Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/4a27cb-8cd6-45cc-8246-0e9d3eca44c2/1/6GFzC3WXQGjhX_rlpNJvyTE1kTU.roa
File: 6GFzC3WXQGjhX_rlpNJvyTE1kTU.roa (raw, json)
Hash identifier: SH/mpvT6MNRbTQrY7ms9Elfo4VUJ0kF6iUD+YrwDOEc=
Subject key identifier: E8:61:73:0B:75:97:40:68:E1:5F:FA:E5:A4:D2:6F:C9:31:35:91:35
Certificate issuer: /CN=d5fb526a33f366aa8946188e5d326bdce46e2c40
Certificate serial: 018CCA2A45ED1A31D3E807EE54DCCF75EB8B
Authority key identifier: D5:FB:52:6A:33:F3:66:AA:89:46:18:8E:5D:32:6B:DC:E4:6E:2C:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1ftSajPzZqqJRhiOXTJr3ORuLEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/4a27cb-8cd6-45cc-8246-0e9d3eca44c2/1/6GFzC3WXQGjhX_rlpNJvyTE1kTU.roa
Signing time: Tue 02 Jan 2024 12:33:37 +0000
ROA not before: Tue 02 Jan 2024 12:33:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57826
IP address blocks: 176.108.64.0/24 maxlen: 24
176.108.64.0/19 maxlen: 19
176.108.68.0/22 maxlen: 22
176.108.65.0/24 maxlen: 24
176.108.66.0/24 maxlen: 24
176.108.67.0/24 maxlen: 24
176.108.72.0/22 maxlen: 22
176.108.76.0/22 maxlen: 22
176.108.83.0/24 maxlen: 24
176.108.84.0/24 maxlen: 24
176.108.85.0/24 maxlen: 24
176.108.80.0/24 maxlen: 24
176.108.81.0/24 maxlen: 24
176.108.82.0/24 maxlen: 24
176.108.88.0/22 maxlen: 22
176.108.86.0/24 maxlen: 24
176.108.87.0/24 maxlen: 24
176.108.92.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:45:ed:1a:31:d3:e8:07:ee:54:dc:cf:75:eb:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5fb526a33f366aa8946188e5d326bdce46e2c40
Validity
Not Before: Jan 2 12:33:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e861730b75974068e15ffae5a4d26fc931359135
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:bf:83:d3:a0:a4:81:e0:5d:9c:67:42:aa:a7:
e3:e5:53:ea:86:4f:44:ac:56:39:52:79:78:f0:05:
b2:1c:7c:96:7f:9d:fd:54:68:82:48:dd:56:a3:f0:
08:db:7e:a4:d4:a3:e4:a6:a3:83:c3:5e:ba:f1:10:
cc:e0:95:cf:ba:25:9e:56:5b:86:35:d2:d4:30:ea:
49:25:9e:6e:57:50:d8:da:bf:ab:be:e1:4e:cd:eb:
6b:7c:85:67:40:64:14:1a:5b:80:d7:7b:6a:ad:e7:
86:7b:4c:a3:ea:46:95:1a:b6:b7:85:a1:32:76:c5:
54:c7:31:98:09:66:b5:70:e9:13:2c:b3:49:54:16:
51:e0:8e:31:fc:5d:ce:5f:3a:fc:4c:18:be:0e:a3:
76:48:db:24:a1:4b:79:fa:32:77:d5:e0:a1:81:51:
09:eb:41:ff:bc:50:46:de:68:00:a2:d3:c3:29:83:
dd:8a:a6:74:e3:92:77:18:74:f4:a9:20:ae:92:dc:
dc:81:03:5e:60:03:7b:ca:2c:92:b8:b9:5a:4f:d4:
2a:2b:39:a7:ea:7c:2d:06:3d:32:bf:8d:4e:ec:3f:
74:c8:47:52:65:61:00:ca:b4:e6:07:e2:e0:c6:20:
ad:0e:09:c3:be:00:11:71:42:f8:56:55:10:13:e4:
1f:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:61:73:0B:75:97:40:68:E1:5F:FA:E5:A4:D2:6F:C9:31:35:91:35
X509v3 Authority Key Identifier:
