Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/379816-d6b4-42b5-95ad-fe27921e1542/1/x6-kYNwUgnX-7eLhmdlFOWhMwF4.roa
File: x6-kYNwUgnX-7eLhmdlFOWhMwF4.roa (raw, json)
Hash identifier: 5jciBLdWEBkngFLF1bybeF7/2j1LtstMgEFJqEwPuI4=
Subject key identifier: C7:AF:A4:60:DC:14:82:75:FE:ED:E2:E1:99:D9:45:39:68:4C:C0:5E
Certificate issuer: /CN=7b89385c0002330b096567b21514d8e1bc09689f
Certificate serial: 018CC34961A87EDCAE4E7280E56EFCB29129
Authority key identifier: 7B:89:38:5C:00:02:33:0B:09:65:67:B2:15:14:D8:E1:BC:09:68:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e4k4XAACMwsJZWeyFRTY4bwJaJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/379816-d6b4-42b5-95ad-fe27921e1542/1/x6-kYNwUgnX-7eLhmdlFOWhMwF4.roa
Signing time: Mon 01 Jan 2024 04:30:15 +0000
ROA not before: Mon 01 Jan 2024 04:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51580
IP address blocks: 185.212.16.0/22 maxlen: 24
185.143.152.0/22 maxlen: 24
5.172.96.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Mar 2024 13:50:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:61:a8:7e:dc:ae:4e:72:80:e5:6e:fc:b2:91:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b89385c0002330b096567b21514d8e1bc09689f
Validity
Not Before: Jan 1 04:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7afa460dc148275feede2e199d94539684cc05e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a6:06:7c:3e:e1:62:4d:df:94:f4:9e:00:b7:
f1:4a:d3:15:02:59:94:6d:d5:6e:5b:e1:5d:68:26:
c9:e4:07:3a:b7:04:f0:19:1c:27:fb:34:15:38:03:
aa:44:ba:23:c7:87:be:2e:d7:dd:40:62:48:ff:11:
45:bb:77:f3:8d:58:44:36:f1:5b:21:82:d1:a3:3e:
6c:78:6d:23:38:5f:99:4b:c4:69:24:ef:9e:6b:f2:
22:78:4c:86:64:b2:3e:b9:82:c1:43:b3:89:99:6c:
dd:63:ee:c7:29:b2:2e:00:a0:de:e5:44:72:bf:e2:
e2:71:ff:4f:6c:7a:19:9b:3a:8f:88:b4:0c:0e:87:
ee:ff:bb:8d:6d:88:66:f7:07:1a:25:84:ca:fd:4a:
43:3e:77:ca:53:13:56:4e:e2:cb:a2:fa:87:3a:8e:
3d:59:15:cb:cf:d6:d9:86:da:e6:ab:4d:9e:0c:4c:
77:38:d4:d8:56:6a:35:39:a6:13:0c:f7:c1:a1:7a:
4d:8e:64:fd:35:34:68:4c:6f:6a:9a:3b:f9:ed:aa:
26:55:de:75:65:70:56:d1:80:1a:02:66:52:41:57:
85:e8:c1:e8:b9:5d:84:ce:d2:7e:9e:e5:3a:59:c2:
ab:94:f1:32:e4:95:85:56:d2:ba:e6:d6:f8:90:28:
f5:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:AF:A4:60:DC:14:82:75:FE:ED:E2:E1:99:D9:45:39:68:4C:C0:5E
X509v3 Authority Key Identifier:
keyid:7B:89:38:5C:00:02:33:0B:09:65:67:B2:15:14:D8:E1:BC:09:68:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4k4XAACMwsJZWeyFRTY4bwJaJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/379816-d6b4-42b5-95ad-fe27921e1542/1/x6-kYNwUgnX-7eLhmdlFOWhMwF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/379816-d6b4-42b5-95ad-fe27921e1542/1/e4k4XAACMwsJZWeyFRTY4bwJaJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.96.0/23
