Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/6NXH7nRjHIK7qn4aOVSvgBsFpJY.roa
File: 6NXH7nRjHIK7qn4aOVSvgBsFpJY.roa (raw, json)
Hash identifier: l4s1FJh5vvyHRhDHLpf15TDr3UR9SnoT7Jl9cz3Z5TI=
Subject key identifier: E8:D5:C7:EE:74:63:1C:82:BB:AA:7E:1A:39:54:AF:80:1B:05:A4:96
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018BAFEC3F1173DFE02DC6A6532E4CDF4645
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/6NXH7nRjHIK7qn4aOVSvgBsFpJY.roa
Signing time: Wed 08 Nov 2023 17:12:57 +0000
ROA not before: Wed 08 Nov 2023 17:12:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198636
IP address blocks: 194.50.188.0/23 maxlen: 24
45.150.44.0/22 maxlen: 24
171.22.52.0/22 maxlen: 24
2.57.152.0/22 maxlen: 24
212.90.116.0/22 maxlen: 22
2.59.204.0/22 maxlen: 24
45.88.124.0/22 maxlen: 24
195.216.156.0/22 maxlen: 24
194.50.184.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:af:ec:3f:11:73:df:e0:2d:c6:a6:53:2e:4c:df:46:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Nov 8 17:12:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e8d5c7ee74631c82bbaa7e1a3954af801b05a496
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:d6:6a:d1:f5:c4:f2:78:6a:93:fb:c6:65:03:
81:3b:a0:a6:f9:3e:dd:41:bd:ed:b6:47:29:18:3e:
8d:f0:02:50:55:53:94:8d:75:07:62:e4:87:24:25:
48:a8:71:17:a7:7c:2d:7e:03:d0:75:37:e2:e3:07:
86:f0:4a:0e:60:5f:1b:c2:25:61:bb:15:f9:42:77:
94:c6:36:2d:38:99:22:85:31:41:c5:d9:42:e8:55:
75:a5:03:b0:d7:5e:36:80:d3:c6:95:cf:7e:ba:fb:
e3:04:96:8a:68:ba:e6:a2:8d:60:1a:9c:ca:6b:b5:
3c:ac:fe:86:b9:6d:14:16:a5:69:a0:a2:d0:89:76:
ad:cf:85:c8:d0:61:46:bb:97:a1:35:47:50:53:33:
0f:65:3f:0b:90:d6:45:c9:36:bd:74:7f:0a:f4:cd:
06:51:2d:cc:87:21:80:77:24:6b:82:5b:01:a5:8b:
82:1f:56:69:f2:63:70:ba:6e:a2:eb:39:18:19:bd:
82:c5:85:b8:80:c8:48:90:f9:d8:75:76:e4:c1:8b:
ac:4e:11:72:21:f6:12:f8:8b:ca:74:b9:d3:80:a8:
06:00:25:15:b6:98:6e:6b:51:7f:76:28:15:8f:f9:
22:32:64:27:d5:fb:f5:a5:a8:a1:0e:8b:db:81:ea:
6b:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:D5:C7:EE:74:63:1C:82:BB:AA:7E:1A:39:54:AF:80:1B:05:A4:96
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/6NXH7nRjHIK7qn4aOVSvgBsFpJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.152.0/22
2.59.204.0/22
45.88.124.0/22
45.150.44.0/22
171.22.52.0/22
194.50.184.0/23
194.50.188.0/23
195.216.156.0/22
212.90.116.0/22
Signature Algorithm: sha256WithRSAEncryption
96:30:d3:e7:d1:0d:15:5b:05:35:df:62:f8:c6:03:e6:53:bc:
32:b8:ec:c2:8f:2e:81:4c:9a:c7:25:a2:0c:ce:f8:98:6e:94:
64:69:31:97:b5:49:df:36:50:08:53:f0:f4:13:33:60:3f:8f:
93:3e:9c:3c:58:f0:f5:6e:ec:20:29:04:9b:94:d4:42:36:ab:
f2:96:62:f8:e8:13:94:09:2e:3d:5d:47:f0:0c:2a:64:3c:a6:
a5:10:09:88:79:11:83:3f:16:93:1d:11:20:5d:ac:eb:71:f3:
7c:b6:ee:0e:ab:82:9c:a7:63:a3:1a:7b:c7:6e:ab:ae:77:03:
13:b4:7b:36:08:33:95:ab:74:df:25:f9:b2:eb:ed:7b:03:2c:
6c:d4:bc:ac:39:dc:63:c9:7b:e4:f7:17:a1:87:d0:45:fa:13:
c6:67:9b:1e:e9:f1:e1:77:16:4e:16:fb:ef:d8:a0:e9:66:0f:
6f:45:7a:80:d4:55:e5:cf:a0:87:02:98:74:30:2f:68:9f:f1:
cf:d0:29:29:d0:4f:30:46:c4:5c:f8:69:0d:3a:1f:46:e2:6c:
f5:8b:3e:48:30:a3:a7:4a:f3:21:e5:8c:ca:d0:95:2e:81:19:
e6:9f:48:5a:69:37:dd:82:c9:5a:5d:e2:ef:c9:69:7c:3e:e0:
42:1a:0a:03
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYuv7D8Rc9/gLcamUy5M30ZFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMxMTA4MTcxMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGQ1YzdlZTc0NjMxYzgyYmJhYTdlMWEzOTU0YWY4MDFiMDVhNDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdZq0fXE8nhqk/vGZQOBO6Cm+T7d
Qb3ttkcpGD6N8AJQVVOUjXUHYuSHJCVIqHEXp3wtfgPQdTfi4weG8EoOYF8bwiVh
uxX5QneUxjYtOJkihTFBxdlC6FV1pQOw1142gNPGlc9+uvvjBJaKaLrmoo1gGpzK
a7U8rP6GuW0UFqVpoKLQiXatz4XI0GFGu5ehNUdQUzMPZT8LkNZFyTa9dH8K9M0G
US3MhyGAdyRrglsBpYuCH1Zp8mNwum6i6zkYGb2CxYW4gMhIkPnYdXbkwYusThFy
IfYS+IvKdLnTgKgGACUVtphua1F/digVj/kiMmQn1fv1paihDovbgeproQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFOjVx+50YxyCu6p+GjlUr4AbBaSWMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvNk5YSDduUmpISUs3cW40YU9WU3ZnQnNGcEpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCAjmYAwQC
AjvMAwQCLVh8AwQCLZYsAwQCqxY0AwQBwjK4AwQBwjK8AwQCw9icAwQC1Fp0MA0G
CSqGSIb3DQEBCwUAA4IBAQCWMNPn0Q0VWwU132L4xgPmU7wyuOzCjy6BTJrHJaIM
zviYbpRkaTGXtUnfNlAIU/D0EzNgP4+TPpw8WPD1buwgKQSblNRCNqvylmL46BOU
CS49XUfwDCpkPKalEAmIeRGDPxaTHREgXazrcfN8tu4Oq4Kcp2OjGnvHbquudwMT
tHs2CDOVq3TfJfmy6+17Ayxs1LysOdxjyXvk9xehh9BF+hPGZ5se6fHhdxZOFvvv
2KDpZg9vRXqA1FXlz6CHAph0MC9on/HP0Ckp0E8wRsRc+GkNOh9G4mz1iz5IMKOn
SvMh5YzK0JUugRnmn0haaTfdgslaXeLvyWl8PuBCGgoD
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:21 2024 by rpki-client on console-fra.rpki-client.org