Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/ca1797-616f-4973-b740-c8b5dfc5a13f/1/6xzoPjGy9TLkrm-eMGRfimYJr6Q.roa
File: 6xzoPjGy9TLkrm-eMGRfimYJr6Q.roa (raw, json)
Hash identifier: i/wB6r3ZkyNN7yffCsixiCXtD4CnpNwPxGdDIEslH+g=
Subject key identifier: EB:1C:E8:3E:31:B2:F5:32:E4:AE:6F:9E:30:64:5F:8A:66:09:AF:A4
Certificate issuer: /CN=b230c8fd0205ecf0ef6b56e037d5629b17b275ee
Certificate serial: 018573220670AEA888ECF6671B06FD129018
Authority key identifier: B2:30:C8:FD:02:05:EC:F0:EF:6B:56:E0:37:D5:62:9B:17:B2:75:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sjDI_QIF7PDva1bgN9Vimxeyde4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/ca1797-616f-4973-b740-c8b5dfc5a13f/1/6xzoPjGy9TLkrm-eMGRfimYJr6Q.roa
Signing time: Mon 02 Jan 2023 15:38:07 +0000
ROA not before: Mon 02 Jan 2023 15:38:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43824
IP address blocks: 185.99.32.0/24 maxlen: 24
185.99.35.0/24 maxlen: 24
185.99.34.0/24 maxlen: 24
185.99.33.0/24 maxlen: 24
2a0a:c0:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:22:06:70:ae:a8:88:ec:f6:67:1b:06:fd:12:90:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b230c8fd0205ecf0ef6b56e037d5629b17b275ee
Validity
Not Before: Jan 2 15:38:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eb1ce83e31b2f532e4ae6f9e30645f8a6609afa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c9:ae:5c:79:df:14:47:04:8f:06:1f:86:b7:
87:87:df:e5:c9:ab:e8:0c:c5:3b:30:34:55:49:e4:
14:46:9a:66:f4:d1:34:8e:b4:83:fe:33:4b:70:48:
7d:1c:d6:d1:ed:bd:b2:a7:a3:0a:51:d9:67:a1:b9:
a4:c3:8c:89:46:8f:88:56:1b:a1:62:ac:8c:e4:7c:
ba:3a:26:07:d7:f0:4f:db:7a:73:03:b4:37:05:92:
94:f9:30:d5:ce:f2:85:d1:45:ca:b8:00:b4:fc:fa:
e5:76:b4:9c:f9:04:8c:61:d3:7b:3e:d2:6e:71:65:
83:f8:4a:91:0c:43:2c:70:b3:f6:29:60:ad:61:e5:
77:cf:92:b1:14:9b:6f:cc:d3:e6:ca:ab:58:e0:94:
e9:00:d2:76:dc:8f:fc:77:c4:7c:9a:d6:99:bd:d6:
a2:78:56:8c:11:d1:a6:6b:1c:0e:08:26:66:f2:bf:
e3:ab:eb:cd:c9:6c:4f:96:c9:b2:31:44:d1:89:27:
9d:0d:65:cc:08:1e:16:20:bc:88:79:61:db:80:e6:
3d:0a:d3:64:c5:52:47:cb:93:d7:03:22:d9:dc:17:
e0:1c:ac:06:e9:79:bc:84:b1:f4:f0:fa:66:bc:f2:
94:9f:5a:27:68:54:71:be:7a:06:bb:fc:db:c7:fe:
e4:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:1C:E8:3E:31:B2:F5:32:E4:AE:6F:9E:30:64:5F:8A:66:09:AF:A4
X509v3 Authority Key Identifier:
keyid:B2:30:C8:FD:02:05:EC:F0:EF:6B:56:E0:37:D5:62:9B:17:B2:75:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sjDI_QIF7PDva1bgN9Vimxeyde4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/ca1797-616f-4973-b740-c8b5dfc5a13f/1/6xzoPjGy9TLkrm-eMGRfimYJr6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/ca1797-616f-4973-b740-c8b5dfc5a13f/1/sjDI_QIF7PDva1bgN9Vimxeyde4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.32.0/22
