Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/c47ce0-e291-42fe-b3f8-cec16333d7f2/1/C6MVX7hUv0dd8vijiR_HqFiXR94.roa
File: C6MVX7hUv0dd8vijiR_HqFiXR94.roa (raw, json)
Hash identifier: bpXYDi1umL/M0MAMORsH5xb9oVBqmZGN3f4fsLaMkCA=
Subject key identifier: 0B:A3:15:5F:B8:54:BF:47:5D:F2:F8:A3:89:1F:C7:A8:58:97:47:DE
Certificate issuer: /CN=fae491ff2896127ce88ecba44cec74c63fbe1ab5
Certificate serial: 018CC56EF306156E6C24798E28D80EA4B93D
Authority key identifier: FA:E4:91:FF:28:96:12:7C:E8:8E:CB:A4:4C:EC:74:C6:3F:BE:1A:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-uSR_yiWEnzojsukTOx0xj--GrU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/c47ce0-e291-42fe-b3f8-cec16333d7f2/1/C6MVX7hUv0dd8vijiR_HqFiXR94.roa
Signing time: Mon 01 Jan 2024 14:30:31 +0000
ROA not before: Mon 01 Jan 2024 14:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12703
IP address blocks: 185.43.76.0/22 maxlen: 22
2a01:6ca0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 09 Jan 2024 10:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:f3:06:15:6e:6c:24:79:8e:28:d8:0e:a4:b9:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fae491ff2896127ce88ecba44cec74c63fbe1ab5
Validity
Not Before: Jan 1 14:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ba3155fb854bf475df2f8a3891fc7a8589747de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:8e:b7:d9:18:5f:09:59:63:a3:4b:4e:b6:28:
91:8a:b6:12:7b:f9:e8:23:41:d1:e8:64:e0:f7:fa:
5a:67:66:2c:96:68:62:fb:b0:b3:12:44:2d:1f:ee:
e6:17:16:12:c2:b8:29:5a:db:b7:dd:c3:c5:67:af:
54:04:28:20:f9:40:88:2e:ef:71:62:4b:f2:04:a8:
c4:b1:08:98:4d:40:7e:e4:5b:e0:da:8e:9f:6f:6a:
89:1b:34:b0:54:09:f8:a9:18:84:de:0b:cd:5c:a2:
a4:a8:cb:85:18:ee:8c:d8:52:3d:87:4a:71:a8:5e:
98:2f:df:5f:32:05:cc:d8:c5:a1:65:c7:68:1a:72:
25:c8:70:bf:4e:99:03:3a:b3:04:56:8a:cf:ea:92:
e1:57:60:cd:d9:db:02:5a:cb:2a:bf:2f:ff:9a:3e:
6f:05:be:5b:99:75:d0:17:6c:68:c7:89:10:29:ef:
94:59:25:cc:43:01:ab:18:a1:15:07:9c:ad:12:4f:
05:b9:15:cd:12:ff:e7:e6:78:6a:ff:f6:73:a1:f9:
b6:18:49:34:1c:bc:7c:5e:b3:c4:85:6b:6f:74:1b:
43:83:8a:89:af:88:32:aa:aa:1e:26:ca:8c:58:d3:
76:9a:41:55:33:c3:99:22:f0:97:e5:8d:96:5e:11:
33:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:A3:15:5F:B8:54:BF:47:5D:F2:F8:A3:89:1F:C7:A8:58:97:47:DE
X509v3 Authority Key Identifier:
keyid:FA:E4:91:FF:28:96:12:7C:E8:8E:CB:A4:4C:EC:74:C6:3F:BE:1A:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-uSR_yiWEnzojsukTOx0xj--GrU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c47ce0-e291-42fe-b3f8-cec16333d7f2/1/C6MVX7hUv0dd8vijiR_HqFiXR94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c47ce0-e291-42fe-b3f8-cec16333d7f2/1/1-uSR_yiWEnzojsukTOx0xj--GrU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.43.76.0/22
