Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/6cgHinPEp1s-Npb99WEMPfgaZE8.roa
File: 6cgHinPEp1s-Npb99WEMPfgaZE8.roa (raw, json)
Hash identifier: +4Hpxpo93i5MnmFme2KQN5rJYW0sPi1gB0/GTnv08Dk=
Subject key identifier: E9:C8:07:8A:73:C4:A7:5B:3E:36:96:FD:F5:61:0C:3D:F8:1A:64:4F
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0191B39DB45D80D7BE656EAFCCAE76CB3790
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/6cgHinPEp1s-Npb99WEMPfgaZE8.roa
Signing time: Mon 02 Sep 2024 16:42:22 +0000
ROA not before: Mon 02 Sep 2024 16:42:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200740
IP address blocks: 159.255.34.0/23 maxlen: 24
159.255.36.0/23 maxlen: 24
159.255.38.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b3:9d:b4:5d:80:d7:be:65:6e:af:cc:ae:76:cb:37:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Sep 2 16:42:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e9c8078a73c4a75b3e3696fdf5610c3df81a644f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:85:cb:5e:57:7e:2d:cb:79:67:81:3b:3d:f2:
61:92:6c:14:4b:95:e0:a9:2f:e8:10:a4:f6:f2:ad:
02:56:f5:e6:4d:bf:d1:4c:7f:f8:c3:59:ea:3f:fa:
55:8d:12:d0:54:b4:fd:fb:73:01:7f:7f:d2:19:36:
bb:8b:06:7b:f9:96:41:bc:17:24:68:b5:89:0e:c6:
d0:9b:fb:68:d3:d4:71:aa:78:6c:6d:c8:ac:27:89:
39:62:aa:18:fa:e2:d9:6f:00:f7:df:85:34:13:89:
ac:9e:ee:37:60:8f:9c:96:b0:ed:50:4f:9e:86:bb:
e1:31:56:43:98:ec:51:a9:35:93:54:a6:a6:1d:f1:
ad:d7:28:73:a6:b9:aa:4b:bc:da:b4:8a:4e:15:a2:
d0:29:48:38:df:ac:52:b6:d1:4a:be:bd:4f:cf:60:
75:67:84:20:64:6b:f9:58:0c:b7:88:2e:7e:98:66:
78:c1:4d:6b:bf:64:f7:57:68:87:61:75:29:93:f1:
78:8d:16:ce:e9:c0:3b:8d:d8:72:dd:37:20:08:68:
91:ac:b5:a8:c8:df:92:e4:8f:b5:f8:ed:36:fe:fd:
bc:4c:34:d8:8b:e1:0d:ca:91:b9:79:b8:45:7c:1a:
26:bb:90:c4:09:53:14:93:03:6b:83:ce:be:8a:9b:
d3:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:C8:07:8A:73:C4:A7:5B:3E:36:96:FD:F5:61:0C:3D:F8:1A:64:4F
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/6cgHinPEp1s-Npb99WEMPfgaZE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.255.34.0-159.255.39.255
Signature Algorithm: sha256WithRSAEncryption
c8:61:85:7b:c3:1e:02:e2:34:17:86:8e:11:0c:54:f4:2c:87:
f7:5a:e3:88:b6:78:b7:9c:86:35:dc:8b:d3:d2:02:4f:94:08:
ba:2f:bd:fe:07:52:e2:52:ce:8f:a7:4b:8c:e1:3b:05:3c:7a:
45:23:a1:3c:ac:60:45:c6:a1:fd:4a:b0:4a:92:6f:f6:75:9f:
fe:4d:35:63:23:3e:1b:64:c2:c8:99:ef:d5:db:8a:dd:b9:b9:
f3:cd:87:95:44:ec:e8:fa:d0:01:23:fc:02:ca:58:ff:35:90:
24:d2:51:b1:17:40:04:82:e0:d9:61:6c:43:4c:c4:ff:15:8d:
55:72:11:15:84:95:5c:c0:1f:f7:92:f6:b4:7b:21:1a:b4:1f:
33:6d:cd:a0:6f:4b:3d:45:6b:3b:7f:3c:60:df:4c:61:c2:50:
84:b8:3d:73:c9:a2:37:27:22:bb:01:9c:9e:d5:a9:36:1e:e3:
2c:f2:14:49:4a:b5:df:a2:19:5c:3b:8f:61:90:83:fe:83:cd:
2c:8f:78:ef:34:d9:d7:45:24:1a:f2:8f:6d:f0:40:20:2e:cf:
b2:81:ee:22:1c:19:5f:25:95:e6:16:f5:04:84:47:19:50:7b:
b9:d1:ab:15:42:3a:7d:2a:61:e4:8d:6d:6f:c2:74:31:b7:92:
1d:23:18:5a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZGznbRdgNe+ZW6vzK52yzeQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwOTAyMTY0MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWM4MDc4YTczYzRhNzViM2UzNjk2ZmRmNTYxMGMzZGY4MWE2NDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4YXLXld+Lct5Z4E7PfJhkmwUS5Xg
qS/oEKT28q0CVvXmTb/RTH/4w1nqP/pVjRLQVLT9+3MBf3/SGTa7iwZ7+ZZBvBck
aLWJDsbQm/to09RxqnhsbcisJ4k5YqoY+uLZbwD334U0E4msnu43YI+clrDtUE+e
hrvhMVZDmOxRqTWTVKamHfGt1yhzprmqS7zatIpOFaLQKUg436xSttFKvr1Pz2B1
Z4QgZGv5WAy3iC5+mGZ4wU1rv2T3V2iHYXUpk/F4jRbO6cA7jdhy3TcgCGiRrLWo
yN+S5I+1+O02/v28TDTYi+ENypG5ebhFfBomu5DECVMUkwNrg86+ipvTWwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFOnIB4pzxKdbPjaW/fVhDD34GmRPMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvNmNnSGluUEVwMXMtTnBiOTlXRU1QZmdhWkU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGf/yID
BAOf/yAwDQYJKoZIhvcNAQELBQADggEBAMhhhXvDHgLiNBeGjhEMVPQsh/da44i2
eLechjXci9PSAk+UCLovvf4HUuJSzo+nS4zhOwU8ekUjoTysYEXGof1KsEqSb/Z1
n/5NNWMjPhtkwsiZ79Xbit25ufPNh5VE7Oj60AEj/ALKWP81kCTSUbEXQASC4Nlh
bENMxP8VjVVyERWElVzAH/eS9rR7IRq0HzNtzaBvSz1Fazt/PGDfTGHCUIS4PXPJ
ojcnIrsBnJ7VqTYe4yzyFElKtd+iGVw7j2GQg/6DzSyPeO802ddFJBryj23wQCAu
z7KB7iIcGV8lleYW9QSERxlQe7nRqxVCOn0qYeSNbW/CdDG3kh0jGFo=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:26:49 2025 by rpki-client