Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/6aBSdiGUYyzei0OraHEViLbiNbQ.roa
File: 6aBSdiGUYyzei0OraHEViLbiNbQ.roa (raw, json)
Hash identifier: 6c+VqbUjSOhy6ZfHs/CC5RGzZAkSt/scTRPmw8aoptw=
Subject key identifier: E9:A0:52:76:21:94:63:2C:DE:8B:43:AB:68:71:15:88:B6:E2:35:B4
Certificate issuer: /CN=9e4b3281b08e6b5ec1fdeb0d0440528ed934dc3f
Certificate serial: 018C95E36A87E41306A83647CE0A7D4F8BEE
Authority key identifier: 9E:4B:32:81:B0:8E:6B:5E:C1:FD:EB:0D:04:40:52:8E:D9:34:DC:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nksygbCOa17B_esNBEBSjtk03D8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/6aBSdiGUYyzei0OraHEViLbiNbQ.roa
Signing time: Sat 23 Dec 2023 08:55:58 +0000
ROA not before: Sat 23 Dec 2023 08:55:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12322
IP address blocks: 213.228.0.0/18 maxlen: 18
78.192.0.0/10 maxlen: 11
82.224.0.0/11 maxlen: 13
88.160.0.0/11 maxlen: 15
62.147.0.0/16 maxlen: 16
82.64.0.0/14 maxlen: 15
212.27.32.0/19 maxlen: 19
2a01:e00::/26 maxlen: 39
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:95:e3:6a:87:e4:13:06:a8:36:47:ce:0a:7d:4f:8b:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e4b3281b08e6b5ec1fdeb0d0440528ed934dc3f
Validity
Not Before: Dec 23 08:55:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e9a052762194632cde8b43ab68711588b6e235b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:af:a7:cb:74:91:42:1d:ea:40:e7:ed:ce:df:
20:51:eb:1a:91:26:bc:37:cb:32:32:90:cd:4d:cb:
25:c7:db:f7:d9:33:03:7e:4b:51:fe:57:b4:12:9b:
80:dc:04:3c:4c:eb:c0:8d:01:4e:06:fc:5b:49:18:
75:89:0d:11:c3:00:df:80:a8:ff:a3:23:d9:64:87:
f9:e8:be:72:20:a6:dc:68:88:9f:3e:2e:c5:f2:df:
46:b6:f6:c9:7a:f5:0f:fd:c3:6c:31:13:08:1a:6c:
ce:08:c4:41:b1:98:72:0f:5a:54:90:23:8a:30:9c:
4d:af:c1:6f:a8:ed:e4:9d:ce:99:86:2d:7f:ac:aa:
41:29:42:60:9d:2b:63:4d:1e:47:91:27:88:55:29:
5a:84:22:94:7e:db:5a:0e:a5:f8:98:15:94:50:c8:
61:b2:b8:ff:c3:23:14:06:da:1b:a8:5f:7e:c1:76:
59:33:a6:25:16:67:90:4f:26:49:b6:26:30:a1:b4:
e7:d6:47:d0:6c:c3:4d:ba:64:e3:cc:2f:39:a9:18:
40:1e:90:8a:39:77:53:3c:2c:b5:2e:71:c5:ca:63:
2b:33:48:fb:f1:a5:c2:7e:31:db:96:bd:00:ef:3d:
dc:88:34:81:88:88:53:20:1a:a9:aa:88:b5:c3:ab:
2b:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:A0:52:76:21:94:63:2C:DE:8B:43:AB:68:71:15:88:B6:E2:35:B4
X509v3 Authority Key Identifier:
keyid:9E:4B:32:81:B0:8E:6B:5E:C1:FD:EB:0D:04:40:52:8E:D9:34:DC:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nksygbCOa17B_esNBEBSjtk03D8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/6aBSdiGUYyzei0OraHEViLbiNbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/nksygbCOa17B_esNBEBSjtk03D8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.147.0.0/16
78.192.0.0/10
82.64.0.0/14
