Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/34244d-03c8-4780-87c3-45e696a5ae45/1/6adnApTkS6VzqCwvSR2Lh4fK5Ls.roa
File: 6adnApTkS6VzqCwvSR2Lh4fK5Ls.roa (raw, json)
Hash identifier: HYRI34lLbGwoMdHvr3yqDKEFXqaMChbrQxPNAIkruXI=
Subject key identifier: E9:A7:67:02:94:E4:4B:A5:73:A8:2C:2F:49:1D:8B:87:87:CA:E4:BB
Certificate issuer: /CN=f13219221cc0a21326ce006c42825bac2be31e17
Certificate serial: 018D1C83BAC1E89772FC771123C5F4A077C8
Authority key identifier: F1:32:19:22:1C:C0:A2:13:26:CE:00:6C:42:82:5B:AC:2B:E3:1E:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TIZIhzAohMmzgBsQoJbrCvjHhc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/34244d-03c8-4780-87c3-45e696a5ae45/1/6adnApTkS6VzqCwvSR2Lh4fK5Ls.roa
Signing time: Thu 18 Jan 2024 12:20:11 +0000
ROA not before: Thu 18 Jan 2024 12:20:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 37.99.128.0/18 maxlen: 24
46.184.0.0/17 maxlen: 24
94.77.192.0/18 maxlen: 24
185.139.120.0/22 maxlen: 24
188.248.0.0/15 maxlen: 24
2a02:888::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:47:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1c:83:ba:c1:e8:97:72:fc:77:11:23:c5:f4:a0:77:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13219221cc0a21326ce006c42825bac2be31e17
Validity
Not Before: Jan 18 12:20:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e9a7670294e44ba573a82c2f491d8b8787cae4bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:4d:8c:53:9e:65:e1:4e:60:87:0f:71:e0:f5:
40:34:bd:04:02:eb:5b:b7:52:ce:53:f3:6b:5b:68:
86:ef:d9:1d:60:74:24:4a:b8:6e:db:b3:19:7e:00:
38:bf:45:43:16:be:a2:4a:09:16:90:31:fa:40:e5:
bd:93:f5:84:4b:ce:87:aa:87:1e:37:4c:22:22:32:
bd:76:8c:7d:49:e2:13:c5:d8:f7:4a:82:05:c7:42:
c8:60:0b:81:74:51:19:cf:f3:f6:ed:c0:d4:41:55:
af:de:37:57:5a:e5:2d:c5:1e:47:83:88:a8:08:27:
db:27:a0:00:8f:c2:af:95:35:e2:37:e4:14:0f:ea:
ee:62:5c:44:97:05:1a:dd:fc:fb:31:0f:b3:1a:77:
ad:ae:07:43:d7:af:ee:19:83:5f:22:31:93:d4:b1:
fa:c5:a8:d9:56:70:bd:e5:ec:80:8e:9c:84:3f:c9:
8f:b7:8e:42:05:9a:95:11:11:2e:16:7d:f7:4f:62:
b0:65:05:6e:03:70:7a:17:63:5f:a1:60:cf:a2:0b:
cf:ed:d4:36:12:18:a3:2e:27:7c:b5:32:e3:ba:98:
7e:a1:33:a6:be:1b:fb:dd:8d:9e:b2:b3:fd:c3:54:
39:0f:8e:b4:20:d8:57:26:23:a2:87:00:62:ca:d9:
35:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:A7:67:02:94:E4:4B:A5:73:A8:2C:2F:49:1D:8B:87:87:CA:E4:BB
X509v3 Authority Key Identifier:
keyid:F1:32:19:22:1C:C0:A2:13:26:CE:00:6C:42:82:5B:AC:2B:E3:1E:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TIZIhzAohMmzgBsQoJbrCvjHhc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/34244d-03c8-4780-87c3-45e696a5ae45/1/6adnApTkS6VzqCwvSR2Lh4fK5Ls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/34244d-03c8-4780-87c3-45e696a5ae45/1/8TIZIhzAohMmzgBsQoJbrCvjHhc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.99.128.0/18
