Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/48afe0-5a18-4d99-91b6-8073dce09628/1/C6gVEJyscXRFNGfd1I2oX6_P8Js.roa
File: C6gVEJyscXRFNGfd1I2oX6_P8Js.roa (raw, json)
Hash identifier: UA7VsFGOuVLW4iWen7B3NX/V5sX7ekcQVYK/ORz0vhk=
Subject key identifier: 0B:A8:15:10:9C:AC:71:74:45:34:67:DD:D4:8D:A8:5F:AF:CF:F0:9B
Certificate issuer: /CN=4ac2bc0e3e59332f4be2c58ff25a1861f5fde819
Certificate serial: 018CC50058AD50E4B96F90B8E129864357CB
Authority key identifier: 4A:C2:BC:0E:3E:59:33:2F:4B:E2:C5:8F:F2:5A:18:61:F5:FD:E8:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SsK8Dj5ZMy9L4sWP8loYYfX96Bk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/48afe0-5a18-4d99-91b6-8073dce09628/1/C6gVEJyscXRFNGfd1I2oX6_P8Js.roa
Signing time: Mon 01 Jan 2024 12:29:43 +0000
ROA not before: Mon 01 Jan 2024 12:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8821
IP address blocks: 82.136.64.0/18 maxlen: 18
158.181.96.0/19 maxlen: 19
185.42.244.0/22 maxlen: 22
212.4.64.0/19 maxlen: 19
62.171.0.0/17 maxlen: 17
151.248.128.0/17 maxlen: 17
2a01:8b80::/29 maxlen: 29
2a01:8b80::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 18 Jun 2024 11:19:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:58:ad:50:e4:b9:6f:90:b8:e1:29:86:43:57:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ac2bc0e3e59332f4be2c58ff25a1861f5fde819
Validity
Not Before: Jan 1 12:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ba815109cac7174453467ddd48da85fafcff09b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:63:50:6d:43:f6:44:1e:c1:95:71:19:14:f4:
67:cb:24:7e:e9:6e:04:59:a5:a6:62:7e:dc:f8:22:
7f:9b:59:5a:3b:91:87:6a:82:bb:ab:5f:22:16:c6:
19:83:5b:c7:96:c6:b3:61:54:c2:ce:ea:25:af:2b:
62:20:e1:aa:e4:33:85:b6:cd:ad:36:83:ff:10:4d:
60:78:7c:38:51:84:66:06:cb:b5:ed:46:a0:b2:71:
cb:e4:fe:dc:48:04:8b:75:3d:36:c6:90:b7:56:f7:
a9:3e:b7:1e:9f:04:17:43:41:dd:83:79:96:d8:de:
c0:7f:1a:c5:f5:b1:b1:da:83:17:4a:51:d3:c4:1e:
3c:f7:bd:9c:18:d6:d4:94:cf:17:ae:7f:f6:cf:58:
51:29:20:fe:ab:db:9b:54:d1:ad:a7:ce:f7:aa:90:
08:61:69:d9:f5:47:1e:2e:20:9c:84:2e:1a:af:06:
5a:45:68:2b:f5:ca:dc:9c:b1:5a:6c:8e:46:f2:86:
50:48:08:d9:d8:57:ee:db:35:78:e6:5e:ce:4c:12:
9d:46:8f:65:ef:9d:99:9c:b8:9d:53:da:ba:88:a8:
31:9c:97:2b:2b:ae:cc:b1:00:f3:05:b0:5d:49:a2:
9e:0a:7e:8e:ce:f1:37:31:4d:d6:ad:5e:af:c8:52:
29:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:A8:15:10:9C:AC:71:74:45:34:67:DD:D4:8D:A8:5F:AF:CF:F0:9B
X509v3 Authority Key Identifier:
keyid:4A:C2:BC:0E:3E:59:33:2F:4B:E2:C5:8F:F2:5A:18:61:F5:FD:E8:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SsK8Dj5ZMy9L4sWP8loYYfX96Bk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/48afe0-5a18-4d99-91b6-8073dce09628/1/C6gVEJyscXRFNGfd1I2oX6_P8Js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/48afe0-5a18-4d99-91b6-8073dce09628/1/SsK8Dj5ZMy9L4sWP8loYYfX96Bk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.0.0/17
