Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/3ojpFwls1aih4Vz5ARxopCX-1Ag.roa
File: 3ojpFwls1aih4Vz5ARxopCX-1Ag.roa (raw, json)
Hash identifier: QwlpWBtdCXvwGzwmzl/CdDl/2WmPXuPs4B+/5BOSfkQ=
Subject key identifier: DE:88:E9:17:09:6C:D5:A8:A1:E1:5C:F9:01:1C:68:A4:25:FE:D4:08
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 018D2E588D14B2D869B57683492B62231BCC
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/3ojpFwls1aih4Vz5ARxopCX-1Ag.roa
Signing time: Sun 21 Jan 2024 23:26:11 +0000
ROA not before: Sun 21 Jan 2024 23:26:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200736
IP address blocks: 94.131.128.0/19 maxlen: 24
94.131.130.0/24 maxlen: 24
94.131.131.0/24 maxlen: 24
94.131.132.0/24 maxlen: 24
94.131.133.0/24 maxlen: 24
94.131.134.0/24 maxlen: 24
94.131.135.0/24 maxlen: 24
94.131.136.0/24 maxlen: 24
94.131.137.0/24 maxlen: 24
94.131.138.0/24 maxlen: 24
94.131.139.0/24 maxlen: 24
94.131.140.0/24 maxlen: 24
94.131.141.0/24 maxlen: 24
94.131.142.0/24 maxlen: 24
94.131.143.0/24 maxlen: 24
94.131.144.0/23 maxlen: 23
94.131.144.0/24 maxlen: 24
94.131.145.0/24 maxlen: 24
94.131.146.0/24 maxlen: 24
94.131.147.0/24 maxlen: 24
94.131.148.0/24 maxlen: 24
94.131.149.0/24 maxlen: 24
94.131.150.0/24 maxlen: 24
94.131.151.0/24 maxlen: 24
94.131.152.0/24 maxlen: 24
94.131.153.0/24 maxlen: 24
94.131.154.0/24 maxlen: 24
94.131.155.0/24 maxlen: 24
94.131.156.0/24 maxlen: 24
94.131.157.0/24 maxlen: 24
94.131.158.0/24 maxlen: 24
94.131.159.0/24 maxlen: 24
94.131.160.0/24 maxlen: 24
94.131.161.0/24 maxlen: 24
94.131.162.0/24 maxlen: 24
94.131.163.0/24 maxlen: 24
94.131.165.0/24 maxlen: 24
94.131.166.0/24 maxlen: 24
94.131.167.0/24 maxlen: 24
94.131.169.0/24 maxlen: 24
94.131.170.0/24 maxlen: 24
94.131.172.0/24 maxlen: 24
94.131.173.0/24 maxlen: 24
95.164.176.0/20 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Jan 2024 23:27:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:2e:58:8d:14:b2:d8:69:b5:76:83:49:2b:62:23:1b:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jan 21 23:26:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de88e917096cd5a8a1e15cf9011c68a425fed408
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:cb:81:03:5e:fc:8a:e0:9a:0a:71:4e:10:2c:
f6:4f:21:af:05:4a:15:7a:e8:34:fe:fa:83:b6:aa:
f2:87:d0:c7:ce:51:8c:2d:9a:66:e6:ed:e7:27:e7:
79:c8:c3:8a:e3:1b:c0:1a:0e:21:0c:95:e6:88:53:
cd:73:a8:94:6c:3d:5e:61:06:0d:09:c3:9d:9e:27:
01:96:c0:ae:9e:f2:2e:c3:2f:11:e3:4b:88:6f:f5:
58:d7:7f:9b:ec:0c:40:69:b0:31:48:80:bf:e0:3b:
d1:cc:a6:6a:a6:f2:ee:0c:56:80:8d:2e:7c:bb:22:
46:7a:77:65:1c:66:12:32:dd:8d:07:03:77:cc:a9:
2d:3e:69:da:74:b1:5f:52:92:a4:0d:4a:70:6e:a6:
ac:e6:10:ed:b6:77:e0:57:51:86:7f:63:ac:f0:c2:
0d:a5:2a:d7:19:58:9c:46:39:13:9e:6f:b6:e9:c1:
75:7e:7a:cb:b8:d6:9e:b2:ae:74:33:6d:44:0e:de:
50:62:e1:1b:43:36:4e:32:f6:94:34:ba:61:07:61:
6f:51:ac:f1:69:14:68:72:24:20:1c:f2:d5:48:a1:
3d:7a:da:fa:de:81:99:a2:ed:f0:b4:39:12:8b:4b:
a2:29:52:00:bf:aa:97:fe:ba:00:ce:b2:73:78:84:
67:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:88:E9:17:09:6C:D5:A8:A1:E1:5C:F9:01:1C:68:A4:25:FE:D4:08
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/3ojpFwls1aih4Vz5ARxopCX-1Ag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.128.0-94.131.163.255
94.131.165.0-94.131.167.255
94.131.169.0-94.131.170.255
94.131.172.0/23
95.164.176.0/20
Signature Algorithm: sha256WithRSAEncryption
6a:7a:55:42:b6:37:b3:cc:92:f8:d1:dc:a7:fc:c9:97:fb:c7:
b4:3d:12:ea:d3:c7:d3:92:f8:66:7c:de:39:6e:88:fd:70:29:
1c:df:ac:e1:56:61:2a:8e:17:23:4f:17:a1:7c:bd:c0:a0:8e:
c1:74:32:4e:96:91:48:57:2b:74:7f:95:0f:ed:61:a3:f7:00:
e0:ed:29:f4:64:b4:97:d7:00:3c:2b:e3:6b:e7:9c:44:c8:6e:
d6:13:04:b3:f4:41:d9:2e:7e:7f:cc:67:6f:42:2a:53:f9:91:
3d:a6:50:eb:dc:9a:ed:f8:d3:23:16:95:88:15:9c:67:39:10:
d7:7c:f5:35:a4:f1:3d:dd:74:2e:e3:78:91:76:b5:99:1a:0c:
71:4d:a3:59:bc:c4:8f:1e:6a:a3:a7:54:bd:ab:21:69:98:45:
5e:c5:13:0f:3b:2f:34:4a:36:7e:06:8d:05:b1:ef:6a:cc:d9:
fa:5f:44:22:9d:9c:53:0b:ac:cb:b2:b6:8a:40:9f:e4:e1:9f:
bd:56:52:34:67:35:ea:e8:25:35:eb:d6:79:c6:e5:de:6b:b6:
7d:50:16:f6:7a:49:e1:3f:ee:94:c0:74:87:62:04:49:67:5e:
94:1a:cd:19:51:bd:e7:ac:5a:b2:8e:d3:86:ba:46:5c:00:e9:
04:52:3d:5c
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY0uWI0UsthptXaDSStiIxvMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQwMTIxMjMyNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTg4ZTkxNzA5NmNkNWE4YTFlMTVjZjkwMTFjNjhhNDI1ZmVkNDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcuBA178iuCaCnFOECz2TyGvBUoV
eug0/vqDtqryh9DHzlGMLZpm5u3nJ+d5yMOK4xvAGg4hDJXmiFPNc6iUbD1eYQYN
CcOdnicBlsCunvIuwy8R40uIb/VY13+b7AxAabAxSIC/4DvRzKZqpvLuDFaAjS58
uyJGendlHGYSMt2NBwN3zKktPmnadLFfUpKkDUpwbqas5hDttnfgV1GGf2Os8MIN
pSrXGVicRjkTnm+26cF1fnrLuNaesq50M21EDt5QYuEbQzZOMvaUNLphB2FvUazx
aRRociQgHPLVSKE9etr63oGZou3wtDkSi0uiKVIAv6qX/roAzrJzeIRnlQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFN6I6RcJbNWooeFc+QEcaKQl/tQIMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvM29qcEZ3bHMxYWloNFZ6NUFSeG9wQ1gtMUFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2MAwDBAdeg4AD
BAJeg6AwDAMEAF6DpQMEA16DoDAMAwQAXoOpAwQAXoOqAwQBXoOsAwQEX6SwMA0G
CSqGSIb3DQEBCwUAA4IBAQBqelVCtjezzJL40dyn/MmX+8e0PRLq08fTkvhmfN45
boj9cCkc36zhVmEqjhcjTxehfL3AoI7BdDJOlpFIVyt0f5UP7WGj9wDg7Sn0ZLSX
1wA8K+Nr55xEyG7WEwSz9EHZLn5/zGdvQipT+ZE9plDr3Jrt+NMjFpWIFZxnORDX
fPU1pPE93XQu43iRdrWZGgxxTaNZvMSPHmqjp1S9qyFpmEVexRMPOy80SjZ+Bo0F
se9qzNn6X0QinZxTC6zLsraKQJ/k4Z+9VlI0ZzXq6CU169Z5xuXea7Z9UBb2eknh
P+6UwHSHYgRJZ16UGs0ZUb3nrFqyjtOGukZcAOkEUj1c
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org