Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/00ddaf-3be5-420d-919f-3b4cb975a9bc/1/9jQIy5JFHQPlsNieD60KBOC1Vpg.roa
File: 9jQIy5JFHQPlsNieD60KBOC1Vpg.roa (raw, json)
Hash identifier: e55pcW6mv8uDWzcIM19uUQXuWOc2dDk99zkMvIu3l4g=
Subject key identifier: F6:34:08:CB:92:45:1D:03:E5:B0:D8:9E:0F:AD:0A:04:E0:B5:56:98
Certificate issuer: /CN=b9b87b3b09ccb69a6de20468e90ecbb18f5ecbb6
Certificate serial: 018A5F6C8EC725B41F0DEACC73306835FF31
Authority key identifier: B9:B8:7B:3B:09:CC:B6:9A:6D:E2:04:68:E9:0E:CB:B1:8F:5E:CB:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ubh7OwnMtppt4gRo6Q7LsY9ey7Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/00ddaf-3be5-420d-919f-3b4cb975a9bc/1/9jQIy5JFHQPlsNieD60KBOC1Vpg.roa
Signing time: Mon 04 Sep 2023 09:01:04 +0000
ROA not before: Mon 04 Sep 2023 09:01:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33923
IP address blocks: 194.6.246.0/24 maxlen: 32
185.183.236.0/22 maxlen: 32
194.145.184.0/22 maxlen: 32
94.246.128.0/18 maxlen: 32
2a00:1a40::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5f:6c:8e:c7:25:b4:1f:0d:ea:cc:73:30:68:35:ff:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9b87b3b09ccb69a6de20468e90ecbb18f5ecbb6
Validity
Not Before: Sep 4 09:01:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f63408cb92451d03e5b0d89e0fad0a04e0b55698
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:75:aa:49:5b:66:c8:c6:f6:a9:0d:47:25:f8:
0d:6c:5e:b4:5a:4e:3c:cd:ce:7a:90:93:74:c5:0d:
b1:00:e9:c2:9e:f0:46:73:70:e4:5d:29:18:b9:87:
6b:b1:c5:e5:00:7c:26:70:14:1d:30:b4:a4:2a:e0:
d6:6d:a7:ce:d3:76:1b:31:35:d0:be:6b:22:db:f4:
97:a0:9f:de:15:19:6e:07:f1:2a:97:af:23:a6:a6:
d6:9a:dc:12:09:4e:d2:3c:af:db:e2:f7:04:40:e7:
e1:32:68:de:47:d9:b3:7f:42:08:be:3e:bc:41:16:
e9:37:e1:fc:c4:39:2a:00:fa:6a:4c:4f:e8:19:29:
92:e4:91:6f:c2:a1:d0:99:55:b0:5f:7c:25:c4:c4:
4b:78:1a:4e:a6:9e:8f:ed:55:65:e4:4d:2a:bb:ae:
2b:8c:a2:46:20:32:4f:55:4c:82:f5:cb:7e:b1:d3:
9e:01:da:60:95:b3:6c:5e:24:3b:51:ce:d1:69:f0:
ae:a5:73:60:85:76:ac:d6:ac:89:8f:1d:0c:76:8e:
d0:d4:3f:a3:ec:17:ce:94:9c:2f:16:2c:e5:92:b0:
92:66:47:6e:e3:7d:fa:87:55:70:73:bf:f0:90:75:
f2:a5:3c:9f:42:88:91:34:51:4a:90:22:c4:3e:59:
fb:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:34:08:CB:92:45:1D:03:E5:B0:D8:9E:0F:AD:0A:04:E0:B5:56:98
X509v3 Authority Key Identifier:
keyid:B9:B8:7B:3B:09:CC:B6:9A:6D:E2:04:68:E9:0E:CB:B1:8F:5E:CB:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ubh7OwnMtppt4gRo6Q7LsY9ey7Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/00ddaf-3be5-420d-919f-3b4cb975a9bc/1/9jQIy5JFHQPlsNieD60KBOC1Vpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/00ddaf-3be5-420d-919f-3b4cb975a9bc/1/ubh7OwnMtppt4gRo6Q7LsY9ey7Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.246.128.0/18
