Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/6Ka0bRBhS-bxB0VddU3RZwvedlM.roa
File: 6Ka0bRBhS-bxB0VddU3RZwvedlM.roa (raw, json)
Hash identifier: G6ISENiI/uX+2e4cm7ilF44lWberYStufRbPAy/e29E=
Subject key identifier: E8:A6:B4:6D:10:61:4B:E6:F1:07:45:5D:75:4D:D1:67:0B:DE:76:53
Certificate issuer: /CN=32508fb781ca6dbd8221f2c2f954a3a7446b2b42
Certificate serial: 01940AA2A646C4E3C75899A081ED75FA0409
Authority key identifier: 32:50:8F:B7:81:CA:6D:BD:82:21:F2:C2:F9:54:A3:A7:44:6B:2B:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MlCPt4HKbb2CIfLC-VSjp0RrK0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/6Ka0bRBhS-bxB0VddU3RZwvedlM.roa
Signing time: Sat 28 Dec 2024 00:20:19 +0000
ROA not before: Sat 28 Dec 2024 00:20:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 88.218.204.0/24 maxlen: 24
2a09:b280:fe11::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:49:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:0a:a2:a6:46:c4:e3:c7:58:99:a0:81:ed:75:fa:04:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32508fb781ca6dbd8221f2c2f954a3a7446b2b42
Validity
Not Before: Dec 28 00:20:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e8a6b46d10614be6f107455d754dd1670bde7653
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:23:de:82:5b:bd:4e:7a:09:5d:34:93:38:c0:
7e:ae:1f:01:71:1d:1a:47:dd:ef:36:40:e5:71:aa:
33:20:1e:7c:97:44:55:90:1a:74:dd:40:19:2a:aa:
77:73:31:62:b5:83:90:02:59:a7:b4:e8:35:c4:ea:
c5:ea:43:d1:0a:c9:d6:c9:b2:82:54:09:cf:ea:cd:
96:f4:b8:7b:c7:71:2e:78:38:ff:ec:6a:7a:e0:12:
83:bb:2a:a5:f4:4e:1c:76:27:b8:17:a2:b5:a0:87:
ef:9c:e9:a2:56:d6:98:44:e6:8d:43:0f:3c:d5:87:
d9:e5:72:86:62:11:6f:a3:1a:fa:54:66:9a:69:35:
41:89:9b:ee:62:1d:db:a8:af:cc:40:3c:20:2c:a8:
1f:7f:44:6f:b4:ed:17:bc:17:51:60:3e:44:98:c7:
c9:64:7c:a0:68:33:e3:b1:78:a4:9a:30:9f:d6:d1:
29:c6:76:73:04:15:be:2e:9a:88:c3:18:4e:3f:b0:
72:c5:c3:ce:70:b6:97:bd:20:a9:9d:61:a9:84:bb:
1a:35:7e:38:32:9a:d9:a8:65:c1:39:4d:ee:30:90:
6b:a2:cf:0f:d1:a2:62:36:71:1a:51:81:bc:78:03:
71:97:1c:aa:26:ea:7c:41:a8:a0:eb:1d:33:50:eb:
42:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:A6:B4:6D:10:61:4B:E6:F1:07:45:5D:75:4D:D1:67:0B:DE:76:53
X509v3 Authority Key Identifier:
keyid:32:50:8F:B7:81:CA:6D:BD:82:21:F2:C2:F9:54:A3:A7:44:6B:2B:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MlCPt4HKbb2CIfLC-VSjp0RrK0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/6Ka0bRBhS-bxB0VddU3RZwvedlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/MlCPt4HKbb2CIfLC-VSjp0RrK0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.204.0/24
IPv6:
