Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/6zhIZtPKg-koJSYlAGuNnRiW01M.roa
File: 6zhIZtPKg-koJSYlAGuNnRiW01M.roa (raw, json)
Hash identifier: AIkdROzEzimX6mIiPmaQb0OMqugwzKEMrobXllHtPTs=
Subject key identifier: EB:38:48:66:D3:CA:83:E9:28:25:26:25:00:6B:8D:9D:18:96:D3:53
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0191E1AC4660AF071C6F87CB69B282441155
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/6zhIZtPKg-koJSYlAGuNnRiW01M.roa
Signing time: Wed 11 Sep 2024 15:20:49 +0000
ROA not before: Wed 11 Sep 2024 15:20:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 93.88.203.0/24 maxlen: 24
194.50.111.0/24 maxlen: 24
2a0e:97c0:411::/48 maxlen: 48
2a0e:97c0:8e0::/48 maxlen: 48
2a0e:b107:19a0::/48 maxlen: 48
2a0e:b107:1a63::/48 maxlen: 48
2a0e:b107:1a64::/48 maxlen: 48
2a0e:b107:2880::/46 maxlen: 48
Validation: Failed, certificate revoked on Fri 08 Nov 2024 01:44:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e1:ac:46:60:af:07:1c:6f:87:cb:69:b2:82:44:11:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 11 15:20:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eb384866d3ca83e928252625006b8d9d1896d353
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:04:d4:65:97:67:c6:06:3d:58:a3:b8:5b:c4:
db:0b:01:4e:1e:13:b9:b7:d4:5c:60:fd:d6:9b:9d:
72:df:b9:99:ca:c3:2b:7e:61:49:09:80:52:ff:88:
1a:0f:91:aa:90:f6:23:2b:cb:0a:fc:66:af:93:20:
c8:08:21:e3:54:12:0b:fe:96:57:7b:25:7c:38:4c:
ab:29:af:94:c1:cf:bc:64:81:ca:d0:01:72:52:db:
64:69:ed:86:3e:f6:35:58:b2:9c:11:a0:47:93:3e:
77:40:54:f2:e8:fe:13:55:80:40:fa:62:37:09:7a:
2a:12:df:40:6a:c7:8b:c2:5d:4a:f2:c4:ed:a8:4d:
29:4a:0e:24:80:0e:0b:98:d6:66:ed:21:61:fc:fe:
09:b9:d8:94:66:61:52:49:3e:08:bd:b7:40:f9:56:
47:51:a2:2f:63:5e:96:a8:dc:9e:0e:13:6f:37:ef:
f9:f1:a5:78:af:2d:76:e6:d9:99:6d:9f:c3:d5:e2:
92:21:bf:b6:6c:bf:c5:7f:1f:d8:52:4a:8e:ff:80:
5e:53:54:a8:d8:a2:af:ae:ff:a9:1e:f0:4a:c0:ee:
0f:27:d8:7b:b3:60:79:50:f8:37:67:80:e9:30:b2:
78:ac:c4:b2:60:c4:a7:5d:2d:10:56:56:ad:56:87:
cd:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:38:48:66:D3:CA:83:E9:28:25:26:25:00:6B:8D:9D:18:96:D3:53
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/6zhIZtPKg-koJSYlAGuNnRiW01M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.88.203.0/24
194.50.111.0/24
IPv6:
2a0e:97c0:411::/48
2a0e:97c0:8e0::/48
2a0e:b107:19a0::/48