82.136.64.0/18
151.248.128.0/17
158.181.96.0/19
185.42.244.0/22
212.4.64.0/19
IPv6:
2a01:8b80::/29
Signature Algorithm: sha256WithRSAEncryption
92:6d:00:a8:7f:70:1b:92:b7:a1:c2:30:dc:63:11:9c:f9:03:
a1:f1:ef:fb:1d:d3:5d:c1:d9:89:55:3a:e4:4e:83:83:40:85:
4f:26:65:d0:35:ba:39:16:d4:b7:fa:99:4f:41:c3:46:cd:a8:
63:1c:1c:43:78:e4:d0:1b:3b:29:1c:07:48:ae:be:81:cf:8d:
83:42:de:e6:c5:70:c8:27:6c:23:40:d6:b5:31:1c:69:bb:b5:
f6:7a:c5:f6:8b:06:98:25:de:8e:ec:0c:74:76:fc:68:87:18:
84:d1:d6:9a:fc:57:a5:38:cd:4c:03:d1:d1:aa:e2:98:9f:1a:
6f:90:ee:59:be:c6:3e:2f:93:46:38:63:89:a4:c7:1d:48:f7:
3b:42:62:27:f9:79:ae:fa:0d:cb:f9:3a:9b:bf:ea:30:81:e8:
a1:ce:33:ba:ad:1b:7e:32:3f:de:e9:8c:3b:6c:8b:9a:1a:75:
55:a7:4e:a1:3c:08:7a:6e:d4:db:8b:f5:bd:28:7d:73:0a:47:
71:4c:0f:39:3d:e8:45:ec:d6:ab:7a:b3:71:ff:e1:45:0b:98:
52:96:d4:ec:ea:a9:32:bc:59:b3:f2:d8:aa:7c:60:d2:6e:e4:
f3:27:a7:69:b7:d4:4b:88:60:6a:e2:5c:42:6c:7b:57:96:86:
8e:6e:5b:15
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzFAFitUOS5b5C44SmGQ1fLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhYzJiYzBlM2U1OTMzMmY0YmUyYzU4ZmYyNWExODYxZjVm
ZGU4MTkwHhcNMjQwMTAxMTIyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmE4MTUxMDljYWM3MTc0NDUzNDY3ZGRkNDhkYTg1ZmFmY2ZmMDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmNQbUP2RB7BlXEZFPRnyyR+6W4E
WaWmYn7c+CJ/m1laO5GHaoK7q18iFsYZg1vHlsazYVTCzuolrytiIOGq5DOFts2t
NoP/EE1geHw4UYRmBsu17UagsnHL5P7cSASLdT02xpC3VvepPrcenwQXQ0Hdg3mW
2N7AfxrF9bGx2oMXSlHTxB48972cGNbUlM8Xrn/2z1hRKSD+q9ubVNGtp873qpAI
YWnZ9UceLiCchC4arwZaRWgr9crcnLFabI5G8oZQSAjZ2Ffu2zV45l7OTBKdRo9l
752ZnLidU9q6iKgxnJcrK67MsQDzBbBdSaKeCn6OzvE3MU3WrV6vyFIpbwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFAuoFRCcrHF0RTRn3dSNqF+vz/CbMB8GA1UdIwQY
MBaAFErCvA4+WTMvS+LFj/JaGGH1/egZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3NLOERqNVpNeTlMNHNXUDhsb1lZZlg5NkJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80OGFmZTAtNWExOC00ZDk5LTkxYjYt
ODA3M2RjZTA5NjI4LzEvQzZnVkVKeXNjWFJGTkdmZDFJMm9YNl9QOEpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80OGFmZTAtNWExOC00ZDk5LTkxYjYtODA3M2RjZTA5NjI4
LzEvU3NLOERqNVpNeTlMNHNXUDhsb1lZZlg5NkJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQHPqsAAwQG
UohAAwQHl/iAAwQFnrVgAwQCuSr0AwQF1ARAMA0EAgACMAcDBQMqAYuAMA0GCSqG
SIb3DQEBCwUAA4IBAQCSbQCof3AbkrehwjDcYxGc+QOh8e/7HdNdwdmJVTrkToOD
QIVPJmXQNbo5FtS3+plPQcNGzahjHBxDeOTQGzspHAdIrr6Bz42DQt7mxXDIJ2wj
QNa1MRxpu7X2esX2iwaYJd6O7Ax0dvxohxiE0daa/FelOM1MA9HRquKYnxpvkO5Z
vsY+L5NGOGOJpMcdSPc7QmIn+Xmu+g3L+Tqbv+owgeihzjO6rRt+Mj/e6Yw7bIua
GnVVp06hPAh6btTbi/W9KH1zCkdxTA85PehF7NarerNx/+FFC5hSltTs6qkyvFmz
8tiqfGDSbuTzJ6dpt9RLiGBq4lxCbHtXloaOblsV
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:26:09 2025 by rpki-client