IPv6:
2a01:6ca0::/32
Signature Algorithm: sha256WithRSAEncryption
16:dc:d3:81:70:d7:bc:10:58:d9:45:59:ea:a0:cc:0e:01:38:
f5:20:05:fa:78:a3:67:21:df:84:49:8c:f6:4f:91:12:90:be:
1b:21:1f:0b:a2:76:2d:88:13:91:99:ac:da:d2:91:8d:80:7a:
97:61:af:4b:76:ea:58:03:9f:e3:7d:b7:a5:27:6b:cc:c8:0c:
1b:d7:0d:89:66:10:24:62:4e:97:37:d2:d9:69:ac:fd:f1:7f:
e1:66:80:c9:c8:9d:2b:85:e9:a2:24:0e:f8:48:55:62:fb:72:
6b:ab:62:01:99:2c:be:98:5b:ad:c2:a9:71:d2:87:a8:08:42:
05:cd:38:29:bc:60:f0:cb:c4:74:4a:83:2d:fa:08:bb:16:8d:
d5:e3:e6:af:ca:fc:78:86:ac:31:d2:7a:7f:ba:99:86:33:0b:
d6:59:19:29:e5:53:91:c4:7b:30:84:26:6a:be:e6:4e:b7:0f:
60:24:17:b1:58:ab:67:e6:da:91:4f:6a:2b:01:3b:d8:4e:73:
40:20:ff:24:d5:8b:cd:b5:b1:af:20:e0:07:39:d7:09:8a:85:
b1:9e:49:07:a9:e8:ab:6e:0a:1e:e5:54:43:0f:b4:d8:0a:6c:
e4:3c:65:85:e8:06:14:bb:fa:f5:b5:d7:5b:f3:5c:a6:55:6f:
80:cb:9e:45
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzFbvMGFW5sJHmOKNgOpLk9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhZTQ5MWZmMjg5NjEyN2NlODhlY2JhNDRjZWM3NGM2M2Zi
ZTFhYjUwHhcNMjQwMTAxMTQzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmEzMTU1ZmI4NTRiZjQ3NWRmMmY4YTM4OTFmYzdhODU4OTc0N2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwY632RhfCVljo0tOtiiRirYSe/no
I0HR6GTg9/paZ2Yslmhi+7CzEkQtH+7mFxYSwrgpWtu33cPFZ69UBCgg+UCILu9x
YkvyBKjEsQiYTUB+5Fvg2o6fb2qJGzSwVAn4qRiE3gvNXKKkqMuFGO6M2FI9h0px
qF6YL99fMgXM2MWhZcdoGnIlyHC/TpkDOrMEVorP6pLhV2DN2dsCWssqvy//mj5v
Bb5bmXXQF2xox4kQKe+UWSXMQwGrGKEVB5ytEk8FuRXNEv/n5nhq//Zzofm2GEk0
HLx8XrPEhWtvdBtDg4qJr4gyqqoeJsqMWNN2mkFVM8OZIvCX5Y2WXhEzewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAujFV+4VL9HXfL4o4kfx6hYl0feMB8GA1UdIwQY
MBaAFPrkkf8olhJ86I7LpEzsdMY/vhq1MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS11U1JfeWlXRW56b2pzdWtUT3gweGotLUdyVS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGQvYzQ3Y2UwLWUyOTEtNDJmZS1iM2Y4
LWNlYzE2MzMzZDdmMi8xL0M2TVZYN2hVdjBkZDh2aWppUl9IcUZpWFI5NC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGQvYzQ3Y2UwLWUyOTEtNDJmZS1iM2Y4LWNlYzE2MzMzZDdm
Mi8xLzEtdVNSX3lpV0Vuem9qc3VrVE94MHhqLS1HclUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAK5K0ww
DQQCAAIwBwMFACoBbKAwDQYJKoZIhvcNAQELBQADggEBABbc04Fw17wQWNlFWeqg
zA4BOPUgBfp4o2ch34RJjPZPkRKQvhshHwuidi2IE5GZrNrSkY2Aepdhr0t26lgD
n+N9t6Una8zIDBvXDYlmECRiTpc30tlprP3xf+FmgMnInSuF6aIkDvhIVWL7cmur
YgGZLL6YW63CqXHSh6gIQgXNOCm8YPDLxHRKgy36CLsWjdXj5q/K/HiGrDHSen+6
mYYzC9ZZGSnlU5HEezCEJmq+5k63D2AkF7FYq2fm2pFPaisBO9hOc0Ag/yTVi821
sa8g4Ac51wmKhbGeSQep6KtuCh7lVEMPtNgKbOQ8ZYXoBhS7+vW111vzXKZVb4DL
nkU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:21 2025 by rpki-client