Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/6HJV18ta83B4i0EeaIMULQgdR_s.roa
File: 6HJV18ta83B4i0EeaIMULQgdR_s.roa (raw, json)
Hash identifier: 8mPTd7UVwp5FVUYjy3ob0MfVnGq/jRSi3u1YjidcRyE=
Subject key identifier: E8:72:55:D7:CB:5A:F3:70:78:8B:41:1E:68:83:14:2D:08:1D:47:FB
Certificate issuer: /CN=43fad79548afc5c83e59bbfe388c64492cb55013
Certificate serial: 018572B403D443BDA5BF320CA0BECD687403
Authority key identifier: 43:FA:D7:95:48:AF:C5:C8:3E:59:BB:FE:38:8C:64:49:2C:B5:50:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/6HJV18ta83B4i0EeaIMULQgdR_s.roa
Signing time: Mon 02 Jan 2023 13:37:57 +0000
ROA not before: Mon 02 Jan 2023 13:37:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49594
IP address blocks: 95.174.72.0/21 maxlen: 21
213.151.164.0/23 maxlen: 23
213.151.160.0/22 maxlen: 22
213.151.167.0/24 maxlen: 24
185.29.32.0/22 maxlen: 22
188.73.0.0/18 maxlen: 18
2a02:468::/29 maxlen: 29
2a03:800::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:03:d4:43:bd:a5:bf:32:0c:a0:be:cd:68:74:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43fad79548afc5c83e59bbfe388c64492cb55013
Validity
Not Before: Jan 2 13:37:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e87255d7cb5af370788b411e6883142d081d47fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:8d:70:ba:a3:03:81:99:49:36:5a:72:97:f6:
20:9d:d8:74:7b:8b:c0:5a:31:23:77:80:b8:fd:04:
15:1f:30:c0:34:f0:7d:cf:69:50:73:85:fe:9b:57:
6e:42:06:6c:17:77:56:a9:8e:3b:fc:b0:a6:77:79:
5d:6e:43:39:cc:a6:fb:8a:82:21:c9:e9:a6:39:b5:
cf:06:b9:eb:0e:90:5b:7a:4f:c3:b9:60:82:cc:55:
ec:b6:a6:6f:74:bb:43:7e:40:23:ae:15:4b:a6:a3:
d0:78:42:e2:0f:a6:a2:6a:88:a1:75:19:10:c0:f8:
d2:3f:4f:ef:3e:a1:cf:82:b9:d4:d6:08:b1:aa:a1:
9d:02:bf:f3:2a:c7:3f:35:99:2e:80:7d:5f:5f:83:
e5:d5:04:d1:61:10:d8:5d:e7:4c:2d:ff:16:a9:7e:
95:93:62:a0:6a:0e:bc:5e:2f:36:be:92:0f:f7:5f:
bb:0c:40:80:05:66:c7:db:ec:56:8c:81:9c:bc:08:
15:f5:aa:be:24:e3:79:55:85:e3:f5:ce:4d:81:b4:
90:a1:2f:79:a9:1a:7e:43:e6:10:d0:e7:91:53:30:
40:53:26:39:65:a3:8d:c4:00:69:2f:4f:ba:71:7d:
c2:e8:93:70:75:87:74:80:db:d8:17:ec:cc:b5:6f:
ca:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:72:55:D7:CB:5A:F3:70:78:8B:41:1E:68:83:14:2D:08:1D:47:FB
X509v3 Authority Key Identifier:
keyid:43:FA:D7:95:48:AF:C5:C8:3E:59:BB:FE:38:8C:64:49:2C:B5:50:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/6HJV18ta83B4i0EeaIMULQgdR_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.174.72.0/21
185.29.32.0/22
188.73.0.0/18
213.151.160.0-213.151.165.255
213.151.167.0/24
IPv6:
2a02:468::/29
2a03:800::/32
Signature Algorithm: sha256WithRSAEncryption
