Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/bZ6qxTeEmkotWVzyXece2clTdJc.roa
File: bZ6qxTeEmkotWVzyXece2clTdJc.roa (raw, json)
Hash identifier: GHjKrvEm9wm9zWie0hpM82sImTS7LtdMWEJm1XpZQaA=
Subject key identifier: 6D:9E:AA:C5:37:84:9A:4A:2D:59:5C:F2:5D:E7:1E:D9:C9:53:74:97
Certificate issuer: /CN=d2c2b0ee187928409065d19ee9c0858e8c17ea13
Certificate serial: 01856DE6417714A38ACFC0E6CF0BB3A04BA5
Authority key identifier: D2:C2:B0:EE:18:79:28:40:90:65:D1:9E:E9:C0:85:8E:8C:17:EA:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0sKw7hh5KECQZdGe6cCFjowX6hM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/bZ6qxTeEmkotWVzyXece2clTdJc.roa
Signing time: Sun 01 Jan 2023 15:14:44 +0000
ROA not before: Sun 01 Jan 2023 15:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48283
IP address blocks: 194.0.30.0/24 maxlen: 24
194.0.31.0/24 maxlen: 24
194.0.28.0/24 maxlen: 24
194.0.29.0/24 maxlen: 24
2001:678:38::/48 maxlen: 48
2001:678:30::/48 maxlen: 48
2001:678:2c::/48 maxlen: 48
2001:678:34::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:41:77:14:a3:8a:cf:c0:e6:cf:0b:b3:a0:4b:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2c2b0ee187928409065d19ee9c0858e8c17ea13
Validity
Not Before: Jan 1 15:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d9eaac537849a4a2d595cf25de71ed9c9537497
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e6:d1:ae:2b:2b:f7:0d:38:45:bf:52:2f:16:
fb:c3:f4:43:26:18:f7:f4:2d:b7:6b:92:90:ba:7a:
eb:e2:b5:8f:1e:7f:94:eb:9b:1f:66:85:53:46:dd:
63:dd:22:61:47:39:0f:d3:fc:c2:5e:3d:71:8d:7c:
c5:4a:6d:8a:99:79:f0:78:2b:04:b3:a2:9c:3d:31:
01:45:96:0b:11:ec:82:3a:f9:f7:a9:1c:b1:84:fe:
8f:86:2a:af:6e:9d:47:be:5e:a1:45:ec:e5:2d:bd:
66:f3:87:28:ee:d0:04:e6:75:f1:af:8a:33:07:2c:
cd:76:c7:e1:46:1a:3b:10:99:88:a4:25:36:37:0b:
32:52:b7:97:a7:81:1a:ba:4a:b0:b6:1f:56:da:b5:
c1:67:d8:5b:cf:52:27:4f:91:13:88:3c:d3:70:0d:
2a:61:48:a9:db:d0:20:63:25:72:1f:c2:96:a5:1d:
46:9c:d6:36:78:46:b3:71:52:a8:47:77:b6:4c:89:
ab:5d:e3:86:68:a7:97:5f:26:5a:47:aa:fb:76:8d:
40:48:4e:34:33:75:31:42:5d:ee:3c:3c:79:0e:58:
fb:44:bd:f0:0e:c3:84:cf:8f:c5:5e:a4:4a:84:03:
e1:72:56:47:2b:8d:23:5d:b1:3d:12:9a:5f:79:19:
8c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:9E:AA:C5:37:84:9A:4A:2D:59:5C:F2:5D:E7:1E:D9:C9:53:74:97
X509v3 Authority Key Identifier:
keyid:D2:C2:B0:EE:18:79:28:40:90:65:D1:9E:E9:C0:85:8E:8C:17:EA:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0sKw7hh5KECQZdGe6cCFjowX6hM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/bZ6qxTeEmkotWVzyXece2clTdJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/0sKw7hh5KECQZdGe6cCFjowX6hM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.28.0/22
IPv6:
2001:678:2c::/48
