Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/unbR_9xKWgOKl49Yn50UoqReVcA.roa
File: unbR_9xKWgOKl49Yn50UoqReVcA.roa (raw, json)
Hash identifier: AFz7Rw7nlULCb+xszLU8iC6r9QYyj8Fj5ozy9DeCPis=
Subject key identifier: BA:76:D1:FF:DC:4A:5A:03:8A:97:8F:58:9F:9D:14:A2:A4:5E:55:C0
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 018C171241757B6AD7DBA7DCDD27906C0F00
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/unbR_9xKWgOKl49Yn50UoqReVcA.roa
Signing time: Tue 28 Nov 2023 17:55:21 +0000
ROA not before: Tue 28 Nov 2023 17:55:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 53856
IP address blocks: 94.131.64.0/22 maxlen: 24
94.131.72.0/21 maxlen: 24
94.131.120.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Dec 2023 19:13:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:17:12:41:75:7b:6a:d7:db:a7:dc:dd:27:90:6c:0f:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Nov 28 17:55:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba76d1ffdc4a5a038a978f589f9d14a2a45e55c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c2:66:ec:31:76:11:30:9a:89:a0:67:a6:1c:
fd:e7:3a:45:af:f2:92:3b:68:3b:bb:3d:50:7c:85:
36:86:a1:4e:66:52:3b:99:27:f8:0a:8f:ea:99:ef:
03:e5:dd:2a:ef:04:1b:a0:c4:65:84:c3:c5:db:73:
54:05:74:59:73:63:1a:9e:ca:b6:dc:57:33:c7:2a:
27:19:c4:e1:08:cb:89:f9:ba:98:c0:bb:86:7a:e7:
c9:5c:f3:7a:9c:9c:31:2f:1f:a0:80:be:3b:c8:e8:
cd:c4:35:a8:ce:00:28:34:2f:f2:8b:95:de:50:f9:
b4:5b:13:b8:07:80:0a:1d:2c:a0:23:df:65:55:cd:
9e:ae:32:f4:6d:3c:53:0a:99:36:4c:d8:f6:4b:0d:
7b:3a:b0:de:e3:85:7f:ed:ac:3d:db:60:30:04:a4:
96:43:ad:bc:7c:93:d4:bf:8c:fb:e9:df:c1:39:65:
d0:e1:e0:b3:89:11:b8:3e:99:c7:ed:d7:87:b4:ac:
f8:69:5c:95:89:b4:cf:11:be:15:43:5f:80:84:6e:
f1:fe:21:48:41:d2:18:0e:37:58:c0:b3:a2:6d:e2:
5a:d5:87:7f:63:74:ee:e1:a3:57:22:f0:48:d7:49:
9b:b4:d0:91:e7:c3:ee:95:dc:da:dc:9f:3c:eb:34:
2a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:76:D1:FF:DC:4A:5A:03:8A:97:8F:58:9F:9D:14:A2:A4:5E:55:C0
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/unbR_9xKWgOKl49Yn50UoqReVcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.64.0/22
94.131.72.0/21
94.131.120.0/21
Signature Algorithm: sha256WithRSAEncryption
15:f2:b4:1d:4f:07:fc:f2:58:ba:a9:51:db:52:f3:30:8b:77:
59:01:18:a8:b3:91:76:03:b1:a6:ad:5c:6b:9e:87:5d:be:2b:
d1:bf:31:d5:53:0e:a0:8b:48:3e:ff:45:84:82:3e:d0:82:65:
e0:3e:31:3d:21:59:1c:58:ff:bb:a7:e9:25:be:f5:49:e7:01:
f1:1b:b3:92:a9:05:06:15:ca:26:07:46:a9:34:99:7c:d0:ef:
68:35:d5:35:80:65:36:cd:58:3e:4a:9d:06:8c:24:13:33:56:
86:b2:a0:07:2b:5c:e1:97:6d:c6:72:b7:3e:42:71:1e:49:a7:
bd:ee:e1:5b:49:ce:ea:76:a8:b1:45:30:27:4a:89:4c:9f:d3:
f4:95:8f:50:02:bb:8a:d8:a0:f3:a6:b5:77:10:16:65:6d:52:
cb:98:1b:64:08:8c:cb:73:45:d3:0a:93:1c:6e:3f:7b:25:d3:
6d:d8:6e:c1:33:10:e9:63:6c:70:0f:9e:f8:6a:1b:b0:d4:42:
e6:c6:39:f3:eb:b0:27:5b:bc:a6:c2:a8:e5:ee:af:6d:17:0b:
f3:79:3f:0f:ae:f1:a5:b1:1c:a8:ca:f0:e0:b2:ff:38:d1:0c:
ad:f0:bd:b0:ef:5d:90:ac:8f:21:f7:cd:3d:5e:39:7e:e6:d7:
a1:29:fc:9c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYwXEkF1e2rX26fc3SeQbA8AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjMxMTI4MTc1NTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTc2ZDFmZmRjNGE1YTAzOGE5NzhmNTg5ZjlkMTRhMmE0NWU1NWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8Jm7DF2ETCaiaBnphz95zpFr/KS
O2g7uz1QfIU2hqFOZlI7mSf4Co/qme8D5d0q7wQboMRlhMPF23NUBXRZc2Mansq2
3FczxyonGcThCMuJ+bqYwLuGeufJXPN6nJwxLx+ggL47yOjNxDWozgAoNC/yi5Xe
UPm0WxO4B4AKHSygI99lVc2erjL0bTxTCpk2TNj2Sw17OrDe44V/7aw922AwBKSW
Q628fJPUv4z76d/BOWXQ4eCziRG4PpnH7deHtKz4aVyVibTPEb4VQ1+AhG7x/iFI
QdIYDjdYwLOibeJa1Yd/Y3Tu4aNXIvBI10mbtNCR58Puldza3J886zQqzQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLp20f/cSloDipePWJ+dFKKkXlXAMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvdW5iUl85eEtXZ09LbDQ5WW41MFVvcVJlVmNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCXoNAAwQD
XoNIAwQDXoN4MA0GCSqGSIb3DQEBCwUAA4IBAQAV8rQdTwf88li6qVHbUvMwi3dZ
ARios5F2A7GmrVxrnoddvivRvzHVUw6gi0g+/0WEgj7QgmXgPjE9IVkcWP+7p+kl
vvVJ5wHxG7OSqQUGFcomB0apNJl80O9oNdU1gGU2zVg+Sp0GjCQTM1aGsqAHK1zh
l23Gcrc+QnEeSae97uFbSc7qdqixRTAnSolMn9P0lY9QAruK2KDzprV3EBZlbVLL
mBtkCIzLc0XTCpMcbj97JdNt2G7BMxDpY2xwD574ahuw1ELmxjnz67AnW7ymwqjl
7q9tFwvzeT8PrvGlsRyoyvDgsv840Qyt8L2w712QrI8h9809Xjl+5tehKfyc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:49 2024 by rpki-client on console-ams.rpki-client.org