Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/e8bbd2-1361-41a3-90f0-5334e6b8c5fe/1/6iJJ-Add8Li7qzdwWm5VvehOHBo.roa
File: 6iJJ-Add8Li7qzdwWm5VvehOHBo.roa (raw, json)
Hash identifier: PQcvzOHoyl3m+aPSYk8MwRbx4sDrDpo+wWWJBNvW2MM=
Subject key identifier: EA:22:49:F8:07:5D:F0:B8:BB:AB:37:70:5A:6E:55:BD:E8:4E:1C:1A
Certificate issuer: /CN=b011022187e3395a1524fa1a7541ea793285afc2
Certificate serial: 01857C2DEA67D1DC446320D7BA16E1A8F39B
Authority key identifier: B0:11:02:21:87:E3:39:5A:15:24:FA:1A:75:41:EA:79:32:85:AF:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBECIYfjOVoVJPoadUHqeTKFr8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/e8bbd2-1361-41a3-90f0-5334e6b8c5fe/1/6iJJ-Add8Li7qzdwWm5VvehOHBo.roa
Signing time: Wed 04 Jan 2023 09:47:41 +0000
ROA not before: Wed 04 Jan 2023 09:47:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39308
IP address blocks: 46.21.80.0/20 maxlen: 20
185.56.96.0/22 maxlen: 24
176.12.64.0/20 maxlen: 20
109.109.32.0/19 maxlen: 19
89.144.130.0/24 maxlen: 24
89.144.128.0/18 maxlen: 24
109.109.48.0/24 maxlen: 24
159.20.96.0/20 maxlen: 20
2a00:1570::/32 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:7c:2d:ea:67:d1:dc:44:63:20:d7:ba:16:e1:a8:f3:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b011022187e3395a1524fa1a7541ea793285afc2
Validity
Not Before: Jan 4 09:47:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea2249f8075df0b8bbab37705a6e55bde84e1c1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:5a:18:9a:f3:e8:dc:50:da:59:dd:55:71:84:
11:b4:3c:65:55:7e:e7:49:3b:4d:70:bb:e4:50:1f:
76:fe:86:11:c0:ba:58:72:84:12:2d:5b:9a:a0:e3:
f3:3c:8b:ec:f4:dc:db:6f:fd:2e:91:33:57:f6:98:
2c:f4:c5:33:80:2b:6d:f6:d9:27:8e:d9:a3:9e:6a:
eb:a5:a6:2c:0c:1e:81:cd:6e:2f:83:2b:3f:31:98:
28:45:03:6c:77:6c:7c:03:a3:cc:cb:b4:7c:cc:c8:
c4:0d:7d:ae:1b:03:0d:a4:43:27:21:a7:08:d4:1a:
68:55:3b:e0:17:64:06:71:28:00:12:96:75:0f:4f:
b9:43:f1:af:67:12:d4:45:f5:58:79:ad:8f:d0:85:
f9:74:bc:8e:d4:7f:b4:55:f0:75:3d:02:ce:1c:c2:
63:06:4e:0a:d1:23:47:e0:c2:81:b1:71:db:4a:f7:
a6:70:01:63:53:d1:e9:c8:bf:94:04:5c:2a:8f:5f:
e9:cd:1b:bf:78:6a:f9:a3:db:b5:98:4e:23:10:82:
d5:f0:ea:5d:42:61:74:25:1d:29:52:b7:01:26:ee:
5d:4e:fa:f3:27:31:40:38:10:91:a8:29:6d:9a:69:
18:25:5d:5e:5b:d3:f3:22:4e:1a:0f:df:98:cd:8a:
f8:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:22:49:F8:07:5D:F0:B8:BB:AB:37:70:5A:6E:55:BD:E8:4E:1C:1A
X509v3 Authority Key Identifier:
keyid:B0:11:02:21:87:E3:39:5A:15:24:FA:1A:75:41:EA:79:32:85:AF:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBECIYfjOVoVJPoadUHqeTKFr8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e8bbd2-1361-41a3-90f0-5334e6b8c5fe/1/6iJJ-Add8Li7qzdwWm5VvehOHBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e8bbd2-1361-41a3-90f0-5334e6b8c5fe/1/sBECIYfjOVoVJPoadUHqeTKFr8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.80.0/20
