Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/9c1ec8-cc39-4389-8584-85173e57eb52/1/6xOZPnUt2vHoIfQkeorhl7y2qdI.roa
File: 6xOZPnUt2vHoIfQkeorhl7y2qdI.roa (raw, json)
Hash identifier: T2RaGajokO672uMapksmCtmisuI9JUciIIgL0eQjpQ4=
Subject key identifier: EB:13:99:3E:75:2D:DA:F1:E8:21:F4:24:7A:8A:E1:97:BC:B6:A9:D2
Certificate issuer: /CN=8db49baf17f06c364a00f8e64c891c53729f7a2f
Certificate serial: 018570396B935AF136D201EE4566137940D5
Authority key identifier: 8D:B4:9B:AF:17:F0:6C:36:4A:00:F8:E6:4C:89:1C:53:72:9F:7A:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbSbrxfwbDZKAPjmTIkcU3Kfei8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/9c1ec8-cc39-4389-8584-85173e57eb52/1/6xOZPnUt2vHoIfQkeorhl7y2qdI.roa
Signing time: Mon 02 Jan 2023 02:04:49 +0000
ROA not before: Mon 02 Jan 2023 02:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 131.188.0.0/16 maxlen: 16
192.44.82.0/23 maxlen: 23
192.44.84.0/22 maxlen: 22
192.44.81.0/24 maxlen: 24
192.44.88.0/23 maxlen: 23
192.44.90.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:6b:93:5a:f1:36:d2:01:ee:45:66:13:79:40:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db49baf17f06c364a00f8e64c891c53729f7a2f
Validity
Not Before: Jan 2 02:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eb13993e752ddaf1e821f4247a8ae197bcb6a9d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c5:80:82:48:1b:a6:27:2e:8b:d1:66:c1:47:
d1:ce:5a:0f:b6:42:14:0b:82:03:56:f5:7c:a3:a2:
40:35:ae:cd:55:dc:1d:0a:05:72:a7:05:e2:5a:44:
00:e9:e5:11:d4:e3:b7:da:1c:24:a0:0d:c4:81:f4:
00:1b:f7:18:10:bd:19:90:08:fb:35:87:fd:c3:7e:
de:e1:de:99:a6:17:78:8c:e4:f8:ab:ae:bb:99:6e:
d0:d6:b7:34:03:e1:84:e6:f8:62:b7:9c:52:ee:4f:
38:8e:64:a8:2b:f0:1c:78:ae:77:6b:0f:9d:e2:9c:
53:1a:92:0d:08:30:54:d4:a3:68:a1:6d:0a:27:2d:
61:50:38:92:06:cf:c9:19:cc:2a:6a:d3:08:77:3a:
52:f5:67:2b:a6:8e:cd:7d:15:b8:fc:3e:5d:81:09:
a9:74:e3:e7:48:c8:74:7d:37:68:eb:64:e9:f0:d5:
15:c4:50:08:6e:1a:be:48:b5:88:7b:4d:05:0a:55:
a2:84:6a:27:e5:65:e6:66:75:20:c0:2c:e4:b3:f9:
d4:2c:68:8a:2c:a9:3e:31:b6:46:a0:9c:c8:4d:12:
0c:a3:62:09:98:40:85:04:dc:b5:b9:fb:9a:4f:db:
83:38:72:5c:ba:dd:c9:d0:3a:2f:e2:64:24:e1:7c:
8f:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:13:99:3E:75:2D:DA:F1:E8:21:F4:24:7A:8A:E1:97:BC:B6:A9:D2
X509v3 Authority Key Identifier:
keyid:8D:B4:9B:AF:17:F0:6C:36:4A:00:F8:E6:4C:89:1C:53:72:9F:7A:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbSbrxfwbDZKAPjmTIkcU3Kfei8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/9c1ec8-cc39-4389-8584-85173e57eb52/1/6xOZPnUt2vHoIfQkeorhl7y2qdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/9c1ec8-cc39-4389-8584-85173e57eb52/1/jbSbrxfwbDZKAPjmTIkcU3Kfei8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.188.0.0/16
