Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/E-dGQat2o1sJEtqzB3MqOnvOb0k.roa
File: E-dGQat2o1sJEtqzB3MqOnvOb0k.roa (raw, json)
Hash identifier: ujxtBrkVU5iQOIYeD/Vn+rIER+CfPh9tj95boLK+XrQ=
Subject key identifier: 13:E7:46:41:AB:76:A3:5B:09:12:DA:B3:07:73:2A:3A:7B:CE:6F:49
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 018AF157B644EA8D2C3FC84F3610AD68E939
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/E-dGQat2o1sJEtqzB3MqOnvOb0k.roa
Signing time: Mon 02 Oct 2023 17:02:51 +0000
ROA not before: Mon 02 Oct 2023 17:02:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 394814
IP address blocks: 95.164.144.0/20 maxlen: 24
94.131.80.0/20 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f1:57:b6:44:ea:8d:2c:3f:c8:4f:36:10:ad:68:e9:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Oct 2 17:02:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=13e74641ab76a35b0912dab307732a3a7bce6f49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:51:75:d2:e0:7e:be:96:32:9a:54:34:cb:05:
fc:87:1b:58:27:81:74:45:3c:ff:c4:a0:e0:74:2f:
71:d7:a2:db:4f:47:d2:18:9f:28:0f:a3:77:05:88:
dc:37:d2:2c:54:25:be:fb:7d:72:fc:1d:fb:d8:8b:
0e:5c:a7:c6:f0:34:8b:55:65:66:bd:e5:77:ee:c8:
60:f0:da:3e:39:8a:c1:a0:f2:c7:26:14:3c:1b:12:
b8:87:02:1f:24:0e:55:c9:a5:a2:b7:61:ec:be:b1:
c0:0c:94:94:85:d0:f2:f7:6c:47:2d:d0:9c:59:15:
ee:2e:b4:6a:c4:70:14:10:52:d1:58:5f:ea:df:c4:
a9:4b:8a:f0:9c:9a:1a:16:e2:ee:92:37:70:cf:4a:
67:59:24:89:56:63:27:f7:d6:05:5a:7a:17:dd:70:
25:da:70:38:2b:d8:25:f1:bb:3c:67:c8:8c:65:d4:
18:d6:46:41:e5:2a:fd:0f:82:41:e4:71:c0:9f:3d:
1d:01:cd:3f:53:a5:98:9e:94:17:fc:bf:54:f7:ec:
03:b5:8d:ba:d3:d3:2b:bf:dc:84:f9:2f:8d:a3:f6:
3f:61:a0:14:d0:3d:0a:21:24:3b:5c:03:3f:23:d3:
a8:93:0f:09:cd:77:3b:1f:bd:3c:a3:a0:32:7c:8f:
b5:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:E7:46:41:AB:76:A3:5B:09:12:DA:B3:07:73:2A:3A:7B:CE:6F:49
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/E-dGQat2o1sJEtqzB3MqOnvOb0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.80.0/20
95.164.144.0/20
Signature Algorithm: sha256WithRSAEncryption
3e:c1:7b:bb:2d:16:eb:46:c8:1e:8e:f2:b9:43:4b:76:08:a8:
f1:d5:e8:1d:4b:16:71:2e:82:29:ab:05:d5:f3:56:6c:d2:2a:
a0:c1:d1:dc:38:f2:ad:e0:98:d6:e4:b1:c6:aa:8f:3d:09:92:
3c:e4:1c:09:d3:49:c8:3a:c1:b1:fe:49:a3:fe:b7:49:a7:c1:
e8:99:ac:1f:ae:dd:1a:bd:60:04:e7:1f:9b:9f:43:32:7e:f0:
58:80:37:f4:54:5a:21:6d:48:0d:48:fa:b6:20:58:15:55:09:
96:b4:e6:7b:3a:58:6f:02:79:1d:5e:97:4f:3f:31:2a:f0:6b:
8d:ce:ba:60:37:35:b1:e3:da:04:0b:b9:35:67:f4:10:a7:2b:
27:b5:11:56:63:7b:12:e1:03:bf:e9:43:7b:b0:f0:6c:34:4b:
14:ff:6b:1e:af:1d:0d:56:5e:b4:71:73:8b:bd:b3:6d:ec:f1:
32:cd:7a:47:35:a2:2a:e9:c1:df:41:fc:4c:5b:0b:e5:f4:db:
8e:0a:e3:55:42:0d:e9:14:30:e9:c0:d0:e9:2a:6f:9c:65:1b:
59:44:8b:87:44:b0:49:7b:6b:f2:9c:6a:9a:9c:cc:ac:9c:b0:
c9:74:78:94:e9:55:b2:d0:b4:9c:c1:9b:2a:b1:c1:95:81:cf:
b0:2c:ad:6c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYrxV7ZE6o0sP8hPNhCtaOk5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjMxMDAyMTcwMjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2U3NDY0MWFiNzZhMzViMDkxMmRhYjMwNzczMmEzYTdiY2U2ZjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAglF10uB+vpYymlQ0ywX8hxtYJ4F0
RTz/xKDgdC9x16LbT0fSGJ8oD6N3BYjcN9IsVCW++31y/B372IsOXKfG8DSLVWVm
veV37shg8No+OYrBoPLHJhQ8GxK4hwIfJA5VyaWit2HsvrHADJSUhdDy92xHLdCc
WRXuLrRqxHAUEFLRWF/q38SpS4rwnJoaFuLukjdwz0pnWSSJVmMn99YFWnoX3XAl
2nA4K9gl8bs8Z8iMZdQY1kZB5Sr9D4JB5HHAnz0dAc0/U6WYnpQX/L9U9+wDtY26
09Mrv9yE+S+No/Y/YaAU0D0KISQ7XAM/I9Ookw8JzXc7H708o6AyfI+1RwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBPnRkGrdqNbCRLaswdzKjp7zm9JMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvRS1kR1FhdDJvMXNKRXRxekIzTXFPbnZPYjBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEXoNQAwQE
X6SQMA0GCSqGSIb3DQEBCwUAA4IBAQA+wXu7LRbrRsgejvK5Q0t2CKjx1egdSxZx
LoIpqwXV81Zs0iqgwdHcOPKt4JjW5LHGqo89CZI85BwJ00nIOsGx/kmj/rdJp8Ho
mawfrt0avWAE5x+bn0MyfvBYgDf0VFohbUgNSPq2IFgVVQmWtOZ7OlhvAnkdXpdP
PzEq8GuNzrpgNzWx49oEC7k1Z/QQpysntRFWY3sS4QO/6UN7sPBsNEsU/2serx0N
Vl60cXOLvbNt7PEyzXpHNaIq6cHfQfxMWwvl9NuOCuNVQg3pFDDpwNDpKm+cZRtZ
RIuHRLBJe2vynGqanMysnLDJdHiU6VWy0LScwZsqscGVgc+wLK1s
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:58 2024 by rpki-client on console-fra.rpki-client.org