1f:aa:ed:4e:36:5e:32:07:3c:a5:81:4d:c1:34:b0:62:d4:76:
a6:bd:2d:0e:fc:b6:3a:60:41:49:28:94:19:c7:af:22:4f:73:
23:75:45:aa:45:a9:59:d8:cc:a3:a7:1f:7e:3f:d5:6a:4e:d0:
a9:7c:5e:3b:2a:43:22:3f:49:94:30:ee:56:aa:5f:58:cb:11:
ec:fe:84:35:c4:08:fa:44:0d:72:82:a8:ce:65:d6:7a:f9:f8:
4e:6a:41:7b:16:7e:f3:ed:9a:04:9a:f4:fb:7b:9a:1d:97:c1:
97:b3:82:e2:61:2c:92:36:54:f5:4a:4a:7c:22:ee:29:cb:42:
e8:ab:7f:63:31:73:a1:a9:16:0a:a5:a2:78:31:79:1f:cb:40:
da:c9:7f:4d:fb:7e:13:3c:da:1f:34:43:6b:3b:1d:a0:60:a9:
45:54:3c:fb:e1:88:f1:d3:fe:5e:29:56:46:5f:e7:90:72:f7:
39:af:fe:a2:7b:7a:c6:40:a1:4a:62:f6:e9:42:ec:c1:de:80:
09:9d:bb:dd:b9:dd:ab:f3:9a:84:23:5d:71:f3:6b:ac:83:f9:
6d:ed:58:d9:99:ce:87:c0:9a:88:3c:37:96:ee:fe:fc:d0:75:
9f:fc:e2:74:0c:e7:70:fc:de:82:dd:41:00:03:65:04:33:a3:
8b:2f:e6:6a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYVytAPUQ72lvzIMoL7NaHQDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZmFkNzk1NDhhZmM1YzgzZTU5YmJmZTM4OGM2NDQ5MmNi
NTUwMTMwHhcNMjMwMTAyMTMzNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODcyNTVkN2NiNWFmMzcwNzg4YjQxMWU2ODgzMTQyZDA4MWQ0N2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlY1wuqMDgZlJNlpyl/Ygndh0e4vA
WjEjd4C4/QQVHzDANPB9z2lQc4X+m1duQgZsF3dWqY47/LCmd3ldbkM5zKb7ioIh
yemmObXPBrnrDpBbek/DuWCCzFXstqZvdLtDfkAjrhVLpqPQeELiD6aiaoihdRkQ
wPjSP0/vPqHPgrnU1gixqqGdAr/zKsc/NZkugH1fX4Pl1QTRYRDYXedMLf8WqX6V
k2Kgag68Xi82vpIP91+7DECABWbH2+xWjIGcvAgV9aq+JON5VYXj9c5NgbSQoS95
qRp+Q+YQ0OeRUzBAUyY5ZaONxABpL0+6cX3C6JNwdYd0gNvYF+zMtW/K4QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFOhyVdfLWvNweItBHmiDFC0IHUf7MB8GA1UdIwQY
MBaAFEP615VIr8XIPlm7/jiMZEkstVATMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUV9yWGxVaXZ4Y2ctV2J2LU9JeGtTU3kxVUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8yY2YyYzEtMTk2Mi00YjcwLTllNWIt
ZmU4NTVkYWJiNzVlLzEvNkhKVjE4dGE4M0I0aTBFZWFJTVVMUWdkUl9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8yY2YyYzEtMTk2Mi00YjcwLTllNWItZmU4NTVkYWJiNzVl
LzEvUV9yWGxVaXZ4Y2ctV2J2LU9JeGtTU3kxVUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAsBAIAATAmAwQDX65IAwQC
uR0gAwQGvEkAMAwDBAXVl6ADBAHVl6QDBADVl6cwFAQCAAIwDgMFAyoCBGgDBQAq
AwgAMA0GCSqGSIb3DQEBCwUAA4IBAQAfqu1ONl4yBzylgU3BNLBi1HamvS0O/LY6
YEFJKJQZx68iT3MjdUWqRalZ2Myjpx9+P9VqTtCpfF47KkMiP0mUMO5Wql9YyxHs
/oQ1xAj6RA1ygqjOZdZ6+fhOakF7Fn7z7ZoEmvT7e5odl8GXs4LiYSySNlT1Skp8
Iu4py0Loq39jMXOhqRYKpaJ4MXkfy0DayX9N+34TPNofNENrOx2gYKlFVDz74Yjx
0/5eKVZGX+eQcvc5r/6ie3rGQKFKYvbpQuzB3oAJnbvdud2r85qEI11x82usg/lt
7VjZmc6HwJqIPDeW7v780HWf/OJ0DOdw/N6C3UEAA2UEM6OLL+Zq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:19 2024 by rpki-client on console-ams.rpki-client.org