2001:678:30::/48
2001:678:34::/48
2001:678:38::/48
Signature Algorithm: sha256WithRSAEncryption
8e:86:89:6c:15:90:d9:98:62:4b:9e:a4:3b:1a:08:8a:92:53:
18:91:a2:a1:74:da:ce:ab:a2:3e:40:d5:47:0f:62:3e:14:85:
de:ab:d7:56:60:1b:ce:e4:53:d7:9e:e0:a5:15:23:54:ce:80:
e7:33:68:45:de:f0:f7:3e:b7:9c:21:0b:aa:fb:c7:51:60:20:
d1:c9:62:c0:0f:7b:36:76:24:cc:79:97:0d:5b:7d:30:50:0c:
9c:97:ae:67:17:bb:02:31:66:d7:a5:ba:e6:3b:6b:49:1d:98:
55:9c:2d:72:b4:17:43:cc:dc:04:0e:ab:64:31:0b:bc:91:5c:
28:64:0e:a4:b2:27:d9:be:22:88:91:03:9d:df:75:07:0c:12:
40:c6:8c:4e:5e:90:67:e4:de:84:52:48:b4:dc:bd:98:49:3e:
a6:68:99:86:bf:0b:f3:b2:b2:c2:c9:2f:86:18:42:b7:19:dd:
63:4e:34:b9:95:68:03:bc:58:3a:1a:19:a9:27:36:cf:3d:c9:
fc:d1:99:5a:98:5c:5c:0f:c3:31:aa:85:9e:84:18:82:60:49:
00:a3:27:61:b0:71:d1:0f:bf:ad:f4:23:c3:c0:b6:c9:60:e0:
b5:a6:ee:cf:51:87:80:39:63:15:fe:62:f6:e1:41:86:78:63:
ba:c5:b9:33
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYVt5kF3FKOKz8DmzwuzoEulMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYzJiMGVlMTg3OTI4NDA5MDY1ZDE5ZWU5YzA4NThlOGMx
N2VhMTMwHhcNMjMwMTAxMTUxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDllYWFjNTM3ODQ5YTRhMmQ1OTVjZjI1ZGU3MWVkOWM5NTM3NDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlebRrisr9w04Rb9SLxb7w/RDJhj3
9C23a5KQunrr4rWPHn+U65sfZoVTRt1j3SJhRzkP0/zCXj1xjXzFSm2KmXnweCsE
s6KcPTEBRZYLEeyCOvn3qRyxhP6Phiqvbp1Hvl6hRezlLb1m84co7tAE5nXxr4oz
ByzNdsfhRho7EJmIpCU2NwsyUreXp4Eaukqwth9W2rXBZ9hbz1InT5ETiDzTcA0q
YUip29AgYyVyH8KWpR1GnNY2eEazcVKoR3e2TImrXeOGaKeXXyZaR6r7do1ASE40
M3UxQl3uPDx5Dlj7RL3wDsOEz4/FXqRKhAPhclZHK40jXbE9EppfeRmMwQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFG2eqsU3hJpKLVlc8l3nHtnJU3SXMB8GA1UdIwQY
MBaAFNLCsO4YeShAkGXRnunAhY6MF+oTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHNLdzdoaDVLRUNRWmRHZTZjQ0Zqb3dYNmhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hYmFjMTQtNmVhYi00OTg1LTg2N2Et
YzhlODYzYzFhOGQxLzEvYlo2cXhUZUVta290V1Z6eVhlY2UyY2xUZEpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hYmFjMTQtNmVhYi00OTg1LTg2N2EtYzhlODYzYzFhOGQx
LzEvMHNLdzdoaDVLRUNRWmRHZTZjQ0Zqb3dYNmhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAMBAIAATAGAwQCwgAcMCoE
AgACMCQDBwAgAQZ4ACwDBwAgAQZ4ADADBwAgAQZ4ADQDBwAgAQZ4ADgwDQYJKoZI
hvcNAQELBQADggEBAI6GiWwVkNmYYkuepDsaCIqSUxiRoqF02s6roj5A1UcPYj4U
hd6r11ZgG87kU9ee4KUVI1TOgOczaEXe8Pc+t5whC6r7x1FgINHJYsAPezZ2JMx5
lw1bfTBQDJyXrmcXuwIxZteluuY7a0kdmFWcLXK0F0PM3AQOq2QxC7yRXChkDqSy
J9m+IoiRA53fdQcMEkDGjE5ekGfk3oRSSLTcvZhJPqZomYa/C/OyssLJL4YYQrcZ
3WNONLmVaAO8WDoaGaknNs89yfzRmVqYXFwPwzGqhZ6EGIJgSQCjJ2GwcdEPv630
I8PAtslg4LWm7s9Rh4A5YxX+YvbhQYZ4Y7rFuTM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:03 2024 by rpki-client on console-ams.rpki-client.org