Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/bf9e51-cc2b-4ff4-86ac-2f7e52fb8bd3/1/iYw6MzWFjHNT-xmNILwujc2Llis.roa
File: iYw6MzWFjHNT-xmNILwujc2Llis.roa (raw, json)
Hash identifier: m42r5eJgG1gsd9ScBx23O7h7C7hYRwakZrJlR04a4/0=
Subject key identifier: 89:8C:3A:33:35:85:8C:73:53:FB:19:8D:20:BC:2E:8D:CD:8B:96:2B
Certificate issuer: /CN=6d3006dcd289c47f9f58e128eb29757239144bb6
Certificate serial: 018C82CC74367735475EAEA6046C334ADBE8
Authority key identifier: 6D:30:06:DC:D2:89:C4:7F:9F:58:E1:28:EB:29:75:72:39:14:4B:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bTAG3NKJxH-fWOEo6yl1cjkUS7Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/bf9e51-cc2b-4ff4-86ac-2f7e52fb8bd3/1/iYw6MzWFjHNT-xmNILwujc2Llis.roa
Signing time: Tue 19 Dec 2023 15:58:06 +0000
ROA not before: Tue 19 Dec 2023 15:58:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204778
IP address blocks: 188.65.164.0/24 maxlen: 24
185.120.141.0/24 maxlen: 24
2a13:2180::/48 maxlen: 48
2a13:2180::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:82:cc:74:36:77:35:47:5e:ae:a6:04:6c:33:4a:db:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d3006dcd289c47f9f58e128eb29757239144bb6
Validity
Not Before: Dec 19 15:58:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=898c3a3335858c7353fb198d20bc2e8dcd8b962b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:5f:da:2d:5f:01:ee:90:88:07:b2:60:16:64:
ae:37:6e:38:ec:67:3b:d8:63:d1:b7:cf:4a:8e:b9:
08:b3:ac:02:7d:a7:d1:59:a1:72:82:69:82:70:1a:
25:16:0c:a4:82:0d:5b:96:27:3f:7c:00:3d:ce:7b:
e7:7a:9b:5b:94:70:e0:be:e5:c3:c1:0f:a5:16:d4:
8d:e2:87:ff:fc:4d:b9:c3:a9:cb:3d:0e:d2:5d:81:
de:45:68:87:b2:f0:94:eb:0b:29:0d:30:6a:d9:86:
89:08:8c:2c:f0:4a:7b:79:62:10:89:24:2a:1d:f5:
90:f6:08:d6:d4:0f:e6:23:0d:a7:1a:8e:76:4c:37:
c3:ad:1d:f2:6a:a0:89:d0:6f:df:94:08:7a:44:fa:
8d:fd:fc:6a:5a:17:0c:6c:ff:db:aa:fe:e0:33:44:
72:38:b3:9c:39:d3:49:68:67:fa:08:3d:9b:54:a9:
fc:68:95:8d:6d:74:a0:1d:e7:2b:66:98:e9:9a:9c:
09:ba:98:2d:8b:e9:71:d2:ad:4d:e1:34:95:60:8c:
34:86:bf:a5:5d:bf:46:59:12:16:40:e7:7b:b8:b8:
32:ff:d3:d3:1a:9a:b2:f5:bb:7c:bc:f9:0e:cc:26:
42:0f:5d:3a:9a:1e:5c:1a:f0:cf:cf:7b:eb:f7:91:
3a:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:8C:3A:33:35:85:8C:73:53:FB:19:8D:20:BC:2E:8D:CD:8B:96:2B
X509v3 Authority Key Identifier:
keyid:6D:30:06:DC:D2:89:C4:7F:9F:58:E1:28:EB:29:75:72:39:14:4B:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bTAG3NKJxH-fWOEo6yl1cjkUS7Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/bf9e51-cc2b-4ff4-86ac-2f7e52fb8bd3/1/iYw6MzWFjHNT-xmNILwujc2Llis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/bf9e51-cc2b-4ff4-86ac-2f7e52fb8bd3/1/bTAG3NKJxH-fWOEo6yl1cjkUS7Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.141.0/24
