Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/PTmU78LvEHAxZrdJhHVwEk8sZEY.roa
File: PTmU78LvEHAxZrdJhHVwEk8sZEY.roa (raw, json)
Hash identifier: uFCkHAw/F9VghfMbadGFw5D457lhqtsmi10TgD4gt+E=
Subject key identifier: 3D:39:94:EF:C2:EF:10:70:31:66:B7:49:84:75:70:12:4F:2C:64:46
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 018CC64AD6C72B925FE51F9BC8B9A8C90BEA
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/PTmU78LvEHAxZrdJhHVwEk8sZEY.roa
Signing time: Mon 01 Jan 2024 18:30:42 +0000
ROA not before: Mon 01 Jan 2024 18:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53856
IP address blocks: 94.131.64.0/22 maxlen: 24
94.131.72.0/21 maxlen: 24
94.131.126.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Feb 2024 17:36:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:d6:c7:2b:92:5f:e5:1f:9b:c8:b9:a8:c9:0b:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jan 1 18:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d3994efc2ef10703166b749847570124f2c6446
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:25:da:aa:7a:6c:b5:57:39:29:5e:85:e2:96:
42:d4:fe:04:3e:a8:ad:1f:95:0f:b1:f8:d0:54:4e:
4d:e2:2e:61:5a:3a:bc:57:97:73:ee:a9:fc:38:cf:
28:b7:5a:be:7d:24:ad:e3:ca:2a:b6:a7:26:db:42:
53:27:cf:48:3b:cd:28:9d:e5:ff:af:fb:84:d6:5a:
55:ba:de:19:b2:c5:ad:7a:8a:fb:fa:05:37:93:1f:
af:f2:a6:37:15:1e:44:11:1b:f6:1e:d2:b5:09:8f:
8b:45:47:71:fd:b1:54:f1:99:20:72:c1:11:73:e5:
67:01:c9:95:14:b3:71:9c:8c:a1:62:54:18:61:d7:
ef:7d:e3:2c:0d:11:74:99:0c:13:28:9c:7b:f7:f5:
a1:72:50:45:31:bc:35:49:33:b7:c3:ad:8c:83:a2:
ff:98:25:fb:a1:92:bd:13:bb:97:78:2a:e6:02:91:
9e:08:78:de:5f:2b:96:95:1f:66:c1:8f:04:44:b2:
4d:96:32:97:a3:0f:cd:ce:d1:cd:10:f7:9e:f8:69:
63:ed:ab:06:3e:03:a0:a7:f1:aa:3b:7c:aa:f1:1c:
d7:f8:b9:34:6c:e6:3b:30:a6:bd:26:57:8e:01:d9:
f7:fd:98:fd:66:d9:6d:3b:c1:a5:8c:c8:eb:e3:be:
14:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:39:94:EF:C2:EF:10:70:31:66:B7:49:84:75:70:12:4F:2C:64:46
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/PTmU78LvEHAxZrdJhHVwEk8sZEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.64.0/22
94.131.72.0/21
94.131.126.0/23
Signature Algorithm: sha256WithRSAEncryption
21:6c:e0:9c:be:d3:a3:3b:b2:66:3a:46:14:6e:87:0c:ff:26:
17:18:42:60:d3:ce:d3:d1:0e:ad:72:7f:41:aa:05:a2:0c:7f:
29:f4:7f:e0:69:cb:75:c1:25:64:6d:d7:0f:2b:ba:e1:b0:95:
34:71:91:f4:85:af:18:cd:f1:9d:64:38:1a:bb:e9:94:3d:31:
cf:55:bf:06:be:92:8a:ee:a4:6b:86:8a:e3:2b:e3:f5:4a:cc:
bb:c7:4a:14:18:79:c6:e4:aa:eb:cd:f9:8c:ad:60:54:29:20:
7f:7a:d1:4c:bc:8f:20:24:ec:29:7e:dc:36:f1:f2:33:4c:e6:
2d:b5:bb:5c:61:33:80:f8:3b:d8:80:9c:c8:9a:6c:69:ac:5e:
6f:25:cd:28:c2:52:b8:6d:3c:a8:20:80:66:e6:9c:ad:f8:f6:
07:aa:ad:db:69:28:ce:9b:a5:c1:48:f6:9b:c6:de:e7:dc:97:
d9:dd:6d:b9:b4:1f:10:5e:1d:65:5c:5c:61:e8:a8:02:1f:ae:
a5:e6:7f:bb:95:01:7c:11:e7:0e:21:05:20:28:1b:b5:44:db:
ea:82:e7:e7:99:f4:0d:d5:2e:97:8e:de:8a:f5:16:a5:0e:88:
8a:82:9c:02:86:91:4c:a1:ea:25:40:99:3a:d7:74:84:a8:e8:
d0:c0:0a:72
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGStbHK5Jf5R+byLmoyQvqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQwMTAxMTgzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDM5OTRlZmMyZWYxMDcwMzE2NmI3NDk4NDc1NzAxMjRmMmM2NDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSXaqnpstVc5KV6F4pZC1P4EPqit
H5UPsfjQVE5N4i5hWjq8V5dz7qn8OM8ot1q+fSSt48oqtqcm20JTJ89IO80oneX/
r/uE1lpVut4ZssWteor7+gU3kx+v8qY3FR5EERv2HtK1CY+LRUdx/bFU8ZkgcsER
c+VnAcmVFLNxnIyhYlQYYdfvfeMsDRF0mQwTKJx79/WhclBFMbw1STO3w62Mg6L/
mCX7oZK9E7uXeCrmApGeCHjeXyuWlR9mwY8ERLJNljKXow/NztHNEPee+Glj7asG
PgOgp/GqO3yq8RzX+Lk0bOY7MKa9JleOAdn3/Zj9ZtltO8GljMjr474U3QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD05lO/C7xBwMWa3SYR1cBJPLGRGMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvUFRtVTc4THZFSEF4WnJkSmhIVndFazhzWkVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCXoNAAwQD
XoNIAwQBXoN+MA0GCSqGSIb3DQEBCwUAA4IBAQAhbOCcvtOjO7JmOkYUbocM/yYX
GEJg087T0Q6tcn9BqgWiDH8p9H/gact1wSVkbdcPK7rhsJU0cZH0ha8YzfGdZDga
u+mUPTHPVb8GvpKK7qRrhorjK+P1Ssy7x0oUGHnG5KrrzfmMrWBUKSB/etFMvI8g
JOwpftw28fIzTOYttbtcYTOA+DvYgJzImmxprF5vJc0owlK4bTyoIIBm5pyt+PYH
qq3baSjOm6XBSPabxt7n3JfZ3W25tB8QXh1lXFxh6KgCH66l5n+7lQF8EecOIQUg
KBu1RNvqgufnmfQN1S6Xjt6K9RalDoiKgpwChpFMoeolQJk613SEqOjQwApy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:58 2024 by rpki-client on console-fra.rpki-client.org