Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/6266af-ffbb-4462-baa6-5739ed83c691/1/ds9EY6g20irXfxovqaQD6uqychQ.roa
File: ds9EY6g20irXfxovqaQD6uqychQ.roa (raw, json)
Hash identifier: cAqNqrCZ2a+SzgaaSrtqrNwoS65rMX1OdM69Oj+tbPs=
Subject key identifier: 76:CF:44:63:A8:36:D2:2A:D7:7F:1A:2F:A9:A4:03:EA:EA:B2:72:14
Certificate issuer: /CN=6fe561f84c5bab17d503bf93d3c3d325c2a2252e
Certificate serial: 0188D7EB07534B2F14465218A002CD2B9CF9
Authority key identifier: 6F:E5:61:F8:4C:5B:AB:17:D5:03:BF:93:D3:C3:D3:25:C2:A2:25:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b-Vh-ExbqxfVA7-T08PTJcKiJS4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/6266af-ffbb-4462-baa6-5739ed83c691/1/ds9EY6g20irXfxovqaQD6uqychQ.roa
Signing time: Tue 20 Jun 2023 08:28:04 +0000
ROA not before: Tue 20 Jun 2023 08:28:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21032
IP address blocks: 185.133.112.0/22 maxlen: 24
188.209.160.0/19 maxlen: 24
109.226.128.0/18 maxlen: 24
2a0d:c80::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d7:eb:07:53:4b:2f:14:46:52:18:a0:02:cd:2b:9c:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fe561f84c5bab17d503bf93d3c3d325c2a2252e
Validity
Not Before: Jun 20 08:28:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76cf4463a836d22ad77f1a2fa9a403eaeab27214
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:9b:1c:3b:3e:13:e4:c7:83:41:29:32:7e:7b:
f6:f5:5a:46:ac:86:e2:bb:30:f2:5a:f1:c3:52:ee:
38:93:95:19:d9:76:5e:0f:cb:be:aa:dc:86:a5:42:
e7:4b:79:dd:9a:0b:f2:6a:ca:7a:02:ff:f1:1e:51:
a3:7e:27:2f:7f:9f:b2:ab:c0:de:bd:9c:3a:b8:c2:
01:8a:81:4f:51:e8:e7:a0:f2:f3:00:eb:49:1e:45:
8a:ce:ec:59:e9:ca:ee:ec:e3:81:94:e9:56:c1:67:
85:9e:f4:9a:5c:f1:c6:6d:36:65:b8:bb:d9:9c:cd:
cf:8e:d3:aa:d4:37:90:71:58:ef:c7:3b:50:f3:31:
ae:5d:90:c4:e4:00:09:21:88:80:23:7f:1a:c6:1a:
24:24:ed:f0:cf:fe:0e:31:e4:de:15:ef:ad:fc:b4:
f3:5f:97:06:30:27:1e:8a:ff:3c:2f:5f:df:fb:13:
0e:36:c2:00:71:48:f0:ff:a8:82:55:63:0a:fa:2b:
1e:b4:eb:2b:b5:5a:45:0d:62:31:46:d2:16:7b:a7:
9e:23:11:90:8e:86:62:8a:be:9a:64:15:80:88:36:
ad:3e:df:e6:92:fb:25:52:be:93:f0:b2:e4:33:b0:
df:e9:27:56:35:25:ec:d3:04:42:b1:aa:3c:9b:f3:
41:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:CF:44:63:A8:36:D2:2A:D7:7F:1A:2F:A9:A4:03:EA:EA:B2:72:14
X509v3 Authority Key Identifier:
keyid:6F:E5:61:F8:4C:5B:AB:17:D5:03:BF:93:D3:C3:D3:25:C2:A2:25:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b-Vh-ExbqxfVA7-T08PTJcKiJS4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/6266af-ffbb-4462-baa6-5739ed83c691/1/ds9EY6g20irXfxovqaQD6uqychQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/6266af-ffbb-4462-baa6-5739ed83c691/1/b-Vh-ExbqxfVA7-T08PTJcKiJS4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.226.128.0/18
