Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/IuqUqAHRrPjf1-C59cMqfhGgvh8.roa
File: IuqUqAHRrPjf1-C59cMqfhGgvh8.roa (raw, json)
Hash identifier: QZrxBXtPmdQo1C7NQBucWNCwf2ZqKCBszPjEiglAETI=
Subject key identifier: 22:EA:94:A8:01:D1:AC:F8:DF:D7:E0:B9:F5:C3:2A:7E:11:A0:BE:1F
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 018CC64AD93739A52ABE3BC0636FE30F2134
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/IuqUqAHRrPjf1-C59cMqfhGgvh8.roa
Signing time: Mon 01 Jan 2024 18:30:43 +0000
ROA not before: Mon 01 Jan 2024 18:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59682
IP address blocks: 94.131.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Mar 2024 23:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:d9:37:39:a5:2a:be:3b:c0:63:6f:e3:0f:21:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jan 1 18:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22ea94a801d1acf8dfd7e0b9f5c32a7e11a0be1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:80:f5:f5:a1:d2:63:cf:c7:46:2e:54:b0:ff:
42:c9:7a:b4:5f:a1:dd:3f:67:79:7c:ee:b4:eb:b7:
65:4e:96:8f:88:96:aa:c1:0a:9d:5c:9c:03:17:aa:
37:3b:a5:76:07:3e:7a:ca:61:07:1f:03:b5:f2:00:
d8:27:6d:4b:8d:b7:7b:bf:9a:b2:5b:56:c0:d7:a2:
51:52:ff:ea:2d:b3:ab:a2:5e:00:34:f8:85:5c:53:
f1:dc:f2:dc:d5:9e:4d:a1:30:94:ab:d9:3a:80:4c:
2f:82:39:00:e4:3c:17:0f:de:8a:e4:72:69:84:d9:
21:79:ee:48:15:f0:0b:a4:e2:1d:ee:ea:3e:2c:4c:
a7:c8:e1:dc:78:f7:eb:4f:1f:7c:12:18:a3:a4:45:
33:2f:84:be:dd:28:c4:bb:1c:ad:b6:d9:e5:96:f0:
d8:7c:f2:9e:12:99:36:e1:5c:85:0f:04:23:2d:70:
5b:8e:36:65:01:e9:06:2e:a6:b0:a6:5a:65:e2:3e:
a2:1e:80:80:b2:9f:ec:94:e8:36:d4:bc:57:78:a2:
44:43:17:1b:0e:20:c7:6c:08:31:df:83:d5:9a:30:
93:cf:80:0c:40:b9:60:83:99:5a:04:41:3d:b8:94:
da:77:c8:6b:1c:c7:d7:ec:80:25:53:a1:31:b7:0b:
36:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:EA:94:A8:01:D1:AC:F8:DF:D7:E0:B9:F5:C3:2A:7E:11:A0:BE:1F
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/IuqUqAHRrPjf1-C59cMqfhGgvh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.5.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:1f:27:ce:24:19:73:bd:ea:9f:7e:8a:c4:5b:fd:dc:c9:72:
ac:68:af:d7:07:6e:22:7e:00:74:c0:60:b6:de:a9:18:fa:55:
d9:32:2f:a9:90:31:87:86:5b:b4:dd:59:a8:65:f7:c0:5d:bc:
74:0f:e2:99:f8:82:50:0c:9c:fd:2f:94:62:8a:e4:1f:e0:88:
93:37:ed:86:35:13:45:f8:df:eb:a0:9e:72:ae:6b:2c:53:f9:
8a:6a:97:c9:df:0b:fa:81:3e:90:dd:ec:f1:a1:38:5a:67:50:
a0:60:85:2a:19:d1:40:15:19:b1:1b:4a:ee:ad:f9:dd:4f:dd:
b6:8e:ff:3e:02:1d:96:cc:15:53:c2:8c:d7:f9:04:cb:99:48:
a5:89:3d:20:39:39:86:9f:a9:5d:35:0d:b9:f8:22:7e:07:07:
13:6b:15:bc:b8:a0:35:b2:13:c8:7c:7e:07:cf:c2:aa:e0:0d:
25:6b:1c:3d:a1:f9:35:47:a4:3b:c1:76:e0:bf:94:0b:8a:50:
58:27:cf:78:9a:39:22:5d:ee:60:49:cb:8e:ce:82:f6:78:b7:
69:18:01:75:d6:de:0b:90:a9:c9:d7:d3:48:36:8f:66:8e:30:
01:0c:ca:e5:92:31:33:31:01:c0:10:da:d7:ee:5d:7c:dd:ff:
3a:8e:c0:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGStk3OaUqvjvAY2/jDyE0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQwMTAxMTgzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmVhOTRhODAxZDFhY2Y4ZGZkN2UwYjlmNWMzMmE3ZTExYTBiZTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiID19aHSY8/HRi5UsP9CyXq0X6Hd
P2d5fO6067dlTpaPiJaqwQqdXJwDF6o3O6V2Bz56ymEHHwO18gDYJ21Ljbd7v5qy
W1bA16JRUv/qLbOrol4ANPiFXFPx3PLc1Z5NoTCUq9k6gEwvgjkA5DwXD96K5HJp
hNkhee5IFfALpOId7uo+LEynyOHcePfrTx98EhijpEUzL4S+3SjEuxytttnllvDY
fPKeEpk24VyFDwQjLXBbjjZlAekGLqawplpl4j6iHoCAsp/slOg21LxXeKJEQxcb
DiDHbAgx34PVmjCTz4AMQLlgg5laBEE9uJTad8hrHMfX7IAlU6Extws2/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCLqlKgB0az439fgufXDKn4RoL4fMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvSXVxVXFBSFJyUGpmMS1DNTljTXFmaEdndmg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXoMFMA0G
CSqGSIb3DQEBCwUAA4IBAQCgHyfOJBlzveqfforEW/3cyXKsaK/XB24ifgB0wGC2
3qkY+lXZMi+pkDGHhlu03VmoZffAXbx0D+KZ+IJQDJz9L5RiiuQf4IiTN+2GNRNF
+N/roJ5yrmssU/mKapfJ3wv6gT6Q3ezxoThaZ1CgYIUqGdFAFRmxG0rurfndT922
jv8+Ah2WzBVTwozX+QTLmUiliT0gOTmGn6ldNQ25+CJ+BwcTaxW8uKA1shPIfH4H
z8Kq4A0laxw9ofk1R6Q7wXbgv5QLilBYJ894mjkiXe5gScuOzoL2eLdpGAF11t4L
kKnJ19NINo9mjjABDMrlkjEzMQHAENrX7l183f86jsD1
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:18:06 2025 by rpki-client