192.44.81.0-192.44.90.255
Signature Algorithm: sha256WithRSAEncryption
1f:fe:58:3a:ab:10:dd:48:fc:63:9d:04:07:df:de:41:09:d9:
4f:b1:32:3f:cc:e6:34:ae:10:ce:d9:bb:7c:c9:c0:88:b0:61:
d5:8e:e0:fd:be:5b:e0:50:4b:c5:ab:6b:80:36:7d:87:8f:af:
f6:b2:c3:f7:30:5e:8c:ea:7d:2c:67:22:9a:30:f7:67:02:2d:
4a:43:e0:98:99:fe:1d:a0:0d:69:9e:ac:9d:2b:a0:33:dc:85:
fc:62:9a:ff:c9:06:1a:12:44:51:e0:70:9d:5a:7e:7c:46:61:
32:9a:b1:17:76:7e:0e:56:00:83:72:ec:c6:0f:90:3f:6e:02:
1c:13:e1:5e:30:99:c7:cd:6c:57:84:20:af:df:c5:3d:d2:12:
d6:a8:de:4c:37:f9:1b:fd:36:27:52:aa:a5:8d:1a:af:f2:57:
11:04:49:b2:9e:18:02:8c:63:f5:6e:10:f3:b2:84:22:50:5f:
69:8f:d8:8b:45:f2:37:6b:fe:23:10:70:f9:cc:93:df:9a:74:
d3:15:f8:11:7c:05:a5:39:73:29:48:30:9d:bf:b8:02:32:d0:
73:44:1c:a3:9b:a9:1e:cd:86:7b:7f:1b:ff:2b:34:d0:22:62:
43:20:f3:a0:3c:fa:e9:ea:dc:2b:f7:58:d8:1d:2a:eb:58:29:
ea:94:86:77
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYVwOWuTWvE20gHuRWYTeUDVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYjQ5YmFmMTdmMDZjMzY0YTAwZjhlNjRjODkxYzUzNzI5
ZjdhMmYwHhcNMjMwMTAyMDIwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjEzOTkzZTc1MmRkYWYxZTgyMWY0MjQ3YThhZTE5N2JjYjZhOWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcWAgkgbpicui9FmwUfRzloPtkIU
C4IDVvV8o6JANa7NVdwdCgVypwXiWkQA6eUR1OO32hwkoA3EgfQAG/cYEL0ZkAj7
NYf9w37e4d6Zphd4jOT4q667mW7Q1rc0A+GE5vhit5xS7k84jmSoK/AceK53aw+d
4pxTGpINCDBU1KNooW0KJy1hUDiSBs/JGcwqatMIdzpS9Wcrpo7NfRW4/D5dgQmp
dOPnSMh0fTdo62Tp8NUVxFAIbhq+SLWIe00FClWihGon5WXmZnUgwCzks/nULGiK
LKk+MbZGoJzITRIMo2IJmECFBNy1ufuaT9uDOHJcut3J0Dov4mQk4XyPQwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFOsTmT51Ldrx6CH0JHqK4Ze8tqnSMB8GA1UdIwQY
MBaAFI20m68X8Gw2SgD45kyJHFNyn3ovMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamJTYnJ4ZndiRFpLQVBqbVRJa2NVM0tmZWk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi85YzFlYzgtY2MzOS00Mzg5LTg1ODQt
ODUxNzNlNTdlYjUyLzEvNnhPWlBuVXQydkhvSWZRa2VvcmhsN3kycWRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi85YzFlYzgtY2MzOS00Mzg5LTg1ODQtODUxNzNlNTdlYjUy
LzEvamJTYnJ4ZndiRFpLQVBqbVRJa2NVM0tmZWk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATAwMAg7wwDAME
AMAsUQMEAMAsWjANBgkqhkiG9w0BAQsFAAOCAQEAH/5YOqsQ3Uj8Y50EB9/eQQnZ
T7EyP8zmNK4Qztm7fMnAiLBh1Y7g/b5b4FBLxatrgDZ9h4+v9rLD9zBejOp9LGci
mjD3ZwItSkPgmJn+HaANaZ6snSugM9yF/GKa/8kGGhJEUeBwnVp+fEZhMpqxF3Z+
DlYAg3Lsxg+QP24CHBPhXjCZx81sV4Qgr9/FPdIS1qjeTDf5G/02J1KqpY0ar/JX
EQRJsp4YAoxj9W4Q87KEIlBfaY/Yi0XyN2v+IxBw+cyT35p00xX4EXwFpTlzKUgw
nb+4AjLQc0Qco5upHs2Ge38b/ys00CJiQyDzoDz66ercK/dY2B0q61gp6pSGdw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:04 2024 by rpki-client on console-fra.rpki-client.org