Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/3e76fc-5dcd-4ba5-8495-1998cb9d065c/1/6nLklBbjKPa88ub8vlLvnnh65tQ.roa
File: 6nLklBbjKPa88ub8vlLvnnh65tQ.roa (raw, json)
Hash identifier: AcIee9CjEdkP8IvGALORMbJhxD0u+c/XJtWUv3lbs08=
Subject key identifier: EA:72:E4:94:16:E3:28:F6:BC:F2:E6:FC:BE:52:EF:9E:78:7A:E6:D4
Certificate issuer: /CN=573104ff3568cb99b7f5024e73ff2aea0563ce6a
Certificate serial: 01856FF02A66EA71C1C255D6E726B2F918E9
Authority key identifier: 57:31:04:FF:35:68:CB:99:B7:F5:02:4E:73:FF:2A:EA:05:63:CE:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VzEE_zVoy5m39QJOc_8q6gVjzmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/3e76fc-5dcd-4ba5-8495-1998cb9d065c/1/6nLklBbjKPa88ub8vlLvnnh65tQ.roa
Signing time: Mon 02 Jan 2023 00:44:48 +0000
ROA not before: Mon 02 Jan 2023 00:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211960
IP address blocks: 193.228.137.0/24 maxlen: 24
2a04:1ac1:11::/48 maxlen: 48
2a04:1ac1:1::/48 maxlen: 48
2001:67c:2924::/48 maxlen: 48
2a04:1ac0:fff3::/48 maxlen: 48
2a04:1ac1:2::/48 maxlen: 48
2a04:1ac0:fff4::/48 maxlen: 48
2a04:1ac1:3::/48 maxlen: 48
2a04:1ac1:10::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:2a:66:ea:71:c1:c2:55:d6:e7:26:b2:f9:18:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=573104ff3568cb99b7f5024e73ff2aea0563ce6a
Validity
Not Before: Jan 2 00:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea72e49416e328f6bcf2e6fcbe52ef9e787ae6d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:3a:a5:ef:d5:d0:c6:d2:ab:8b:70:b4:58:03:
b4:8e:9f:d5:b3:ce:c1:74:df:d5:06:ef:6d:4a:19:
fb:58:6c:9f:b8:32:23:5b:bf:c2:25:4a:a7:a5:70:
40:ae:53:d8:a0:7a:a3:44:1d:27:f9:7c:61:af:cf:
af:cd:f1:b6:e7:aa:23:54:a4:19:81:ad:07:d1:42:
97:7a:a4:2e:d3:e2:51:3c:9d:08:d8:4c:0b:b9:5f:
4f:95:ed:cf:98:af:06:26:71:d7:65:f2:36:fe:f3:
5c:67:17:f6:55:39:6e:8c:92:6d:73:36:98:95:f1:
9b:50:25:1d:b5:62:d4:0a:d0:a2:18:42:cb:d3:a9:
2f:46:90:36:c2:59:fd:74:c1:d9:0c:c4:56:f8:45:
79:9c:c7:d6:a3:c0:fa:fe:97:80:74:bc:6b:8e:37:
62:7f:db:6f:d3:fa:d5:04:c3:81:6a:3e:b0:95:02:
f7:4c:84:f6:92:25:e5:cd:ef:00:af:61:a0:9f:5d:
ae:29:33:68:59:37:d9:44:63:fa:e4:39:76:7b:23:
b5:b3:73:cb:b8:fd:7b:fc:79:13:8a:4f:a8:22:76:
39:34:4a:9b:27:dd:12:83:8e:cf:ea:5f:3a:ac:2a:
a6:4a:6b:d6:ac:7e:d0:09:f0:71:0a:76:e5:2c:2c:
80:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:72:E4:94:16:E3:28:F6:BC:F2:E6:FC:BE:52:EF:9E:78:7A:E6:D4
X509v3 Authority Key Identifier:
keyid:57:31:04:FF:35:68:CB:99:B7:F5:02:4E:73:FF:2A:EA:05:63:CE:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VzEE_zVoy5m39QJOc_8q6gVjzmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/3e76fc-5dcd-4ba5-8495-1998cb9d065c/1/6nLklBbjKPa88ub8vlLvnnh65tQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/3e76fc-5dcd-4ba5-8495-1998cb9d065c/1/VzEE_zVoy5m39QJOc_8q6gVjzmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.228.137.0/24
