Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/n-fGedV4hyjCJ5mpBpekYEKVXSY.roa
File: n-fGedV4hyjCJ5mpBpekYEKVXSY.roa (raw, json)
Hash identifier: 6fWY41kIumM1BipDBqpjTzfCFQPEuLMp07yUlRs5Yvc=
Subject key identifier: 9F:E7:C6:79:D5:78:87:28:C2:27:99:A9:06:97:A4:60:42:95:5D:26
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 01856FF93B74D197690A0AF3A563AF7FDE0B
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/n-fGedV4hyjCJ5mpBpekYEKVXSY.roa
Signing time: Mon 02 Jan 2023 00:54:42 +0000
ROA not before: Mon 02 Jan 2023 00:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21473
IP address blocks: 152.89.92.0/22 maxlen: 22
2a0c:6b00::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 03 Nov 2023 20:13:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:3b:74:d1:97:69:0a:0a:f3:a5:63:af:7f:de:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Jan 2 00:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9fe7c679d5788728c22799a90697a46042955d26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ee:c9:30:6b:2f:e3:7b:d3:0c:fb:d3:80:8e:
13:13:30:3a:2a:2c:2b:96:5c:35:ee:83:09:cd:1c:
36:17:cb:85:f9:b0:b3:07:69:c6:75:d6:c5:e8:76:
8c:39:25:a0:d1:78:7b:cb:1a:e1:86:fb:b5:88:e4:
32:3c:26:3e:7c:a3:d4:e3:19:05:4f:dc:45:34:33:
0c:31:d5:10:b4:ff:2c:25:90:68:b8:92:b7:29:f3:
bb:21:6f:8c:90:c8:9a:21:b7:7e:be:9a:37:b5:f9:
ff:58:93:cd:45:4a:45:94:37:41:1e:d4:27:0f:e4:
5d:c8:dd:32:db:7c:f3:68:69:25:42:b8:a1:1a:2b:
7d:3f:ee:1b:85:28:8b:06:d1:7b:12:52:6e:e0:a4:
2f:6c:77:9d:c2:75:9a:53:94:8a:fe:92:75:e5:8a:
6c:48:73:12:87:2f:1b:d7:ec:d1:21:2a:c9:9a:31:
a0:ca:f4:d7:ee:44:0a:a2:a6:c0:3e:11:bc:cb:72:
d0:2d:6a:89:8f:3f:10:62:41:31:c7:93:31:fe:ee:
14:d4:aa:a2:63:c8:2a:ae:5f:03:37:39:a5:2f:4e:
f3:21:11:d9:cf:31:35:3d:e2:46:c1:60:ea:95:8d:
70:95:ac:99:50:c2:a3:67:1f:72:bd:fb:d3:38:57:
4f:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:E7:C6:79:D5:78:87:28:C2:27:99:A9:06:97:A4:60:42:95:5D:26
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/n-fGedV4hyjCJ5mpBpekYEKVXSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.92.0/22
IPv6:
2a0c:6b00::/32
Signature Algorithm: sha256WithRSAEncryption
3e:7b:56:46:8d:22:d9:b0:eb:a1:4f:87:e7:f7:14:b4:95:8b:
4b:45:01:32:01:52:a1:3e:ef:11:70:e3:e2:f2:aa:82:51:76:
f9:99:c6:4b:9d:85:1a:f0:30:50:78:33:57:42:90:d4:67:fd:
3c:94:ee:05:85:29:9b:ca:ee:be:93:07:57:44:c1:92:e3:17:
f5:89:cd:78:9e:e9:b3:d9:ca:e1:c4:f6:cf:32:0c:52:74:56:
cd:f2:62:a7:99:c8:f8:ee:f4:7a:23:88:33:55:73:5b:b3:8f:
fb:b1:f9:dd:09:99:72:00:91:fe:35:39:52:7b:ba:4a:f3:87:
85:26:ec:ff:4f:da:7f:ca:36:b2:3f:9d:ad:f0:58:1d:98:f1:
e6:0c:91:8f:46:74:20:36:ce:41:50:6d:33:70:8e:06:5b:77:
30:61:87:aa:5e:99:98:d4:93:55:ff:30:c9:2b:6d:1a:ce:5e:
c7:ae:d8:5b:0c:8b:73:dc:07:c3:f3:eb:cb:48:5d:0d:17:55:
59:5c:d4:33:aa:0b:2f:5a:ac:75:53:02:a6:c3:7c:d3:40:82:
0f:e5:54:93:fa:e5:5e:a7:ff:5e:45:d3:f1:96:25:fa:d7:e4:
fd:fa:8c:48:a0:37:e0:e0:41:bf:73:47:a3:98:7b:a0:73:32:
f1:6b:dc:aa
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVv+Tt00ZdpCgrzpWOvf94LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjMwMTAyMDA1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmU3YzY3OWQ1Nzg4NzI4YzIyNzk5YTkwNjk3YTQ2MDQyOTU1ZDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqO7JMGsv43vTDPvTgI4TEzA6Kiwr
llw17oMJzRw2F8uF+bCzB2nGddbF6HaMOSWg0Xh7yxrhhvu1iOQyPCY+fKPU4xkF
T9xFNDMMMdUQtP8sJZBouJK3KfO7IW+MkMiaIbd+vpo3tfn/WJPNRUpFlDdBHtQn
D+RdyN0y23zzaGklQrihGit9P+4bhSiLBtF7ElJu4KQvbHedwnWaU5SK/pJ15Yps
SHMShy8b1+zRISrJmjGgyvTX7kQKoqbAPhG8y3LQLWqJjz8QYkExx5Mx/u4U1Kqi
Y8gqrl8DNzmlL07zIRHZzzE1PeJGwWDqlY1wlayZUMKjZx9yvfvTOFdP2wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ/nxnnVeIcowieZqQaXpGBClV0mMB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEvbi1mR2VkVjRoeWpDSjVtcEJwZWtZRUtWWFNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCmFlcMA0E
AgACMAcDBQAqDGsAMA0GCSqGSIb3DQEBCwUAA4IBAQA+e1ZGjSLZsOuhT4fn9xS0
lYtLRQEyAVKhPu8RcOPi8qqCUXb5mcZLnYUa8DBQeDNXQpDUZ/08lO4FhSmbyu6+
kwdXRMGS4xf1ic14numz2crhxPbPMgxSdFbN8mKnmcj47vR6I4gzVXNbs4/7sfnd
CZlyAJH+NTlSe7pK84eFJuz/T9p/yjayP52t8FgdmPHmDJGPRnQgNs5BUG0zcI4G
W3cwYYeqXpmY1JNV/zDJK20azl7HrthbDItz3AfD8+vLSF0NF1VZXNQzqgsvWqx1
UwKmw3zTQIIP5VST+uVep/9eRdPxliX61+T9+oxIoDfg4EG/c0ejmHugczLxa9yq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:21 2024 by rpki-client on console-ams.rpki-client.org