Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/6T2d4nc38R0FM0HF9hH5TNfQmww.roa
File: 6T2d4nc38R0FM0HF9hH5TNfQmww.roa (raw, json)
Hash identifier: E3dAGXH9LCqhiva3W0Ja1QJWK4ir1l8idv98LLl2Nvw=
Subject key identifier: E9:3D:9D:E2:77:37:F1:1D:05:33:41:C5:F6:11:F9:4C:D7:D0:9B:0C
Certificate issuer: /CN=3433ae1c60672c7591a8f97d68f79fb2a5ee8da7
Certificate serial: 018BD773918803BE66788DC2FE0BC615308A
Authority key identifier: 34:33:AE:1C:60:67:2C:75:91:A8:F9:7D:68:F7:9F:B2:A5:EE:8D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NDOuHGBnLHWRqPl9aPefsqXujac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/6T2d4nc38R0FM0HF9hH5TNfQmww.roa
Signing time: Thu 16 Nov 2023 09:25:57 +0000
ROA not before: Thu 16 Nov 2023 09:25:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16125
IP address blocks: 46.166.160.0/20 maxlen: 32
185.8.104.0/22 maxlen: 32
5.199.160.0/20 maxlen: 32
93.115.24.0/21 maxlen: 32
185.150.116.0/22 maxlen: 32
188.214.128.0/21 maxlen: 32
2a02:ae00::/36 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d7:73:91:88:03:be:66:78:8d:c2:fe:0b:c6:15:30:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3433ae1c60672c7591a8f97d68f79fb2a5ee8da7
Validity
Not Before: Nov 16 09:25:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e93d9de27737f11d053341c5f611f94cd7d09b0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:bd:5e:5b:3c:59:18:a8:36:74:0f:89:b4:39:
db:e9:95:89:78:7f:00:d7:52:f4:ec:a0:89:fc:5f:
b5:e0:d3:8d:2c:de:61:63:8f:be:11:5d:09:c2:3a:
64:84:3a:37:88:31:44:d4:78:ae:32:58:18:6e:80:
30:79:8b:31:2e:e2:75:08:9c:f5:8b:d9:63:4b:6b:
52:02:bd:30:d6:b8:25:ba:38:a5:ac:01:5f:47:ad:
4e:7d:e3:aa:bc:37:2a:f0:18:3c:b6:29:c4:8a:86:
65:ce:82:f5:23:6c:70:7e:3d:c3:e4:fb:a1:52:3e:
34:9a:ae:5e:7b:c4:cf:6c:8f:8d:a2:76:31:54:95:
21:a7:2a:1b:43:32:ea:5a:42:1f:54:cf:7d:94:7d:
65:17:da:e6:19:7e:69:d6:2c:e8:6d:8b:bd:56:4c:
21:3f:59:4b:b8:65:50:ef:de:da:03:fa:3d:7d:cc:
61:09:78:6e:8f:20:c2:5d:89:31:48:16:6c:fc:2e:
56:54:75:ea:4c:b5:36:16:84:85:fe:25:d8:d4:65:
e6:1a:ae:66:ce:e5:f7:b6:b4:db:4a:f4:26:20:e8:
94:b7:ef:8b:dc:9b:98:37:26:7b:7c:38:07:b0:04:
16:f1:60:ee:83:ab:3f:52:3b:17:56:90:60:84:e6:
4f:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:3D:9D:E2:77:37:F1:1D:05:33:41:C5:F6:11:F9:4C:D7:D0:9B:0C
X509v3 Authority Key Identifier:
keyid:34:33:AE:1C:60:67:2C:75:91:A8:F9:7D:68:F7:9F:B2:A5:EE:8D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NDOuHGBnLHWRqPl9aPefsqXujac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/6T2d4nc38R0FM0HF9hH5TNfQmww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/NDOuHGBnLHWRqPl9aPefsqXujac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.199.160.0/20
46.166.160.0/20
93.115.24.0/21
185.8.104.0/22
