Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/6SBOQhSVtpU5HPifkAKBI5Q6r8A.roa
File: 6SBOQhSVtpU5HPifkAKBI5Q6r8A.roa (raw, json)
Hash identifier: 8DTMxE6EjfxXw7YFpe5zY5qHsxuI/kVRYKEJmQi1ff4=
Subject key identifier: E9:20:4E:42:14:95:B6:95:39:1C:F8:9F:90:02:81:23:94:3A:AF:C0
Certificate issuer: /CN=fb987244611b5230536744b6a89f044f32f462ea
Certificate serial: 0187C65CD60EB8AC07D21493986A0B921DC2
Authority key identifier: FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/6SBOQhSVtpU5HPifkAKBI5Q6r8A.roa
Signing time: Fri 28 Apr 2023 05:36:25 +0000
ROA not before: Fri 28 Apr 2023 05:36:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5522
IP address blocks: 85.206.40.0/22 maxlen: 24
2a00:1eb8:e006::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c6:5c:d6:0e:b8:ac:07:d2:14:93:98:6a:0b:92:1d:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb987244611b5230536744b6a89f044f32f462ea
Validity
Not Before: Apr 28 05:36:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e9204e421495b695391cf89f90028123943aafc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:44:4d:61:36:be:8e:f9:5e:a8:1b:08:ab:5d:
92:a5:10:2a:ff:0c:80:b2:e6:3b:38:b9:88:f7:2a:
91:2b:4e:48:2f:4d:1f:db:98:3d:21:b8:eb:b7:98:
c7:45:82:b4:61:39:8a:d4:8a:82:8e:14:f9:ca:3d:
23:c7:fc:d2:38:ea:23:e4:b0:39:f7:30:55:18:1e:
73:04:04:5b:ac:2a:1b:97:8b:b0:b8:84:20:bf:44:
32:96:5e:79:f2:0b:48:5c:c0:24:1a:93:e1:44:b0:
f1:fe:87:8a:da:44:0e:df:55:77:a4:27:f2:66:61:
66:03:e8:94:2a:3a:03:80:c2:51:8b:89:44:b5:fe:
66:cd:65:89:17:31:82:ac:c8:69:10:3e:2a:e7:9b:
d3:f3:f2:eb:2a:00:57:bf:3a:b6:49:5c:16:fe:8b:
dc:a5:2e:31:1c:25:8e:cd:ce:2a:ff:37:e2:3f:a1:
e4:ce:34:cc:05:e2:0f:b0:18:51:b0:17:e1:e7:d5:
15:f9:c2:cd:74:7f:48:49:d9:61:93:00:f7:ab:54:
92:21:0e:53:63:b2:d4:8d:87:08:f5:ca:fe:82:99:
36:7b:17:5b:10:4a:37:40:e8:e0:33:b2:78:d9:aa:
b4:0a:0e:4d:9b:7c:e6:29:21:5c:fb:5e:60:26:c1:
d4:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:20:4E:42:14:95:B6:95:39:1C:F8:9F:90:02:81:23:94:3A:AF:C0
X509v3 Authority Key Identifier:
keyid:FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/6SBOQhSVtpU5HPifkAKBI5Q6r8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.206.40.0/22
IPv6:
2a00:1eb8:e006::/48
Signature Algorithm: sha256WithRSAEncryption
83:d1:65:6d:8e:7b:04:73:86:de:30:10:24:85:84:6e:00:51:
80:e7:96:68:f3:2f:d3:cc:61:d2:66:6b:1e:1c:3c:6c:91:d8:
92:1d:80:23:d1:57:8a:b6:e4:33:bd:92:46:16:e9:27:68:87:
a3:d8:3d:82:e2:bf:fd:98:2e:ff:da:cb:38:6a:db:59:1d:a8:
34:fa:8f:01:09:66:55:50:79:33:22:4a:45:5f:a1:e6:62:b2:
8f:ef:41:e5:f6:8f:70:75:07:37:f9:8f:bd:e9:de:38:1b:c0:
45:71:cf:f1:2e:c3:a8:55:cd:3d:42:08:f1:0b:35:24:29:24:
0d:05:0e:92:6c:34:f7:66:02:0c:5f:3c:42:79:97:37:a2:e6:
01:ae:78:ab:15:c4:b6:d4:4e:df:85:02:d1:f5:88:41:53:16:
b7:dc:5d:ee:23:c0:d6:51:a7:43:d7:9e:6d:e4:3c:f7:05:28:
91:98:8d:7b:91:96:46:a2:13:18:60:40:72:ee:a9:3f:42:e5:
47:15:dc:55:e5:98:3d:79:03:43:dd:7f:e6:67:65:8f:62:fa:
e4:72:f5:07:87:4e:ef:4f:fe:81:0b:bd:33:bc:7b:cc:87:1d:
8e:8e:a0:a9:b8:b9:59:ea:2a:28:ff:19:bc:aa:d6:48:05:7c:
90:10:08:e8
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYfGXNYOuKwH0hSTmGoLkh3CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiOTg3MjQ0NjExYjUyMzA1MzY3NDRiNmE4OWYwNDRmMzJm
NDYyZWEwHhcNMjMwNDI4MDUzNjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTIwNGU0MjE0OTViNjk1MzkxY2Y4OWY5MDAyODEyMzk0M2FhZmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokRNYTa+jvleqBsIq12SpRAq/wyA
suY7OLmI9yqRK05IL00f25g9Ibjrt5jHRYK0YTmK1IqCjhT5yj0jx/zSOOoj5LA5
9zBVGB5zBARbrCobl4uwuIQgv0Qyll558gtIXMAkGpPhRLDx/oeK2kQO31V3pCfy
ZmFmA+iUKjoDgMJRi4lEtf5mzWWJFzGCrMhpED4q55vT8/LrKgBXvzq2SVwW/ovc
pS4xHCWOzc4q/zfiP6HkzjTMBeIPsBhRsBfh59UV+cLNdH9ISdlhkwD3q1SSIQ5T
Y7LUjYcI9cr+gpk2exdbEEo3QOjgM7J42aq0Cg5Nm3zmKSFc+15gJsHUTwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFOkgTkIUlbaVORz4n5ACgSOUOq/AMB8GA1UdIwQY
MBaAFPuYckRhG1IwU2dEtqifBE8y9GLqMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS01aHlSR0ViVWpCVFowUzJxSjhFVHpMMFl1by5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAw
LWJlNTgzMmQ1ZjdhYS8xLzZTQk9RaFNWdHBVNUhQaWZrQUtCSTVRNnI4QS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAwLWJlNTgzMmQ1Zjdh
YS8xLzEtNWh5UkdFYlVqQlRaMFMycUo4RVR6TDBZdW8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAJVzigw
DwQCAAIwCQMHACoAHrjgBjANBgkqhkiG9w0BAQsFAAOCAQEAg9FlbY57BHOG3jAQ
JIWEbgBRgOeWaPMv08xh0mZrHhw8bJHYkh2AI9FXirbkM72SRhbpJ2iHo9g9guK/
/Zgu/9rLOGrbWR2oNPqPAQlmVVB5MyJKRV+h5mKyj+9B5faPcHUHN/mPveneOBvA
RXHP8S7DqFXNPUII8Qs1JCkkDQUOkmw092YCDF88QnmXN6LmAa54qxXEttRO34UC
0fWIQVMWt9xd7iPA1lGnQ9eebeQ89wUokZiNe5GWRqITGGBAcu6pP0LlRxXcVeWY
PXkDQ91/5mdlj2L65HL1B4dO70/+gQu9M7x7zIcdjo6gqbi5WeoqKP8ZvKrWSAV8
kBAI6A==
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:43 2024 by rpki-client on console-ams.rpki-client.org