Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/1e8d4d-53bf-4acb-bc0c-52cad6675fc6/1/6qlXuHvaBZgLBrj3TLYw8tk0o74.roa
File: 6qlXuHvaBZgLBrj3TLYw8tk0o74.roa (raw, json)
Hash identifier: +zNDBbC7uo6ScRajDf5yHt1nCbA1CZYceowOUsvd6wo=
Subject key identifier: EA:A9:57:B8:7B:DA:05:98:0B:06:B8:F7:4C:B6:30:F2:D9:34:A3:BE
Certificate issuer: /CN=9d9a0c84b30720f4d4ce4bdba01dd0544d028ecd
Certificate serial: 018572BA92276D31EB02E9C104173B0C2E51
Authority key identifier: 9D:9A:0C:84:B3:07:20:F4:D4:CE:4B:DB:A0:1D:D0:54:4D:02:8E:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nZoMhLMHIPTUzkvboB3QVE0Cjs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/1e8d4d-53bf-4acb-bc0c-52cad6675fc6/1/6qlXuHvaBZgLBrj3TLYw8tk0o74.roa
Signing time: Mon 02 Jan 2023 13:45:07 +0000
ROA not before: Mon 02 Jan 2023 13:45:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205676
IP address blocks: 185.207.32.0/24 maxlen: 24
2a0b:1d40::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:92:27:6d:31:eb:02:e9:c1:04:17:3b:0c:2e:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d9a0c84b30720f4d4ce4bdba01dd0544d028ecd
Validity
Not Before: Jan 2 13:45:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eaa957b87bda05980b06b8f74cb630f2d934a3be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:f7:ef:da:10:ff:34:28:c7:ca:fb:85:41:8a:
2d:ec:6a:12:52:3c:04:08:fb:25:90:2f:ef:25:9c:
35:86:ea:6b:84:e9:61:d6:68:05:b3:24:d7:f8:bd:
68:bc:ce:27:7f:82:d1:30:3c:7f:fd:1f:7f:aa:77:
0b:aa:9e:fb:9d:79:f5:ab:75:a7:f2:dd:7f:55:b4:
46:5b:21:00:5f:70:b0:9f:0d:84:f7:09:8e:a6:99:
a1:b4:04:23:5d:99:7a:32:0e:21:36:68:2d:40:82:
25:e4:b4:2e:4e:fc:61:28:9e:68:f7:99:be:5d:cc:
52:74:39:24:70:09:10:27:46:b1:34:f9:86:92:18:
72:b6:a2:65:fd:ca:7f:ab:06:32:93:bf:f7:03:62:
b0:9e:6e:0b:1e:37:21:56:39:a0:29:25:61:2a:46:
9b:a3:4b:61:3c:f9:c6:46:b6:01:b8:29:07:64:c5:
4d:de:35:0b:78:5c:2c:66:c4:04:ba:ea:64:dd:ed:
51:af:ef:d5:2d:bd:65:a0:95:3a:27:29:01:0b:b1:
f6:c6:05:96:c4:40:f8:81:d5:12:0d:12:3d:e6:d3:
13:15:9c:c8:8f:92:9f:84:46:53:9c:ce:54:00:78:
1e:46:3e:5a:90:f6:ff:e3:ba:05:e0:07:64:54:ae:
5f:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:A9:57:B8:7B:DA:05:98:0B:06:B8:F7:4C:B6:30:F2:D9:34:A3:BE
X509v3 Authority Key Identifier:
keyid:9D:9A:0C:84:B3:07:20:F4:D4:CE:4B:DB:A0:1D:D0:54:4D:02:8E:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nZoMhLMHIPTUzkvboB3QVE0Cjs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/1e8d4d-53bf-4acb-bc0c-52cad6675fc6/1/6qlXuHvaBZgLBrj3TLYw8tk0o74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/1e8d4d-53bf-4acb-bc0c-52cad6675fc6/1/nZoMhLMHIPTUzkvboB3QVE0Cjs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.207.32.0/24
