Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/df9e2d-a033-40c0-a00f-e344fdb722a3/1/6ycr6HZDgH-RDQE12NJxZKRQdew.roa
File: 6ycr6HZDgH-RDQE12NJxZKRQdew.roa (raw, json)
Hash identifier: 11Fn0NWEIAOmezMsvqablkF4ut0oyp1UEZm6dgWOTbE=
Subject key identifier: EB:27:2B:E8:76:43:80:7F:91:0D:01:35:D8:D2:71:64:A4:50:75:EC
Certificate issuer: /CN=8f3ced30b2852e552c7837467003f175ea59de73
Certificate serial: 018571A7B7D07F7004DB89D7833B00F76FA2
Authority key identifier: 8F:3C:ED:30:B2:85:2E:55:2C:78:37:46:70:03:F1:75:EA:59:DE:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jzztMLKFLlUseDdGcAPxdepZ3nM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/df9e2d-a033-40c0-a00f-e344fdb722a3/1/6ycr6HZDgH-RDQE12NJxZKRQdew.roa
Signing time: Mon 02 Jan 2023 08:44:54 +0000
ROA not before: Mon 02 Jan 2023 08:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197293
IP address blocks: 45.144.140.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:b7:d0:7f:70:04:db:89:d7:83:3b:00:f7:6f:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f3ced30b2852e552c7837467003f175ea59de73
Validity
Not Before: Jan 2 08:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eb272be87643807f910d0135d8d27164a45075ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:90:a1:bc:87:3e:ea:22:58:95:a6:a7:79:90:
d1:9a:1a:99:42:86:b1:09:44:a6:be:96:b0:b1:78:
ae:6f:e0:22:e8:14:9e:7d:fb:9d:de:48:da:aa:32:
ef:5b:63:8f:27:9a:ff:84:88:29:d8:86:40:0e:c7:
6e:d0:b3:02:39:81:b0:15:8c:61:5f:ea:09:09:75:
79:4f:28:04:2a:ae:28:4c:75:f7:94:55:6d:ba:00:
83:44:64:c6:9a:af:54:74:cb:41:f6:af:95:11:30:
7e:af:e2:c1:8c:a7:1b:37:c6:a1:1e:66:2e:da:bd:
ac:e4:c3:90:39:e5:97:cd:6b:5f:9c:aa:37:e4:57:
c5:d9:9e:60:96:94:bb:e8:57:d7:de:82:d4:27:2c:
6c:0e:c2:37:75:7f:26:9c:51:58:88:0a:85:e8:8f:
1a:ce:b4:77:3f:d2:6f:03:9d:19:31:f9:d3:59:ae:
01:3e:43:90:7c:dc:22:e2:42:c8:c7:e9:e5:97:ee:
80:5f:5b:bd:e0:60:99:67:cc:71:d8:c8:27:1b:84:
c2:7b:cd:c2:f0:f9:42:48:ed:96:b0:f2:4a:b1:08:
27:80:a9:e9:0a:9a:e7:bc:f6:dc:7f:b0:50:20:ac:
0a:3f:26:a5:4a:04:60:f0:70:01:72:31:11:61:1e:
a1:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:27:2B:E8:76:43:80:7F:91:0D:01:35:D8:D2:71:64:A4:50:75:EC
X509v3 Authority Key Identifier:
keyid:8F:3C:ED:30:B2:85:2E:55:2C:78:37:46:70:03:F1:75:EA:59:DE:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzztMLKFLlUseDdGcAPxdepZ3nM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/df9e2d-a033-40c0-a00f-e344fdb722a3/1/6ycr6HZDgH-RDQE12NJxZKRQdew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/df9e2d-a033-40c0-a00f-e344fdb722a3/1/jzztMLKFLlUseDdGcAPxdepZ3nM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.140.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:89:32:8b:3c:f9:86:aa:21:8d:7d:3b:0b:4a:ce:f0:6c:ab:
