Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/6k-t5-t0OACK9DVvFwxFdcAZN_E.roa
File: 6k-t5-t0OACK9DVvFwxFdcAZN_E.roa (raw, json)
Hash identifier: GqkOI23Son5lUNID80nDbcXyaz2xEM7gLxfCzLNU6p0=
Subject key identifier: EA:4F:AD:E7:EB:74:38:00:8A:F4:35:6F:17:0C:45:75:C0:19:37:F1
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 01856DE67674CC859C931B05962C4D505B01
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/6k-t5-t0OACK9DVvFwxFdcAZN_E.roa
Signing time: Sun 01 Jan 2023 15:14:58 +0000
ROA not before: Sun 01 Jan 2023 15:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25211
IP address blocks: 85.239.144.0/22 maxlen: 22
85.239.150.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Aug 2023 17:27:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:76:74:cc:85:9c:93:1b:05:96:2c:4d:50:5b:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Jan 1 15:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea4fade7eb7438008af4356f170c4575c01937f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:72:fa:4d:3a:50:2f:c9:e3:37:ef:25:48:76:
de:34:92:db:b6:01:c8:a6:d0:9d:d2:67:25:ea:1b:
01:e2:de:75:92:b3:b2:a1:28:98:e1:56:8b:b5:4c:
d0:c5:02:9c:1e:9f:2f:c3:34:0f:9d:0c:a3:62:e4:
02:cc:a9:89:02:1b:29:52:46:39:28:c9:67:a7:f1:
d4:13:08:1c:1c:74:42:37:eb:68:26:5b:e9:17:84:
28:b7:88:4f:46:a8:9a:cc:d6:34:b8:b8:f2:9a:dd:
88:02:92:63:39:ad:83:60:a0:aa:00:60:c3:f1:b2:
76:51:f9:7f:a8:d3:b2:1b:7e:77:9b:4e:47:31:c3:
bc:c3:b8:42:18:5c:77:b9:67:e5:fc:b7:a0:38:79:
94:91:83:f8:89:43:cb:15:e4:b9:45:f6:b1:db:d7:
75:2d:2c:48:25:34:9d:7a:a7:c9:19:3b:7c:2f:9d:
62:7a:c4:32:29:d5:63:b1:e1:5b:64:b7:f9:c7:d0:
80:9a:d1:6f:bb:6c:a4:c8:69:2c:d7:db:b6:6f:c0:
87:cd:24:c3:8a:2f:73:a7:b7:67:a2:60:9a:8f:2d:
06:0c:4d:c6:a5:52:88:91:d1:a8:a1:4e:19:ae:31:
39:86:66:a4:2f:97:2b:46:a2:e1:0e:ca:e7:2d:d2:
4c:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:4F:AD:E7:EB:74:38:00:8A:F4:35:6F:17:0C:45:75:C0:19:37:F1
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/6k-t5-t0OACK9DVvFwxFdcAZN_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.144.0/22
85.239.150.0/24
Signature Algorithm: sha256WithRSAEncryption
21:6c:0f:59:86:f9:57:35:54:70:48:4a:e1:0d:03:c1:a8:51:
88:a5:f2:cc:84:0f:aa:d4:7b:7c:95:ec:3c:6c:d4:3f:f7:bf:
fb:71:3c:bf:f2:e9:41:65:01:56:fb:78:ba:c5:45:50:ab:44:
f4:30:c8:69:ed:9c:39:08:a4:e6:09:d7:2a:8f:eb:06:94:51:
02:a4:53:9a:75:9d:1c:ba:ba:4c:d1:4e:69:e8:a2:c1:84:a4:
e3:bd:80:22:dd:b8:af:37:d4:f2:f5:4a:92:ab:36:33:76:bc:
80:55:f6:7a:d7:4a:17:84:a1:1b:eb:f3:81:f3:1d:28:95:da:
0b:00:00:4e:6a:28:5b:e6:92:bb:bc:9e:2c:1c:f0:71:fa:6a:
de:94:4b:13:ae:20:c0:6b:2e:a6:32:3a:7a:ff:23:33:4c:55:
57:df:65:24:db:93:dd:9b:f9:df:e6:a9:e4:19:63:93:4f:e4:
3b:d7:b4:ed:23:80:31:41:37:7a:7d:3b:83:87:a1:16:4f:b9:
12:58:5b:c2:5f:a5:10:13:3b:96:fa:6e:8e:2b:e0:7e:03:07:
fe:83:28:a3:f2:6b:73:17:03:8f:d8:a5:34:ff:80:1c:de:16:
8d:76:61:73:74:ba:da:84:8c:c4:32:dd:71:99:2d:b6:41:ed:
20:bc:e1:b0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVt5nZ0zIWckxsFlixNUFsBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjMwMTAxMTUxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTRmYWRlN2ViNzQzODAwOGFmNDM1NmYxNzBjNDU3NWMwMTkzN2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13L6TTpQL8njN+8lSHbeNJLbtgHI
ptCd0mcl6hsB4t51krOyoSiY4VaLtUzQxQKcHp8vwzQPnQyjYuQCzKmJAhspUkY5
KMlnp/HUEwgcHHRCN+toJlvpF4Qot4hPRqiazNY0uLjymt2IApJjOa2DYKCqAGDD
8bJ2Ufl/qNOyG353m05HMcO8w7hCGFx3uWfl/LegOHmUkYP4iUPLFeS5Rfax29d1
LSxIJTSdeqfJGTt8L51iesQyKdVjseFbZLf5x9CAmtFvu2ykyGks19u2b8CHzSTD
ii9zp7dnomCajy0GDE3GpVKIkdGooU4ZrjE5hmakL5crRqLhDsrnLdJMqQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOpPrefrdDgAivQ1bxcMRXXAGTfxMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvNmstdDUtdDBPQUNLOURWdkZ3eEZkY0FaTl9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVe+QAwQA
Ve+WMA0GCSqGSIb3DQEBCwUAA4IBAQAhbA9ZhvlXNVRwSErhDQPBqFGIpfLMhA+q
1Ht8lew8bNQ/97/7cTy/8ulBZQFW+3i6xUVQq0T0MMhp7Zw5CKTmCdcqj+sGlFEC
pFOadZ0curpM0U5p6KLBhKTjvYAi3bivN9Ty9UqSqzYzdryAVfZ610oXhKEb6/OB
8x0oldoLAABOaihb5pK7vJ4sHPBx+mrelEsTriDAay6mMjp6/yMzTFVX32Uk25Pd
m/nf5qnkGWOTT+Q717TtI4AxQTd6fTuDh6EWT7kSWFvCX6UQEzuW+m6OK+B+Awf+
gyij8mtzFwOP2KU0/4Ac3haNdmFzdLrahIzEMt1xmS22Qe0gvOGw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:53 2024 by rpki-client on console-fra.rpki-client.org