Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/b6m7RBWYWbzWaF0a06nOufi8nxo.roa
File: b6m7RBWYWbzWaF0a06nOufi8nxo.roa (raw, json)
Hash identifier: bjHlvfwU/miuhBTgafzJsZ68FTvFXHPX2e2RCuxNfl8=
Subject key identifier: 6F:A9:BB:44:15:98:59:BC:D6:68:5D:1A:D3:A9:CE:B9:F8:BC:9F:1A
Certificate issuer: /CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Certificate serial: 01856CE6047A4DEC7E6698249DD256343841
Authority key identifier: 28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/b6m7RBWYWbzWaF0a06nOufi8nxo.roa
Signing time: Sun 01 Jan 2023 10:34:51 +0000
ROA not before: Sun 01 Jan 2023 10:34:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205516
IP address blocks: 185.121.83.0/24 maxlen: 24
185.121.82.0/24 maxlen: 24
185.121.80.0/24 maxlen: 24
185.121.81.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:04:7a:4d:ec:7e:66:98:24:9d:d2:56:34:38:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Validity
Not Before: Jan 1 10:34:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6fa9bb44159859bcd6685d1ad3a9ceb9f8bc9f1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:e6:29:d0:a1:dc:92:4a:a7:15:b8:78:6f:6a:
1e:f1:2f:1e:4f:80:73:8c:1f:87:ea:7d:af:b2:d0:
0a:5f:2c:a1:e2:72:0c:41:14:9a:a9:6a:1e:ea:2a:
23:33:63:64:bc:ab:89:31:09:62:01:03:1b:ee:7a:
4e:a0:9a:df:c6:85:e2:97:58:3c:2c:86:79:fb:89:
10:09:c3:8c:c0:c0:2e:14:1c:bb:97:a5:fa:da:5b:
56:2f:a2:71:fa:63:da:65:ca:7c:32:de:71:7e:f3:
bc:67:78:96:4a:49:51:3e:e0:42:2d:b2:69:a7:2b:
3f:b9:0e:80:5e:c2:c1:68:92:ac:db:e6:48:56:3c:
ff:ea:65:ec:9f:ba:0e:48:c7:0d:bf:f4:cd:ea:9c:
9d:95:23:51:90:a4:4f:8c:b1:00:f6:1e:65:d3:65:
95:03:da:39:5e:47:1b:a2:96:d1:97:6e:e9:ff:d8:
94:90:95:bf:e9:f8:2e:45:40:dc:b5:5a:89:7d:64:
56:11:d9:cf:08:4c:55:2c:2d:74:71:c4:a3:fc:4c:
4a:aa:1a:2c:75:cf:96:af:60:10:20:fc:ae:5d:f7:
61:bd:2f:39:65:6f:5b:78:3f:47:cb:98:6f:37:f7:
7b:6d:35:83:c8:15:63:89:bb:17:63:78:b6:73:26:
a5:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:A9:BB:44:15:98:59:BC:D6:68:5D:1A:D3:A9:CE:B9:F8:BC:9F:1A
X509v3 Authority Key Identifier:
keyid:28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/b6m7RBWYWbzWaF0a06nOufi8nxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.80.0/22
Signature Algorithm: sha256WithRSAEncryption
34:b5:fa:3f:60:0c:17:0a:e2:d0:bf:df:34:4f:35:a8:3d:b7:
5b:15:05:63:41:1c:e0:7d:a8:23:44:33:1a:5c:c9:74:08:cc:
4c:40:5d:ae:0e:95:29:b1:0d:b9:b3:64:65:3b:50:99:de:dc:
74:82:ac:2b:83:46:f4:eb:9e:dd:29:cc:af:06:5b:ac:bf:bf:
ed:ad:c4:7a:61:a2:db:77:ec:bd:d3:72:82:c8:aa:74:73:a0:
a5:61:07:05:ea:d3:6e:5d:e8:9b:af:c9:9b:6b:35:06:76:2a:
9e:ed:33:86:70:76:ea:3d:d6:8c:da:9a:c3:8c:56:64:89:af:
24:5e:49:76:7b:1a:f4:76:d2:6d:c3:86:61:74:db:34:06:0e:
49:e5:43:64:f4:22:04:37:d7:d1:2d:d1:54:c7:c9:11:64:ff:
9c:0c:4e:b6:db:e0:dc:0e:52:08:42:69:fb:f6:71:88:7b:89:
7b:61:ec:fc:4d:98:bb:ce:69:94:a6:ad:a6:c4:f1:d8:d0:cc:
2c:b0:cd:46:3a:63:af:9a:e2:1a:35:1b:c7:1f:3c:33:b5:0f:
17:f7:71:d5:2e:b8:b0:27:4a:a5:fc:8e:61:bc:82:9f:b2:6b:
30:03:07:d1:cb:2c:c3:19:ab:3a:4d:ba:f1:c5:9e:f9:fd:53:
5b:34:ab:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5gR6Tex+ZpgkndJWNDhBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ODU1ODUyYTRiY2QxYmYxZWM4MTNmM2MxM2IwZjFmMzcy
ZjM5NzEwHhcNMjMwMTAxMTAzNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmE5YmI0NDE1OTg1OWJjZDY2ODVkMWFkM2E5Y2ViOWY4YmM5ZjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOYp0KHckkqnFbh4b2oe8S8eT4Bz
jB+H6n2vstAKXyyh4nIMQRSaqWoe6iojM2NkvKuJMQliAQMb7npOoJrfxoXil1g8
LIZ5+4kQCcOMwMAuFBy7l6X62ltWL6Jx+mPaZcp8Mt5xfvO8Z3iWSklRPuBCLbJp
pys/uQ6AXsLBaJKs2+ZIVjz/6mXsn7oOSMcNv/TN6pydlSNRkKRPjLEA9h5l02WV
A9o5XkcbopbRl27p/9iUkJW/6fguRUDctVqJfWRWEdnPCExVLC10ccSj/ExKqhos
dc+Wr2AQIPyuXfdhvS85ZW9beD9Hy5hvN/d7bTWDyBVjibsXY3i2cyalDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG+pu0QVmFm81mhdGtOpzrn4vJ8aMB8GA1UdIwQY
MBaAFCiFWFKkvNG/HsgT88E7Dx83LzlxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEt
NzA0NDYzZWJhZDM2LzEvYjZtN1JCV1lXYnpXYUYwYTA2bk91Zmk4bnhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEtNzA0NDYzZWJhZDM2
LzEvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXlQMA0G
CSqGSIb3DQEBCwUAA4IBAQA0tfo/YAwXCuLQv980TzWoPbdbFQVjQRzgfagjRDMa
XMl0CMxMQF2uDpUpsQ25s2RlO1CZ3tx0gqwrg0b0657dKcyvBlusv7/trcR6YaLb
d+y903KCyKp0c6ClYQcF6tNuXeibr8mbazUGdiqe7TOGcHbqPdaM2prDjFZkia8k
Xkl2exr0dtJtw4ZhdNs0Bg5J5UNk9CIEN9fRLdFUx8kRZP+cDE622+DcDlIIQmn7
9nGIe4l7Yez8TZi7zmmUpq2mxPHY0MwssM1GOmOvmuIaNRvHHzwztQ8X93HVLriw
J0ql/I5hvIKfsmswAwfRyyzDGas6TbrxxZ75/VNbNKuM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:23 2024 by rpki-client on console-fra.rpki-client.org