82.224.0.0/11
88.160.0.0/11
212.27.32.0/19
213.228.0.0/18
IPv6:
2a01:e00::/26
Signature Algorithm: sha256WithRSAEncryption
9d:86:88:b8:bf:62:04:46:af:31:fd:90:21:c6:53:0d:ac:e3:
7e:d9:4a:6f:2f:04:ef:90:c4:32:ed:8d:60:4a:ec:db:82:be:
bc:ff:0a:fb:62:90:26:34:7a:8c:d1:4a:a0:d3:d8:63:3b:47:
df:f4:e6:ec:99:93:92:06:78:be:de:f7:de:7b:0f:2e:6d:b6:
2e:c6:11:5c:8a:6a:1c:db:3d:24:27:a5:1c:59:fb:00:6e:85:
33:e7:d5:f7:63:0f:d6:55:a2:8c:43:6f:a2:d5:b0:7c:79:33:
bf:a2:f8:bf:13:7c:c1:3b:bd:60:ab:51:63:04:e0:67:c6:99:
53:a6:74:11:8a:2d:af:cd:a1:18:6c:ca:b4:57:bf:4d:51:92:
41:17:a3:59:bd:b3:f4:fd:09:d7:a2:82:16:95:cd:29:3e:0c:
6f:12:9c:47:29:8b:3c:52:7d:e9:e9:f4:4f:a2:6b:c4:0c:1f:
fb:f1:9a:78:dd:7e:4b:c0:c5:a3:c8:b8:4d:08:09:df:3d:e9:
f6:07:58:32:0d:90:40:e2:c8:04:5f:55:78:f1:8a:eb:4a:f7:
62:64:57:c5:12:56:b4:ce:37:9d:ec:e4:5b:1b:13:a8:0d:69:
e8:be:73:33:5e:54:a3:88:cf:37:4b:1f:33:8f:08:34:36:ce:
4d:72:c5:c0
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYyV42qH5BMGqDZHzgp9T4vuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNGIzMjgxYjA4ZTZiNWVjMWZkZWIwZDA0NDA1MjhlZDkz
NGRjM2YwHhcNMjMxMjIzMDg1NTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWEwNTI3NjIxOTQ2MzJjZGU4YjQzYWI2ODcxMTU4OGI2ZTIzNWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApq+ny3SRQh3qQOftzt8gUesakSa8
N8syMpDNTcslx9v32TMDfktR/le0EpuA3AQ8TOvAjQFOBvxbSRh1iQ0RwwDfgKj/
oyPZZIf56L5yIKbcaIifPi7F8t9GtvbJevUP/cNsMRMIGmzOCMRBsZhyD1pUkCOK
MJxNr8FvqO3knc6Zhi1/rKpBKUJgnStjTR5HkSeIVSlahCKUfttaDqX4mBWUUMhh
srj/wyMUBtobqF9+wXZZM6YlFmeQTyZJtiYwobTn1kfQbMNNumTjzC85qRhAHpCK
OXdTPCy1LnHFymMrM0j78aXCfjHblr0A7z3ciDSBiIhTIBqpqoi1w6srqwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFOmgUnYhlGMs3otDq2hxFYi24jW0MB8GA1UdIwQY
MBaAFJ5LMoGwjmtewf3rDQRAUo7ZNNw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmtzeWdiQ09hMTdCX2VzTkJFQlNqdGswM0Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9mZjdkMzMtZTRmNy00M2MwLTkyNGIt
NmIyZDQ2OTI0YzZmLzEvNmFCU2RpR1VZeXplaTBPcmFIRVZpTGJpTmJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9mZjdkMzMtZTRmNy00M2MwLTkyNGItNmIyZDQ2OTI0YzZm
LzEvbmtzeWdiQ09hMTdCX2VzTkJFQlNqdGswM0Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDArBAIAATAlAwMAPpMDAwZO
wAMDAlJAAwMFUuADAwVYoAMEBdQbIAMEBtXkADANBAIAAjAHAwUGKgEOADANBgkq
hkiG9w0BAQsFAAOCAQEAnYaIuL9iBEavMf2QIcZTDazjftlKby8E75DEMu2NYErs
24K+vP8K+2KQJjR6jNFKoNPYYztH3/Tm7JmTkgZ4vt733nsPLm22LsYRXIpqHNs9
JCelHFn7AG6FM+fV92MP1lWijENvotWwfHkzv6L4vxN8wTu9YKtRYwTgZ8aZU6Z0
EYotr82hGGzKtFe/TVGSQRejWb2z9P0J16KCFpXNKT4MbxKcRymLPFJ96en0T6Jr
xAwf+/GaeN1+S8DFo8i4TQgJ3z3p9gdYMg2QQOLIBF9VePGK60r3YmRXxRJWtM43
nezkWxsTqA1p6L5zM15Uo4jPN0sfM48INDbOTXLFwA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:41 2024 by rpki-client on console-ams.rpki-client.org