IPv6:
2a0b:1d40::/32
Signature Algorithm: sha256WithRSAEncryption
0a:70:2d:98:35:1e:40:f7:f3:15:3b:ca:d7:83:76:54:7b:87:
69:cc:90:67:fb:ea:75:2a:5c:c8:ed:6b:c8:68:78:70:27:46:
a0:07:cb:3f:cd:e1:7a:3c:7c:35:e0:dc:0b:ec:2c:32:62:35:
29:99:9a:61:4b:74:b5:4b:7f:68:f0:a7:63:a5:fb:fd:53:e0:
d2:c0:66:b9:4a:8c:76:34:4b:fe:60:ef:11:7a:cb:86:af:71:
65:3e:ab:d3:c2:5a:64:75:d1:54:25:ab:10:f1:9e:5f:cb:fd:
21:94:e9:52:f8:1d:32:c4:26:0f:44:85:8f:25:78:9f:dc:59:
2a:51:3e:d4:c7:2f:14:5b:ce:2a:95:a2:9e:3d:a2:ea:99:73:
e9:25:c5:1f:41:ef:73:79:06:89:64:ee:e0:65:5d:79:b9:03:
ad:92:91:4e:07:94:90:2e:28:d7:1e:c5:1a:c4:18:02:42:eb:
e8:1b:87:76:5a:b5:06:b3:8d:c4:81:f1:0d:b3:8f:34:e5:af:
b4:5b:36:ae:ff:40:27:cb:66:82:1e:b4:46:84:00:91:b9:b6:
a2:4d:be:e5:c2:4c:bc:78:a5:1c:fb:8d:be:cf:33:d9:27:8f:
e6:fe:a9:4e:32:3b:bf:31:5e:1e:3c:03:04:e9:13:69:ee:3a:
35:0a:20:a7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyupInbTHrAunBBBc7DC5RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkOWEwYzg0YjMwNzIwZjRkNGNlNGJkYmEwMWRkMDU0NGQw
MjhlY2QwHhcNMjMwMTAyMTM0NTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWE5NTdiODdiZGEwNTk4MGIwNmI4Zjc0Y2I2MzBmMmQ5MzRhM2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjffv2hD/NCjHyvuFQYot7GoSUjwE
CPslkC/vJZw1huprhOlh1mgFsyTX+L1ovM4nf4LRMDx//R9/qncLqp77nXn1q3Wn
8t1/VbRGWyEAX3Cwnw2E9wmOppmhtAQjXZl6Mg4hNmgtQIIl5LQuTvxhKJ5o95m+
XcxSdDkkcAkQJ0axNPmGkhhytqJl/cp/qwYyk7/3A2Kwnm4LHjchVjmgKSVhKkab
o0thPPnGRrYBuCkHZMVN3jULeFwsZsQEuupk3e1Rr+/VLb1loJU6JykBC7H2xgWW
xED4gdUSDRI95tMTFZzIj5KfhEZTnM5UAHgeRj5akPb/47oF4AdkVK5fkQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOqpV7h72gWYCwa490y2MPLZNKO+MB8GA1UdIwQY
MBaAFJ2aDISzByD01M5L26Ad0FRNAo7NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblpvTWhMTUhJUFRVemt2Ym9CM1FWRTBDanMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8xZThkNGQtNTNiZi00YWNiLWJjMGMt
NTJjYWQ2Njc1ZmM2LzEvNnFsWHVIdmFCWmdMQnJqM1RMWXc4dGswbzc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8xZThkNGQtNTNiZi00YWNiLWJjMGMtNTJjYWQ2Njc1ZmM2
LzEvblpvTWhMTUhJUFRVemt2Ym9CM1FWRTBDanMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuc8gMA0E
AgACMAcDBQAqCx1AMA0GCSqGSIb3DQEBCwUAA4IBAQAKcC2YNR5A9/MVO8rXg3ZU
e4dpzJBn++p1KlzI7WvIaHhwJ0agB8s/zeF6PHw14NwL7CwyYjUpmZphS3S1S39o
8Kdjpfv9U+DSwGa5Sox2NEv+YO8ResuGr3FlPqvTwlpkddFUJasQ8Z5fy/0hlOlS
+B0yxCYPRIWPJXif3FkqUT7Uxy8UW84qlaKePaLqmXPpJcUfQe9zeQaJZO7gZV15
uQOtkpFOB5SQLijXHsUaxBgCQuvoG4d2WrUGs43EgfENs4805a+0Wzau/0Any2aC
HrRGhACRubaiTb7lwky8eKUc+42+zzPZJ4/m/qlOMju/MV4ePAME6RNp7jo1CiCn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:59 2024 by rpki-client on console-fra.rpki-client.org