Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/bf58c5-f3e2-41ac-a216-4a67e4d056ab/1/6IDar3D6F1By9TYsJtF0qORYTDw.roa
File: 6IDar3D6F1By9TYsJtF0qORYTDw.roa (raw, json)
Hash identifier: vSsWL8W6kVEqLnFGIqaCPTXxbXKbGOzm/cmn+xB2/3Y=
Subject key identifier: E8:80:DA:AF:70:FA:17:50:72:F5:36:2C:26:D1:74:A8:E4:58:4C:3C
Certificate issuer: /CN=2ba7088e39e7ad8817b7d10ea2a5b8a098a47a0b
Certificate serial: 018CC49383F0C5E27790C05FA2FD81801C7C
Authority key identifier: 2B:A7:08:8E:39:E7:AD:88:17:B7:D1:0E:A2:A5:B8:A0:98:A4:7A:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K6cIjjnnrYgXt9EOoqW4oJikegs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/bf58c5-f3e2-41ac-a216-4a67e4d056ab/1/6IDar3D6F1By9TYsJtF0qORYTDw.roa
Signing time: Mon 01 Jan 2024 10:30:50 +0000
ROA not before: Mon 01 Jan 2024 10:30:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202113
IP address blocks: 185.52.244.0/22 maxlen: 22
185.52.244.0/24 maxlen: 24
185.52.247.0/24 maxlen: 24
2a04:c9c0::/29 maxlen: 29
2a04:c9c7::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 20 May 2024 08:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:83:f0:c5:e2:77:90:c0:5f:a2:fd:81:80:1c:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ba7088e39e7ad8817b7d10ea2a5b8a098a47a0b
Validity
Not Before: Jan 1 10:30:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e880daaf70fa175072f5362c26d174a8e4584c3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:3d:68:f3:2d:c9:ee:3a:f6:71:f4:66:d6:f2:
5b:d4:a6:6f:0e:c2:b0:20:99:da:89:7f:b9:7b:05:
18:93:33:99:37:d9:51:cd:10:8f:45:c8:cf:c7:79:
29:76:e3:82:6d:2d:75:14:9c:05:12:7e:8d:4c:00:
3b:bc:e1:20:dc:6a:4e:4a:b4:b8:04:48:a1:5e:3e:
02:54:11:6f:d1:2c:4b:99:b6:2f:60:63:8b:43:7d:
76:1d:5a:50:22:5a:c3:11:98:19:04:82:9e:57:39:
3e:bd:6d:5a:e2:c0:75:22:89:a3:5a:f3:00:ae:6e:
d8:8a:ef:7b:57:ec:4b:d4:03:e0:d6:14:9b:4c:73:
e9:da:a2:1e:e7:e3:f6:00:db:e9:9e:12:e8:cc:50:
70:68:78:83:16:86:c1:35:c8:d4:68:21:9e:68:d4:
01:ba:be:52:16:1d:fe:7b:bd:a8:5b:1a:e5:4f:47:
a2:b7:a1:5a:7e:46:22:43:46:2a:f0:10:d3:61:f0:
0a:c3:0a:4f:49:d9:0e:ce:8d:e1:7a:10:ed:54:69:
92:c8:fb:7f:fb:8e:31:ae:d0:9a:0b:f1:d7:a3:9d:
45:42:6c:14:71:59:88:98:45:9a:ac:75:9b:88:2c:
57:3e:a1:98:38:99:0a:91:fe:69:df:14:bd:5d:d7:
13:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:80:DA:AF:70:FA:17:50:72:F5:36:2C:26:D1:74:A8:E4:58:4C:3C
X509v3 Authority Key Identifier:
keyid:2B:A7:08:8E:39:E7:AD:88:17:B7:D1:0E:A2:A5:B8:A0:98:A4:7A:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K6cIjjnnrYgXt9EOoqW4oJikegs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/bf58c5-f3e2-41ac-a216-4a67e4d056ab/1/6IDar3D6F1By9TYsJtF0qORYTDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/bf58c5-f3e2-41ac-a216-4a67e4d056ab/1/K6cIjjnnrYgXt9EOoqW4oJikegs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.52.244.0/22