2a0e:b107:1a63::-2a0e:b107:1a64:ffff:ffff:ffff:ffff:ffff
2a0e:b107:2880::/46
Signature Algorithm: sha256WithRSAEncryption
45:37:8a:fc:35:b2:03:d8:f9:f3:83:87:b7:be:a1:2f:3c:6b:
71:ff:10:49:e7:8a:0e:c3:ee:6c:94:89:0d:bb:65:f4:ef:dc:
34:51:bd:36:a0:81:0f:09:22:01:87:c4:83:27:c9:4e:0a:20:
27:5d:75:2e:a5:ae:8e:60:0f:0a:22:cc:0f:3f:e6:8a:f8:65:
ab:72:b5:e4:96:a5:63:e5:49:5d:fd:e3:86:58:1e:b9:77:07:
ad:3b:96:7a:04:7f:8a:5d:df:d7:7f:fd:5f:a7:c1:d6:9c:24:
b5:27:10:6a:00:23:ae:d8:fe:e0:f2:65:28:dd:a6:a1:92:65:
24:a0:89:1a:a4:2b:6b:da:23:3d:d1:0c:c0:c4:92:a1:12:b4:
89:a7:20:5f:7c:52:cd:a3:8e:81:36:75:89:2a:33:65:58:8b:
b4:00:67:de:3b:ea:82:8f:65:40:17:7c:09:fb:46:d2:32:2a:
66:9b:0b:c7:51:ca:39:84:5a:91:da:79:7a:3e:fb:47:15:09:
dc:78:df:55:0a:13:27:6a:e4:b0:cc:a3:75:7f:00:b6:8c:7f:
6a:a5:17:b0:10:18:ce:61:6d:8e:e7:9b:df:de:f3:65:07:e4:
ea:0a:71:37:38:2b:6c:bf:b5:29:5b:55:80:6e:53:58:bf:21:
a4:a6:6d:2e
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZHhrEZgrwccb4fLabKCRBFVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwOTExMTUyMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjM4NDg2NmQzY2E4M2U5MjgyNTI2MjUwMDZiOGQ5ZDE4OTZkMzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwTUZZdnxgY9WKO4W8TbCwFOHhO5
t9RcYP3Wm51y37mZysMrfmFJCYBS/4gaD5GqkPYjK8sK/GavkyDICCHjVBIL/pZX
eyV8OEyrKa+Uwc+8ZIHK0AFyUttkae2GPvY1WLKcEaBHkz53QFTy6P4TVYBA+mI3
CXoqEt9AaseLwl1K8sTtqE0pSg4kgA4LmNZm7SFh/P4JudiUZmFSST4IvbdA+VZH
UaIvY16WqNyeDhNvN+/58aV4ry125tmZbZ/D1eKSIb+2bL/Ffx/YUkqO/4BeU1So
2KKvrv+pHvBKwO4PJ9h7s2B5UPg3Z4DpMLJ4rMSyYMSnXS0QVlatVofNLQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFOs4SGbTyoPpKCUmJQBrjZ0YltNTMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvNnpoSVp0UEtnLWtvSlNZbEFHdU5uUmlXMDFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDASBAIAATAMAwQAXVjLAwQA
wjJvMD4EAgACMDgDBwAqDpfABBEDBwAqDpfACOADBwAqDrEHGaAwEgMHACoOsQca
YwMHACoOsQcaZAMHAioOsQcogDANBgkqhkiG9w0BAQsFAAOCAQEARTeK/DWyA9j5
84OHt76hLzxrcf8QSeeKDsPubJSJDbtl9O/cNFG9NqCBDwkiAYfEgyfJTgogJ111
LqWujmAPCiLMDz/mivhlq3K15JalY+VJXf3jhlgeuXcHrTuWegR/il3f13/9X6fB
1pwktScQagAjrtj+4PJlKN2moZJlJKCJGqQra9ojPdEMwMSSoRK0iacgX3xSzaOO
gTZ1iSozZViLtABn3jvqgo9lQBd8CftG0jIqZpsLx1HKOYRakdp5ej77RxUJ3Hjf
VQoTJ2rksMyjdX8Atox/aqUXsBAYzmFtjueb397zZQfk6gpxNzgrbL+1KVtVgG5T
WL8hpKZtLg==
-----END CERTIFICATE-----
Generated at Fri Nov 8 06:33:12 2024 by rpki-client on console-ams.rpki-client.org