Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/c4d7b0-6ebf-4cac-a8ad-fe3e318cae9c/1/6Y3DCjYavBsWnAD03sWccPfN_PE.roa
File: 6Y3DCjYavBsWnAD03sWccPfN_PE.roa (raw, json)
Hash identifier: FZkgLd29ZexTldd+n5Y6OkhmudSVmFkW16FfxTnG/+I=
Subject key identifier: E9:8D:C3:0A:36:1A:BC:1B:16:9C:00:F4:DE:C5:9C:70:F7:CD:FC:F1
Certificate issuer: /CN=af63a47acdba8ec1cd85d4d79f36b35b698e5f89
Certificate serial: 01857067409296938D4DA98219985861C640
Authority key identifier: AF:63:A4:7A:CD:BA:8E:C1:CD:85:D4:D7:9F:36:B3:5B:69:8E:5F:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r2Okes26jsHNhdTXnzazW2mOX4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/c4d7b0-6ebf-4cac-a8ad-fe3e318cae9c/1/6Y3DCjYavBsWnAD03sWccPfN_PE.roa
Signing time: Mon 02 Jan 2023 02:54:53 +0000
ROA not before: Mon 02 Jan 2023 02:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12700
IP address blocks: 91.202.240.0/24 maxlen: 24
91.202.240.0/22 maxlen: 22
91.202.241.0/24 maxlen: 24
91.202.242.0/24 maxlen: 24
91.202.243.0/24 maxlen: 24
31.131.32.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 16 Oct 2023 18:20:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:40:92:96:93:8d:4d:a9:82:19:98:58:61:c6:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af63a47acdba8ec1cd85d4d79f36b35b698e5f89
Validity
Not Before: Jan 2 02:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e98dc30a361abc1b169c00f4dec59c70f7cdfcf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:42:37:ab:3b:01:de:d8:89:fb:40:c6:4f:ae:
70:84:aa:c5:11:bb:f0:95:28:ef:60:e2:de:85:17:
99:fd:00:dc:87:f3:12:f1:9a:f7:24:1a:5d:f9:d7:
7b:39:31:a8:7b:88:93:49:ff:f1:5b:df:f4:81:d3:
ee:a8:42:9c:a9:84:7b:bd:9b:ee:1b:9f:5c:b1:8a:
d9:18:b8:a5:2d:6c:3b:4d:a8:ec:45:39:87:92:45:
55:60:66:13:a0:6a:46:1f:a3:15:98:d9:94:a2:b2:
5b:80:cb:41:2c:5b:66:fb:97:f9:24:68:f4:c7:6d:
2a:dc:6b:e8:dd:67:95:d0:dc:8c:a0:3c:99:07:90:
75:b4:19:68:26:9d:df:de:17:c8:2f:bc:50:6a:11:
6a:aa:74:d1:24:ec:af:df:15:ad:be:d0:fd:ee:a0:
ba:a4:27:b0:45:00:5b:0e:97:e0:7e:c9:a9:fc:92:
cc:cf:92:64:b0:ea:20:af:a1:ed:95:36:ec:a8:7a:
26:52:9d:92:49:6f:67:d5:ad:b2:58:97:d6:ba:b1:
b4:bd:ac:55:03:71:2c:31:0b:78:22:ce:ae:04:90:
08:9d:1c:4b:41:07:81:94:a3:a2:9f:bf:4e:f3:bf:
97:10:4a:7c:64:ad:f3:78:30:6c:3c:00:60:28:2b:
06:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:8D:C3:0A:36:1A:BC:1B:16:9C:00:F4:DE:C5:9C:70:F7:CD:FC:F1
X509v3 Authority Key Identifier:
keyid:AF:63:A4:7A:CD:BA:8E:C1:CD:85:D4:D7:9F:36:B3:5B:69:8E:5F:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r2Okes26jsHNhdTXnzazW2mOX4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c4d7b0-6ebf-4cac-a8ad-fe3e318cae9c/1/6Y3DCjYavBsWnAD03sWccPfN_PE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c4d7b0-6ebf-4cac-a8ad-fe3e318cae9c/1/r2Okes26jsHNhdTXnzazW2mOX4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.32.0/21
