Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/cK6JGe-A9ic4XzWsJO_1cBHZ98c.roa
File: cK6JGe-A9ic4XzWsJO_1cBHZ98c.roa (raw, json)
Hash identifier: W4nii6wG4Nl0GngXSFtYxUib6IY3mmcuXXNxUM2bFhs=
Subject key identifier: 70:AE:89:19:EF:80:F6:27:38:5F:35:AC:24:EF:F5:70:11:D9:F7:C7
Certificate issuer: /CN=0f21521a7127157f7daf0ad091394ad5a1cce779
Certificate serial: 01856F42F6CF385BD11870705BEA908383EB
Authority key identifier: 0F:21:52:1A:71:27:15:7F:7D:AF:0A:D0:91:39:4A:D5:A1:CC:E7:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DyFSGnEnFX99rwrQkTlK1aHM53k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/cK6JGe-A9ic4XzWsJO_1cBHZ98c.roa
Signing time: Sun 01 Jan 2023 21:35:37 +0000
ROA not before: Sun 01 Jan 2023 21:35:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201785
IP address blocks: 91.223.211.0/24 maxlen: 24
195.43.88.0/23 maxlen: 24
195.43.88.0/24 maxlen: 24
193.200.230.0/24 maxlen: 24
62.69.145.0/24 maxlen: 24
62.69.151.0/24 maxlen: 24
2a01:9ec0::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:f6:cf:38:5b:d1:18:70:70:5b:ea:90:83:83:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f21521a7127157f7daf0ad091394ad5a1cce779
Validity
Not Before: Jan 1 21:35:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70ae8919ef80f627385f35ac24eff57011d9f7c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6b:9d:70:b0:01:61:45:41:83:18:bd:98:2f:
eb:34:95:14:6e:11:ec:bb:81:f3:fc:7d:aa:0f:5f:
cc:83:05:a9:47:fe:0e:c4:9a:e6:20:2a:4c:b8:69:
f1:c3:da:42:d2:f5:ac:73:83:76:e4:4c:c8:74:91:
ef:aa:9f:ee:fa:c5:47:40:11:b1:f6:dd:a7:c1:5e:
96:ac:5e:4c:c2:87:7d:bd:b9:04:d2:68:87:34:32:
95:21:0c:01:07:49:be:5d:90:9f:0f:64:e5:05:f1:
0a:58:f6:43:98:83:33:a9:19:9c:26:9b:19:d8:30:
9d:78:eb:56:bf:0f:3c:6d:9a:cf:af:9d:4f:8e:1b:
be:8f:3b:31:f3:cf:0c:44:c7:3a:18:20:fb:94:30:
06:e9:46:d0:da:2d:89:a1:2f:a0:f9:fe:69:7a:fd:
ad:0c:f5:2c:84:c2:f1:c1:42:38:44:7c:e7:68:fe:
14:9a:cf:fc:a3:d9:a3:52:41:ed:a4:83:4b:b8:fc:
58:7a:cc:42:cd:cc:dd:10:28:4c:12:9c:00:73:7e:
fb:a6:22:d5:91:e3:3e:69:ae:76:5a:10:bf:da:cb:
e2:3f:d9:88:06:f6:6b:8b:4a:4d:34:11:96:5b:86:
89:e1:66:3c:3e:0d:72:5d:19:c6:08:7a:55:26:f2:
91:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:AE:89:19:EF:80:F6:27:38:5F:35:AC:24:EF:F5:70:11:D9:F7:C7
X509v3 Authority Key Identifier:
keyid:0F:21:52:1A:71:27:15:7F:7D:AF:0A:D0:91:39:4A:D5:A1:CC:E7:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DyFSGnEnFX99rwrQkTlK1aHM53k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/cK6JGe-A9ic4XzWsJO_1cBHZ98c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e831b1-9ec0-46f2-860d-fad5fd7970ba/1/DyFSGnEnFX99rwrQkTlK1aHM53k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.69.145.0/24