IPv6:
2001:67c:2924::/48
2a04:1ac0:fff3::-2a04:1ac0:fff4:ffff:ffff:ffff:ffff:ffff
2a04:1ac1:1::-2a04:1ac1:3:ffff:ffff:ffff:ffff:ffff
2a04:1ac1:10::/47
Signature Algorithm: sha256WithRSAEncryption
69:05:9e:fa:ef:e8:e4:82:c0:e0:3e:e8:cf:15:25:95:0d:19:
25:1a:fb:45:c5:29:ec:b2:05:f5:ec:20:b4:2f:26:d3:87:2f:
7f:78:6c:79:2d:27:18:dd:35:3c:85:f3:47:9d:ed:1e:bc:32:
04:39:22:80:54:e9:43:bd:ed:4a:d6:20:15:21:cd:e9:f8:24:
77:ab:cb:3b:04:ac:b6:6d:01:30:d1:08:6b:7a:0c:de:29:f4:
8e:df:b4:ca:eb:e6:86:d4:f3:0c:a5:79:96:ca:c5:5c:d6:be:
6c:7f:21:40:bb:70:78:63:bc:ac:e6:8a:34:b1:40:ab:5c:17:
49:2d:b4:1e:a9:db:c2:b4:ab:6e:1d:c2:03:84:5d:4a:ed:95:
98:f2:77:a9:67:95:61:8f:22:17:ea:24:60:50:ed:66:ec:1c:
d7:ba:2b:77:42:ec:22:bf:d6:83:69:13:b8:c0:18:d4:07:b5:
1b:81:14:ff:f8:b5:c9:c9:f3:d2:fc:b9:84:c9:39:c0:de:b7:
40:2a:d6:27:6c:3f:93:e9:d0:6f:f4:d5:74:5a:48:ca:6f:54:
68:58:ce:8c:e3:39:26:b2:52:a7:76:f6:d8:c6:8b:02:84:61:
f2:50:69:f4:eb:ab:0b:1f:54:c1:4b:16:c3:54:db:8a:3f:44:
5c:c4:7f:a5
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYVv8Cpm6nHBwlXW5yay+RjpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MzEwNGZmMzU2OGNiOTliN2Y1MDI0ZTczZmYyYWVhMDU2
M2NlNmEwHhcNMjMwMTAyMDA0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTcyZTQ5NDE2ZTMyOGY2YmNmMmU2ZmNiZTUyZWY5ZTc4N2FlNmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijql79XQxtKri3C0WAO0jp/Vs87B
dN/VBu9tShn7WGyfuDIjW7/CJUqnpXBArlPYoHqjRB0n+Xxhr8+vzfG256ojVKQZ
ga0H0UKXeqQu0+JRPJ0I2EwLuV9Ple3PmK8GJnHXZfI2/vNcZxf2VTlujJJtczaY
lfGbUCUdtWLUCtCiGELL06kvRpA2wln9dMHZDMRW+EV5nMfWo8D6/peAdLxrjjdi
f9tv0/rVBMOBaj6wlQL3TIT2kiXlze8Ar2Ggn12uKTNoWTfZRGP65Dl2eyO1s3PL
uP17/HkTik+oInY5NEqbJ90Sg47P6l86rCqmSmvWrH7QCfBxCnblLCyAGQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFOpy5JQW4yj2vPLm/L5S7554eubUMB8GA1UdIwQY
MBaAFFcxBP81aMuZt/UCTnP/KuoFY85qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnpFRV96Vm95NW0zOVFKT2NfOHE2Z1Zqem1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy8zZTc2ZmMtNWRjZC00YmE1LTg0OTUt
MTk5OGNiOWQwNjVjLzEvNm5Ma2xCYmpLUGE4OHViOHZsTHZubmg2NXRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy8zZTc2ZmMtNWRjZC00YmE1LTg0OTUtMTk5OGNiOWQwNjVj
LzEvVnpFRV96Vm95NW0zOVFKT2NfOHE2Z1Zqem1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDAMBAIAATAGAwQAweSJMEAE
AgACMDoDBwAgAQZ8KSQwEgMHACoEGsD/8wMHACoEGsD/9DASAwcAKgQawQABAwcC
KgQawQAAAwcBKgQawQAQMA0GCSqGSIb3DQEBCwUAA4IBAQBpBZ767+jkgsDgPujP
FSWVDRklGvtFxSnssgX17CC0LybThy9/eGx5LScY3TU8hfNHne0evDIEOSKAVOlD
ve1K1iAVIc3p+CR3q8s7BKy2bQEw0QhregzeKfSO37TK6+aG1PMMpXmWysVc1r5s
fyFAu3B4Y7ys5oo0sUCrXBdJLbQeqdvCtKtuHcIDhF1K7ZWY8nepZ5VhjyIX6iRg
UO1m7BzXuit3Quwiv9aDaRO4wBjUB7UbgRT/+LXJyfPS/LmEyTnA3rdAKtYnbD+T
6dBv9NV0WkjKb1RoWM6M4zkmslKndvbYxosChGHyUGn066sLH1TBSxbDVNuKP0Rc
xH+l
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:35 2024 by rpki-client on console-fra.rpki-client.org