IPv6:
2a04:c9c0::/29
Signature Algorithm: sha256WithRSAEncryption
00:54:7b:e5:56:3b:af:a6:3b:98:f0:e7:b0:6d:fc:96:0c:6f:
7e:9c:72:7c:24:a0:90:9e:e6:d9:02:fc:c3:67:71:43:54:69:
e0:a3:88:fb:6d:aa:cd:f3:2b:cf:85:bc:a1:60:76:93:74:21:
ec:09:4b:64:0b:34:3f:36:1b:4c:5c:c8:dd:22:80:20:4c:ea:
aa:b8:dc:fc:e5:cc:45:14:f6:53:e5:c4:b5:70:d9:05:07:d7:
f4:93:f4:8c:6f:2b:aa:76:af:b6:54:8f:78:62:80:c9:9a:bd:
65:f3:59:b3:d4:28:47:04:b5:cc:34:fb:a4:dd:58:75:35:16:
e1:11:ea:b4:80:fe:e7:95:a5:00:63:a2:0a:e3:29:59:3b:0e:
a9:29:57:59:f7:fd:ac:3f:2f:b5:5f:3f:f1:80:09:8e:c8:b4:
fb:47:1d:81:94:07:c9:31:c6:b8:48:9e:0d:08:13:b1:5d:df:
05:ac:13:dc:26:74:90:21:46:a4:58:25:83:51:ab:df:94:21:
71:6e:cd:10:d8:1c:f4:9d:34:66:83:2f:8c:65:5e:73:3b:81:
aa:b2:8b:e3:50:95:7d:a4:04:5f:e6:53:c5:34:c9:a0:13:9d:
e0:ef:cd:19:8d:66:44:9a:56:bb:a4:24:ca:80:40:aa:fd:fd:
78:76:4a:9b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEk4PwxeJ3kMBfov2BgBx8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiYTcwODhlMzllN2FkODgxN2I3ZDEwZWEyYTViOGEwOThh
NDdhMGIwHhcNMjQwMTAxMTAzMDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODgwZGFhZjcwZmExNzUwNzJmNTM2MmMyNmQxNzRhOGU0NTg0YzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjT1o8y3J7jr2cfRm1vJb1KZvDsKw
IJnaiX+5ewUYkzOZN9lRzRCPRcjPx3kpduOCbS11FJwFEn6NTAA7vOEg3GpOSrS4
BEihXj4CVBFv0SxLmbYvYGOLQ312HVpQIlrDEZgZBIKeVzk+vW1a4sB1IomjWvMA
rm7Yiu97V+xL1APg1hSbTHPp2qIe5+P2ANvpnhLozFBwaHiDFobBNcjUaCGeaNQB
ur5SFh3+e72oWxrlT0eit6FafkYiQ0Yq8BDTYfAKwwpPSdkOzo3hehDtVGmSyPt/
+44xrtCaC/HXo51FQmwUcVmImEWarHWbiCxXPqGYOJkKkf5p3xS9XdcT3wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOiA2q9w+hdQcvU2LCbRdKjkWEw8MB8GA1UdIwQY
MBaAFCunCI45562IF7fRDqKluKCYpHoLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzZjSWpqbm5yWWdYdDlFT29xVzRvSmlrZWdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9iZjU4YzUtZjNlMi00MWFjLWEyMTYt
NGE2N2U0ZDA1NmFiLzEvNklEYXIzRDZGMUJ5OVRZc0p0RjBxT1JZVER3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9iZjU4YzUtZjNlMi00MWFjLWEyMTYtNGE2N2U0ZDA1NmFi
LzEvSzZjSWpqbm5yWWdYdDlFT29xVzRvSmlrZWdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTT0MA0E
AgACMAcDBQMqBMnAMA0GCSqGSIb3DQEBCwUAA4IBAQAAVHvlVjuvpjuY8OewbfyW
DG9+nHJ8JKCQnubZAvzDZ3FDVGngo4j7barN8yvPhbyhYHaTdCHsCUtkCzQ/NhtM
XMjdIoAgTOqquNz85cxFFPZT5cS1cNkFB9f0k/SMbyuqdq+2VI94YoDJmr1l81mz
1ChHBLXMNPuk3Vh1NRbhEeq0gP7nlaUAY6IK4ylZOw6pKVdZ9/2sPy+1Xz/xgAmO
yLT7Rx2BlAfJMca4SJ4NCBOxXd8FrBPcJnSQIUakWCWDUavflCFxbs0Q2Bz0nTRm
gy+MZV5zO4GqsovjUJV9pARf5lPFNMmgE53g780ZjWZEmla7pCTKgECq/f14dkqb
-----END CERTIFICATE-----
Generated at Mon May 20 10:29:03 2024 by rpki-client on console-fra.rpki-client.org