188.65.164.0/24
IPv6:
2a13:2180::/29
Signature Algorithm: sha256WithRSAEncryption
a4:f5:c5:f6:30:a8:c1:4a:99:f3:1e:05:e4:1d:f8:2f:e8:5f:
76:bd:ce:bb:88:71:e8:ce:bb:ec:9a:1a:5b:0d:60:c5:24:56:
88:30:e9:ee:2c:fb:97:63:51:29:fc:a8:77:60:cf:bb:63:9f:
4a:48:ea:8c:19:28:90:5b:d2:b7:7e:35:c8:3c:21:78:d9:1a:
69:41:5d:a3:17:60:bb:f2:30:5c:37:c4:ea:5a:f6:52:80:31:
88:45:3c:93:6b:e2:ff:6f:02:e8:79:a5:80:3c:48:e6:45:85:
9c:6f:de:fc:9b:6f:af:5b:5e:36:9f:c0:0e:f4:df:1b:4a:06:
36:de:90:fe:d7:d5:7b:84:d5:12:50:64:ae:41:d4:a2:53:5b:
66:03:26:8c:5f:fe:91:1b:78:2c:0c:30:bd:35:af:e6:a9:5a:
b0:2e:90:ed:b7:a7:b0:e8:83:09:ce:79:83:7d:ff:ff:69:f5:
ac:c2:90:cb:f3:53:9e:f2:a1:11:17:67:37:b1:3a:ce:57:30:
b7:75:39:72:1f:04:f4:49:83:15:27:2e:54:ef:d2:db:54:8d:
b8:34:d3:0d:99:5c:1b:ff:5d:bc:e5:b2:36:40:04:32:6e:78:
7e:b2:be:20:a7:0e:17:34:40:d7:40:85:9f:8e:a5:6b:5f:d5:
f7:67:c1:b7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYyCzHQ2dzVHXq6mBGwzStvoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMzAwNmRjZDI4OWM0N2Y5ZjU4ZTEyOGViMjk3NTcyMzkx
NDRiYjYwHhcNMjMxMjE5MTU1ODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OThjM2EzMzM1ODU4YzczNTNmYjE5OGQyMGJjMmU4ZGNkOGI5NjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAml/aLV8B7pCIB7JgFmSuN2447Gc7
2GPRt89KjrkIs6wCfafRWaFygmmCcBolFgykgg1blic/fAA9znvneptblHDgvuXD
wQ+lFtSN4of//E25w6nLPQ7SXYHeRWiHsvCU6wspDTBq2YaJCIws8Ep7eWIQiSQq
HfWQ9gjW1A/mIw2nGo52TDfDrR3yaqCJ0G/flAh6RPqN/fxqWhcMbP/bqv7gM0Ry
OLOcOdNJaGf6CD2bVKn8aJWNbXSgHecrZpjpmpwJupgti+lx0q1N4TSVYIw0hr+l
Xb9GWRIWQOd7uLgy/9PTGpqy9bt8vPkOzCZCD106mh5cGvDPz3vr95E6MQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFImMOjM1hYxzU/sZjSC8Lo3Ni5YrMB8GA1UdIwQY
MBaAFG0wBtzSicR/n1jhKOspdXI5FEu2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlRBRzNOS0p4SC1mV09FbzZ5bDFjamtVUzdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9iZjllNTEtY2MyYi00ZmY0LTg2YWMt
MmY3ZTUyZmI4YmQzLzEvaVl3Nk16V0ZqSE5ULXhtTklMd3VqYzJMbGlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9iZjllNTEtY2MyYi00ZmY0LTg2YWMtMmY3ZTUyZmI4YmQz
LzEvYlRBRzNOS0p4SC1mV09FbzZ5bDFjamtVUzdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuXiNAwQA
vEGkMA0EAgACMAcDBQMqEyGAMA0GCSqGSIb3DQEBCwUAA4IBAQCk9cX2MKjBSpnz
HgXkHfgv6F92vc67iHHozrvsmhpbDWDFJFaIMOnuLPuXY1Ep/Kh3YM+7Y59KSOqM
GSiQW9K3fjXIPCF42RppQV2jF2C78jBcN8TqWvZSgDGIRTyTa+L/bwLoeaWAPEjm
RYWcb978m2+vW142n8AO9N8bSgY23pD+19V7hNUSUGSuQdSiU1tmAyaMX/6RG3gs
DDC9Na/mqVqwLpDtt6ew6IMJznmDff//afWswpDL81Oe8qERF2c3sTrOVzC3dTly
HwT0SYMVJy5U79LbVI24NNMNmVwb/1285bI2QAQybnh+sr4gpw4XNEDXQIWfjqVr
X9X3Z8G3
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:22 2024 by rpki-client on console-fra.rpki-client.org