185.183.236.0/22
194.6.246.0/24
194.145.184.0/22
IPv6:
2a00:1a40::/32
Signature Algorithm: sha256WithRSAEncryption
49:d8:a3:d6:77:12:fc:3f:09:bb:a0:0d:ee:44:d0:41:f0:8b:
9c:d9:c9:dc:e0:d4:8f:08:54:54:66:bf:98:4f:a8:27:d6:8c:
11:b8:ff:72:6f:dc:8e:a0:2d:be:79:4d:ba:58:c6:5c:7a:33:
55:5c:5b:fb:48:aa:6d:4c:6e:70:d3:c3:15:0b:0a:8c:bb:af:
be:85:0a:da:0d:a4:11:12:a2:bf:a4:69:05:25:cf:56:07:25:
f9:08:07:51:07:28:2b:06:d6:1c:41:76:74:d4:27:9e:4e:13:
94:d9:0f:48:85:52:4a:7e:ab:bd:bf:09:31:04:25:59:de:47:
60:ec:f0:82:e7:03:ed:46:7f:2e:ac:f9:75:44:64:b1:75:c6:
48:f0:fa:bc:f7:f6:c4:fc:f7:06:e3:3a:8d:ab:67:f9:b3:bb:
0a:89:6a:27:93:f4:72:04:7f:6b:b7:c2:32:5f:c1:ef:a3:31:
39:ba:c7:1f:39:6c:ba:83:c9:05:a6:29:ea:c1:07:23:db:bb:
f9:ea:0d:ec:af:e5:2a:1d:3d:d9:23:20:1e:bc:49:73:0e:88:
86:01:88:95:1a:af:64:b7:b7:d1:db:f7:91:96:29:eb:b6:1d:
fc:eb:48:48:dd:43:4c:be:99:14:3a:1d:05:be:62:4c:1a:64:
22:45:fb:b2
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYpfbI7HJbQfDerMczBoNf8xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5Yjg3YjNiMDljY2I2OWE2ZGUyMDQ2OGU5MGVjYmIxOGY1
ZWNiYjYwHhcNMjMwOTA0MDkwMTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjM0MDhjYjkyNDUxZDAzZTViMGQ4OWUwZmFkMGEwNGUwYjU1Njk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHWqSVtmyMb2qQ1HJfgNbF60Wk48
zc56kJN0xQ2xAOnCnvBGc3DkXSkYuYdrscXlAHwmcBQdMLSkKuDWbafO03YbMTXQ
vmsi2/SXoJ/eFRluB/Eql68jpqbWmtwSCU7SPK/b4vcEQOfhMmjeR9mzf0IIvj68
QRbpN+H8xDkqAPpqTE/oGSmS5JFvwqHQmVWwX3wlxMRLeBpOpp6P7VVl5E0qu64r
jKJGIDJPVUyC9ct+sdOeAdpglbNsXiQ7Uc7RafCupXNghXas1qyJjx0Mdo7Q1D+j
7BfOlJwvFizlkrCSZkdu4336h1Vwc7/wkHXypTyfQoiRNFFKkCLEPln7/QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPY0CMuSRR0D5bDYng+tCgTgtVaYMB8GA1UdIwQY
MBaAFLm4ezsJzLaabeIEaOkOy7GPXsu2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWJoN093bk10cHB0NGdSbzZRN0xzWTlleTdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8wMGRkYWYtM2JlNS00MjBkLTkxOWYt
M2I0Y2I5NzVhOWJjLzEvOWpRSXk1SkZIUVBsc05pZUQ2MEtCT0MxVnBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8wMGRkYWYtM2JlNS00MjBkLTkxOWYtM2I0Y2I5NzVhOWJj
LzEvdWJoN093bk10cHB0NGdSbzZRN0xzWTlleTdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGXvaAAwQC
ubfsAwQAwgb2AwQCwpG4MA0EAgACMAcDBQAqABpAMA0GCSqGSIb3DQEBCwUAA4IB
AQBJ2KPWdxL8Pwm7oA3uRNBB8Iuc2cnc4NSPCFRUZr+YT6gn1owRuP9yb9yOoC2+
eU26WMZcejNVXFv7SKptTG5w08MVCwqMu6++hQraDaQREqK/pGkFJc9WByX5CAdR
BygrBtYcQXZ01CeeThOU2Q9IhVJKfqu9vwkxBCVZ3kdg7PCC5wPtRn8urPl1RGSx
dcZI8Pq89/bE/PcG4zqNq2f5s7sKiWonk/RyBH9rt8IyX8HvozE5uscfOWy6g8kF
pinqwQcj27v56g3sr+UqHT3ZIyAevElzDoiGAYiVGq9kt7fR2/eRlinrth3860hI
3UNMvpkUOh0FvmJMGmQiRfuy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:38 2024 by rpki-client on console-ams.rpki-client.org