVX5eCw0IgYsw
5ErIKSyRY1pINagqlnRMT6Q/PraXYOMTKxs/4ygV/t0E7PPqSoAUPz1bv6yUxA8n
flFaA4dn2F2hqYyAlqsZ7QB1QTesWc5px59bBp0BHoIJ/58z2CRvZhIt//flrS8R
rXyPcp+6AViEUUSJBJ1uWvVt+LFh4Ln6uUacaEWK31y9ZZwQneV0qxX2e8BZ01rW
8NJqtEK7qdQ+LeOjQgZZb4cdXW1M8mTIqh7Sbp36q+3GVaPe4/kA6iz8fOax7oKQ
rldNXg4a9opUkCKZX7epichWvO1efWJN5ndCi3FjVGCkAMZ0FoIMCQCHlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA/R/1plsZKCtLy1Li0WH8uuKfFNMB8GA1UdIwQY
MBaAFN+JWj7iIRtu4t9yAvCaQmaA1mJpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzRsYVB1SWhHMjdpMzNJQzhKcENab0RXWW1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8xYTcyYTctMjc3ZC00NGY1LTg3ZGUt
NzBiMmViZDUxNDM4LzEvRDlIX1dtV3hrb0swdkxVdUxSWWZ5NjRwOFUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8xYTcyYTctMjc3ZC00NGY1LTg3ZGUtNzBiMmViZDUxNDM4
LzEvMzRsYVB1SWhHMjdpMzNJQzhKcENab0RXWW1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXo76MA0G
CSqGSIb3DQEBCwUAA4IBAQBujqxR8FgWAOkRrVKTq1DMLPfnezx9YGTdILUIrWER
Cs6fv8n1ojmOUT7HzXr5qF3riJbsDmH260bITgdVvYiwWfMoRhFB5/OiHdHakg1/
Xp0c/99g1Slm0VcFxJyg8mWZKSR16kAPkqBgy+iRGBfgzhObgS3jEy1Q8Eco386J
ClSWEBexGP3AlpveIcQ8e167LeU4NdQCCRKYrAkWeH0HmK36W9SXa7o94i3ZoqBT
LDZht96YGoTvAcF0f+1D7IWq5Ula1O2OZB9ZZzOd0cFeoToY0KyB1PRqpCr7Yuq7
LTcZyKDGf2gGobmGdXPkHxwLTSIZKwEOLYynkzUBAZx9
-----END CERTIFICATE-----
Generated at Mon Apr 28 18:37:26 2025 by rpki-client