Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/bf9e51-cc2b-4ff4-86ac-2f7e52fb8bd3/1/bS4vx8Tt403So5OmXWDC4u63lXU.roa
File: bS4vx8Tt403So5OmXWDC4u63lXU.roa (raw, json)
Hash identifier: 5+i0jbdXTdjmccW/wW7WB029XfXSU9D82MvBtNKEL9k=
Subject key identifier: 6D:2E:2F:C7:C4:ED:E3:4D:D2:A3:93:A6:5D:60:C2:E2:EE:B7:95:75
Certificate issuer: /CN=6d3006dcd289c47f9f58e128eb29757239144bb6
Certificate serial: 018CC2DAD716ACB719B864DDD9719C857CCC
Authority key identifier: 6D:30:06:DC:D2:89:C4:7F:9F:58:E1:28:EB:29:75:72:39:14:4B:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bTAG3NKJxH-fWOEo6yl1cjkUS7Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/bf9e51-cc2b-4ff4-86ac-2f7e52fb8bd3/1/bS4vx8Tt403So5OmXWDC4u63lXU.roa
Signing time: Mon 01 Jan 2024 02:29:30 +0000
ROA not before: Mon 01 Jan 2024 02:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204778
IP address blocks: 188.65.164.0/24 maxlen: 24
185.120.141.0/24 maxlen: 24
2a13:2180::/48 maxlen: 48
2a13:2180::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 24 Jan 2024 17:38:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:d7:16:ac:b7:19:b8:64:dd:d9:71:9c:85:7c:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d3006dcd289c47f9f58e128eb29757239144bb6
Validity
Not Before: Jan 1 02:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d2e2fc7c4ede34dd2a393a65d60c2e2eeb79575
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:53:67:a2:a3:6f:74:5c:6a:0c:c6:ad:c7:8f:
35:31:a1:56:99:c9:ed:f5:cb:c7:34:ab:1e:b2:e3:
44:d9:53:10:23:75:35:0c:ea:d0:35:54:23:93:92:
4c:88:36:3a:41:be:e4:68:d9:43:01:06:e0:07:06:
31:fb:9c:18:04:4e:fc:5a:e8:97:fe:35:96:bf:e3:
93:5c:85:fd:f9:ed:99:a7:e8:12:f4:90:cf:79:64:
70:6c:66:72:59:60:2b:7f:91:af:dd:d3:b9:dc:d3:
aa:cb:45:06:e7:18:dc:ec:84:fc:c2:17:bd:26:8a:
e0:3b:f4:07:51:1a:72:9a:45:36:7f:54:7e:9a:ba:
f0:46:1f:82:0f:6b:91:bc:bb:8b:ae:48:c6:59:c1:
b4:e5:fe:6a:b6:b6:8d:1a:f6:fe:42:aa:30:99:b8:
bc:a4:cd:46:fd:7b:8e:9b:2b:97:f6:36:cb:46:98:
2e:2a:f8:f9:6b:6f:32:e6:f5:a6:d3:0c:cd:f3:9e:
cb:e5:bd:02:ec:39:f2:96:de:3e:4e:6d:4a:85:ed:
39:86:df:71:23:34:9d:9b:d6:7f:9d:ed:cd:d8:97:
60:d4:01:8f:54:d6:e7:9a:99:40:13:cf:69:6d:b7:
64:c8:f1:f1:bc:12:ac:10:44:a8:aa:27:d4:b0:09:
59:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:2E:2F:C7:C4:ED:E3:4D:D2:A3:93:A6:5D:60:C2:E2:EE:B7:95:75
X509v3 Authority Key Identifier:
keyid:6D:30:06:DC:D2:89:C4:7F:9F:58:E1:28:EB:29:75:72:39:14:4B:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bTAG3NKJxH-fWOEo6yl1cjkUS7Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/bf9e51-cc2b-4ff4-86ac-2f7e52fb8bd3/1/bS4vx8Tt403So5OmXWDC4u63lXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/bf9e51-cc2b-4ff4-86ac-2f7e52fb8bd3/1/bTAG3NKJxH-fWOEo6yl1cjkUS7Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.141.0/24