IPv6:
2a0a:c0:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
13:bf:a2:3b:da:c4:01:e9:cd:0a:a0:cf:5f:cb:95:89:e0:99:
61:6a:c9:b9:47:83:ff:ee:02:c9:06:83:fd:b9:4f:17:7c:cf:
ce:42:a1:c1:ed:d7:29:aa:e8:e3:f6:78:3f:e7:b6:90:3a:5e:
a7:e1:75:91:60:26:00:e3:ce:42:e5:b0:95:26:3f:48:21:79:
d3:e1:e1:ea:8e:e7:e1:4d:cf:29:cc:0a:20:2a:88:8f:96:5c:
1f:ce:1b:0d:18:72:26:52:5d:b7:fe:c3:77:b1:8b:8d:7a:07:
85:c6:f5:a6:13:aa:a2:d3:c0:91:45:3d:cc:06:b5:2d:94:fa:
8b:c1:60:aa:b4:3d:b4:bd:86:ae:77:8b:dd:f0:32:18:78:e4:
31:c3:88:67:02:7d:5a:48:ab:15:04:9c:33:ff:65:f0:63:31:
20:99:f7:86:ef:1b:f8:d5:e5:03:1b:ed:be:04:2e:a8:c3:8f:
dc:08:5c:9a:ff:ab:21:18:39:f5:12:7f:94:3d:3e:95:a5:02:
8f:4f:29:60:a1:c2:8c:dc:48:1b:15:9e:6b:3e:25:02:70:08:
c1:fb:c2:30:0d:d6:e8:6e:4f:ba:0c:5d:06:fe:81:23:ad:29:
2a:18:39:4f:d6:f8:e2:09:d3:4f:88:00:be:14:1d:3d:18:5d:
68:86:2c:36
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVzIgZwrqiI7PZnGwb9EpAYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMzBjOGZkMDIwNWVjZjBlZjZiNTZlMDM3ZDU2MjliMTdi
Mjc1ZWUwHhcNMjMwMTAyMTUzODA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjFjZTgzZTMxYjJmNTMyZTRhZTZmOWUzMDY0NWY4YTY2MDlhZmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcmuXHnfFEcEjwYfhreHh9/lyavo
DMU7MDRVSeQURppm9NE0jrSD/jNLcEh9HNbR7b2yp6MKUdlnobmkw4yJRo+IVhuh
YqyM5Hy6OiYH1/BP23pzA7Q3BZKU+TDVzvKF0UXKuAC0/PrldrSc+QSMYdN7PtJu
cWWD+EqRDEMscLP2KWCtYeV3z5KxFJtvzNPmyqtY4JTpANJ23I/8d8R8mtaZvdai
eFaMEdGmaxwOCCZm8r/jq+vNyWxPlsmyMUTRiSedDWXMCB4WILyIeWHbgOY9CtNk
xVJHy5PXAyLZ3BfgHKwG6Xm8hLH08PpmvPKUn1onaFRxvnoGu/zbx/7k/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOsc6D4xsvUy5K5vnjBkX4pmCa+kMB8GA1UdIwQY
MBaAFLIwyP0CBezw72tW4DfVYpsXsnXuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2pESV9RSUY3UER2YTFiZ045VmlteGV5ZGU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9jYTE3OTctNjE2Zi00OTczLWI3NDAt
YzhiNWRmYzVhMTNmLzEvNnh6b1BqR3k5VExrcm0tZU1HUmZpbVlKcjZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9jYTE3OTctNjE2Zi00OTczLWI3NDAtYzhiNWRmYzVhMTNm
LzEvc2pESV9RSUY3UER2YTFiZ045VmlteGV5ZGU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuWMgMA8E
AgACMAkDBwAqCgDA//8wDQYJKoZIhvcNAQELBQADggEBABO/ojvaxAHpzQqgz1/L
lYngmWFqyblHg//uAskGg/25Txd8z85CocHt1ymq6OP2eD/ntpA6XqfhdZFgJgDj
zkLlsJUmP0ghedPh4eqO5+FNzynMCiAqiI+WXB/OGw0YciZSXbf+w3exi416B4XG
9aYTqqLTwJFFPcwGtS2U+ovBYKq0PbS9hq53i93wMhh45DHDiGcCfVpIqxUEnDP/
ZfBjMSCZ94bvG/jV5QMb7b4ELqjDj9wIXJr/qyEYOfUSf5Q9PpWlAo9PKWChwozc
SBsVnms+JQJwCMH7wjAN1uhuT7oMXQb+gSOtKSoYOU/W+OIJ00+IAL4UHT0YXWiG
LDY=
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:45 2024 by rpki-client on console-ams.rpki-client.org