185.133.112.0/22
188.209.160.0/19
IPv6:
2a0d:c80::/29
Signature Algorithm: sha256WithRSAEncryption
3a:b9:39:77:03:d4:13:d8:eb:66:76:56:7e:34:fe:73:3c:9f:
3c:61:04:14:cd:0c:98:56:ed:6f:3e:a7:8f:51:35:7f:78:40:
53:93:b5:fd:9d:92:5f:63:84:73:d1:bb:35:e1:36:0c:bf:84:
83:4a:d0:09:0b:8c:3a:17:c2:be:97:52:18:22:ad:1d:51:00:
d1:16:35:90:38:06:68:c7:47:95:5e:b0:62:be:a3:7f:55:68:
7d:0d:75:5a:ae:40:6c:96:76:3e:bf:cf:ba:25:34:9e:78:04:
84:a8:ea:55:cc:fc:95:f2:9b:5a:65:2e:8d:19:1b:32:f1:bb:
4b:b5:07:81:36:a0:55:1b:39:7b:fa:ea:ce:7b:07:bc:18:22:
72:02:5e:50:9d:f6:8e:c5:42:58:90:a1:de:05:6f:22:f9:ab:
21:57:21:13:40:a2:cf:cb:5a:ae:23:81:4e:d6:37:00:94:a7:
67:b3:83:f3:66:4a:b2:12:81:e3:c1:21:4a:c1:50:cb:b6:01:
ea:22:31:10:3a:52:15:4c:10:d5:ec:64:26:30:bd:1a:bf:ac:
0e:72:0e:0f:70:51:4a:68:6a:51:4d:de:86:d3:21:f1:87:d0:
46:22:ae:18:fd:91:93:c9:58:5b:bf:57:03:19:69:d9:16:ca:
44:c3:d1:ac
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYjX6wdTSy8URlIYoALNK5z5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZTU2MWY4NGM1YmFiMTdkNTAzYmY5M2QzYzNkMzI1YzJh
MjI1MmUwHhcNMjMwNjIwMDgyODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmNmNDQ2M2E4MzZkMjJhZDc3ZjFhMmZhOWE0MDNlYWVhYjI3MjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5scOz4T5MeDQSkyfnv29VpGrIbi
uzDyWvHDUu44k5UZ2XZeD8u+qtyGpULnS3ndmgvyasp6Av/xHlGjficvf5+yq8De
vZw6uMIBioFPUejnoPLzAOtJHkWKzuxZ6cru7OOBlOlWwWeFnvSaXPHGbTZluLvZ
nM3PjtOq1DeQcVjvxztQ8zGuXZDE5AAJIYiAI38axhokJO3wz/4OMeTeFe+t/LTz
X5cGMCceiv88L1/f+xMONsIAcUjw/6iCVWMK+isetOsrtVpFDWIxRtIWe6eeIxGQ
joZiir6aZBWAiDatPt/mkvslUr6T8LLkM7Df6SdWNSXs0wRCsao8m/NB6QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHbPRGOoNtIq138aL6mkA+rqsnIUMB8GA1UdIwQY
MBaAFG/lYfhMW6sX1QO/k9PD0yXCoiUuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYi1WaC1FeGJxeGZWQTctVDA4UFRKY0tpSlM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC82MjY2YWYtZmZiYi00NDYyLWJhYTYt
NTczOWVkODNjNjkxLzEvZHM5RVk2ZzIwaXJYZnhvdnFhUUQ2dXF5Y2hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC82MjY2YWYtZmZiYi00NDYyLWJhYTYtNTczOWVkODNjNjkx
LzEvYi1WaC1FeGJxeGZWQTctVDA4UFRKY0tpSlM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGbeKAAwQC
uYVwAwQFvNGgMA0EAgACMAcDBQMqDQyAMA0GCSqGSIb3DQEBCwUAA4IBAQA6uTl3
A9QT2OtmdlZ+NP5zPJ88YQQUzQyYVu1vPqePUTV/eEBTk7X9nZJfY4Rz0bs14TYM
v4SDStAJC4w6F8K+l1IYIq0dUQDRFjWQOAZox0eVXrBivqN/VWh9DXVarkBslnY+
v8+6JTSeeASEqOpVzPyV8ptaZS6NGRsy8btLtQeBNqBVGzl7+urOewe8GCJyAl5Q
nfaOxUJYkKHeBW8i+ashVyETQKLPy1quI4FO1jcAlKdns4PzZkqyEoHjwSFKwVDL
tgHqIjEQOlIVTBDV7GQmML0av6wOcg4PcFFKaGpRTd6G0yHxh9BGIq4Y/ZGTyVhb
v1cDGWnZFspEw9Gs
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:25 2024 by rpki-client on console-fra.rpki-client.org