Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/T-ny7cesoFO9JSJQDk16wcigjaI.roa
File: T-ny7cesoFO9JSJQDk16wcigjaI.roa (raw, json)
Hash identifier: xUMOt9KssXxgxWhmH8corPQP9LSLBDEiQjxP4cH8SJU=
Subject key identifier: 4F:E9:F2:ED:C7:AC:A0:53:BD:25:22:50:0E:4D:7A:C1:C8:A0:8D:A2
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 018CC64ADB90B821BABB0FFFFCDF00738517
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/T-ny7cesoFO9JSJQDk16wcigjaI.roa
Signing time: Mon 01 Jan 2024 18:30:43 +0000
ROA not before: Mon 01 Jan 2024 18:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200736
IP address blocks: 95.164.176.0/20 maxlen: 24
94.131.151.0/24 maxlen: 24
94.131.150.0/24 maxlen: 24
94.131.149.0/24 maxlen: 24
94.131.148.0/24 maxlen: 24
94.131.152.0/24 maxlen: 24
94.131.147.0/24 maxlen: 24
94.131.146.0/24 maxlen: 24
94.131.157.0/24 maxlen: 24
94.131.156.0/24 maxlen: 24
94.131.155.0/24 maxlen: 24
94.131.159.0/24 maxlen: 24
94.131.158.0/24 maxlen: 24
94.131.154.0/24 maxlen: 24
94.131.153.0/24 maxlen: 24
94.131.161.0/24 maxlen: 24
94.131.160.0/24 maxlen: 24
94.131.166.0/24 maxlen: 24
94.131.165.0/24 maxlen: 24
94.131.170.0/24 maxlen: 24
94.131.172.0/24 maxlen: 24
94.131.173.0/24 maxlen: 24
94.131.128.0/19 maxlen: 24
94.131.130.0/24 maxlen: 24
94.131.132.0/24 maxlen: 24
94.131.131.0/24 maxlen: 24
94.131.133.0/24 maxlen: 24
94.131.137.0/24 maxlen: 24
94.131.136.0/24 maxlen: 24
94.131.135.0/24 maxlen: 24
94.131.134.0/24 maxlen: 24
94.131.139.0/24 maxlen: 24
94.131.138.0/24 maxlen: 24
94.131.144.0/23 maxlen: 23
94.131.144.0/24 maxlen: 24
94.131.143.0/24 maxlen: 24
94.131.142.0/24 maxlen: 24
94.131.141.0/24 maxlen: 24
94.131.145.0/24 maxlen: 24
94.131.140.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jan 2024 15:51:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:db:90:b8:21:ba:bb:0f:ff:fc:df:00:73:85:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jan 1 18:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4fe9f2edc7aca053bd2522500e4d7ac1c8a08da2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:60:ee:a5:7a:c4:1f:af:b5:f7:f9:d8:32:6d:
eb:46:bf:fd:4c:0f:f4:4f:7e:16:09:de:a5:56:80:
46:79:e5:09:9d:23:95:34:cb:6e:18:84:3c:bf:90:
20:27:29:21:9d:7a:07:d2:42:69:0f:71:57:91:d4:
9f:d7:22:e6:f7:4a:d4:9d:68:11:ff:e3:e2:6e:d3:
09:44:9d:28:73:c1:ea:ee:f8:07:8e:3a:65:6a:eb:
00:ed:7f:63:98:62:50:00:12:ca:bf:2c:e5:19:3a:
6f:9f:81:b8:17:7e:85:29:f8:59:e8:b3:60:ea:00:
e1:79:38:d9:e9:b3:da:6e:77:d3:86:6e:5d:e7:62:
21:a8:f2:b4:59:d8:f8:85:f5:71:7a:c3:7a:8a:d4:
94:df:15:f4:32:be:46:ad:3e:66:7f:82:f1:df:04:
d6:45:d2:86:8d:cf:17:34:56:e6:cb:be:a9:e7:91:
da:f0:05:00:83:37:49:20:00:1f:21:a0:24:92:c0:
e2:7d:bd:bc:58:12:67:d9:35:b4:f6:6f:ba:f7:75:
82:7a:dc:82:64:bd:fd:c1:15:0d:93:fb:11:54:89:
c0:14:3b:8c:9b:6d:63:9b:b9:c3:17:ed:e1:0a:d0:
5e:1f:21:3e:e3:86:fd:37:47:33:64:46:48:a4:e9:
41:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:E9:F2:ED:C7:AC:A0:53:BD:25:22:50:0E:4D:7A:C1:C8:A0:8D:A2
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/T-ny7cesoFO9JSJQDk16wcigjaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.128.0-94.131.161.255
94.131.165.0-94.131.166.255
94.131.170.0/24
94.131.172.0/23
95.164.176.0/20
Signature Algorithm: sha256WithRSAEncryption
01:02:f9:b8:86:de:ce:b1:5c:a7:5c:ee:74:d0:31:f0:b3:b2:
0c:de:0d:65:ef:c4:89:4b:f1:f4:fc:3a:e1:b6:f2:ec:5d:0f:
95:1f:72:11:db:5d:76:1c:38:20:af:a5:22:34:ed:26:88:eb:
5b:bb:19:2d:fd:61:6d:1a:cb:da:48:75:4c:53:bf:48:9a:e7:
1c:13:5e:db:32:45:22:de:4d:01:86:5e:c2:9d:49:7b:ec:52:
f8:9c:b3:ba:ff:82:73:56:cc:53:c3:6a:b0:99:96:b8:e9:d4:
b5:70:0d:c0:97:fa:ac:7d:2e:ed:17:58:08:1d:06:42:98:b9:
eb:a4:97:94:e0:9d:35:3a:41:2b:0d:17:0b:4c:de:af:31:fb:
38:ee:50:bf:2b:7e:32:ba:b1:a7:07:e8:fd:39:fd:1e:01:f6:
bd:c5:56:e7:8c:06:a0:f6:31:70:dd:e8:47:e8:94:14:c6:aa:
48:b9:60:01:87:bc:60:7c:8e:68:1e:f7:8c:03:cd:19:a1:08:
63:0a:54:70:ce:9d:a8:2e:41:15:8d:7b:0e:f4:fd:2e:1a:b9:
c0:8a:d8:e7:e3:46:c7:1a:14:19:22:3a:63:cb:74:3e:b0:5d:
1b:b7:17:5c:1a:cc:f1:d3:48:60:e1:6b:79:11:69:bd:d9:6c:
64:97:40:eb
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzGStuQuCG6uw///N8Ac4UXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQwMTAxMTgzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmU5ZjJlZGM3YWNhMDUzYmQyNTIyNTAwZTRkN2FjMWM4YTA4ZGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGDupXrEH6+19/nYMm3rRr/9TA/0
T34WCd6lVoBGeeUJnSOVNMtuGIQ8v5AgJykhnXoH0kJpD3FXkdSf1yLm90rUnWgR
/+PibtMJRJ0oc8Hq7vgHjjplausA7X9jmGJQABLKvyzlGTpvn4G4F36FKfhZ6LNg
6gDheTjZ6bPabnfThm5d52IhqPK0Wdj4hfVxesN6itSU3xX0Mr5GrT5mf4Lx3wTW
RdKGjc8XNFbmy76p55Ha8AUAgzdJIAAfIaAkksDifb28WBJn2TW09m+693WCetyC
ZL39wRUNk/sRVInAFDuMm21jm7nDF+3hCtBeHyE+44b9N0czZEZIpOlBRwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFE/p8u3HrKBTvSUiUA5NesHIoI2iMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvVC1ueTdjZXNvRk85SlNKUURrMTZ3Y2lnamFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAdeg4AD
BAFeg6AwDAMEAF6DpQMEAF6DpgMEAF6DqgMEAV6DrAMEBF+ksDANBgkqhkiG9w0B
AQsFAAOCAQEAAQL5uIbezrFcp1zudNAx8LOyDN4NZe/EiUvx9Pw64bby7F0PlR9y
Edtddhw4IK+lIjTtJojrW7sZLf1hbRrL2kh1TFO/SJrnHBNe2zJFIt5NAYZewp1J
e+xS+Jyzuv+Cc1bMU8NqsJmWuOnUtXANwJf6rH0u7RdYCB0GQpi566SXlOCdNTpB
Kw0XC0zerzH7OO5Qvyt+Mrqxpwfo/Tn9HgH2vcVW54wGoPYxcN3oR+iUFMaqSLlg
AYe8YHyOaB73jAPNGaEIYwpUcM6dqC5BFY17DvT9Lhq5wIrY5+NGxxoUGSI6Y8t0
PrBdG7cXXBrM8dNIYOFreRFpvdlsZJdA6w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:49 2024 by rpki-client on console-ams.rpki-client.org