Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/_DTfkpJN8EkIZY_DHKF7hY6So0Y.roa
File: _DTfkpJN8EkIZY_DHKF7hY6So0Y.roa (raw, json)
Hash identifier: lSMmsnl1TdXvDGfVYnZK/fdsbV/WMJ+F8Jyi2vYc1Aw=
Subject key identifier: FC:34:DF:92:92:4D:F0:49:08:65:8F:C3:1C:A1:7B:85:8E:92:A3:46
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 018C45B35548826EB9F344E15D4E82C1CEDD
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/_DTfkpJN8EkIZY_DHKF7hY6So0Y.roa
Signing time: Thu 07 Dec 2023 19:13:49 +0000
ROA not before: Thu 07 Dec 2023 19:13:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 53856
IP address blocks: 94.131.64.0/22 maxlen: 24
94.131.72.0/21 maxlen: 24
94.131.120.0/21 maxlen: 24
94.131.126.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Dec 2023 20:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:45:b3:55:48:82:6e:b9:f3:44:e1:5d:4e:82:c1:ce:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Dec 7 19:13:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc34df92924df04908658fc31ca17b858e92a346
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:99:18:a1:69:73:86:e0:61:29:9d:7c:6a:46:
aa:35:93:13:95:47:4b:3b:51:3a:10:97:13:17:0d:
7d:ce:12:43:bf:a7:f2:21:50:55:3f:23:32:7c:a7:
74:39:fb:1d:88:5d:4d:95:ab:2f:c6:8b:7f:47:a7:
ae:bd:78:62:0b:83:80:46:32:df:8f:20:f6:8d:dd:
6a:25:ae:18:04:a8:26:49:bf:b1:4b:d9:99:62:07:
b7:77:62:e8:cd:3f:cc:a7:8a:7c:4c:ee:99:af:0c:
8d:77:79:4c:61:5b:b4:bf:76:d5:e3:ee:0e:8f:dd:
ab:55:dc:bd:8b:1d:3c:b5:df:8a:2e:e6:c0:29:34:
3f:82:be:47:77:9e:d4:37:6c:bb:64:9e:91:06:fc:
21:b6:1c:7b:f5:89:f3:df:e5:46:d9:4c:e7:b9:fb:
7f:66:e6:d4:5c:b3:c3:10:37:0f:ab:7d:ba:f6:3c:
31:c8:86:44:0d:19:dc:6f:9d:2d:be:89:e0:fc:7c:
6e:d9:57:be:92:2f:bf:8a:68:19:a3:8c:ac:3b:a9:
e1:81:4b:d6:4d:c0:cf:25:22:30:78:64:92:cb:80:
83:ce:8b:44:d3:12:d7:84:28:8f:0e:51:7d:eb:8b:
54:6c:c0:eb:8e:3d:31:a6:a5:58:82:39:26:fd:05:
5b:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:34:DF:92:92:4D:F0:49:08:65:8F:C3:1C:A1:7B:85:8E:92:A3:46
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/_DTfkpJN8EkIZY_DHKF7hY6So0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.64.0/22
94.131.72.0/21
94.131.120.0/21
Signature Algorithm: sha256WithRSAEncryption
9a:9e:39:4f:87:32:fa:eb:63:80:c6:2e:95:ca:23:27:eb:9d:
9b:d8:db:87:bc:96:11:95:d4:f5:1b:54:ab:b4:2e:00:f2:05:
0e:34:b2:cd:4a:51:06:1f:c9:58:96:de:6a:a7:83:e1:e2:14:
49:46:d0:5f:2e:e6:b8:c0:74:57:cd:ac:01:1f:34:d7:95:95:
3c:af:07:18:33:89:21:53:f1:1d:8d:36:1a:77:d7:32:39:8a:
3b:c9:57:a8:f6:91:fa:66:01:0a:f1:f6:8b:4e:8a:25:ee:32:
0e:1f:a4:a0:d0:8a:ca:f6:60:42:ba:6d:b1:4e:8f:66:de:f3:
3a:a4:20:bb:6f:49:60:4e:74:8f:c8:23:25:dd:8d:ed:31:42:
42:46:e7:f0:45:2c:82:23:b9:d2:9e:85:3f:5f:76:8a:2c:6f:
7c:80:3b:c7:ef:fb:3b:07:dd:55:d6:fc:83:06:69:e1:60:86:
3f:53:06:2d:8a:b2:96:a4:b7:b0:46:e3:25:8e:a2:68:0b:0a:
aa:e9:44:8d:63:66:f1:39:b6:b8:62:56:87:51:7a:bf:43:2c:
da:40:b7:80:36:45:80:b4:a2:cf:98:a4:94:91:f4:4b:7b:d6:
8c:80:c2:ef:13:4f:6d:29:15:3a:51:e4:0b:67:7f:1c:76:d9:
76:13:8c:16
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYxFs1VIgm6580ThXU6Cwc7dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjMxMjA3MTkxMzQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzM0ZGY5MjkyNGRmMDQ5MDg2NThmYzMxY2ExN2I4NThlOTJhMzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJkYoWlzhuBhKZ18akaqNZMTlUdL
O1E6EJcTFw19zhJDv6fyIVBVPyMyfKd0OfsdiF1Nlasvxot/R6euvXhiC4OARjLf
jyD2jd1qJa4YBKgmSb+xS9mZYge3d2LozT/Mp4p8TO6ZrwyNd3lMYVu0v3bV4+4O
j92rVdy9ix08td+KLubAKTQ/gr5Hd57UN2y7ZJ6RBvwhthx79Ynz3+VG2Uznuft/
ZubUXLPDEDcPq3269jwxyIZEDRncb50tvong/Hxu2Ve+ki+/imgZo4ysO6nhgUvW
TcDPJSIweGSSy4CDzotE0xLXhCiPDlF964tUbMDrjj0xpqVYgjkm/QVbEQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPw035KSTfBJCGWPwxyhe4WOkqNGMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvX0RUZmtwSk44RWtJWllfREhLRjdoWTZTbzBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCXoNAAwQD
XoNIAwQDXoN4MA0GCSqGSIb3DQEBCwUAA4IBAQCanjlPhzL662OAxi6VyiMn652b
2NuHvJYRldT1G1SrtC4A8gUONLLNSlEGH8lYlt5qp4Ph4hRJRtBfLua4wHRXzawB
HzTXlZU8rwcYM4khU/EdjTYad9cyOYo7yVeo9pH6ZgEK8faLTool7jIOH6Sg0IrK
9mBCum2xTo9m3vM6pCC7b0lgTnSPyCMl3Y3tMUJCRufwRSyCI7nSnoU/X3aKLG98
gDvH7/s7B91V1vyDBmnhYIY/UwYtirKWpLewRuMljqJoCwqq6USNY2bxOba4YlaH
UXq/QyzaQLeANkWAtKLPmKSUkfRLe9aMgMLvE09tKRU6UeQLZ38cdtl2E4wW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:58 2024 by rpki-client on console-fra.rpki-client.org