Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/ccc7de-47de-4287-a0b2-1df40145b0be/1/6zVp0b8JGlD0FJ-3KTkh1SWlz7w.roa
File: 6zVp0b8JGlD0FJ-3KTkh1SWlz7w.roa (raw, json)
Hash identifier: E3t4bfLKIfLbquHRcHCKpOHLL1nKqfs15VohRzO7Y+U=
Subject key identifier: EB:35:69:D1:BF:09:1A:50:F4:14:9F:B7:29:39:21:D5:25:A5:CF:BC
Certificate issuer: /CN=b1d596fb1a3f2f4b127fb7cec19fd90bb94c73a4
Certificate serial: 018CC348AC8EF8621806BE23813519361A35
Authority key identifier: B1:D5:96:FB:1A:3F:2F:4B:12:7F:B7:CE:C1:9F:D9:0B:B9:4C:73:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sdWW-xo_L0sSf7fOwZ_ZC7lMc6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/ccc7de-47de-4287-a0b2-1df40145b0be/1/6zVp0b8JGlD0FJ-3KTkh1SWlz7w.roa
Signing time: Mon 01 Jan 2024 04:29:29 +0000
ROA not before: Mon 01 Jan 2024 04:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48685
IP address blocks: 185.118.32.0/22 maxlen: 22
2a03:5cc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:48:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:ac:8e:f8:62:18:06:be:23:81:35:19:36:1a:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1d596fb1a3f2f4b127fb7cec19fd90bb94c73a4
Validity
Not Before: Jan 1 04:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eb3569d1bf091a50f4149fb7293921d525a5cfbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:70:3b:b8:ae:fe:dd:3d:2b:ef:b9:05:fe:0f:
14:da:d9:62:a5:eb:74:30:60:35:05:1e:c5:99:e2:
36:c1:36:dd:87:d9:46:11:51:5e:00:97:13:c6:4a:
b8:e4:6b:02:6b:ae:d8:97:da:80:a8:58:0d:2e:6f:
ba:96:13:71:df:0d:51:7a:61:0b:de:c5:38:ef:71:
75:78:6f:e4:69:03:ce:12:e9:59:94:3b:c6:a2:60:
5f:fd:b2:f0:41:a3:49:82:fa:ed:2e:35:ca:5e:1f:
5b:08:42:1c:43:da:13:ec:36:f6:41:94:ef:76:0a:
ef:5d:ca:82:f9:5d:af:5b:1b:17:d6:4e:9c:2f:54:
6a:d5:7e:7f:6d:21:32:b7:33:6d:8a:f7:d7:99:d9:
04:da:af:5a:4c:a2:56:46:11:1c:ad:29:0b:d8:04:
c4:3f:49:53:31:9b:bb:f0:6c:f5:3d:ac:53:70:61:
a3:6e:e6:fa:a7:0f:c2:72:77:bb:f3:3a:dd:4b:9c:
ce:47:42:64:76:ce:15:32:70:2a:ee:df:c6:ce:a7:
f0:fe:b5:fe:23:b7:72:70:4e:cd:7a:d1:43:f2:5f:
d5:d4:b4:0b:e1:a9:2e:b5:38:f8:b8:55:03:2d:5d:
8e:27:75:56:46:bf:cb:af:77:de:8c:c8:6b:ad:db:
7c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:35:69:D1:BF:09:1A:50:F4:14:9F:B7:29:39:21:D5:25:A5:CF:BC
X509v3 Authority Key Identifier:
keyid:B1:D5:96:FB:1A:3F:2F:4B:12:7F:B7:CE:C1:9F:D9:0B:B9:4C:73:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sdWW-xo_L0sSf7fOwZ_ZC7lMc6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/ccc7de-47de-4287-a0b2-1df40145b0be/1/6zVp0b8JGlD0FJ-3KTkh1SWlz7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/ccc7de-47de-4287-a0b2-1df40145b0be/1/sdWW-xo_L0sSf7fOwZ_ZC7lMc6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.32.0/22
