Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/fiGSh5okC1KTTh39O-lt-xurJEM.roa
File: fiGSh5okC1KTTh39O-lt-xurJEM.roa (raw, json)
Hash identifier: F+vkLgl5nG/Hf0nB6pbXgDzF383nHJkFLAGq/l2sF+E=
Subject key identifier: 7E:21:92:87:9A:24:0B:52:93:4E:1D:FD:3B:E9:6D:FB:1B:AB:24:43
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 0191B2C68E420CCF43481CBCA6C3D5064B11
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/fiGSh5okC1KTTh39O-lt-xurJEM.roa
Signing time: Mon 02 Sep 2024 12:47:22 +0000
ROA not before: Mon 02 Sep 2024 12:47:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 94.131.24.0/22 maxlen: 24
94.131.48.0/20 maxlen: 24
94.131.64.0/20 maxlen: 24
95.164.44.0/22 maxlen: 22
95.164.70.0/24 maxlen: 24
95.164.77.0/24 maxlen: 24
95.164.78.0/23 maxlen: 24
95.164.128.0/20 maxlen: 24
95.164.168.0/23 maxlen: 24
95.164.192.0/22 maxlen: 24
95.164.200.0/21 maxlen: 21
95.164.240.0/21 maxlen: 21
95.164.252.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Nov 2024 21:49:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b2:c6:8e:42:0c:cf:43:48:1c:bc:a6:c3:d5:06:4b:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Sep 2 12:47:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e2192879a240b52934e1dfd3be96dfb1bab2443
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:56:c1:2a:b1:e2:8c:5a:20:bb:4c:c3:ad:15:
85:de:07:2f:71:67:cb:d0:c6:1d:40:b8:e4:47:ac:
fd:4b:0a:d1:3c:06:2c:c8:b6:a7:e1:9f:e0:e9:77:
28:8b:0e:2e:2c:b7:0d:c5:64:36:fc:c1:6a:f0:3b:
b9:e8:67:a4:f9:00:b9:39:ed:d2:f5:c1:74:31:76:
f1:7f:35:7b:d3:8d:5e:15:72:da:45:83:8e:c2:1e:
80:d2:da:ee:d7:c6:50:d6:0c:0d:ce:e1:cc:e9:f4:
a2:95:48:54:b0:18:0c:87:41:71:d3:61:37:05:43:
7e:11:aa:59:4e:d1:85:30:c0:16:ff:19:f0:05:c0:
14:7f:76:8b:06:9d:04:f8:28:10:e1:05:62:cf:60:
bb:09:d9:32:3d:18:e6:0b:44:40:69:cf:da:3e:c4:
e0:6f:71:9b:15:e6:98:6d:71:17:c0:9c:30:b3:04:
b6:14:25:42:ce:6c:7e:af:15:89:10:a8:5e:80:c1:
45:8d:f8:d7:ec:02:ed:31:d6:dc:26:41:ae:3a:1a:
e5:1a:7c:42:2f:57:23:1f:ff:62:b1:fa:ec:59:ad:
19:1b:f6:9a:66:38:8c:57:b7:c5:1e:77:bd:27:f7:
0d:94:d0:42:a0:6b:5f:d8:a8:c3:49:e3:8a:78:91:
e2:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:21:92:87:9A:24:0B:52:93:4E:1D:FD:3B:E9:6D:FB:1B:AB:24:43
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/fiGSh5okC1KTTh39O-lt-xurJEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.24.0/22
94.131.48.0-94.131.79.255
95.164.44.0/22
95.164.70.0/24
