Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/e810cd-6497-4d8a-91a5-bf57387662a0/1/6LEXi2M51LRKtfLKoHM2Iqi_Bh8.roa
File: 6LEXi2M51LRKtfLKoHM2Iqi_Bh8.roa (raw, json)
Hash identifier: LsGfgzkfp+sVgf46FDcZEZhqhjCIfkhCw1A0+cHULNQ=
Subject key identifier: E8:B1:17:8B:63:39:D4:B4:4A:B5:F2:CA:A0:73:36:22:A8:BF:06:1F
Certificate issuer: /CN=4bf4d9fa66b008a08c3b8ed82c38267e1d212550
Certificate serial: 01856D01CA40B22CC2853251D13BACE1D92B
Authority key identifier: 4B:F4:D9:FA:66:B0:08:A0:8C:3B:8E:D8:2C:38:26:7E:1D:21:25:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S_TZ-mawCKCMO47YLDgmfh0hJVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/e810cd-6497-4d8a-91a5-bf57387662a0/1/6LEXi2M51LRKtfLKoHM2Iqi_Bh8.roa
Signing time: Sun 01 Jan 2023 11:05:11 +0000
ROA not before: Sun 01 Jan 2023 11:05:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49079
IP address blocks: 185.131.20.0/22 maxlen: 24
2a03:a020::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:ca:40:b2:2c:c2:85:32:51:d1:3b:ac:e1:d9:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4bf4d9fa66b008a08c3b8ed82c38267e1d212550
Validity
Not Before: Jan 1 11:05:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e8b1178b6339d4b44ab5f2caa0733622a8bf061f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:21:d9:ec:ed:bd:6a:1b:92:23:c7:48:49:0c:
6f:ea:3b:da:ae:99:62:83:da:57:bd:62:d0:ff:be:
4e:a2:03:62:bd:a5:4a:8b:47:a7:25:33:54:6d:22:
1c:49:da:2c:9e:82:03:f5:6f:72:b4:2b:8a:30:5a:
2e:e2:51:65:8d:4a:75:fa:d7:6e:9e:d8:1e:11:b6:
65:e8:ef:40:17:73:b3:b9:9c:29:a2:2d:ff:0d:c8:
68:0c:ee:3c:46:91:e1:fa:ef:db:12:a2:32:b3:78:
62:5d:5e:23:b2:43:47:60:d3:b9:60:ce:8e:ff:e4:
c6:1c:7a:74:5d:a1:bd:19:92:83:8f:ad:ef:1e:c0:
c0:20:be:44:cb:80:f8:f0:b1:d7:35:1b:62:36:58:
42:79:88:97:95:1f:5c:a1:e3:fa:86:1e:c0:27:19:
cf:4b:35:37:fb:f4:27:d9:24:33:c6:76:20:62:50:
be:cf:56:66:e4:b5:4a:d7:55:b7:ca:41:cb:ff:43:
8f:9a:7f:79:0e:1a:08:46:72:61:9e:25:0b:89:ff:
3a:28:a6:3a:02:ae:85:2c:3d:00:81:eb:87:16:90:
34:d1:85:d9:38:25:c6:76:ce:a2:0c:4c:63:84:10:
7d:c1:ae:42:12:a6:1a:8a:09:ca:ec:a2:ed:43:99:
19:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:B1:17:8B:63:39:D4:B4:4A:B5:F2:CA:A0:73:36:22:A8:BF:06:1F
X509v3 Authority Key Identifier:
keyid:4B:F4:D9:FA:66:B0:08:A0:8C:3B:8E:D8:2C:38:26:7E:1D:21:25:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S_TZ-mawCKCMO47YLDgmfh0hJVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e810cd-6497-4d8a-91a5-bf57387662a0/1/6LEXi2M51LRKtfLKoHM2Iqi_Bh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e810cd-6497-4d8a-91a5-bf57387662a0/1/S_TZ-mawCKCMO47YLDgmfh0hJVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.131.20.0/22
