Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/6W7OQX30HG3-2GUMTqg0RcK6GbA.roa
File: 6W7OQX30HG3-2GUMTqg0RcK6GbA.roa (raw, json)
Hash identifier: qtKt0q+YbN9QMU+bL9kgTXZpBaBZOYVlHhUXAf/yhEI=
Subject key identifier: E9:6E:CE:41:7D:F4:1C:6D:FE:D8:65:0C:4E:A8:34:45:C2:BA:19:B0
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0188434A082C7A6F74EF6BAAA978D559D645
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/6W7OQX30HG3-2GUMTqg0RcK6GbA.roa
Signing time: Mon 22 May 2023 11:48:25 +0000
ROA not before: Mon 22 May 2023 11:48:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 400377
IP address blocks: 109.206.242.0/24 maxlen: 24
185.216.69.0/24 maxlen: 24
93.123.84.0/24 maxlen: 24
80.76.51.0/24 maxlen: 24
185.218.138.0/24 maxlen: 24
193.37.41.0/24 maxlen: 24
185.246.222.0/24 maxlen: 24
109.206.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Jul 2023 11:11:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:43:4a:08:2c:7a:6f:74:ef:6b:aa:a9:78:d5:59:d6:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 22 11:48:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e96ece417df41c6dfed8650c4ea83445c2ba19b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:2d:78:00:37:1e:90:e2:dd:e8:c7:71:aa:57:
1a:17:5e:9d:5f:31:65:36:49:fa:cc:4a:ff:86:e3:
65:5f:8c:96:07:85:cc:67:08:19:aa:8a:f0:23:00:
5c:8e:d8:2a:01:0d:3c:45:09:ea:79:e2:d8:56:f5:
ea:26:46:be:77:fa:86:ec:9c:1b:57:f0:cf:a0:ec:
36:22:aa:d0:47:b7:b0:d0:7e:dc:88:47:c4:68:41:
4f:48:b9:78:16:02:97:39:47:e0:0d:28:32:af:79:
68:e1:ae:4a:db:ab:c8:7e:4f:a5:be:8c:3a:ba:4a:
e1:cc:62:2a:5c:42:4c:09:4d:b8:3d:13:74:a4:b8:
25:f9:0d:99:94:6d:ff:7c:73:17:c4:6e:cf:cf:a0:
9f:26:f5:2b:b7:06:53:8c:d7:f3:c1:99:79:78:bc:
c9:6c:e6:27:00:84:b2:d7:2a:1c:80:e5:c3:5f:3e:
f2:44:45:5f:41:f1:f2:db:89:9b:be:4f:df:52:c8:
38:ec:a8:16:70:21:e5:dc:23:e3:e0:00:aa:50:a2:
20:29:2d:ad:ca:b5:e2:09:b6:82:f3:d3:fb:68:18:
b3:2b:8f:7c:84:c1:37:eb:b6:17:b1:c9:46:94:28:
4b:53:0e:30:0f:10:67:fb:e9:3d:82:12:be:0c:4a:
98:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:6E:CE:41:7D:F4:1C:6D:FE:D8:65:0C:4E:A8:34:45:C2:BA:19:B0
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/6W7OQX30HG3-2GUMTqg0RcK6GbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.76.51.0/24
93.123.84.0/24
109.206.237.0/24
109.206.242.0/24
185.216.69.0/24
185.218.138.0/24
185.246.222.0/24
193.37.41.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:e1:d2:b5:df:f2:6f:65:2e:b8:97:2f:d5:52:dd:25:98:cd:
9c:ca:94:86:13:6f:86:83:30:cc:3b:72:4f:ad:ce:5e:31:bc:
d2:02:a4:59:bb:9f:3e:aa:2a:e9:4c:07:37:ca:7e:e4:62:ff:
11:bd:94:03:cf:8f:f3:a1:dc:e1:de:57:fa:56:a6:67:38:4a:
f8:d6:27:53:6d:d2:e8:c3:d7:3d:5a:30:de:31:a7:d1:b2:e8:
e9:e3:da:f2:57:69:54:bb:af:fe:de:ca:55:22:59:f3:38:a9:
aa:bb:57:56:63:aa:7b:34:7d:c6:ab:41:e7:97:e5:11:a0:bd:
b1:1c:bc:9f:56:f7:e0:cd:de:66:0c:bb:d8:4f:06:51:99:ec:
f3:91:5c:0f:5e:de:ab:f3:49:d8:18:39:bb:21:13:b3:c2:6c:
65:0a:45:4a:b6:80:ba:a2:51:a1:c8:74:d4:3d:43:b1:d2:05:
71:37:57:75:d3:44:74:27:c9:a8:20:ad:ed:f8:76:82:9c:fe:
74:19:b5:13:69:5d:b0:3b:69:6b:c6:e1:af:10:f5:85:cc:51:
f0:5a:37:96:d7:93:04:ed:05:d7:f5:29:e6:63:ed:52:7a:ba:
04:66:59:9d:84:38:42:c2:d4:cf:55:bc:3a:16:5d:13:8a:a0:
01:51:99:ab
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYhDSggsem9072uqqXjVWdZFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTIyMTE0ODI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTZlY2U0MTdkZjQxYzZkZmVkODY1MGM0ZWE4MzQ0NWMyYmExOWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiS14ADcekOLd6MdxqlcaF16dXzFl
Nkn6zEr/huNlX4yWB4XMZwgZqorwIwBcjtgqAQ08RQnqeeLYVvXqJka+d/qG7Jwb
V/DPoOw2IqrQR7ew0H7ciEfEaEFPSLl4FgKXOUfgDSgyr3lo4a5K26vIfk+lvow6
ukrhzGIqXEJMCU24PRN0pLgl+Q2ZlG3/fHMXxG7Pz6CfJvUrtwZTjNfzwZl5eLzJ
bOYnAISy1yocgOXDXz7yREVfQfHy24mbvk/fUsg47KgWcCHl3CPj4ACqUKIgKS2t
yrXiCbaC89P7aBizK498hME367YXsclGlChLUw4wDxBn++k9ghK+DEqYSQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFOluzkF99Bxt/thlDE6oNEXCuhmwMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNlc3T1FYMzBIRzMtMkdVTVRxZzBSY0s2R2JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAUEwzAwQA
XXtUAwQAbc7tAwQAbc7yAwQAudhFAwQAudqKAwQAufbeAwQAwSUpMA0GCSqGSIb3
DQEBCwUAA4IBAQBd4dK13/JvZS64ly/VUt0lmM2cypSGE2+GgzDMO3JPrc5eMbzS
AqRZu58+qirpTAc3yn7kYv8RvZQDz4/zodzh3lf6VqZnOEr41idTbdLow9c9WjDe
MafRsujp49ryV2lUu6/+3spVIlnzOKmqu1dWY6p7NH3Gq0Hnl+URoL2xHLyfVvfg
zd5mDLvYTwZRmezzkVwPXt6r80nYGDm7IROzwmxlCkVKtoC6olGhyHTUPUOx0gVx
N1d100R0J8moIK3t+HaCnP50GbUTaV2wO2lrxuGvEPWFzFHwWjeW15ME7QXX9Snm
Y+1SeroEZlmdhDhCwtTPVbw6Fl0TiqABUZmr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:59 2024 by rpki-client on console-fra.rpki-client.org