Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/6HZQkY4vYZBwcgnd2p4s1i5-d7A.roa
File: 6HZQkY4vYZBwcgnd2p4s1i5-d7A.roa (raw, json)
Hash identifier: M0P949YS834WnTUSSayFB/jvBbg8bCGKgRBiMNqITvQ=
Subject key identifier: E8:76:50:91:8E:2F:61:90:70:72:09:DD:DA:9E:2C:D6:2E:7E:77:B0
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01856F0247C8ECFED98FA93E5824B62CC83B
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/6HZQkY4vYZBwcgnd2p4s1i5-d7A.roa
Signing time: Sun 01 Jan 2023 20:24:58 +0000
ROA not before: Sun 01 Jan 2023 20:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56938
IP address blocks: 85.254.158.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:47:c8:ec:fe:d9:8f:a9:3e:58:24:b6:2c:c8:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 1 20:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e87650918e2f6190707209ddda9e2cd62e7e77b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:41:a8:ac:e1:90:e0:7d:54:78:5c:60:e0:1f:
19:37:b6:d2:65:68:36:e7:4b:78:ab:6b:f3:7d:93:
f9:f5:85:7e:52:cb:75:e0:59:39:c1:6a:d5:80:15:
a2:1c:f8:16:8c:77:54:66:57:50:5a:05:ec:2a:f7:
fe:be:7e:ed:47:fd:12:5d:85:d0:56:a1:03:22:d8:
21:7c:ed:7c:06:6e:2e:f0:a5:ca:5b:34:6c:87:1f:
2e:c7:4b:0b:04:a1:82:72:67:db:04:0e:b9:7b:61:
84:23:74:5c:9f:94:f8:59:0b:83:3d:a3:8f:e3:05:
f8:3c:0e:2c:fe:39:6c:e2:48:7a:d9:c9:19:88:9e:
6e:a3:80:66:8a:2a:79:6b:51:76:21:48:3d:65:e0:
b5:34:5d:6a:54:67:ea:86:db:9f:cf:23:d3:aa:be:
01:ad:44:74:4e:6e:c5:64:4e:3a:d8:e4:85:57:a9:
ec:c6:e2:17:4a:d2:37:c7:5c:a3:99:43:0a:0f:4c:
cf:34:6c:b7:c1:e3:e2:d3:e6:b5:e0:a7:4d:e3:48:
a2:03:4c:c1:f6:6e:f2:ed:49:16:9c:83:53:52:42:
7e:2c:f3:de:11:ee:de:26:27:7e:d8:e8:f2:25:a5:
23:f0:fa:9b:6f:51:22:71:e9:de:4e:31:54:bf:c7:
bd:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:76:50:91:8E:2F:61:90:70:72:09:DD:DA:9E:2C:D6:2E:7E:77:B0
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/6HZQkY4vYZBwcgnd2p4s1i5-d7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.158.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:a1:27:ae:a3:53:cb:14:51:02:3b:b2:52:7e:4a:28:be:e8:
bd:b4:6e:9a:2e:f3:a3:05:a0:f1:e1:93:7a:a3:d2:1c:cf:b8:
f5:d1:30:68:3d:ef:0c:70:3a:8e:f3:e6:a7:1a:ef:87:16:68:
e9:8b:a9:c2:21:0f:7b:06:4f:ba:14:db:d0:5b:53:48:42:76:
0e:d4:09:a2:1d:a0:9d:fa:ab:f6:df:05:ef:5a:e7:8b:1c:a6:
01:5c:57:eb:bb:91:56:1c:26:b3:38:54:18:1e:bb:ec:77:23:
a5:b0:c9:8a:67:de:bf:9b:00:83:35:06:9c:03:4b:ba:19:73:
fa:6c:c4:d2:c0:05:a0:fc:ec:6f:18:f1:b2:a6:bc:98:55:94:
2e:a5:96:e2:e1:ec:1e:79:65:18:25:48:e2:3c:b6:49:cf:39:
9c:4d:3a:97:f3:11:8b:b7:00:0e:96:8e:82:d1:d7:16:72:fd:
4f:3f:27:11:48:36:62:af:a3:44:26:47:da:1f:04:1b:d5:6e:
7d:fd:a7:ee:dd:c9:29:00:23:b8:84:35:39:e8:0e:b4:86:4a:
de:6a:79:60:6d:8b:7b:68:3f:55:d0:dc:3c:e8:3c:6b:81:93:
c8:a6:52:b0:d6:eb:ca:11:4d:64:15:af:f2:1f:f8:9e:ab:8b:
51:d1:44:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAkfI7P7Zj6k+WCS2LMg7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMwMTAxMjAyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODc2NTA5MThlMmY2MTkwNzA3MjA5ZGRkYTllMmNkNjJlN2U3N2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEGorOGQ4H1UeFxg4B8ZN7bSZWg2
50t4q2vzfZP59YV+Ust14Fk5wWrVgBWiHPgWjHdUZldQWgXsKvf+vn7tR/0SXYXQ
VqEDItghfO18Bm4u8KXKWzRshx8ux0sLBKGCcmfbBA65e2GEI3Rcn5T4WQuDPaOP
4wX4PA4s/jls4kh62ckZiJ5uo4Bmiip5a1F2IUg9ZeC1NF1qVGfqhtufzyPTqr4B
rUR0Tm7FZE462OSFV6nsxuIXStI3x1yjmUMKD0zPNGy3wePi0+a14KdN40iiA0zB
9m7y7UkWnINTUkJ+LPPeEe7eJid+2OjyJaUj8Pqbb1EiceneTjFUv8e9ZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOh2UJGOL2GQcHIJ3dqeLNYufnewMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvNkhaUWtZNHZZWkJ3Y2duZDJwNHMxaTUtZDdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVf6eMA0G
CSqGSIb3DQEBCwUAA4IBAQB7oSeuo1PLFFECO7JSfkoovui9tG6aLvOjBaDx4ZN6
o9Icz7j10TBoPe8McDqO8+anGu+HFmjpi6nCIQ97Bk+6FNvQW1NIQnYO1AmiHaCd
+qv23wXvWueLHKYBXFfru5FWHCazOFQYHrvsdyOlsMmKZ96/mwCDNQacA0u6GXP6
bMTSwAWg/OxvGPGypryYVZQupZbi4eweeWUYJUjiPLZJzzmcTTqX8xGLtwAOlo6C
0dcWcv1PPycRSDZir6NEJkfaHwQb1W59/afu3ckpACO4hDU56A60hkreanlgbYt7
aD9V0Nw86DxrgZPIplKw1uvKEU1kFa/yH/ieq4tR0UQR
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:49:38 2024 by rpki-client on console-fra.rpki-client.org