91.202.240.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:6d:59:2a:8b:3c:97:48:88:b7:96:75:36:a0:8f:5b:31:07:
c3:44:1a:c1:67:41:25:65:cf:af:cf:95:68:76:ff:0c:37:26:
e5:6f:f5:61:b6:4d:85:8c:15:6f:4f:e2:57:7c:a4:c4:38:3b:
21:14:c9:33:31:07:1b:8f:48:cb:fb:f4:46:f9:dd:14:69:6b:
8c:f5:ee:da:86:4d:26:c6:4a:65:a1:35:3d:2d:4b:3f:87:08:
ec:97:0f:3c:b9:4e:03:8a:17:d1:22:12:b1:f9:47:15:d4:7a:
fa:d6:51:9a:1a:8b:2a:f5:39:6b:49:b7:a5:09:89:da:66:b7:
06:18:ef:c1:8f:0e:56:54:5b:ba:72:b7:bd:b9:19:73:b3:e8:
99:1c:71:2c:00:4f:4b:5f:96:4d:97:82:82:b5:c1:d2:89:64:
40:47:2c:d6:99:b5:55:4b:28:2d:c4:50:4c:1b:a6:e5:b4:7a:
57:ad:fb:01:02:c1:5f:b2:ff:54:ae:ee:c9:b8:25:86:ea:a7:
46:59:88:c3:b6:aa:63:22:21:37:60:fb:57:d1:c4:84:a0:25:
3f:25:b5:83:61:97:79:c1:54:8d:1f:10:02:98:55:d0:4a:ee:
fa:cb:0f:08:38:0a:20:4c:f1:d0:fc:f0:94:df:64:41:06:7f:
3c:b4:26:5b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwZ0CSlpONTamCGZhYYcZAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNjNhNDdhY2RiYThlYzFjZDg1ZDRkNzlmMzZiMzViNjk4
ZTVmODkwHhcNMjMwMTAyMDI1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOThkYzMwYTM2MWFiYzFiMTY5YzAwZjRkZWM1OWM3MGY3Y2RmY2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkI3qzsB3tiJ+0DGT65whKrFEbvw
lSjvYOLehReZ/QDch/MS8Zr3JBpd+dd7OTGoe4iTSf/xW9/0gdPuqEKcqYR7vZvu
G59csYrZGLilLWw7TajsRTmHkkVVYGYToGpGH6MVmNmUorJbgMtBLFtm+5f5JGj0
x20q3Gvo3WeV0NyMoDyZB5B1tBloJp3f3hfIL7xQahFqqnTRJOyv3xWtvtD97qC6
pCewRQBbDpfgfsmp/JLMz5JksOogr6HtlTbsqHomUp2SSW9n1a2yWJfWurG0vaxV
A3EsMQt4Is6uBJAInRxLQQeBlKOin79O87+XEEp8ZK3zeDBsPABgKCsGSwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOmNwwo2GrwbFpwA9N7FnHD3zfzxMB8GA1UdIwQY
MBaAFK9jpHrNuo7BzYXU1582s1tpjl+JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjJPa2VzMjZqc0hOaGRUWG56YXpXMm1PWDRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9jNGQ3YjAtNmViZi00Y2FjLWE4YWQt
ZmUzZTMxOGNhZTljLzEvNlkzRENqWWF2QnNXbkFEMDNzV2NjUGZOX1BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9jNGQ3YjAtNmViZi00Y2FjLWE4YWQtZmUzZTMxOGNhZTlj
LzEvcjJPa2VzMjZqc0hOaGRUWG56YXpXMm1PWDRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDH4MgAwQC
W8rwMA0GCSqGSIb3DQEBCwUAA4IBAQCwbVkqizyXSIi3lnU2oI9bMQfDRBrBZ0El
Zc+vz5Vodv8MNyblb/Vhtk2FjBVvT+JXfKTEODshFMkzMQcbj0jL+/RG+d0UaWuM
9e7ahk0mxkploTU9LUs/hwjslw88uU4DihfRIhKx+UcV1Hr61lGaGosq9TlrSbel
CYnaZrcGGO/Bjw5WVFu6cre9uRlzs+iZHHEsAE9LX5ZNl4KCtcHSiWRARyzWmbVV
SygtxFBMG6bltHpXrfsBAsFfsv9Uru7JuCWG6qdGWYjDtqpjIiE3YPtX0cSEoCU/
JbWDYZd5wVSNHxACmFXQSu76yw8IOAogTPHQ/PCU32RBBn88tCZb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:38 2024 by rpki-client on console-ams.rpki-client.org