Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/6CCYB2i1KsLPXMkIihKDb5Kyn_g.roa
File: 6CCYB2i1KsLPXMkIihKDb5Kyn_g.roa (raw, json)
Hash identifier: WYB46i9Mc+IyESKjOr9sQTnomZDPj1yZuq6tUe6MF1U=
Subject key identifier: E8:20:98:07:68:B5:2A:C2:CF:5C:C9:08:8A:12:83:6F:92:B2:9F:F8
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A3B5548F21EAF853B089C0F6DC2AAAE0A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/6CCYB2i1KsLPXMkIihKDb5Kyn_g.roa
Signing time: Mon 28 Aug 2023 08:49:19 +0000
ROA not before: Mon 28 Aug 2023 08:49:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211373
IP address blocks: 193.108.112.0/24 maxlen: 24
212.192.6.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3b:55:48:f2:1e:af:85:3b:08:9c:0f:6d:c2:aa:ae:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 28 08:49:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e820980768b52ac2cf5cc9088a12836f92b29ff8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:8c:66:e4:9d:e5:9a:bb:64:4c:bf:4d:68:51:
0a:8a:a6:7a:0b:cb:a0:e6:64:5a:48:99:b7:ca:86:
ef:2d:4d:0f:f2:00:71:48:4c:69:05:86:c9:d5:a4:
5d:7b:02:ae:24:60:bc:e5:84:e3:24:f0:cc:18:7b:
92:1a:66:85:33:2a:dd:93:f0:61:86:04:c0:4b:2c:
94:2f:56:b6:94:28:19:18:9f:e3:bb:9a:7f:62:9a:
6f:ee:4c:8e:be:c1:71:98:a8:dc:04:85:ee:5b:2b:
d0:74:b9:76:4e:1b:6d:21:d3:61:a1:07:8d:76:29:
68:65:09:42:2f:15:21:41:07:4c:92:ab:11:0e:ad:
22:5a:99:b5:8d:fb:63:7e:86:e7:43:20:48:b1:1f:
2d:51:9d:93:32:60:85:0e:1a:28:e7:5f:91:b3:a4:
de:d4:41:02:ec:07:46:30:a5:6f:00:3a:7f:cd:ce:
14:53:2b:fd:b7:c2:b9:b8:16:a8:50:41:ec:43:bc:
b4:a9:42:08:a5:62:44:c9:e4:ae:06:48:24:25:c2:
e3:f4:56:16:54:c4:08:83:da:16:96:2c:a8:77:48:
6f:d1:a8:5f:08:a7:bd:9e:82:22:5a:b4:22:45:8b:
76:0b:bc:d6:91:4f:5d:43:98:97:13:4c:7a:6f:61:
cb:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:20:98:07:68:B5:2A:C2:CF:5C:C9:08:8A:12:83:6F:92:B2:9F:F8
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/6CCYB2i1KsLPXMkIihKDb5Kyn_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.209.0/24
193.108.112.0/24
212.192.6.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:92:43:f9:36:c3:51:ca:df:08:f4:74:a5:1a:85:46:a0:04:
b2:9e:10:10:ee:42:26:12:0e:9c:a2:00:1b:4a:e0:db:44:09:
86:ce:2b:22:38:3a:14:66:c0:2c:88:83:88:e7:71:84:2b:15:
b2:68:e3:68:c6:81:09:9b:1c:56:9a:b8:d9:27:9c:00:e6:5d:
87:3f:2b:df:a1:d1:cc:57:da:e2:b2:a3:24:65:fe:28:9a:51:
d5:40:b3:28:6f:09:a1:93:61:75:93:1d:0e:7e:62:8f:4a:9b:
d6:ca:d2:8f:54:1d:bc:5f:70:17:9f:af:da:7c:c6:5e:55:8e:
03:f2:ba:28:cd:01:07:1d:09:2f:dc:26:b7:c5:b4:36:4f:2c:
0e:90:8d:c7:ae:d0:06:8d:21:1a:d8:48:e8:95:25:4f:76:8c:
5e:0f:56:0c:9f:fa:7d:d7:c8:78:a2:d1:4d:a2:1a:f7:1b:bd:
37:f0:1d:36:2b:bd:a9:3f:63:cd:0d:31:a1:3e:1c:f7:f7:30:
60:82:9e:b0:7a:37:d2:f8:59:c7:48:8d:44:80:7e:7f:e9:33:
8b:71:73:b2:4c:5e:c7:2f:0d:56:68:d6:fa:b1:f9:cb:13:8b:
1c:8f:27:a4:7a:85:a6:78:45:a8:24:19:7d:a9:a9:9c:73:b1:
c3:63:ba:18
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYo7VUjyHq+FOwicD23Cqq4KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODI4MDg0OTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODIwOTgwNzY4YjUyYWMyY2Y1Y2M5MDg4YTEyODM2ZjkyYjI5ZmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAloxm5J3lmrtkTL9NaFEKiqZ6C8ug
5mRaSJm3yobvLU0P8gBxSExpBYbJ1aRdewKuJGC85YTjJPDMGHuSGmaFMyrdk/Bh
hgTASyyUL1a2lCgZGJ/ju5p/Yppv7kyOvsFxmKjcBIXuWyvQdLl2ThttIdNhoQeN
diloZQlCLxUhQQdMkqsRDq0iWpm1jftjfobnQyBIsR8tUZ2TMmCFDhoo51+Rs6Te
1EEC7AdGMKVvADp/zc4UUyv9t8K5uBaoUEHsQ7y0qUIIpWJEyeSuBkgkJcLj9FYW
VMQIg9oWliyod0hv0ahfCKe9noIiWrQiRYt2C7zWkU9dQ5iXE0x6b2HLfwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOggmAdotSrCz1zJCIoSg2+Ssp/4MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNkNDWUIyaTFLc0xQWE1rSWloS0RiNUt5bl9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwHzRAwQA
wWxwAwQA1MAGMA0GCSqGSIb3DQEBCwUAA4IBAQB/kkP5NsNRyt8I9HSlGoVGoASy
nhAQ7kImEg6cogAbSuDbRAmGzisiODoUZsAsiIOI53GEKxWyaONoxoEJmxxWmrjZ
J5wA5l2HPyvfodHMV9risqMkZf4omlHVQLMobwmhk2F1kx0OfmKPSpvWytKPVB28
X3AXn6/afMZeVY4D8roozQEHHQkv3Ca3xbQ2TywOkI3HrtAGjSEa2EjolSVPdoxe
D1YMn/p918h4otFNohr3G7038B02K72pP2PNDTGhPhz39zBggp6wejfS+FnHSI1E
gH5/6TOLcXOyTF7HLw1WaNb6sfnLE4scjyekeoWmeEWoJBl9qamcc7HDY7oY
-----END CERTIFICATE-----
Generated at Sat Sep 9 10:04:25 2023 by rpki-client on console-ams.rpki-client.org