Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/6BkBE0P_aCvNbfFGiXQU1gpwEj8.roa
File: 6BkBE0P_aCvNbfFGiXQU1gpwEj8.roa (raw, json)
Hash identifier: K496Fbyasc5AET0uIQzwTlErI22mpB6pQjojoooJUyw=
Subject key identifier: E8:19:01:13:43:FF:68:2B:CD:6D:F1:46:89:74:14:D6:0A:70:12:3F
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0185E817D19E1029B9247D5A3C893AB5642F
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/6BkBE0P_aCvNbfFGiXQU1gpwEj8.roa
Signing time: Wed 25 Jan 2023 08:42:33 +0000
ROA not before: Wed 25 Jan 2023 08:42:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15596
IP address blocks: 89.251.24.0/22 maxlen: 22
89.251.20.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Mar 2023 19:46:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e8:17:d1:9e:10:29:b9:24:7d:5a:3c:89:3a:b5:64:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jan 25 08:42:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e819011343ff682bcd6df146897414d60a70123f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:1d:52:42:b2:31:e0:68:db:88:f4:69:93:38:
d2:36:00:bd:6f:03:d7:32:1b:f7:b9:a4:9b:54:2a:
42:6d:d3:b3:42:05:73:ae:58:9f:ba:5c:a3:2e:08:
c5:9b:5c:0b:90:cd:39:8b:f9:02:4b:f2:84:50:d4:
04:f4:ca:b5:0a:1f:c9:e6:67:7f:76:79:ff:df:5a:
39:b6:9d:a9:84:30:a8:43:30:bf:35:09:a4:91:c6:
15:da:01:50:8c:7f:fb:ed:9d:2a:27:95:55:a2:0e:
33:ba:e1:68:17:d4:2e:55:84:ca:fd:14:c7:fb:41:
d0:aa:d0:e2:a9:3b:77:ac:bf:0f:bc:2c:3b:7a:b3:
3a:52:13:55:6f:9c:5d:6d:d2:e8:f7:c5:e0:95:ef:
a9:c4:9f:7b:08:01:50:b5:75:28:54:85:90:8b:67:
20:fa:b8:b8:9a:d1:2e:01:84:8e:9a:04:88:96:10:
68:87:51:75:25:5f:b8:b6:a4:59:75:30:34:ce:68:
e8:13:54:61:fb:81:e9:e9:a8:06:56:08:dc:ec:bc:
ed:69:ce:38:c0:3a:8a:5e:27:b3:87:3b:ad:71:78:
58:85:2c:08:a6:ef:97:92:88:da:3f:15:b2:42:fe:
2a:67:c9:aa:a5:d1:84:dd:3f:df:2a:0b:6a:a9:9b:
d1:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:19:01:13:43:FF:68:2B:CD:6D:F1:46:89:74:14:D6:0A:70:12:3F
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/6BkBE0P_aCvNbfFGiXQU1gpwEj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.20.0-89.251.27.255
Signature Algorithm: sha256WithRSAEncryption
7f:16:d2:e6:e4:e4:a8:52:eb:e4:52:04:29:3d:10:8f:5a:48:
2e:30:96:c5:a0:bd:da:be:26:0e:51:c8:8e:e8:d7:94:97:2a:
99:e0:0f:a8:fd:42:7c:b0:03:8f:cf:f2:9e:8b:c9:d1:01:fd:
cc:02:3b:f3:6b:41:35:12:20:c4:10:f5:78:2b:50:54:13:9e:
83:02:e8:da:35:f7:1e:32:96:00:d9:77:93:62:d9:ab:21:3a:
c0:c7:7f:64:52:21:82:0f:0d:a3:ca:8c:ff:7a:d6:6c:c5:94:
59:24:e4:2b:41:1f:42:9c:99:e4:f2:8f:98:69:2f:de:32:8b:
3d:98:1b:ea:0c:49:d3:80:b3:a0:61:e9:3e:61:79:3a:3c:12:
2a:ff:06:75:8d:5e:5e:b6:cb:1d:01:30:46:e6:7f:69:38:ad:
2e:59:5a:9a:3e:d5:b6:44:c4:a2:8a:93:32:e8:8e:5d:0c:ef:
d2:ba:46:27:70:96:28:28:96:01:7e:03:ff:30:c2:1a:5c:a8:
a1:d9:35:6d:dc:5c:8e:0e:3b:a8:d5:a3:74:f8:55:12:dc:00:
3b:73:64:d6:12:9e:e0:74:e5:e7:7d:02:ad:88:83:e4:cf:ea:
2e:87:0b:5b:df:ba:54:46:ea:16:14:1d:37:24:ca:e3:85:8d:
05:99:f0:a7
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYXoF9GeECm5JH1aPIk6tWQvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwMTI1MDg0MjMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODE5MDExMzQzZmY2ODJiY2Q2ZGYxNDY4OTc0MTRkNjBhNzAxMjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyB1SQrIx4GjbiPRpkzjSNgC9bwPX
Mhv3uaSbVCpCbdOzQgVzrlifulyjLgjFm1wLkM05i/kCS/KEUNQE9Mq1Ch/J5md/
dnn/31o5tp2phDCoQzC/NQmkkcYV2gFQjH/77Z0qJ5VVog4zuuFoF9QuVYTK/RTH
+0HQqtDiqTt3rL8PvCw7erM6UhNVb5xdbdLo98Xgle+pxJ97CAFQtXUoVIWQi2cg
+ri4mtEuAYSOmgSIlhBoh1F1JV+4tqRZdTA0zmjoE1Rh+4Hp6agGVgjc7Lztac44
wDqKXiezhzutcXhYhSwIpu+XkojaPxWyQv4qZ8mqpdGE3T/fKgtqqZvRKQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFOgZARND/2grzW3xRol0FNYKcBI/MB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvNkJrQkUwUF9hQ3ZOYmZGR2lYUVUxZ3B3RWo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJZ+xQD
BAJZ+xgwDQYJKoZIhvcNAQELBQADggEBAH8W0ubk5KhS6+RSBCk9EI9aSC4wlsWg
vdq+Jg5RyI7o15SXKpngD6j9QnywA4/P8p6LydEB/cwCO/NrQTUSIMQQ9XgrUFQT
noMC6No19x4ylgDZd5Ni2ashOsDHf2RSIYIPDaPKjP961mzFlFkk5CtBH0KcmeTy
j5hpL94yiz2YG+oMSdOAs6Bh6T5heTo8Eir/BnWNXl62yx0BMEbmf2k4rS5ZWpo+
1bZExKKKkzLojl0M79K6RidwligolgF+A/8wwhpcqKHZNW3cXI4OO6jVo3T4VRLc
ADtzZNYSnuB05ed9Aq2Ig+TP6i6HC1vfulRG6hYUHTckyuOFjQWZ8Kc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:06 2024 by rpki-client on console-ams.rpki-client.org