2a09:b280:fe11::/48
Signature Algorithm: sha256WithRSAEncryption
56:57:57:5f:99:c4:d6:b1:4a:e7:08:d0:eb:9c:b7:c1:56:c5:
ad:1b:d7:36:aa:48:6d:d4:bb:f1:13:74:69:cb:76:bb:ec:86:
52:a6:4e:eb:4d:12:4e:77:a7:5f:e3:5a:07:30:b7:f9:b7:ed:
bf:ea:1c:a0:4e:bb:88:85:c3:62:e3:16:27:f9:68:fb:71:e6:
ff:61:14:9a:c6:a9:af:52:87:2e:d1:d1:13:6b:9a:fb:1c:0e:
a9:14:62:83:37:3a:76:bd:c6:76:ca:9f:fa:af:d6:9f:10:d6:
00:d4:9e:a4:16:e7:6a:c7:1e:20:6d:d6:88:4b:31:ea:df:ca:
91:24:09:e4:4a:f8:49:01:da:88:ec:02:ec:78:02:60:14:d2:
1e:83:b8:ed:46:af:90:bf:4d:b7:45:90:0f:47:62:88:cb:ce:
f6:e3:3b:ed:12:ed:d7:92:c5:58:c7:ab:a3:22:66:19:8b:cf:
b7:25:00:c2:d8:02:74:2b:2e:72:55:80:1b:35:a2:dd:1a:80:
41:5c:78:e7:46:b0:60:56:5c:9c:ee:1e:3b:b3:28:56:c5:07:
a3:ff:57:a3:3f:0d:24:52:c5:b5:90:41:6d:80:c3:e0:b1:d5:
2c:fe:a7:82:d5:e2:e7:93:a6:95:30:c7:83:40:f6:bf:a0:c9:
36:f3:08:c5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQKoqZGxOPHWJmgge11+gQJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNTA4ZmI3ODFjYTZkYmQ4MjIxZjJjMmY5NTRhM2E3NDQ2
YjJiNDIwHhcNMjQxMjI4MDAyMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGE2YjQ2ZDEwNjE0YmU2ZjEwNzQ1NWQ3NTRkZDE2NzBiZGU3NjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyiPeglu9TnoJXTSTOMB+rh8BcR0a
R93vNkDlcaozIB58l0RVkBp03UAZKqp3czFitYOQAlmntOg1xOrF6kPRCsnWybKC
VAnP6s2W9Lh7x3EueDj/7Gp64BKDuyql9E4cdie4F6K1oIfvnOmiVtaYROaNQw88
1YfZ5XKGYhFvoxr6VGaaaTVBiZvuYh3bqK/MQDwgLKgff0RvtO0XvBdRYD5EmMfJ
ZHygaDPjsXikmjCf1tEpxnZzBBW+LpqIwxhOP7ByxcPOcLaXvSCpnWGphLsaNX44
MprZqGXBOU3uMJBros8P0aJiNnEaUYG8eANxlxyqJup8Qaig6x0zUOtCzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOimtG0QYUvm8QdFXXVN0WcL3nZTMB8GA1UdIwQY
MBaAFDJQj7eBym29giHywvlUo6dEaytCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWxDUHQ0SEtiYjJDSWZMQy1WU2pwMFJySzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82YzIwM2QtNjIyMS00NjBhLWFmNDkt
YzEyMjE4NzY1MTU0LzEvNkthMGJSQmhTLWJ4QjBWZGRVM1Jad3ZlZGxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82YzIwM2QtNjIyMS00NjBhLWFmNDktYzEyMjE4NzY1MTU0
LzEvTWxDUHQ0SEtiYjJDSWZMQy1WU2pwMFJySzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAWNrMMA8E
AgACMAkDBwAqCbKA/hEwDQYJKoZIhvcNAQELBQADggEBAFZXV1+ZxNaxSucI0Ouc
t8FWxa0b1zaqSG3Uu/ETdGnLdrvshlKmTutNEk53p1/jWgcwt/m37b/qHKBOu4iF
w2LjFif5aPtx5v9hFJrGqa9Shy7R0RNrmvscDqkUYoM3Ona9xnbKn/qv1p8Q1gDU
nqQW52rHHiBt1ohLMerfypEkCeRK+EkB2ojsAux4AmAU0h6DuO1Gr5C/TbdFkA9H
YojLzvbjO+0S7deSxVjHq6MiZhmLz7clAMLYAnQrLnJVgBs1ot0agEFceOdGsGBW
XJzuHjuzKFbFB6P/V6M/DSRSxbWQQW2Aw+Cx1Sz+p4LV4ueTppUwx4NA9r+gyTbz
CMU=
-----END CERTIFICATE-----
Generated at Thu Apr 17 21:06:16 2025 by rpki-client