Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/Oq0XDf6oY2ODXqlXnSDfJ40Oe7g.roa
File: Oq0XDf6oY2ODXqlXnSDfJ40Oe7g.roa (raw, json)
Hash identifier: Sgp/yil8Dje9tLMz+0MKQFlActACvl0iwSrQqzPMYNA=
Subject key identifier: 3A:AD:17:0D:FE:A8:63:63:83:5E:A9:57:9D:20:DF:27:8D:0E:7B:B8
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 01856F42AA0EC5D2FAA3BF725AD021B022A0
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/Oq0XDf6oY2ODXqlXnSDfJ40Oe7g.roa
Signing time: Sun 01 Jan 2023 21:35:17 +0000
ROA not before: Sun 01 Jan 2023 21:35:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52000
IP address blocks: 94.131.101.0/24 maxlen: 24
94.131.110.0/24 maxlen: 24
94.131.109.0/24 maxlen: 24
94.131.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Apr 2023 07:57:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:aa:0e:c5:d2:fa:a3:bf:72:5a:d0:21:b0:22:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jan 1 21:35:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3aad170dfea86363835ea9579d20df278d0e7bb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:33:fa:ef:fc:56:d7:e6:86:e7:2e:1e:a2:5d:
af:36:7c:f1:21:34:df:49:07:35:40:0b:28:07:3f:
23:d9:52:11:e4:87:df:72:12:77:c3:05:df:4e:b2:
5f:aa:4d:bb:5a:cf:38:a1:d3:ef:81:0e:e6:b0:8a:
12:31:d3:72:6d:5a:70:c6:a6:f8:02:f7:fc:61:47:
3e:a4:88:3d:89:c7:fb:7a:c0:78:6a:f5:4b:22:d8:
67:44:51:da:06:b9:73:32:6d:fd:b0:e2:01:02:6c:
57:f0:20:06:2c:8e:f1:c9:f8:88:c5:f6:2f:d2:53:
f7:c3:6b:9d:db:b3:d9:92:de:0e:0a:88:bf:e9:f7:
f6:95:0b:67:03:00:7f:57:a6:63:3c:64:d2:d6:67:
b5:c0:83:bc:d7:ff:ea:cd:f4:51:4d:15:7f:e3:32:
55:61:f3:43:41:eb:e1:a7:50:9d:95:5e:dc:89:f3:
56:be:4c:04:88:bd:17:52:39:07:64:fa:2e:7b:19:
a5:2c:73:be:50:39:17:90:fa:aa:04:ac:bc:dc:a3:
f6:65:04:b7:bc:fc:d0:3e:33:8a:91:a8:1c:f8:c6:
77:26:c5:33:d5:f8:39:9c:6e:c5:cb:33:64:d8:ab:
91:34:97:25:17:4b:da:e3:da:a6:5a:95:bf:46:45:
48:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:AD:17:0D:FE:A8:63:63:83:5E:A9:57:9D:20:DF:27:8D:0E:7B:B8
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/Oq0XDf6oY2ODXqlXnSDfJ40Oe7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.101.0/24
94.131.109.0-94.131.111.255
Signature Algorithm: sha256WithRSAEncryption
75:f1:60:71:68:11:e6:c6:da:ae:18:b9:96:a8:91:ea:63:ec:
c3:c1:ae:1d:26:d9:12:dc:1f:65:63:93:26:db:a1:72:71:0a:
3a:18:8d:9d:fb:f6:cb:95:07:16:9f:44:15:1e:d5:2f:fa:0d:
a4:0b:28:db:f3:5c:62:ae:b6:75:b2:3e:78:88:9b:f5:77:e2:
34:94:de:53:49:70:1f:f4:ac:8a:2b:6a:1d:2f:92:07:eb:f7:
d7:7e:28:fb:07:c8:cf:05:e6:9e:13:1f:1c:00:85:c2:ce:fb:
f5:31:ef:03:fb:ec:d8:ba:5f:70:67:6e:40:44:b2:df:85:52:
69:c4:31:f0:2e:0f:87:17:86:37:f4:fa:db:2a:05:99:c0:7b:
f9:51:55:14:76:53:79:94:43:ac:bd:dd:47:3b:17:df:b5:94:
78:c5:fd:6d:ab:95:fc:7d:c1:99:5a:78:f9:fb:fc:bd:b9:aa:
ca:72:e6:91:e1:d3:bf:13:e6:ff:15:e1:2d:17:93:b1:c8:8d:
70:dc:56:9f:09:25:83:8e:49:19:5a:56:43:4a:43:36:1f:82:
fe:a9:cf:b7:bc:ec:95:12:c8:05:df:84:1a:48:46:ac:86:d9:
a7:2a:ae:ff:dd:40:50:fa:9e:6e:2e:96:10:24:2d:13:2b:72:
d9:e9:bf:36
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVvQqoOxdL6o79yWtAhsCKgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjMwMTAxMjEzNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWFkMTcwZGZlYTg2MzYzODM1ZWE5NTc5ZDIwZGYyNzhkMGU3YmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDP67/xW1+aG5y4eol2vNnzxITTf
SQc1QAsoBz8j2VIR5IffchJ3wwXfTrJfqk27Ws84odPvgQ7msIoSMdNybVpwxqb4
Avf8YUc+pIg9icf7esB4avVLIthnRFHaBrlzMm39sOIBAmxX8CAGLI7xyfiIxfYv
0lP3w2ud27PZkt4OCoi/6ff2lQtnAwB/V6ZjPGTS1me1wIO81//qzfRRTRV/4zJV
YfNDQevhp1CdlV7cifNWvkwEiL0XUjkHZPouexmlLHO+UDkXkPqqBKy83KP2ZQS3
vPzQPjOKkagc+MZ3JsUz1fg5nG7FyzNk2KuRNJclF0va49qmWpW/RkVIkwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDqtFw3+qGNjg16pV50g3yeNDnu4MB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvT3EwWERmNm9ZMk9EWHFsWG5TRGZKNDBPZTdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAXoNlMAwD
BABeg20DBAReg2AwDQYJKoZIhvcNAQELBQADggEBAHXxYHFoEebG2q4YuZaokepj
7MPBrh0m2RLcH2VjkybboXJxCjoYjZ379suVBxafRBUe1S/6DaQLKNvzXGKutnWy
PniIm/V34jSU3lNJcB/0rIorah0vkgfr99d+KPsHyM8F5p4THxwAhcLO+/Ux7wP7
7Ni6X3BnbkBEst+FUmnEMfAuD4cXhjf0+tsqBZnAe/lRVRR2U3mUQ6y93Uc7F9+1
lHjF/W2rlfx9wZlaePn7/L25qspy5pHh078T5v8V4S0Xk7HIjXDcVp8JJYOOSRla
VkNKQzYfgv6pz7e87JUSyAXfhBpIRqyG2acqrv/dQFD6nm4ulhAkLRMrctnpvzY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:58 2024 by rpki-client on console-fra.rpki-client.org