Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/16fb84-fa29-41b2-8dbb-59decd8d5a0c/1/6dh4vC6FZmFMRltAQCzjJGQ9LDo.roa
File: 6dh4vC6FZmFMRltAQCzjJGQ9LDo.roa (raw, json)
Hash identifier: d3q94/pp3V/COU9pDVudp5aL/JCUbci+QGtpn/aNc50=
Subject key identifier: E9:D8:78:BC:2E:85:66:61:4C:46:5B:40:40:2C:E3:24:64:3D:2C:3A
Certificate issuer: /CN=d6fac3967ea9859227d9f7be744e2a6ea486e117
Certificate serial: 01856ECB5C9D2C52ABB1AB250011FC6B8C5F
Authority key identifier: D6:FA:C3:96:7E:A9:85:92:27:D9:F7:BE:74:4E:2A:6E:A4:86:E1:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1vrDln6phZIn2fe-dE4qbqSG4Rc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/16fb84-fa29-41b2-8dbb-59decd8d5a0c/1/6dh4vC6FZmFMRltAQCzjJGQ9LDo.roa
Signing time: Sun 01 Jan 2023 19:24:59 +0000
ROA not before: Sun 01 Jan 2023 19:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31587
IP address blocks: 185.99.223.0/24 maxlen: 24
185.99.220.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:5c:9d:2c:52:ab:b1:ab:25:00:11:fc:6b:8c:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6fac3967ea9859227d9f7be744e2a6ea486e117
Validity
Not Before: Jan 1 19:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e9d878bc2e8566614c465b40402ce324643d2c3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:fa:15:79:a0:b5:80:1b:0e:dc:6a:c4:66:52:
20:fd:2d:11:2f:bd:49:e9:ee:9c:d5:cb:40:07:4f:
09:cb:7e:ca:68:a5:4b:a8:fe:3c:73:f3:c2:02:b8:
b1:d9:8c:0f:97:39:c1:3d:f6:30:46:6d:0c:a1:94:
3b:c8:18:6d:e7:6a:25:36:82:e7:2a:bf:cd:86:3e:
12:7b:3c:46:f9:ba:a6:da:7d:a6:da:ba:c0:a6:f4:
81:a9:d5:39:c3:4c:66:d4:39:59:a7:79:22:a5:03:
98:e1:46:c3:2b:e5:9d:cf:0d:44:da:9d:b9:42:b7:
1f:6a:45:f5:a4:d8:67:c5:f4:26:5c:65:f4:e0:cb:
62:91:d9:d0:6d:94:61:cd:ba:e1:41:c8:b0:8b:e4:
86:ac:82:b1:ed:8a:99:66:e3:03:73:0d:7a:ae:61:
c8:46:e0:5c:d6:5c:04:f8:98:91:e0:f6:e1:aa:a0:
55:8e:54:f1:d2:6b:5c:15:cc:52:20:df:e5:d1:85:
ef:43:6b:9d:58:b4:cc:d6:bc:03:02:d7:ec:6f:86:
20:13:5b:7c:b2:8c:d6:aa:1b:89:5f:b8:17:d1:61:
1f:e6:8f:82:9f:39:51:fa:2a:b2:0b:ac:a8:d6:29:
bc:2e:7d:9c:40:e8:21:76:9d:21:85:09:e7:c6:74:
59:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:D8:78:BC:2E:85:66:61:4C:46:5B:40:40:2C:E3:24:64:3D:2C:3A
X509v3 Authority Key Identifier:
keyid:D6:FA:C3:96:7E:A9:85:92:27:D9:F7:BE:74:4E:2A:6E:A4:86:E1:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1vrDln6phZIn2fe-dE4qbqSG4Rc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/16fb84-fa29-41b2-8dbb-59decd8d5a0c/1/6dh4vC6FZmFMRltAQCzjJGQ9LDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/16fb84-fa29-41b2-8dbb-59decd8d5a0c/1/1vrDln6phZIn2fe-dE4qbqSG4Rc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.220.0/24