95.164.77.0-95.164.79.255
95.164.128.0/20
95.164.168.0/23
95.164.192.0/22
95.164.200.0/21
95.164.240.0/21
95.164.252.0/22
Signature Algorithm: sha256WithRSAEncryption
79:ab:12:4b:63:5b:82:5b:60:a1:a9:e7:cc:5e:bc:b6:de:2c:
a6:ba:7b:1b:c7:5c:d8:47:f9:c0:bc:57:9f:25:f2:f7:71:62:
c5:52:3f:9c:11:8b:d4:ff:28:e7:ec:8b:5b:a2:3b:7b:ef:44:
80:93:5e:fd:4a:ca:bf:d1:c7:f5:a5:c1:4e:8c:c2:d1:a2:62:
f4:43:88:41:52:41:83:9e:54:94:91:b8:11:be:bc:b7:c2:d6:
42:36:24:c9:85:0a:2a:5b:a6:41:95:12:65:b8:43:ac:41:dc:
cd:64:84:d3:de:ea:bb:8d:0c:e5:7d:67:02:95:36:7b:5e:4c:
1b:6d:86:f4:a2:5a:da:7d:af:d6:bc:d2:c0:4a:0f:a5:85:b7:
cd:73:33:7f:6f:f2:81:82:68:2e:9f:b2:cc:5a:de:d7:60:a3:
2e:85:9f:99:3b:ba:be:69:69:bb:6b:16:4c:38:6e:81:68:cf:
c1:25:c7:cc:8a:10:04:be:67:62:0f:4d:1e:52:e1:fb:b9:94:
1e:de:ef:fe:cf:39:72:3f:4b:40:f5:23:53:b5:9e:d9:f7:35:
2e:56:ea:e1:7a:95:4d:07:b4:13:6c:77:a6:8f:5d:e0:65:ad:
4c:e7:0a:a3:e3:58:7e:af:aa:13:fd:45:09:03:96:6d:c6:da:
2f:56:3a:09
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZGyxo5CDM9DSBy8psPVBksRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQwOTAyMTI0NzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTIxOTI4NzlhMjQwYjUyOTM0ZTFkZmQzYmU5NmRmYjFiYWIyNDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFbBKrHijFogu0zDrRWF3gcvcWfL
0MYdQLjkR6z9SwrRPAYsyLan4Z/g6Xcoiw4uLLcNxWQ2/MFq8Du56Gek+QC5Oe3S
9cF0MXbxfzV7041eFXLaRYOOwh6A0tru18ZQ1gwNzuHM6fSilUhUsBgMh0Fx02E3
BUN+EapZTtGFMMAW/xnwBcAUf3aLBp0E+CgQ4QViz2C7CdkyPRjmC0RAac/aPsTg
b3GbFeaYbXEXwJwwswS2FCVCzmx+rxWJEKhegMFFjfjX7ALtMdbcJkGuOhrlGnxC
L1cjH/9isfrsWa0ZG/aaZjiMV7fFHne9J/cNlNBCoGtf2KjDSeOKeJHicQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFH4hkoeaJAtSk04d/TvpbfsbqyRDMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvZmlHU2g1b2tDMUtUVGgzOU8tbHQteHVySkVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQCXoMYMAwD
BARegzADBAReg0ADBAJfpCwDBABfpEYwDAMEAF+kTQMEBF+kQAMEBF+kgAMEAV+k
qAMEAl+kwAMEA1+kyAMEA1+k8AMEAl+k/DANBgkqhkiG9w0BAQsFAAOCAQEAeasS
S2NbgltgoannzF68tt4sprp7G8dc2Ef5wLxXnyXy93FixVI/nBGL1P8o5+yLW6I7
e+9EgJNe/UrKv9HH9aXBTozC0aJi9EOIQVJBg55UlJG4Eb68t8LWQjYkyYUKKlum
QZUSZbhDrEHczWSE097qu40M5X1nApU2e15MG22G9KJa2n2v1rzSwEoPpYW3zXMz
f2/ygYJoLp+yzFre12CjLoWfmTu6vmlpu2sWTDhugWjPwSXHzIoQBL5nYg9NHlLh
+7mUHt7v/s85cj9LQPUjU7We2fc1Llbq4XqVTQe0E2x3po9d4GWtTOcKo+NYfq+q
E/1FCQOWbcbaL1Y6CQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:31:44 2025 by rpki-client