Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/7f41f1-05aa-4cae-b091-2b156fdf7243/1/u4_JtdCvXOBIfFPh0oyBKtvyHdM.roa
File: u4_JtdCvXOBIfFPh0oyBKtvyHdM.roa (raw, json)
Hash identifier: df3C6zrZe2kJTu4KVTG75oajofuerDQFrjTRRo5JQow=
Subject key identifier: BB:8F:C9:B5:D0:AF:5C:E0:48:7C:53:E1:D2:8C:81:2A:DB:F2:1D:D3
Certificate issuer: /CN=336b69e2dd29bbe48946c4d58ac60eb23dff95c5
Certificate serial: 018B14EA85816F6038BE093BFA61D9FE3BCE
Authority key identifier: 33:6B:69:E2:DD:29:BB:E4:89:46:C4:D5:8A:C6:0E:B2:3D:FF:95:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M2tp4t0pu-SJRsTVisYOsj3_lcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/7f41f1-05aa-4cae-b091-2b156fdf7243/1/u4_JtdCvXOBIfFPh0oyBKtvyHdM.roa
Signing time: Mon 09 Oct 2023 14:49:55 +0000
ROA not before: Mon 09 Oct 2023 14:49:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28022
IP address blocks: 94.124.98.0/24 maxlen: 24
94.124.97.0/24 maxlen: 24
94.124.96.0/22 maxlen: 22
94.124.96.0/24 maxlen: 24
2a06:a780::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:14:ea:85:81:6f:60:38:be:09:3b:fa:61:d9:fe:3b:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=336b69e2dd29bbe48946c4d58ac60eb23dff95c5
Validity
Not Before: Oct 9 14:49:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb8fc9b5d0af5ce0487c53e1d28c812adbf21dd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d3:47:a3:c5:1b:64:ad:59:f8:15:aa:c8:0c:
a0:89:7a:64:e9:d8:8d:df:12:78:1e:d3:e5:57:a8:
d5:b3:4c:73:6c:60:bb:12:92:45:7d:9d:b0:e7:39:
59:e4:b8:d1:69:0d:01:12:a6:fe:db:48:04:3c:f7:
2b:5b:a2:74:46:eb:07:a7:6d:bb:31:20:b7:ec:27:
58:29:8a:4a:c5:30:e3:f6:a0:87:27:e5:7c:57:56:
8e:3a:39:a1:63:f5:2f:21:cb:89:70:c7:4a:8f:3d:
95:1f:f7:33:4f:a5:48:62:64:96:5c:26:76:f7:93:
2d:fa:82:02:7f:b0:1c:74:5e:61:a5:50:1c:e9:41:
54:d6:f6:70:93:a7:6e:ae:55:0d:0a:dd:d4:3f:3c:
d0:8e:c8:3e:c9:d6:e0:33:ee:96:cc:2b:e6:04:ef:
94:fe:61:b4:41:06:2f:3d:49:ad:ac:bb:b9:31:96:
12:a2:ee:ab:68:d7:a3:b7:32:6d:ad:33:aa:02:43:
21:36:2a:2c:6a:fe:8b:57:86:46:b1:f2:7c:c4:89:
3c:b4:b3:6e:f5:d8:c5:a4:b4:40:45:ca:91:f3:f4:
2e:a1:19:d5:3e:b7:71:fe:33:95:65:b7:57:11:cf:
75:d4:cd:c2:bb:ac:56:fe:36:cf:8a:d7:cb:e4:51:
64:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:8F:C9:B5:D0:AF:5C:E0:48:7C:53:E1:D2:8C:81:2A:DB:F2:1D:D3
X509v3 Authority Key Identifier:
keyid:33:6B:69:E2:DD:29:BB:E4:89:46:C4:D5:8A:C6:0E:B2:3D:FF:95:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M2tp4t0pu-SJRsTVisYOsj3_lcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/7f41f1-05aa-4cae-b091-2b156fdf7243/1/u4_JtdCvXOBIfFPh0oyBKtvyHdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/7f41f1-05aa-4cae-b091-2b156fdf7243/1/M2tp4t0pu-SJRsTVisYOsj3_lcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.124.96.0/22
