Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/cRBuv94zHVskizoPz3AswfisbHU.roa
File: cRBuv94zHVskizoPz3AswfisbHU.roa (raw, json)
Hash identifier: 4o4L0iyRmaqe/kBqn+qLOAhS8vo32EHDcuU5ij+eQ2E=
Subject key identifier: 71:10:6E:BF:DE:33:1D:5B:24:8B:3A:0F:CF:70:2C:C1:F8:AC:6C:75
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 0186746DCDDD0E7756DEB3348F41FFDFB9A9
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/cRBuv94zHVskizoPz3AswfisbHU.roa
Signing time: Tue 21 Feb 2023 14:43:18 +0000
ROA not before: Tue 21 Feb 2023 14:43:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 94.131.96.0/24 maxlen: 24
94.131.98.0/24 maxlen: 24
94.131.97.0/24 maxlen: 24
94.131.99.0/24 maxlen: 24
94.131.102.0/24 maxlen: 24
94.131.100.0/24 maxlen: 24
94.131.105.0/24 maxlen: 24
94.131.106.0/24 maxlen: 24
94.131.108.0/24 maxlen: 24
94.131.107.0/24 maxlen: 24
94.131.2.0/24 maxlen: 24
94.131.3.0/24 maxlen: 24
94.131.8.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Mar 2023 18:54:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:74:6d:cd:dd:0e:77:56:de:b3:34:8f:41:ff:df:b9:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Feb 21 14:43:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71106ebfde331d5b248b3a0fcf702cc1f8ac6c75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:3c:3f:f5:32:0f:7b:01:6b:d5:92:e6:a0:21:
47:4e:bd:fa:b0:2e:80:db:f7:81:f9:55:e6:07:b5:
6f:53:10:cb:6a:a1:74:29:d5:8c:bb:fa:1a:32:4b:
66:90:af:18:67:2b:29:37:ee:96:00:26:c9:3b:9a:
43:df:65:75:3e:77:7d:ff:00:a6:31:c1:fe:f8:aa:
2d:32:51:9f:ee:c5:95:80:a7:ed:f6:e0:da:9e:ba:
cc:32:84:93:fb:b0:4e:46:15:0e:9f:40:e0:e1:fe:
87:0e:09:bb:56:15:bc:2d:97:3d:0d:56:c3:f8:06:
68:18:06:1d:27:4f:37:2b:c9:5a:18:6a:19:93:03:
2d:6c:10:95:8e:d4:af:37:42:e1:ea:de:3a:31:00:
7b:cc:e8:24:b0:3b:2e:8d:cd:99:8e:ce:b9:44:89:
8b:ae:37:29:e0:e0:d0:9f:f7:cd:25:48:b8:a9:6c:
49:93:58:90:3b:b8:29:d3:ff:47:97:1b:44:3c:bb:
19:0e:42:09:be:92:56:6c:40:b1:2d:82:e4:3f:be:
1c:02:7b:ec:66:14:13:b8:0b:61:b4:f6:6a:45:f4:
ad:2f:32:64:a9:4c:60:3f:7c:cc:14:3a:55:1f:5e:
72:a1:7d:6d:b7:04:d4:36:a8:cd:5b:8b:a7:62:ba:
22:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:10:6E:BF:DE:33:1D:5B:24:8B:3A:0F:CF:70:2C:C1:F8:AC:6C:75
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/cRBuv94zHVskizoPz3AswfisbHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.2.0/23
94.131.8.0/21
94.131.96.0-94.131.100.255
94.131.102.0/24
94.131.105.0-94.131.108.255
Signature Algorithm: sha256WithRSAEncryption
30:14:4f:ee:7d:85:47:71:2c:fd:0a:b6:ff:fa:ee:3a:8e:3a:
a1:01:b9:7a:24:43:28:06:5d:74:11:03:23:18:46:83:48:78:
59:a7:96:8c:fc:61:19:3d:01:72:53:22:e0:47:b7:be:54:06:
16:3a:b1:1a:85:79:27:56:06:36:56:1e:af:5c:ad:dd:3f:82:
dd:7a:90:11:e2:19:1a:61:c1:b6:a3:56:c7:7f:75:c1:39:36:
ec:fe:60:d3:b2:1c:91:34:86:26:b2:1f:5a:04:f2:f5:74:18:
60:f5:18:e8:ac:61:16:8d:08:bc:a1:d4:f0:21:f7:f1:22:f5:
12:b6:83:00:22:32:40:0b:85:34:9f:8b:86:72:b0:e9:47:56:
1e:4a:b5:6f:cd:5e:5f:8d:bc:f3:4b:03:55:ea:9c:f0:b4:9a:
15:3c:70:e6:23:cc:e8:ef:2d:cf:5a:6d:ce:62:d0:56:df:11:
a6:4e:04:ba:d9:25:2a:15:53:fe:43:b2:f9:92:86:66:1c:5b:
61:90:64:35:e2:7b:85:86:68:86:37:4a:c5:80:9c:5b:01:38:
c6:d0:4f:78:19:78:c1:33:8d:3e:b6:12:47:2f:ab:d9:86:5b:
d1:fb:e6:77:ef:4a:62:c5:16:f6:da:4e:6d:83:32:09:93:7a:
97:2a:39:41
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYZ0bc3dDndW3rM0j0H/37mpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjMwMjIxMTQ0MzE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTEwNmViZmRlMzMxZDViMjQ4YjNhMGZjZjcwMmNjMWY4YWM2Yzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgDw/9TIPewFr1ZLmoCFHTr36sC6A
2/eB+VXmB7VvUxDLaqF0KdWMu/oaMktmkK8YZyspN+6WACbJO5pD32V1Pnd9/wCm
McH++KotMlGf7sWVgKft9uDanrrMMoST+7BORhUOn0Dg4f6HDgm7VhW8LZc9DVbD
+AZoGAYdJ083K8laGGoZkwMtbBCVjtSvN0Lh6t46MQB7zOgksDsujc2Zjs65RImL
rjcp4ODQn/fNJUi4qWxJk1iQO7gp0/9HlxtEPLsZDkIJvpJWbECxLYLkP74cAnvs
ZhQTuAthtPZqRfStLzJkqUxgP3zMFDpVH15yoX1ttwTUNqjNW4unYroihQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFHEQbr/eMx1bJIs6D89wLMH4rGx1MB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvY1JCdXY5NHpIVnNraXpvUHozQXN3ZmlzYkhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQBXoMCAwQD
XoMIMAwDBAVeg2ADBABeg2QDBABeg2YwDAMEAF6DaQMEAF6DbDANBgkqhkiG9w0B
AQsFAAOCAQEAMBRP7n2FR3Es/Qq2//ruOo46oQG5eiRDKAZddBEDIxhGg0h4WaeW
jPxhGT0BclMi4Ee3vlQGFjqxGoV5J1YGNlYer1yt3T+C3XqQEeIZGmHBtqNWx391
wTk27P5g07IckTSGJrIfWgTy9XQYYPUY6KxhFo0IvKHU8CH38SL1EraDACIyQAuF
NJ+LhnKw6UdWHkq1b81eX42880sDVeqc8LSaFTxw5iPM6O8tz1ptzmLQVt8Rpk4E
utklKhVT/kOy+ZKGZhxbYZBkNeJ7hYZohjdKxYCcWwE4xtBPeBl4wTONPrYSRy+r
2YZb0fvmd+9KYsUW9tpObYMyCZN6lyo5QQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:49 2024 by rpki-client on console-ams.rpki-client.org