fb:15:db:81:bc:ec:bb:52:a2:a8:f9:f7:62:73:f4:88:09:16:
50:71:89:90:1b:ed:dd:08:a2:0e:a9:95:3b:d8:c6:a0:29:49:
5a:ce:b7:e1:c3:45:99:93:23:73:d7:79:86:fe:65:f8:80:00:
7e:3d:78:28:d8:f4:80:62:ef:ea:e9:6f:ef:a4:f6:67:73:20:
6f:40:cf:77:67:f2:4b:4e:8c:a9:77:03:5c:08:a9:fe:a8:bd:
b0:c5:b9:2e:37:ed:93:ff:7e:f1:b2:10:ac:40:9d:36:6b:74:
63:6c:be:ce:d6:75:28:0a:a4:25:95:0d:2b:0f:39:25:c1:fa:
8b:4f:0b:52:98:92:dd:74:4c:3c:71:4f:0c:fc:a8:35:de:22:
e8:a8:2b:5e:06:81:fb:25:12:dd:a4:a3:a7:47:5a:4b:d2:c3:
3c:1d:e8:a4:25:c9:47:77:13:c3:fa:c2:92:1a:37:72:07:a3:
3b:d6:15:97:1d:97:61:29:87:7e:ed:51:b6:b5:39:88:6a:f5:
4c:c9:52:6f:fd:a3:ad:14:73:20:fd:e7:16:eb:1f:d7:eb:2e:
a9:db:85:94:60:8a:45:bf:6c:9b:30:c4:76:31:c6:bd:d8:0e:
8f:86:58:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxp7fQf3AE24nXgzsA92+iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmM2NlZDMwYjI4NTJlNTUyYzc4Mzc0NjcwMDNmMTc1ZWE1
OWRlNzMwHhcNMjMwMTAyMDg0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjI3MmJlODc2NDM4MDdmOTEwZDAxMzVkOGQyNzE2NGE0NTA3NWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJChvIc+6iJYlaaneZDRmhqZQoax
CUSmvpawsXiub+Ai6BSeffud3kjaqjLvW2OPJ5r/hIgp2IZADsdu0LMCOYGwFYxh
X+oJCXV5TygEKq4oTHX3lFVtugCDRGTGmq9UdMtB9q+VETB+r+LBjKcbN8ahHmYu
2r2s5MOQOeWXzWtfnKo35FfF2Z5glpS76FfX3oLUJyxsDsI3dX8mnFFYiAqF6I8a
zrR3P9JvA50ZMfnTWa4BPkOQfNwi4kLIx+nll+6AX1u94GCZZ8xx2MgnG4TCe83C
8PlCSO2WsPJKsQgngKnpCprnvPbcf7BQIKwKPyalSgRg8HABcjERYR6hqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOsnK+h2Q4B/kQ0BNdjScWSkUHXsMB8GA1UdIwQY
MBaAFI887TCyhS5VLHg3RnAD8XXqWd5zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanp6dE1MS0ZMbFVzZURkR2NBUHhkZXBaM25NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9kZjllMmQtYTAzMy00MGMwLWEwMGYt
ZTM0NGZkYjcyMmEzLzEvNnljcjZIWkRnSC1SRFFFMTJOSnhaS1JRZGV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9kZjllMmQtYTAzMy00MGMwLWEwMGYtZTM0NGZkYjcyMmEz
LzEvanp6dE1MS0ZMbFVzZURkR2NBUHhkZXBaM25NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZCMMA0G
CSqGSIb3DQEBCwUAA4IBAQB7iTKLPPmGqiGNfTsLSs7wbKv7FduBvOy7UqKo+fdi
c/SICRZQcYmQG+3dCKIOqZU72MagKUlazrfhw0WZkyNz13mG/mX4gAB+PXgo2PSA
Yu/q6W/vpPZncyBvQM93Z/JLToypdwNcCKn+qL2wxbkuN+2T/37xshCsQJ02a3Rj
bL7O1nUoCqQllQ0rDzklwfqLTwtSmJLddEw8cU8M/Kg13iLoqCteBoH7JRLdpKOn
R1pL0sM8HeikJclHdxPD+sKSGjdyB6M71hWXHZdhKYd+7VG2tTmIavVMyVJv/aOt
FHMg/ecW6x/X6y6p24WUYIpFv2ybMMR2Mca92A6Phlgj
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:37:27 2024 by rpki-client on console-fra.rpki-client.org