188.65.164.0/24
IPv6:
2a13:2180::/29
Signature Algorithm: sha256WithRSAEncryption
3a:a7:13:a3:bc:85:ba:35:e4:f9:84:6f:e8:26:c0:24:05:95:
24:11:7f:f4:4e:7f:b5:63:3a:e8:9c:13:f6:7a:8e:65:1f:b4:
da:a3:14:61:d6:03:6b:3d:ff:44:65:b1:ba:2d:0d:6f:66:66:
49:81:60:56:27:cd:f1:7e:8a:b7:0e:1b:7e:dc:d6:7f:15:22:
ba:f9:a6:cb:69:f5:71:3e:3f:a2:c8:99:34:52:89:c4:aa:cb:
8f:b7:e7:70:2f:58:7f:02:83:3e:77:58:8f:fc:2b:1f:d0:71:
1d:01:eb:7f:27:5f:d7:07:75:3f:da:ed:41:08:ef:9b:f3:33:
2f:81:d2:ed:1a:00:ae:e1:c6:77:97:b2:05:db:f7:e8:22:11:
64:1d:24:9d:cf:88:7f:35:67:ab:6d:08:1c:72:bb:16:d2:47:
d4:e8:cb:62:f2:aa:61:10:71:f1:66:f3:5d:aa:62:03:a0:3c:
6d:e6:e3:b6:e9:39:fb:67:e9:c2:95:32:28:a1:db:d4:73:57:
55:a1:a0:fd:c1:6d:40:f0:1f:1b:79:b2:8f:cc:f0:ff:4f:e4:
62:0d:78:e1:ef:37:ae:3f:33:30:3c:e4:4c:80:ca:ad:80:1f:
63:9d:08:5b:05:41:f5:f6:7a:9c:60:f2:b4:5c:b8:e8:b4:b8:
a1:8a:55:cc
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzC2tcWrLcZuGTd2XGchXzMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMzAwNmRjZDI4OWM0N2Y5ZjU4ZTEyOGViMjk3NTcyMzkx
NDRiYjYwHhcNMjQwMTAxMDIyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDJlMmZjN2M0ZWRlMzRkZDJhMzkzYTY1ZDYwYzJlMmVlYjc5NTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVNnoqNvdFxqDMatx481MaFWmcnt
9cvHNKsesuNE2VMQI3U1DOrQNVQjk5JMiDY6Qb7kaNlDAQbgBwYx+5wYBE78WuiX
/jWWv+OTXIX9+e2Zp+gS9JDPeWRwbGZyWWArf5Gv3dO53NOqy0UG5xjc7IT8whe9
JorgO/QHURpymkU2f1R+mrrwRh+CD2uRvLuLrkjGWcG05f5qtraNGvb+Qqowmbi8
pM1G/XuOmyuX9jbLRpguKvj5a28y5vWm0wzN857L5b0C7Dnylt4+Tm1Khe05ht9x
IzSdm9Z/ne3N2Jdg1AGPVNbnmplAE89pbbdkyPHxvBKsEESoqifUsAlZqQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFG0uL8fE7eNN0qOTpl1gwuLut5V1MB8GA1UdIwQY
MBaAFG0wBtzSicR/n1jhKOspdXI5FEu2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlRBRzNOS0p4SC1mV09FbzZ5bDFjamtVUzdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9iZjllNTEtY2MyYi00ZmY0LTg2YWMt
MmY3ZTUyZmI4YmQzLzEvYlM0dng4VHQ0MDNTbzVPbVhXREM0dTYzbFhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9iZjllNTEtY2MyYi00ZmY0LTg2YWMtMmY3ZTUyZmI4YmQz
LzEvYlRBRzNOS0p4SC1mV09FbzZ5bDFjamtVUzdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuXiNAwQA
vEGkMA0EAgACMAcDBQMqEyGAMA0GCSqGSIb3DQEBCwUAA4IBAQA6pxOjvIW6NeT5
hG/oJsAkBZUkEX/0Tn+1YzronBP2eo5lH7TaoxRh1gNrPf9EZbG6LQ1vZmZJgWBW
J83xfoq3Dht+3NZ/FSK6+abLafVxPj+iyJk0UonEqsuPt+dwL1h/AoM+d1iP/Csf
0HEdAet/J1/XB3U/2u1BCO+b8zMvgdLtGgCu4cZ3l7IF2/foIhFkHSSdz4h/NWer
bQgccrsW0kfU6Mti8qphEHHxZvNdqmIDoDxt5uO26Tn7Z+nClTIoodvUc1dVoaD9
wW1A8B8bebKPzPD/T+RiDXjh7zeuPzMwPORMgMqtgB9jnQhbBUH19nqcYPK0XLjo
tLihilXM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:38 2024 by rpki-client on console-ams.rpki-client.org