IPv6:
2a06:a780::/29
Signature Algorithm: sha256WithRSAEncryption
a8:a3:74:14:71:02:fb:bc:b6:92:fe:ed:ae:0c:ee:95:cb:a5:
04:a9:02:fa:8b:ed:49:7f:62:a8:60:e0:7f:94:ea:f8:ba:03:
64:38:a2:6d:0f:cd:f5:0b:8b:4c:a0:6e:80:f2:07:f7:97:d1:
95:f4:1a:19:21:7f:0c:68:c1:f8:fa:19:34:d4:63:10:06:45:
fb:59:63:af:0a:c5:13:6e:1f:99:26:f9:ce:97:ff:48:f6:25:
b4:52:2c:5d:0c:9e:17:38:01:82:60:6d:f3:8d:b5:ed:e6:1e:
b9:43:1c:9e:be:a9:31:df:a3:c5:cc:fe:29:22:1f:99:c1:1f:
18:8b:43:e3:1c:e9:cb:2e:c3:7c:d6:90:ca:c3:e2:83:d1:d1:
38:d0:b6:59:18:07:4a:76:14:d0:74:2f:99:01:cb:7e:fc:ad:
51:50:f2:65:00:32:f8:5b:a8:b0:36:3c:09:81:80:84:f7:f9:
3b:7b:0c:7a:ff:74:ad:07:be:b7:a5:73:c8:e7:cf:ad:bc:61:
31:8a:66:89:f0:c1:d9:db:fa:b5:79:c6:fa:34:32:79:14:36:
ab:3d:1a:81:d9:2a:77:ee:1f:f4:79:2a:17:57:83:d5:af:f1:
b2:68:d3:7a:0a:ef:ea:80:94:b2:1a:f1:01:d2:bb:25:3a:7c:
a6:04:07:d8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYsU6oWBb2A4vgk7+mHZ/jvOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNmI2OWUyZGQyOWJiZTQ4OTQ2YzRkNThhYzYwZWIyM2Rm
Zjk1YzUwHhcNMjMxMDA5MTQ0OTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjhmYzliNWQwYWY1Y2UwNDg3YzUzZTFkMjhjODEyYWRiZjIxZGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNNHo8UbZK1Z+BWqyAygiXpk6diN
3xJ4HtPlV6jVs0xzbGC7EpJFfZ2w5zlZ5LjRaQ0BEqb+20gEPPcrW6J0RusHp227
MSC37CdYKYpKxTDj9qCHJ+V8V1aOOjmhY/UvIcuJcMdKjz2VH/czT6VIYmSWXCZ2
95Mt+oICf7AcdF5hpVAc6UFU1vZwk6durlUNCt3UPzzQjsg+ydbgM+6WzCvmBO+U
/mG0QQYvPUmtrLu5MZYSou6raNejtzJtrTOqAkMhNiosav6LV4ZGsfJ8xIk8tLNu
9djFpLRARcqR8/QuoRnVPrdx/jOVZbdXEc911M3Cu6xW/jbPitfL5FFk4wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLuPybXQr1zgSHxT4dKMgSrb8h3TMB8GA1UdIwQY
MBaAFDNraeLdKbvkiUbE1YrGDrI9/5XFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTJ0cDR0MHB1LVNKUnNUVmlzWU9zajNfbGNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83ZjQxZjEtMDVhYS00Y2FlLWIwOTEt
MmIxNTZmZGY3MjQzLzEvdTRfSnRkQ3ZYT0JJZkZQaDBveUJLdHZ5SGRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83ZjQxZjEtMDVhYS00Y2FlLWIwOTEtMmIxNTZmZGY3MjQz
LzEvTTJ0cDR0MHB1LVNKUnNUVmlzWU9zajNfbGNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCXnxgMA0E
AgACMAcDBQMqBqeAMA0GCSqGSIb3DQEBCwUAA4IBAQCoo3QUcQL7vLaS/u2uDO6V
y6UEqQL6i+1Jf2KoYOB/lOr4ugNkOKJtD831C4tMoG6A8gf3l9GV9BoZIX8MaMH4
+hk01GMQBkX7WWOvCsUTbh+ZJvnOl/9I9iW0UixdDJ4XOAGCYG3zjbXt5h65Qxye
vqkx36PFzP4pIh+ZwR8Yi0PjHOnLLsN81pDKw+KD0dE40LZZGAdKdhTQdC+ZAct+
/K1RUPJlADL4W6iwNjwJgYCE9/k7ewx6/3StB763pXPI58+tvGEximaJ8MHZ2/q1
ecb6NDJ5FDarPRqB2Sp37h/0eSoXV4PVr/GyaNN6Cu/qgJSyGvEB0rslOnymBAfY
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:43:02 2023 by rpki-client on console.sobornost.net