Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/VWZy5Sxb9mZlGL0X8ZtbzDEx_sQ.roa
File: VWZy5Sxb9mZlGL0X8ZtbzDEx_sQ.roa (raw, json)
Hash identifier: /oH3bdFBwDTz820+n/rJTMJCpJgeohZatnsoUC9WUBw=
Subject key identifier: 55:66:72:E5:2C:5B:F6:66:65:18:BD:17:F1:9B:5B:CC:31:31:FE:C4
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 01928BCF9C686EA43EBDB75EF7691917C227
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/VWZy5Sxb9mZlGL0X8ZtbzDEx_sQ.roa
Signing time: Mon 14 Oct 2024 16:14:51 +0000
ROA not before: Mon 14 Oct 2024 16:14:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 394814
IP address blocks: 94.131.80.0/20 maxlen: 24
94.131.176.0/22 maxlen: 24
94.131.176.0/23 maxlen: 24
94.131.180.0/22 maxlen: 24
94.131.184.0/22 maxlen: 22
94.131.188.0/22 maxlen: 24
95.164.144.0/20 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Oct 2024 21:48:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8b:cf:9c:68:6e:a4:3e:bd:b7:5e:f7:69:19:17:c2:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Oct 14 16:14:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=556672e52c5bf6666518bd17f19b5bcc3131fec4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ea:fd:b9:0f:2e:f9:cd:a4:8b:a7:7e:0e:ef:
70:19:92:9a:f8:b7:9d:eb:1b:7a:3f:f8:e0:d7:cf:
35:cb:de:bd:ae:cc:3d:f0:35:ca:76:53:1e:a9:1b:
75:b2:22:80:6a:4a:ca:5b:8b:cb:a6:a4:4e:f2:1f:
84:1d:79:a2:63:c3:fc:1d:85:5a:0b:61:d1:c3:32:
c2:f3:93:bc:d8:01:c7:41:f4:da:00:fb:cc:93:1b:
94:ca:5a:9b:e0:d1:57:a8:de:27:50:78:5a:34:68:
01:4b:cb:12:3d:ea:e2:48:1f:d1:34:3c:6e:b0:df:
46:15:b6:55:0e:05:e7:8a:17:2e:3b:e4:6b:65:44:
20:50:d1:94:21:25:02:6a:66:98:a9:a4:0e:e7:39:
2e:93:5b:1f:05:bb:76:56:84:d2:63:2c:d1:92:e0:
c5:2c:0e:cf:71:4d:58:8b:70:cd:61:13:27:94:13:
9b:32:ff:b0:9e:b7:a1:13:96:63:70:3c:6d:dd:27:
e6:50:37:bf:0d:f3:1a:1c:bf:97:37:89:f6:10:da:
9d:02:57:03:9d:b6:b7:50:3c:5c:d7:dc:40:ee:5f:
4b:80:9b:0f:e1:e0:0c:eb:f2:fa:a8:ea:aa:21:d5:
af:ec:2e:fd:a2:c9:48:eb:41:1f:b3:09:24:04:66:
a7:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:66:72:E5:2C:5B:F6:66:65:18:BD:17:F1:9B:5B:CC:31:31:FE:C4
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/VWZy5Sxb9mZlGL0X8ZtbzDEx_sQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.80.0/20
94.131.176.0/20
95.164.144.0/20
Signature Algorithm: sha256WithRSAEncryption
0c:ed:6f:a9:43:06:e9:43:6d:23:5f:8a:8d:02:8d:2c:c8:ef:
8c:9f:1b:c7:b8:e1:77:f6:74:e9:d9:8b:66:e1:1b:0f:16:1b:
1b:0b:ed:46:3f:86:a5:80:23:bc:c6:3c:5a:0d:e1:6e:dc:e5:
9a:d2:e0:57:4e:2b:db:6e:76:16:6a:4b:81:7e:67:ea:9d:c4:
86:c8:92:9d:de:7e:c2:9a:91:d5:59:58:47:9b:28:35:31:4f:
d0:c9:f1:f9:93:2b:76:6e:26:29:be:6b:24:13:b2:40:80:64:
a1:7b:a9:3c:17:fc:e6:08:ef:fb:00:54:60:df:b1:6c:12:1e:
a5:87:71:b0:79:af:4a:de:96:7d:23:16:35:eb:47:38:ca:01:
3e:44:de:c8:58:36:91:af:95:56:7d:52:c4:88:29:10:c2:ab:
7e:cd:3f:44:0f:36:72:8e:d5:e2:7d:6a:58:05:aa:72:fb:aa:
87:a8:6d:78:25:e9:2c:08:d8:09:21:b7:4c:86:a8:a2:21:f0:
d0:62:20:44:7f:c8:d9:8e:94:19:5c:45:c9:5d:6c:22:a3:c9:
0f:7a:a0:b6:60:18:a9:47:f0:bb:38:a9:ea:24:09:2c:ad:f2:
a8:9a:38:d1:d9:68:de:17:b5:51:eb:13:10:a2:70:53:e9:43:
af:46:29:15
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZKLz5xobqQ+vbde92kZF8InMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQxMDE0MTYxNDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTY2NzJlNTJjNWJmNjY2NjUxOGJkMTdmMTliNWJjYzMxMzFmZWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuer9uQ8u+c2ki6d+Du9wGZKa+Led
6xt6P/jg1881y969rsw98DXKdlMeqRt1siKAakrKW4vLpqRO8h+EHXmiY8P8HYVa
C2HRwzLC85O82AHHQfTaAPvMkxuUylqb4NFXqN4nUHhaNGgBS8sSPeriSB/RNDxu
sN9GFbZVDgXnihcuO+RrZUQgUNGUISUCamaYqaQO5zkuk1sfBbt2VoTSYyzRkuDF
LA7PcU1Yi3DNYRMnlBObMv+wnrehE5ZjcDxt3SfmUDe/DfMaHL+XN4n2ENqdAlcD
nba3UDxc19xA7l9LgJsP4eAM6/L6qOqqIdWv7C79oslI60EfswkkBGanKQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFVmcuUsW/ZmZRi9F/GbW8wxMf7EMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvVldaeTVTeGI5bVpsR0wwWDhadGJ6REV4X3NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEXoNQAwQE
XoOwAwQEX6SQMA0GCSqGSIb3DQEBCwUAA4IBAQAM7W+pQwbpQ20jX4qNAo0syO+M
nxvHuOF39nTp2Ytm4RsPFhsbC+1GP4algCO8xjxaDeFu3OWa0uBXTivbbnYWakuB
fmfqncSGyJKd3n7CmpHVWVhHmyg1MU/QyfH5kyt2biYpvmskE7JAgGShe6k8F/zm
CO/7AFRg37FsEh6lh3Gwea9K3pZ9IxY160c4ygE+RN7IWDaRr5VWfVLEiCkQwqt+
zT9EDzZyjtXifWpYBapy+6qHqG14JeksCNgJIbdMhqiiIfDQYiBEf8jZjpQZXEXJ
XWwio8kPeqC2YBipR/C7OKnqJAksrfKomjjR2WjeF7VR6xMQonBT6UOvRikV
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:03:23 2025 by rpki-client