keyid:D5:FB:52:6A:33:F3:66:AA:89:46:18:8E:5D:32:6B:DC:E4:6E:2C:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ftSajPzZqqJRhiOXTJr3ORuLEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/4a27cb-8cd6-45cc-8246-0e9d3eca44c2/1/6GFzC3WXQGjhX_rlpNJvyTE1kTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/4a27cb-8cd6-45cc-8246-0e9d3eca44c2/1/1ftSajPzZqqJRhiOXTJr3ORuLEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.108.64.0/19
Signature Algorithm: sha256WithRSAEncryption
4d:fa:e1:82:29:44:fc:63:f7:0a:1f:c4:ea:62:76:eb:5e:97:
6f:6b:5e:67:51:ce:a3:e8:c4:ad:26:85:f5:b9:6b:92:2a:af:
1f:c8:9f:b1:45:a8:5f:9d:a1:f5:20:52:77:29:ba:92:5a:47:
ef:a8:f5:83:9a:8e:8e:30:4c:81:fe:41:2a:78:d0:da:b5:00:
91:00:7d:84:87:fa:e7:08:bd:b3:51:70:2d:e3:d5:10:6f:32:
4d:70:ad:7d:7a:92:fe:fb:4c:6f:87:a3:80:a7:08:26:e8:be:
a8:e0:4c:a1:05:c0:a6:59:7d:24:14:c6:3d:49:87:f6:e2:6d:
52:2f:ea:55:81:bb:b6:a2:ae:11:d7:30:6e:19:2c:64:61:f2:
87:5d:90:04:e1:91:67:20:64:d2:ce:95:f4:37:b6:5b:28:4e:
94:bf:12:54:1c:d8:95:56:dc:de:68:4d:da:f2:94:6a:92:0c:
b6:5e:c0:6c:31:cb:e2:0f:1f:fc:b0:a7:43:3b:28:e3:6f:07:
97:ad:1f:2c:8f:40:56:af:8e:bb:6d:b0:b8:ad:60:56:17:0d:
60:4c:ec:bf:4d:94:a3:cb:89:c0:67:35:bc:b4:48:da:dc:36:
83:e4:53:7c:d3:8c:78:2a:b2:fd:c2:ac:cc:f8:00:0b:14:a1:
0d:d0:85:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKkXtGjHT6AfuVNzPdeuLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZmI1MjZhMzNmMzY2YWE4OTQ2MTg4ZTVkMzI2YmRjZTQ2
ZTJjNDAwHhcNMjQwMTAyMTIzMzM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODYxNzMwYjc1OTc0MDY4ZTE1ZmZhZTVhNGQyNmZjOTMxMzU5MTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtb+D06CkgeBdnGdCqqfj5VPqhk9E
rFY5Unl48AWyHHyWf539VGiCSN1Wo/AI236k1KPkpqODw1668RDM4JXPuiWeVluG
NdLUMOpJJZ5uV1DY2r+rvuFOzetrfIVnQGQUGluA13tqreeGe0yj6kaVGra3haEy
dsVUxzGYCWa1cOkTLLNJVBZR4I4x/F3OXzr8TBi+DqN2SNskoUt5+jJ31eChgVEJ
60H/vFBG3mgAotPDKYPdiqZ045J3GHT0qSCuktzcgQNeYAN7yiySuLlaT9QqKzmn
6nwtBj0yv41O7D90yEdSZWEAyrTmB+LgxiCtDgnDvgARcUL4VlUQE+QfzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOhhcwt1l0Bo4V/65aTSb8kxNZE1MB8GA1UdIwQY
MBaAFNX7Umoz82aqiUYYjl0ya9zkbixAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWZ0U2FqUHpacXFKUmhpT1hUSnIzT1J1TEVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS80YTI3Y2ItOGNkNi00NWNjLTgyNDYt
MGU5ZDNlY2E0NGMyLzEvNkdGekMzV1hRR2poWF9ybHBOSnZ5VEUxa1RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS80YTI3Y2ItOGNkNi00NWNjLTgyNDYtMGU5ZDNlY2E0NGMy
LzEvMWZ0U2FqUHpacXFKUmhpT1hUSnIzT1J1TEVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFsGxAMA0G
CSqGSIb3DQEBCwUAA4IBAQBN+uGCKUT8Y/cKH8TqYnbrXpdva15nUc6j6MStJoX1
uWuSKq8fyJ+xRahfnaH1IFJ3KbqSWkfvqPWDmo6OMEyB/kEqeNDatQCRAH2Eh/rn
CL2zUXAt49UQbzJNcK19epL++0xvh6OApwgm6L6o4EyhBcCmWX0kFMY9SYf24m1S
L+pVgbu2oq4R1zBuGSxkYfKHXZAE4ZFnIGTSzpX0N7ZbKE6UvxJUHNiVVtzeaE3a
8pRqkgy2XsBsMcviDx/8sKdDOyjjbweXrR8sj0BWr467bbC4rWBWFw1gTOy/TZSj
y4nAZzW8tEja3DaD5FN804x4KrL9wqzM+AALFKEN0IVn
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:15 2025 by rpki-client