185.99.223.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:d9:22:a2:8b:b1:95:c8:17:f5:a0:ff:93:89:9a:c2:b5:6d:
5c:da:1c:03:0c:62:55:dc:08:01:2c:ab:9e:1a:93:7d:99:a5:
86:12:ea:c4:05:66:6c:22:7a:9e:ad:0e:00:b3:18:3a:ba:13:
37:78:81:ed:4e:dc:a5:e8:35:31:68:41:90:cf:07:37:3e:eb:
31:92:87:2c:a5:82:40:f0:fe:e9:76:f9:e0:7e:29:4f:e8:ea:
77:01:0a:dc:85:e4:66:ac:34:d0:69:ba:c5:c9:39:2c:a2:bc:
94:cd:c4:bd:c9:fe:c9:0d:37:46:ae:28:49:41:b2:21:4d:9d:
4d:b4:3e:dd:65:0c:99:ee:26:02:8e:e8:59:3b:14:6f:b1:ee:
16:20:9f:95:1a:80:1a:6b:b9:4e:ea:1f:c4:47:49:b1:d2:09:
0e:bb:e1:59:67:4a:47:69:24:89:af:e3:11:be:d1:b0:57:5c:
1b:a2:37:0e:c2:a3:c5:d9:90:ea:ae:a8:9b:e0:25:27:c2:1a:
02:f5:ca:ea:3b:2b:4e:7d:12:f6:d7:c8:31:c6:2a:cb:91:9a:
2d:24:df:5f:19:92:54:50:b2:a8:8d:7e:e1:cd:83:8e:26:fe:
01:13:0b:2f:a5:84:d4:f2:e1:72:d3:ae:4d:f7:97:3c:95:b7:
6f:b2:68:bd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuy1ydLFKrsaslABH8a4xfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZmFjMzk2N2VhOTg1OTIyN2Q5ZjdiZTc0NGUyYTZlYTQ4
NmUxMTcwHhcNMjMwMTAxMTkyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWQ4NzhiYzJlODU2NjYxNGM0NjViNDA0MDJjZTMyNDY0M2QyYzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1voVeaC1gBsO3GrEZlIg/S0RL71J
6e6c1ctAB08Jy37KaKVLqP48c/PCArix2YwPlznBPfYwRm0MoZQ7yBht52olNoLn
Kr/Nhj4SezxG+bqm2n2m2rrApvSBqdU5w0xm1DlZp3kipQOY4UbDK+Wdzw1E2p25
QrcfakX1pNhnxfQmXGX04MtikdnQbZRhzbrhQciwi+SGrIKx7YqZZuMDcw16rmHI
RuBc1lwE+JiR4PbhqqBVjlTx0mtcFcxSIN/l0YXvQ2udWLTM1rwDAtfsb4YgE1t8
sozWqhuJX7gX0WEf5o+CnzlR+iqyC6yo1im8Ln2cQOghdp0hhQnnxnRZaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOnYeLwuhWZhTEZbQEAs4yRkPSw6MB8GA1UdIwQY
MBaAFNb6w5Z+qYWSJ9n3vnROKm6khuEXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXZyRGxuNnBoWkluMmZlLWRFNHFicVNHNFJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8xNmZiODQtZmEyOS00MWIyLThkYmIt
NTlkZWNkOGQ1YTBjLzEvNmRoNHZDNkZabUZNUmx0QVFDempKR1E5TERvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8xNmZiODQtZmEyOS00MWIyLThkYmItNTlkZWNkOGQ1YTBj
LzEvMXZyRGxuNnBoWkluMmZlLWRFNHFicVNHNFJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuWPcAwQA
uWPfMA0GCSqGSIb3DQEBCwUAA4IBAQC62SKii7GVyBf1oP+TiZrCtW1c2hwDDGJV
3AgBLKueGpN9maWGEurEBWZsInqerQ4Asxg6uhM3eIHtTtyl6DUxaEGQzwc3Pusx
kocspYJA8P7pdvngfilP6Op3AQrcheRmrDTQabrFyTksoryUzcS9yf7JDTdGrihJ
QbIhTZ1NtD7dZQyZ7iYCjuhZOxRvse4WIJ+VGoAaa7lO6h/ER0mx0gkOu+FZZ0pH
aSSJr+MRvtGwV1wbojcOwqPF2ZDqrqib4CUnwhoC9crqOytOfRL218gxxirLkZot
JN9fGZJUULKojX7hzYOOJv4BEwsvpYTU8uFy065N95c8lbdvsmi9
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:19:05 2024 by rpki-client on console-ams.rpki-client.org