IPv6:
2a03:5cc0::/32
Signature Algorithm: sha256WithRSAEncryption
87:19:19:0b:70:de:56:5f:1f:b2:94:2c:39:5f:53:57:30:3e:
17:13:98:fe:f5:38:83:0f:02:88:fc:7f:be:aa:42:ab:db:01:
af:44:e8:eb:09:d9:ab:32:fe:ee:6c:d0:1e:e3:50:ee:b7:67:
61:e9:e4:50:be:43:c4:d0:bd:4c:5b:78:f3:a7:2f:e0:b6:bf:
a9:9b:e5:53:fc:e6:f5:be:93:ff:2a:b2:c6:7b:c0:38:93:92:
05:64:96:39:d6:dd:b0:ae:56:fc:ba:e9:06:b9:23:2b:cc:31:
cc:49:43:83:4e:31:42:5b:5c:93:50:00:6c:95:3e:0e:bf:89:
0c:56:70:1b:ec:f0:c4:da:87:dd:87:04:06:a7:c7:ad:69:fc:
6a:c4:b7:36:bd:fe:d5:7b:eb:0b:21:d3:9e:78:5e:d2:64:83:
c8:bd:95:78:9e:dc:ce:8f:36:65:7e:95:0a:91:65:44:c1:90:
7a:81:7f:33:31:9f:21:97:2b:66:05:5e:fc:a8:0a:22:fa:d1:
d8:ed:93:2f:3d:6d:0d:45:9c:c4:6e:77:24:3e:f8:68:d2:92:
79:50:e3:eb:a2:2f:fb:52:35:1f:14:60:4f:f3:be:ff:a0:bc:
2a:31:1a:08:bb:9c:23:64:40:fb:19:c1:08:4f:5b:f2:f8:c2:
60:c2:55:f1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDSKyO+GIYBr4jgTUZNho1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZDU5NmZiMWEzZjJmNGIxMjdmYjdjZWMxOWZkOTBiYjk0
YzczYTQwHhcNMjQwMTAxMDQyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjM1NjlkMWJmMDkxYTUwZjQxNDlmYjcyOTM5MjFkNTI1YTVjZmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXA7uK7+3T0r77kF/g8U2tlipet0
MGA1BR7FmeI2wTbdh9lGEVFeAJcTxkq45GsCa67Yl9qAqFgNLm+6lhNx3w1RemEL
3sU473F1eG/kaQPOEulZlDvGomBf/bLwQaNJgvrtLjXKXh9bCEIcQ9oT7Db2QZTv
dgrvXcqC+V2vWxsX1k6cL1Rq1X5/bSEytzNtivfXmdkE2q9aTKJWRhEcrSkL2ATE
P0lTMZu78Gz1PaxTcGGjbub6pw/Ccne78zrdS5zOR0Jkds4VMnAq7t/Gzqfw/rX+
I7dycE7NetFD8l/V1LQL4akutTj4uFUDLV2OJ3VWRr/Lr3fejMhrrdt83wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOs1adG/CRpQ9BSftyk5IdUlpc+8MB8GA1UdIwQY
MBaAFLHVlvsaPy9LEn+3zsGf2Qu5THOkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2RXVy14b19MMHNTZjdmT3daX1pDN2xNYzZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9jY2M3ZGUtNDdkZS00Mjg3LWEwYjIt
MWRmNDAxNDViMGJlLzEvNnpWcDBiOEpHbEQwRkotM0tUa2gxU1dsejd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9jY2M3ZGUtNDdkZS00Mjg3LWEwYjItMWRmNDAxNDViMGJl
LzEvc2RXVy14b19MMHNTZjdmT3daX1pDN2xNYzZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXYgMA0E
AgACMAcDBQAqA1zAMA0GCSqGSIb3DQEBCwUAA4IBAQCHGRkLcN5WXx+ylCw5X1NX
MD4XE5j+9TiDDwKI/H++qkKr2wGvROjrCdmrMv7ubNAe41Dut2dh6eRQvkPE0L1M
W3jzpy/gtr+pm+VT/Ob1vpP/KrLGe8A4k5IFZJY51t2wrlb8uukGuSMrzDHMSUOD
TjFCW1yTUABslT4Ov4kMVnAb7PDE2ofdhwQGp8etafxqxLc2vf7Ve+sLIdOeeF7S
ZIPIvZV4ntzOjzZlfpUKkWVEwZB6gX8zMZ8hlytmBV78qAoi+tHY7ZMvPW0NRZzE
bnckPvho0pJ5UOProi/7UjUfFGBP877/oLwqMRoIu5wjZED7GcEIT1vy+MJgwlXx
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:47 2025 by rpki-client