IPv6:
2a03:a020::/32
Signature Algorithm: sha256WithRSAEncryption
84:50:53:70:34:01:a4:7f:95:31:cf:b4:83:72:33:8a:1e:e4:
a6:da:0b:14:d8:a0:79:d4:7f:e2:8f:61:7a:e2:71:06:6a:3f:
42:0b:fd:9a:9d:8a:7e:7d:f3:23:6f:99:d8:6a:b0:67:ac:e2:
2c:a0:1d:61:b1:de:52:00:2a:02:2e:02:2e:bd:25:54:e8:d8:
f4:90:6b:c3:bc:e1:ed:c6:70:c0:e2:e5:3b:45:58:4a:4d:0b:
66:89:df:a9:05:e6:12:49:3e:f8:c2:03:2c:12:8d:21:cb:15:
b7:61:39:7b:92:c2:2b:f8:a1:52:96:2e:47:1f:5c:a5:c6:e2:
7e:30:0b:cd:13:02:98:20:a8:9c:59:0e:fa:00:8e:80:40:f2:
43:ac:26:e8:1b:f6:b5:94:3e:09:3a:09:f8:2c:ee:6f:3f:0a:
92:10:26:bd:ad:aa:d3:02:80:bd:ba:ba:23:9c:55:4d:61:a6:
48:e6:ec:54:27:f5:38:f9:21:24:35:93:a8:e4:26:16:e6:f9:
c7:11:f5:20:7c:34:fd:40:3e:99:21:93:97:b9:05:a3:ac:69:
40:42:25:59:a1:e7:18:6e:76:4b:8b:3b:19:c9:47:60:45:d0:
7a:b0:81:8e:cc:b9:4f:92:8a:64:21:f6:37:96:1a:27:dc:78:
b4:f1:24:c9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtAcpAsizChTJR0Tus4dkrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiZjRkOWZhNjZiMDA4YTA4YzNiOGVkODJjMzgyNjdlMWQy
MTI1NTAwHhcNMjMwMTAxMTEwNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGIxMTc4YjYzMzlkNGI0NGFiNWYyY2FhMDczMzYyMmE4YmYwNjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCHZ7O29ahuSI8dISQxv6jvarpli
g9pXvWLQ/75OogNivaVKi0enJTNUbSIcSdosnoID9W9ytCuKMFou4lFljUp1+tdu
ntgeEbZl6O9AF3OzuZwpoi3/DchoDO48RpHh+u/bEqIys3hiXV4jskNHYNO5YM6O
/+TGHHp0XaG9GZKDj63vHsDAIL5Ey4D48LHXNRtiNlhCeYiXlR9coeP6hh7AJxnP
SzU3+/Qn2SQzxnYgYlC+z1Zm5LVK11W3ykHL/0OPmn95DhoIRnJhniULif86KKY6
Aq6FLD0AgeuHFpA00YXZOCXGds6iDExjhBB9wa5CEqYaignK7KLtQ5kZ1QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOixF4tjOdS0SrXyyqBzNiKovwYfMB8GA1UdIwQY
MBaAFEv02fpmsAigjDuO2Cw4Jn4dISVQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU19UWi1tYXdDS0NNTzQ3WUxEZ21maDBoSlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9lODEwY2QtNjQ5Ny00ZDhhLTkxYTUt
YmY1NzM4NzY2MmEwLzEvNkxFWGkyTTUxTFJLdGZMS29ITTJJcWlfQmg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9lODEwY2QtNjQ5Ny00ZDhhLTkxYTUtYmY1NzM4NzY2MmEw
LzEvU19UWi1tYXdDS0NNTzQ3WUxEZ21maDBoSlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYMUMA0E
AgACMAcDBQAqA6AgMA0GCSqGSIb3DQEBCwUAA4IBAQCEUFNwNAGkf5Uxz7SDcjOK
HuSm2gsU2KB51H/ij2F64nEGaj9CC/2anYp+ffMjb5nYarBnrOIsoB1hsd5SACoC
LgIuvSVU6Nj0kGvDvOHtxnDA4uU7RVhKTQtmid+pBeYSST74wgMsEo0hyxW3YTl7
ksIr+KFSli5HH1ylxuJ+MAvNEwKYIKicWQ76AI6AQPJDrCboG/a1lD4JOgn4LO5v
PwqSECa9rarTAoC9urojnFVNYaZI5uxUJ/U4+SEkNZOo5CYW5vnHEfUgfDT9QD6Z
IZOXuQWjrGlAQiVZoecYbnZLizsZyUdgRdB6sIGOzLlPkopkIfY3lhon3Hi08STJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:35 2024 by rpki-client on console-ams.rpki-client.org