Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/6wTNXrD0v8yROAde4-PFND3AViU.roa
File: 6wTNXrD0v8yROAde4-PFND3AViU.roa (raw, json)
Hash identifier: 4DeIidQaCAJjJ7O1AxWBKtM421Y7bfws6oQcXpcnqPo=
Subject key identifier: EB:04:CD:5E:B0:F4:BF:CC:91:38:07:5E:E3:E3:C5:34:3D:C0:56:25
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0187A25091A7DCFF672AF00EAC2FC9E7A839
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/6wTNXrD0v8yROAde4-PFND3AViU.roa
Signing time: Fri 21 Apr 2023 05:36:41 +0000
ROA not before: Fri 21 Apr 2023 05:36:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400377
IP address blocks: 62.76.226.0/24 maxlen: 24
194.87.255.0/24 maxlen: 24
192.124.180.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Apr 2023 10:43:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a2:50:91:a7:dc:ff:67:2a:f0:0e:ac:2f:c9:e7:a8:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 21 05:36:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eb04cd5eb0f4bfcc9138075ee3e3c5343dc05625
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:74:2c:9e:94:b8:dc:e0:5f:bb:ef:a6:19:1d:
1c:2b:45:10:c5:97:3d:c5:d7:a6:9d:63:d8:eb:eb:
3f:31:79:6d:31:a2:3e:80:17:42:6a:48:74:60:c3:
51:12:38:6c:bc:f5:d2:78:fc:ac:eb:ca:14:65:78:
0a:4f:5c:4d:5b:92:f0:8b:e9:81:f1:56:92:dd:3e:
5a:71:7c:88:a6:65:01:30:46:11:be:14:c8:49:08:
8a:b2:42:33:d0:7e:9e:ae:3c:13:3c:6a:de:af:fb:
6a:15:be:cb:df:07:90:fa:fc:71:fb:c5:e3:cf:27:
a4:81:d7:78:48:cb:57:63:4f:97:3a:56:c4:dd:70:
21:fe:da:5a:90:f3:22:39:51:a9:f8:d2:ad:9a:dd:
ba:ba:cb:63:92:d9:95:20:20:83:67:a6:92:f7:59:
59:fc:7d:39:9b:81:a0:d1:07:3d:c1:c4:de:06:c8:
f6:85:40:fc:bb:8f:f6:4c:8a:1b:3b:4a:d4:a2:87:
f7:6a:e0:7b:2b:23:c8:e5:0b:5e:28:73:65:87:23:
23:50:c2:73:5d:1d:ef:09:2d:a8:f8:e1:28:72:62:
14:1d:56:3d:32:6d:df:6a:31:ad:e7:1f:6f:ff:a3:
21:5f:40:13:5e:23:bc:12:78:32:02:04:d4:c8:39:
c6:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:04:CD:5E:B0:F4:BF:CC:91:38:07:5E:E3:E3:C5:34:3D:C0:56:25
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/6wTNXrD0v8yROAde4-PFND3AViU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.226.0/24
192.124.180.0/24
193.124.200.0/24
194.87.255.0/24
Signature Algorithm: sha256WithRSAEncryption
95:0f:1f:ea:cc:ba:e8:d9:20:92:77:86:e1:c4:ef:5b:28:f5:
60:b7:9c:68:40:db:e1:56:f9:ca:b0:5d:07:4e:bb:65:92:4c:
74:67:c8:cc:7f:ef:05:6a:0d:c9:5a:d6:48:66:10:7c:08:5e:
db:46:8b:b5:2e:fd:c3:dc:76:d9:1c:f7:3f:6e:e0:79:03:fc:
d5:43:68:1d:33:0b:83:3c:92:09:7b:e4:d9:e8:e1:f9:2d:c6:
23:2a:bd:a2:13:98:cf:f1:a9:e8:2f:c1:03:fd:a7:99:a3:41:
30:4b:05:c0:0f:eb:05:c4:f3:6c:d7:6e:64:b9:72:72:ba:6f:
65:f8:0f:63:f4:90:58:03:e6:02:5a:6f:62:8a:29:c4:19:db:
f1:95:8e:87:b8:89:de:22:b9:11:70:eb:c5:a1:f0:17:cf:b6:
17:f1:d3:1e:18:84:87:3a:e7:98:af:3c:17:6a:0c:34:45:4e:
05:aa:3c:8f:02:86:f9:d7:f2:83:06:1d:e4:f9:95:5f:9c:5b:
5b:a9:41:cb:50:77:12:43:fc:3d:50:55:72:4b:be:47:cd:8b:
71:72:02:9d:6d:88:c6:03:e2:f7:ae:26:f1:a5:c4:16:e9:80:
18:6e:41:7d:ea:31:58:65:94:04:a3:b1:fa:37:3e:45:c0:cc:
4b:0f:09:66
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYeiUJGn3P9nKvAOrC/J56g5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDIxMDUzNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjA0Y2Q1ZWIwZjRiZmNjOTEzODA3NWVlM2UzYzUzNDNkYzA1NjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHQsnpS43OBfu++mGR0cK0UQxZc9
xdemnWPY6+s/MXltMaI+gBdCakh0YMNREjhsvPXSePys68oUZXgKT1xNW5Lwi+mB
8VaS3T5acXyIpmUBMEYRvhTISQiKskIz0H6erjwTPGrer/tqFb7L3weQ+vxx+8Xj
zyekgdd4SMtXY0+XOlbE3XAh/tpakPMiOVGp+NKtmt26ustjktmVICCDZ6aS91lZ
/H05m4Gg0Qc9wcTeBsj2hUD8u4/2TIobO0rUoof3auB7KyPI5QteKHNlhyMjUMJz
XR3vCS2o+OEocmIUHVY9Mm3fajGt5x9v/6MhX0ATXiO8EngyAgTUyDnGAwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOsEzV6w9L/MkTgHXuPjxTQ9wFYlMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNndUTlhyRDB2OHlST0FkZTQtUEZORDNBVmlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPkziAwQA
wHy0AwQAwXzIAwQAwlf/MA0GCSqGSIb3DQEBCwUAA4IBAQCVDx/qzLro2SCSd4bh
xO9bKPVgt5xoQNvhVvnKsF0HTrtlkkx0Z8jMf+8Fag3JWtZIZhB8CF7bRou1Lv3D
3HbZHPc/buB5A/zVQ2gdMwuDPJIJe+TZ6OH5LcYjKr2iE5jP8anoL8ED/aeZo0Ew
SwXAD+sFxPNs125kuXJyum9l+A9j9JBYA+YCWm9iiinEGdvxlY6HuIneIrkRcOvF
ofAXz7YX8dMeGISHOueYrzwXagw0RU4FqjyPAob51/KDBh3k+ZVfnFtbqUHLUHcS
Q/w9UFVyS75HzYtxcgKdbYjGA+L3ribxpcQW6YAYbkF96jFYZZQEo7H6Nz5FwMxL
Dwlm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:06 2024 by rpki-client on console-fra.rpki-client.org