46.184.0.0/17
94.77.192.0/18
185.139.120.0/22
188.248.0.0/15
IPv6:
2a02:888::/29
Signature Algorithm: sha256WithRSAEncryption
83:dd:82:b7:93:ad:18:f2:28:d5:96:5e:97:c2:41:9b:fd:de:
af:13:48:81:0c:b1:ff:35:83:26:f0:d5:10:06:65:8f:f7:5c:
8e:fa:83:a2:e5:5f:a6:37:1d:c8:3c:71:94:c1:80:09:f1:d3:
ed:bf:1e:62:00:1f:69:e3:07:07:33:8c:36:3d:bd:1d:36:81:
96:7b:da:7d:9f:ae:72:0d:8b:a3:b5:33:49:d7:d5:87:e3:3c:
cd:81:3e:d9:d6:02:22:23:f0:4f:69:46:6b:54:ed:ec:59:60:
84:96:42:83:de:52:61:1a:ea:c6:a2:30:f2:27:70:32:40:61:
79:43:3e:85:00:de:da:2d:de:7d:8c:17:db:b2:2a:fb:ce:13:
b3:b9:5f:84:13:55:c4:2b:c7:ee:a8:1c:d1:23:b6:75:1f:07:
7e:2d:f0:50:ab:42:9b:26:c0:57:33:08:09:70:0d:19:f8:9f:
8d:fb:5e:55:2f:1b:a3:19:3a:27:92:97:a2:23:d9:72:e1:2b:
17:91:84:79:dd:3d:ec:31:66:52:09:98:1d:c5:9c:c8:ec:45:
cf:43:07:eb:c9:b3:60:97:19:de:1b:7f:5e:2d:bb:26:c8:30:
bc:66:de:18:7d:ed:52:0a:dd:83:f0:a6:9f:12:a0:42:2c:ff:
c8:d7:61:45
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAY0cg7rB6Jdy/HcRI8X0oHfIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzIxOTIyMWNjMGEyMTMyNmNlMDA2YzQyODI1YmFjMmJl
MzFlMTcwHhcNMjQwMTE4MTIyMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWE3NjcwMjk0ZTQ0YmE1NzNhODJjMmY0OTFkOGI4Nzg3Y2FlNGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArk2MU55l4U5ghw9x4PVANL0EAutb
t1LOU/NrW2iG79kdYHQkSrhu27MZfgA4v0VDFr6iSgkWkDH6QOW9k/WES86Hqoce
N0wiIjK9dox9SeITxdj3SoIFx0LIYAuBdFEZz/P27cDUQVWv3jdXWuUtxR5Hg4io
CCfbJ6AAj8KvlTXiN+QUD+ruYlxElwUa3fz7MQ+zGnetrgdD16/uGYNfIjGT1LH6
xajZVnC95eyAjpyEP8mPt45CBZqVEREuFn33T2KwZQVuA3B6F2NfoWDPogvP7dQ2
EhijLid8tTLjuph+oTOmvhv73Y2esrP9w1Q5D460INhXJiOihwBiytk1yQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFOmnZwKU5Eulc6gsL0kdi4eHyuS7MB8GA1UdIwQY
MBaAFPEyGSIcwKITJs4AbEKCW6wr4x4XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRJWkloekFvaE1temdCc1FvSmJyQ3ZqSGhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zNDI0NGQtMDNjOC00NzgwLTg3YzMt
NDVlNjk2YTVhZTQ1LzEvNmFkbkFwVGtTNlZ6cUN3dlNSMkxoNGZLNUxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zNDI0NGQtMDNjOC00NzgwLTg3YzMtNDVlNjk2YTVhZTQ1
LzEvOFRJWkloekFvaE1temdCc1FvSmJyQ3ZqSGhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwQGJWOAAwQH
LrgAAwQGXk3AAwQCuYt4AwMBvPgwDQQCAAIwBwMFAyoCCIgwDQYJKoZIhvcNAQEL
BQADggEBAIPdgreTrRjyKNWWXpfCQZv93q8TSIEMsf81gybw1RAGZY/3XI76g6Ll
X6Y3Hcg8cZTBgAnx0+2/HmIAH2njBwczjDY9vR02gZZ72n2frnINi6O1M0nX1Yfj
PM2BPtnWAiIj8E9pRmtU7exZYISWQoPeUmEa6saiMPIncDJAYXlDPoUA3tot3n2M
F9uyKvvOE7O5X4QTVcQrx+6oHNEjtnUfB34t8FCrQpsmwFczCAlwDRn4n437XlUv
G6MZOieSl6Ij2XLhKxeRhHndPewxZlIJmB3FnMjsRc9DB+vJs2CXGd4bf14tuybI
MLxm3hh97VIK3YPwpp8SoEIs/8jXYUU=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:36:36 2025 by rpki-client