62.69.151.0/24
91.223.211.0/24
193.200.230.0/24
195.43.88.0/23
IPv6:
2a01:9ec0::/29
Signature Algorithm: sha256WithRSAEncryption
09:17:68:88:4c:15:15:3e:9d:03:d2:fb:0b:81:99:4d:d5:74:
95:3f:7c:be:9f:53:f2:3b:42:21:ae:8b:69:24:cc:56:9e:cd:
8c:cc:13:29:93:df:62:3e:17:89:06:fc:11:52:f2:61:fe:6a:
ce:4d:8e:84:c2:6a:5a:e0:fe:06:dd:9d:34:6f:09:b3:f8:b8:
b4:9c:8b:f5:a3:ab:00:bd:41:fd:ec:92:d9:d3:47:fb:02:13:
6c:12:0f:19:f2:1a:bb:6b:1e:d2:d2:39:e9:bf:da:9c:e8:e6:
44:23:ac:1e:05:a0:fb:bf:93:f1:30:9a:c7:4f:96:7d:15:21:
8a:80:68:c9:95:9b:f2:60:b3:cf:75:46:d5:63:75:b3:44:4b:
6f:dd:34:ad:a6:2e:e7:21:48:73:f0:17:f8:8e:07:e1:c2:8f:
be:be:0c:a3:37:77:ea:9a:56:9f:96:25:e2:50:33:62:d7:4f:
70:ba:3e:b6:f8:e6:85:08:1d:c6:a8:56:60:9e:42:49:f7:c2:
76:de:5c:d4:ed:5e:8f:5f:66:54:53:c2:4b:3d:11:c2:79:61:
77:61:01:ac:d6:82:26:39:e0:dc:ac:d5:96:6f:66:f4:90:28:
05:7c:9f:58:f4:0e:90:39:67:c5:7e:36:76:59:84:0a:d1:09:
58:90:e1:93
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVvQvbPOFvRGHBwW+qQg4PrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMjE1MjFhNzEyNzE1N2Y3ZGFmMGFkMDkxMzk0YWQ1YTFj
Y2U3NzkwHhcNMjMwMTAxMjEzNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGFlODkxOWVmODBmNjI3Mzg1ZjM1YWMyNGVmZjU3MDExZDlmN2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGudcLABYUVBgxi9mC/rNJUUbhHs
u4Hz/H2qD1/MgwWpR/4OxJrmICpMuGnxw9pC0vWsc4N25EzIdJHvqp/u+sVHQBGx
9t2nwV6WrF5Mwod9vbkE0miHNDKVIQwBB0m+XZCfD2TlBfEKWPZDmIMzqRmcJpsZ
2DCdeOtWvw88bZrPr51Pjhu+jzsx888MRMc6GCD7lDAG6UbQ2i2JoS+g+f5pev2t
DPUshMLxwUI4RHznaP4Ums/8o9mjUkHtpINLuPxYesxCzczdEChMEpwAc377piLV
keM+aa52WhC/2sviP9mIBvZri0pNNBGWW4aJ4WY8Pg1yXRnGCHpVJvKRaQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFHCuiRnvgPYnOF81rCTv9XAR2ffHMB8GA1UdIwQY
MBaAFA8hUhpxJxV/fa8K0JE5StWhzOd5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHlGU0duRW5GWDk5cndyUWtUbEsxYUhNNTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lODMxYjEtOWVjMC00NmYyLTg2MGQt
ZmFkNWZkNzk3MGJhLzEvY0s2SkdlLUE5aWM0WHpXc0pPXzFjQkhaOThjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lODMxYjEtOWVjMC00NmYyLTg2MGQtZmFkNWZkNzk3MGJh
LzEvRHlGU0duRW5GWDk5cndyUWtUbEsxYUhNNTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAPkWRAwQA
PkWXAwQAW9/TAwQAwcjmAwQBwytYMA0EAgACMAcDBQMqAZ7AMA0GCSqGSIb3DQEB
CwUAA4IBAQAJF2iITBUVPp0D0vsLgZlN1XSVP3y+n1PyO0IhrotpJMxWns2MzBMp
k99iPheJBvwRUvJh/mrOTY6Ewmpa4P4G3Z00bwmz+Li0nIv1o6sAvUH97JLZ00f7
AhNsEg8Z8hq7ax7S0jnpv9qc6OZEI6weBaD7v5PxMJrHT5Z9FSGKgGjJlZvyYLPP
dUbVY3WzREtv3TStpi7nIUhz8Bf4jgfhwo++vgyjN3fqmlafliXiUDNi109wuj62
+OaFCB3GqFZgnkJJ98J23lzU7V6PX2ZUU8JLPRHCeWF3YQGs1oImOeDcrNWWb2b0
kCgFfJ9Y9A6QOWfFfjZ2WYQK0QlYkOGT
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:37:11 2024 by rpki-client on console-fra.rpki-client.org