89.144.128.0/18
109.109.32.0/19
159.20.96.0/20
176.12.64.0/20
185.56.96.0/22
IPv6:
2a00:1570::/32
Signature Algorithm: sha256WithRSAEncryption
1e:33:bd:24:29:80:c7:2b:26:5c:f6:e7:95:7f:6e:dc:7e:47:
97:f8:6f:88:6f:1b:34:e1:63:2d:14:86:e6:1d:7a:59:fb:57:
e6:ae:ed:d1:33:74:71:46:72:8d:c0:59:23:83:24:fe:a3:df:
5d:d3:02:c1:66:51:0f:7b:53:fc:ee:2d:7a:a9:70:6d:bb:24:
c5:ac:a3:21:5f:b3:43:c8:75:a1:49:8d:d7:a0:fc:b2:96:44:
5a:0c:fc:0d:d7:41:c1:d3:f7:80:73:21:90:08:f5:77:c9:18:
c8:5a:df:29:fa:da:87:ad:91:46:49:de:c9:84:54:a6:a3:1b:
a6:45:30:f6:43:c9:1c:6c:70:b1:eb:14:68:2e:89:44:d8:19:
8b:6d:7d:bb:58:94:58:79:4f:f8:ca:cf:f3:2a:60:e7:fb:89:
35:ee:18:b0:16:8c:f9:14:8b:ef:ba:bc:af:b7:98:f0:c9:41:
ec:ea:02:84:11:04:32:98:5d:94:ea:1b:3a:94:b8:c6:c7:92:
c1:c4:e4:f5:23:5d:58:af:7b:57:21:45:0d:6e:4d:a2:f0:fd:
a2:db:a4:66:b2:0e:5c:5b:0e:01:c3:01:a4:86:3c:bc:8d:63:
bd:c5:d2:1d:85:fe:93:ed:88:c7:aa:6b:32:7b:9d:32:95:76:
50:3d:77:57
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYV8Lepn0dxEYyDXuhbhqPObMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwMTEwMjIxODdlMzM5NWExNTI0ZmExYTc1NDFlYTc5MzI4
NWFmYzIwHhcNMjMwMTA0MDk0NzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTIyNDlmODA3NWRmMGI4YmJhYjM3NzA1YTZlNTViZGU4NGUxYzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1oYmvPo3FDaWd1VcYQRtDxlVX7n
STtNcLvkUB92/oYRwLpYcoQSLVuaoOPzPIvs9Nzbb/0ukTNX9pgs9MUzgCtt9tkn
jtmjnmrrpaYsDB6BzW4vgys/MZgoRQNsd2x8A6PMy7R8zMjEDX2uGwMNpEMnIacI
1BpoVTvgF2QGcSgAEpZ1D0+5Q/GvZxLURfVYea2P0IX5dLyO1H+0VfB1PQLOHMJj
Bk4K0SNH4MKBsXHbSvemcAFjU9HpyL+UBFwqj1/pzRu/eGr5o9u1mE4jEILV8Opd
QmF0JR0pUrcBJu5dTvrzJzFAOBCRqCltmmkYJV1eW9PzIk4aD9+YzYr49QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFOoiSfgHXfC4u6s3cFpuVb3oThwaMB8GA1UdIwQY
MBaAFLARAiGH4zlaFST6GnVB6nkyha/CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0JFQ0lZZmpPVm9WSlBvYWRVSHFlVEtGcjhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9lOGJiZDItMTM2MS00MWEzLTkwZjAt
NTMzNGU2YjhjNWZlLzEvNmlKSi1BZGQ4TGk3cXpkd1dtNVZ2ZWhPSEJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9lOGJiZDItMTM2MS00MWEzLTkwZjAtNTMzNGU2YjhjNWZl
LzEvc0JFQ0lZZmpPVm9WSlBvYWRVSHFlVEtGcjhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQELhVQAwQG
WZCAAwQFbW0gAwQEnxRgAwQEsAxAAwQCuThgMA0EAgACMAcDBQAqABVwMA0GCSqG
SIb3DQEBCwUAA4IBAQAeM70kKYDHKyZc9ueVf27cfkeX+G+Ibxs04WMtFIbmHXpZ
+1fmru3RM3RxRnKNwFkjgyT+o99d0wLBZlEPe1P87i16qXBtuyTFrKMhX7NDyHWh
SY3XoPyylkRaDPwN10HB0/eAcyGQCPV3yRjIWt8p+tqHrZFGSd7JhFSmoxumRTD2
Q8kcbHCx6xRoLolE2BmLbX27WJRYeU/4ys/zKmDn+4k17hiwFoz5FIvvuryvt5jw
yUHs6gKEEQQymF2U6hs6lLjGx5LBxOT1I11Yr3tXIUUNbk2i8P2i26Rmsg5cWw4B
wwGkhjy8jWO9xdIdhf6T7YjHqmsye50ylXZQPXdX
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:10 2024 by rpki-client on console-ams.rpki-client.org