185.143.152.0/22
185.212.16.0/22
Signature Algorithm: sha256WithRSAEncryption
51:eb:40:32:aa:09:8b:8b:32:a0:1d:f8:ed:30:a5:2a:8a:be:
c6:4a:8c:0a:6e:77:ce:14:a4:5e:8d:29:1b:0b:dc:ef:23:94:
4f:48:b8:bc:10:24:8c:5b:b0:ec:eb:df:fb:db:3d:76:7c:41:
cc:55:d3:7f:b4:54:13:65:ad:89:71:a3:dc:35:44:6a:f0:63:
e1:4c:83:83:95:2f:d8:b6:9d:cb:d7:b8:30:b0:5d:4c:19:8c:
f7:6b:7a:a0:b9:33:db:90:e7:f2:a5:5d:81:70:d5:71:13:55:
7f:8a:52:17:d7:10:c6:56:f0:5b:92:25:14:65:60:0c:8b:d9:
b2:29:28:14:36:e8:3e:47:fa:2e:ad:a8:0f:d9:d9:0a:07:9b:
2a:c7:eb:60:fe:ba:aa:4b:3d:6f:f2:04:c9:39:48:03:ca:59:
51:fc:ce:b1:d3:55:ba:ea:66:79:41:04:8a:42:54:dd:99:79:
04:b0:7f:c1:a4:fd:bd:e5:44:9f:1e:31:fc:3a:d4:30:ba:37:
53:2c:44:b0:81:77:db:98:23:f4:b4:91:51:f9:a5:67:4f:8c:
14:f1:1e:15:09:c7:e7:fd:61:36:9a:cb:de:d6:b2:d5:1b:e5:
ee:53:e5:9e:47:0b:d0:78:ce:a1:47:e1:29:64:30:32:c9:ae:
ef:a0:32:a2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDSWGoftyuTnKA5W78spEpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiODkzODVjMDAwMjMzMGIwOTY1NjdiMjE1MTRkOGUxYmMw
OTY4OWYwHhcNMjQwMTAxMDQzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2FmYTQ2MGRjMTQ4Mjc1ZmVlZGUyZTE5OWQ5NDUzOTY4NGNjMDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKYGfD7hYk3flPSeALfxStMVAlmU
bdVuW+FdaCbJ5Ac6twTwGRwn+zQVOAOqRLojx4e+LtfdQGJI/xFFu3fzjVhENvFb
IYLRoz5seG0jOF+ZS8RpJO+ea/IieEyGZLI+uYLBQ7OJmWzdY+7HKbIuAKDe5URy
v+Licf9PbHoZmzqPiLQMDofu/7uNbYhm9wcaJYTK/UpDPnfKUxNWTuLLovqHOo49
WRXLz9bZhtrmq02eDEx3ONTYVmo1OaYTDPfBoXpNjmT9NTRoTG9qmjv57aomVd51
ZXBW0YAaAmZSQVeF6MHouV2EztJ+nuU6WcKrlPEy5JWFVtK65tb4kCj1JwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMevpGDcFIJ1/u3i4ZnZRTloTMBeMB8GA1UdIwQY
MBaAFHuJOFwAAjMLCWVnshUU2OG8CWifMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTRrNFhBQUNNd3NKWldleUZSVFk0YndKYUo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8zNzk4MTYtZDZiNC00MmI1LTk1YWQt
ZmUyNzkyMWUxNTQyLzEveDYta1lOd1VnblgtN2VMaG1kbEZPV2hNd0Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8zNzk4MTYtZDZiNC00MmI1LTk1YWQtZmUyNzkyMWUxNTQy
LzEvZTRrNFhBQUNNd3NKWldleUZSVFk0YndKYUo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBaxgAwQC
uY+YAwQCudQQMA0GCSqGSIb3DQEBCwUAA4IBAQBR60AyqgmLizKgHfjtMKUqir7G
SowKbnfOFKRejSkbC9zvI5RPSLi8ECSMW7Ds69/72z12fEHMVdN/tFQTZa2JcaPc
NURq8GPhTIODlS/Ytp3L17gwsF1MGYz3a3qguTPbkOfypV2BcNVxE1V/ilIX1xDG
VvBbkiUUZWAMi9myKSgUNug+R/ouragP2dkKB5sqx+tg/rqqSz1v8gTJOUgDyllR
/M6x01W66mZ5QQSKQlTdmXkEsH/BpP295USfHjH8OtQwujdTLESwgXfbmCP0tJFR
+aVnT4wU8R4VCcfn/WE2msve1rLVG+XuU+WeRwvQeM6hR+EpZDAyya7voDKi
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:22 2024 by rpki-client on console-ams.rpki-client.org