185.150.116.0/22
188.214.128.0/21
IPv6:
2a02:ae00::/36
Signature Algorithm: sha256WithRSAEncryption
67:d4:72:39:88:82:5e:a2:fe:f7:20:e1:ac:d1:85:ea:b9:94:
fb:4a:11:b7:ea:9f:5a:ee:0f:18:e2:8d:4e:fe:bb:e3:05:9f:
be:26:be:e4:04:80:09:83:d2:f1:09:3f:fb:3e:25:99:5f:16:
35:91:b2:1e:ad:78:e3:e7:ac:d4:e7:ac:3d:da:93:85:72:28:
df:2d:e5:f7:7b:2d:8c:8d:b5:b6:83:4e:c8:a8:0b:45:de:c4:
9f:da:4d:ee:37:28:e6:bf:5c:e5:99:ab:30:4d:5d:8e:7b:f9:
84:37:7f:d2:da:8c:d3:6c:59:85:10:0a:70:e2:ed:88:72:1c:
9a:08:3e:f2:85:a1:68:b7:37:85:d2:c3:14:9f:70:d8:41:b7:
73:e3:91:af:d0:ef:ed:36:a1:b8:0b:1b:2b:1a:52:5a:b7:c3:
d4:e4:f5:d3:5a:f6:ff:e3:58:07:ba:38:c8:e1:0a:96:72:c7:
79:fe:ca:bf:7d:db:d9:41:45:fd:de:fd:c7:c9:b1:02:52:c1:
d8:6e:aa:8c:a7:59:ce:e6:6a:21:60:a7:43:99:05:05:53:bc:
39:09:03:79:8b:dc:35:19:74:89:d4:78:6b:a2:4d:57:9b:2b:
7e:63:78:b9:92:8d:5f:85:80:67:6d:15:ed:6c:30:f3:f9:9d:
17:0f:d9:fb
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYvXc5GIA75meI3C/gvGFTCKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MzNhZTFjNjA2NzJjNzU5MWE4Zjk3ZDY4Zjc5ZmIyYTVl
ZThkYTcwHhcNMjMxMTE2MDkyNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTNkOWRlMjc3MzdmMTFkMDUzMzQxYzVmNjExZjk0Y2Q3ZDA5YjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAub1eWzxZGKg2dA+JtDnb6ZWJeH8A
11L07KCJ/F+14NONLN5hY4++EV0JwjpkhDo3iDFE1HiuMlgYboAweYsxLuJ1CJz1
i9ljS2tSAr0w1rglujilrAFfR61OfeOqvDcq8Bg8tinEioZlzoL1I2xwfj3D5Puh
Uj40mq5ee8TPbI+NonYxVJUhpyobQzLqWkIfVM99lH1lF9rmGX5p1izobYu9Vkwh
P1lLuGVQ797aA/o9fcxhCXhujyDCXYkxSBZs/C5WVHXqTLU2FoSF/iXY1GXmGq5m
zuX3trTbSvQmIOiUt++L3JuYNyZ7fDgHsAQW8WDug6s/UjsXVpBghOZPTQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFOk9neJ3N/EdBTNBxfYR+UzX0JsMMB8GA1UdIwQY
MBaAFDQzrhxgZyx1kaj5fWj3n7Kl7o2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkRPdUhHQm5MSFdScVBsOWFQZWZzcVh1amFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85Y2E0NDYtZmM1Yy00NzQ2LWIyNmYt
MzBjZTgzNzAxYjM5LzEvNlQyZDRuYzM4UjBGTTBIRjloSDVUTmZRbXd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85Y2E0NDYtZmM1Yy00NzQ2LWIyNmYtMzBjZTgzNzAxYjM5
LzEvTkRPdUhHQm5MSFdScVBsOWFQZWZzcVh1amFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAqBAIAATAkAwQEBcegAwQE
LqagAwQDXXMYAwQCuQhoAwQCuZZ0AwQDvNaAMA4EAgACMAgDBgQqAq4AADANBgkq
hkiG9w0BAQsFAAOCAQEAZ9RyOYiCXqL+9yDhrNGF6rmU+0oRt+qfWu4PGOKNTv67
4wWfvia+5ASACYPS8Qk/+z4lmV8WNZGyHq144+es1OesPdqThXIo3y3l93stjI21
toNOyKgLRd7En9pN7jco5r9c5ZmrME1djnv5hDd/0tqM02xZhRAKcOLtiHIcmgg+
8oWhaLc3hdLDFJ9w2EG3c+ORr9Dv7TahuAsbKxpSWrfD1OT101r2/+NYB7o4yOEK
lnLHef7Kv33b2UFF/d79x8mxAlLB2G6qjKdZzuZqIWCnQ5kFBVO8OQkDeYvcNRl0
idR4a6JNV5srfmN4uZKNX4WAZ20V7Www8/mdFw/Z+w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:36 2024 by rpki-client on console-ams.rpki-client.org