Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/6s3K8JpPzNfBdTvDibbztDHFp9o.roa
File: 6s3K8JpPzNfBdTvDibbztDHFp9o.roa (raw, json)
Hash identifier: NXw7MkqSHCJXwapEmXNXjocnP7WbyA/1r7xiG7xkr/Y=
Subject key identifier: EA:CD:CA:F0:9A:4F:CC:D7:C1:75:3B:C3:89:B6:F3:B4:31:C5:A7:DA
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018E771197872E8F39EACAD59981867861DA
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/6s3K8JpPzNfBdTvDibbztDHFp9o.roa
Signing time: Mon 25 Mar 2024 19:23:45 +0000
ROA not before: Mon 25 Mar 2024 19:23:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2588
IP address blocks: 46.19.200.0/21 maxlen: 21
80.81.32.0/19 maxlen: 24
80.81.35.0/24 maxlen: 24
83.223.128.0/19 maxlen: 19
83.223.145.0/24 maxlen: 24
83.223.155.0/24 maxlen: 24
85.254.0.0/17 maxlen: 17
85.254.49.0/24 maxlen: 24
85.254.69.0/24 maxlen: 24
85.254.108.0/22 maxlen: 22
85.254.128.0/18 maxlen: 18
91.190.32.0/19 maxlen: 24
91.190.36.0/24 maxlen: 24
91.190.52.0/24 maxlen: 24
91.190.56.0/23 maxlen: 24
91.190.60.0/24 maxlen: 24
94.101.224.0/20 maxlen: 20
109.205.120.0/21 maxlen: 21
109.205.127.0/24 maxlen: 24
159.148.0.0/16 maxlen: 16
159.148.10.0/24 maxlen: 24
159.148.49.0/24 maxlen: 24
159.148.50.0/24 maxlen: 24
159.148.63.0/24 maxlen: 24
159.148.78.0/24 maxlen: 24
159.148.80.0/24 maxlen: 24
159.148.116.0/24 maxlen: 24
159.148.117.0/24 maxlen: 24
159.148.186.0/24 maxlen: 24
159.148.188.0/24 maxlen: 24
159.148.201.0/24 maxlen: 24
159.148.229.0/24 maxlen: 24
159.148.233.0/24 maxlen: 24
185.27.92.0/22 maxlen: 22
217.69.112.0/20 maxlen: 20
217.69.113.0/24 maxlen: 24
2a02:610::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 28 Mar 2024 19:34:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:77:11:97:87:2e:8f:39:ea:ca:d5:99:81:86:78:61:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Mar 25 19:23:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eacdcaf09a4fccd7c1753bc389b6f3b431c5a7da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:bb:42:20:11:8c:b5:5a:10:1e:c7:1f:5e:c8:
4a:fb:ff:b8:d6:ec:34:8d:98:34:73:53:a7:63:ed:
50:ca:d2:a2:c7:8f:f0:b2:a3:ef:41:e2:ff:a3:8b:
ad:e6:13:33:89:75:a2:df:ac:cd:29:92:65:5d:96:
99:8d:c9:80:d9:48:66:ba:91:ec:f3:4d:58:8f:7d:
89:77:ce:51:6d:ce:7a:80:f7:26:c2:71:a4:89:9a:
45:af:c4:be:1d:b6:6e:83:5c:e5:c0:bd:78:8e:67:
50:e7:2d:ca:25:8f:d4:80:3a:9d:94:74:95:b3:de:
52:e2:c9:33:b5:d2:5f:0b:7e:22:b8:f0:fd:a1:45:
64:4c:28:d0:6c:d9:96:90:ae:24:a0:03:ec:7f:dc:
c2:eb:48:22:0d:95:bc:64:c3:ba:03:14:d8:5b:f7:
e8:da:e4:90:7e:5e:64:2e:f8:dc:b5:4b:fd:7f:5b:
bf:48:84:3a:2f:42:18:97:62:7b:30:38:c2:ed:c9:
90:a1:44:13:e7:19:38:57:66:21:e7:a9:10:09:5f:
f8:57:77:11:8d:c4:e5:50:da:3f:75:63:81:bf:7b:
21:89:52:2d:cc:68:f0:6e:99:bd:e4:94:aa:8d:d5:
17:da:82:fb:4b:d0:1e:cd:c3:6d:dd:0c:b3:b7:46:
ea:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:CD:CA:F0:9A:4F:CC:D7:C1:75:3B:C3:89:B6:F3:B4:31:C5:A7:DA
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/6s3K8JpPzNfBdTvDibbztDHFp9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.200.0/21
80.81.32.0/19
83.223.128.0/19
85.254.0.0-85.254.191.255
91.190.32.0/19
94.101.224.0/20
109.205.120.0/21
159.148.0.0/16
185.27.92.0/22
217.69.112.0/20
IPv6:
2a02:610::/32
Signature Algorithm: sha256WithRSAEncryption
9c:db:c0:5f:a7:7e:d5:ed:18:01:7f:15:e0:87:56:a0:4f:e0:
ef:37:97:17:df:f4:b9:56:74:0b:1a:21:0a:b2:77:b2:b7:ee:
55:bc:36:17:be:67:f1:f7:00:df:72:44:67:d1:cf:de:f3:37:
67:14:a2:36:fb:31:43:e6:bf:0d:5d:f1:6f:8a:c9:be:b9:1d:
02:3f:ac:08:41:55:9e:3c:9a:8a:ba:77:b1:32:46:d3:3e:43:
74:c6:4a:53:4d:20:ee:27:5b:b3:1b:55:22:9f:4d:95:e4:53:
80:f4:b1:2c:f8:c8:b4:5b:ef:63:0c:d0:94:05:1e:82:e1:c4:
13:4d:50:9d:06:21:e8:11:bb:ee:2a:d9:ff:94:93:ea:7e:5e:
8c:4e:0e:4f:60:88:6f:11:fb:86:4d:b5:13:81:89:aa:92:6a:
8e:38:66:2f:27:33:0d:cf:9f:1e:8b:1e:07:1a:b9:92:3c:e3:
1d:76:49:5a:3b:76:c9:c9:83:38:39:1b:1e:7c:ca:b7:b4:f5:
1a:fb:d0:7b:2c:27:bc:20:c4:d3:72:ef:63:be:f5:01:0f:b0:
68:32:f6:a4:56:0e:4f:1c:60:99:47:98:24:87:3e:f8:74:9e:
35:0e:81:68:d9:38:65:05:d0:53:9c:bc:d7:6f:9e:94:4e:42:
c7:fe:c6:88
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAY53EZeHLo856srVmYGGeGHaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMzI1MTkyMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWNkY2FmMDlhNGZjY2Q3YzE3NTNiYzM4OWI2ZjNiNDMxYzVhN2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7tCIBGMtVoQHscfXshK+/+41uw0
jZg0c1OnY+1QytKix4/wsqPvQeL/o4ut5hMziXWi36zNKZJlXZaZjcmA2UhmupHs
801Yj32Jd85Rbc56gPcmwnGkiZpFr8S+HbZug1zlwL14jmdQ5y3KJY/UgDqdlHSV
s95S4skztdJfC34iuPD9oUVkTCjQbNmWkK4koAPsf9zC60giDZW8ZMO6AxTYW/fo
2uSQfl5kLvjctUv9f1u/SIQ6L0IYl2J7MDjC7cmQoUQT5xk4V2Yh56kQCV/4V3cR
jcTlUNo/dWOBv3shiVItzGjwbpm95JSqjdUX2oL7S9AezcNt3Qyzt0bq1QIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFOrNyvCaT8zXwXU7w4m287QxxafaMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvNnMzSzhKcFB6TmZCZFR2RGliYnp0REhGcDlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQDLhPIAwQF
UFEgAwQFU9+AMAsDAwFV/gMEBlX+gAMEBVu+IAMEBF5l4AMEA23NeAMDAJ+UAwQC
uRtcAwQE2UVwMA0EAgACMAcDBQAqAgYQMA0GCSqGSIb3DQEBCwUAA4IBAQCc28Bf
p37V7RgBfxXgh1agT+DvN5cX3/S5VnQLGiEKsneyt+5VvDYXvmfx9wDfckRn0c/e
8zdnFKI2+zFD5r8NXfFvism+uR0CP6wIQVWePJqKunexMkbTPkN0xkpTTSDuJ1uz
G1Uin02V5FOA9LEs+Mi0W+9jDNCUBR6C4cQTTVCdBiHoEbvuKtn/lJPqfl6MTg5P
YIhvEfuGTbUTgYmqkmqOOGYvJzMNz58eix4HGrmSPOMddklaO3bJyYM4ORsefMq3
tPUa+9B7LCe8IMTTcu9jvvUBD7BoMvakVg5PHGCZR5gkhz74dJ41DoFo2ThlBdBT
nLzXb56UTkLH/saI
-----END CERTIFICATE-----
Generated at Thu Mar 28 22:36:57 2024 by rpki-client on console-fra.rpki-client.org