Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/6DP3JYR_m2BwK1-NqipsKxnlRkU.roa
File: 6DP3JYR_m2BwK1-NqipsKxnlRkU.roa (raw, json)
Hash identifier: kt6/kzR9FQlSxorMz/LehRvjpUt+T2WTDhWy9ZjfMNM=
Subject key identifier: E8:33:F7:25:84:7F:9B:60:70:2B:5F:8D:AA:2A:6C:2B:19:E5:46:45
Certificate issuer: /CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Certificate serial: 01889A4807BA659185BF0A202EC4EDD12E67
Authority key identifier: 66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/6DP3JYR_m2BwK1-NqipsKxnlRkU.roa
Signing time: Thu 08 Jun 2023 09:13:11 +0000
ROA not before: Thu 08 Jun 2023 09:13:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29075
IP address blocks: 91.109.176.0/20 maxlen: 20
85.118.32.0/19 maxlen: 19
128.204.224.0/20 maxlen: 20
141.255.144.0/20 maxlen: 20
185.177.180.0/22 maxlen: 22
185.118.0.0/22 maxlen: 22
185.123.24.0/22 maxlen: 22
45.94.124.0/22 maxlen: 22
45.10.224.0/22 maxlen: 22
178.20.48.0/21 maxlen: 21
212.85.144.0/20 maxlen: 20
188.121.224.0/19 maxlen: 19
2a02:2178::/29 maxlen: 29
2a00:1b88::/32 maxlen: 32
2a02:2178::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9a:48:07:ba:65:91:85:bf:0a:20:2e:c4:ed:d1:2e:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Validity
Not Before: Jun 8 09:13:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e833f725847f9b60702b5f8daa2a6c2b19e54645
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7c:b1:57:59:58:32:a5:7a:e0:25:2c:ec:81:
56:9b:2d:72:0e:0a:9f:b2:85:4c:b2:49:cb:ae:85:
ca:dd:64:89:5e:1e:45:9a:13:84:fe:4d:95:45:a3:
b6:fb:23:25:1d:08:d5:c3:6d:fb:8a:08:ca:d0:6c:
ad:f1:ea:72:9b:e6:b0:b8:d7:2f:71:b5:ee:52:92:
78:aa:7c:c9:fc:43:74:31:0e:b8:ae:8e:58:19:bb:
b1:46:fc:b0:61:dd:ec:fa:03:68:6f:a5:62:a2:40:
ef:44:65:8e:ea:85:7e:34:d8:d4:73:de:33:ee:fe:
47:8b:98:6f:65:e7:0e:c4:70:9f:43:00:9e:ec:17:
83:73:2a:f0:81:5b:63:1d:dc:34:ea:f5:ef:f9:57:
14:d4:a7:3d:fa:cb:63:c1:de:19:c1:1a:4f:69:87:
43:d0:01:18:dd:3d:83:5c:bf:6f:ae:a4:21:53:07:
49:f6:fb:18:b3:be:8a:28:eb:f3:08:29:62:c3:6f:
51:56:d9:b2:dc:75:a6:5e:d3:5f:29:c7:e5:ea:93:
03:6c:4a:0e:a9:21:aa:42:4a:11:00:83:54:e1:ca:
ab:9b:17:2f:0e:c3:49:5d:fe:c5:3c:d1:ab:ae:b0:
a3:a8:85:4f:ed:74:f8:86:e2:4c:76:09:63:af:d7:
fc:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:33:F7:25:84:7F:9B:60:70:2B:5F:8D:AA:2A:6C:2B:19:E5:46:45
X509v3 Authority Key Identifier:
keyid:66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/6DP3JYR_m2BwK1-NqipsKxnlRkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.224.0/22
45.94.124.0/22
85.118.32.0/19
91.109.176.0/20
128.204.224.0/20
141.255.144.0/20
178.20.48.0/21
185.118.0.0/22
185.123.24.0/22
185.177.180.0/22
188.121.224.0/19
212.85.144.0/20
IPv6:
2a00:1b88::/32
2a02:2178::/29
Signature Algorithm: sha256WithRSAEncryption
13:09:73:bd:96:16:28:8f:61:27:b3:62:41:28:b0:76:93:29:
28:c5:ed:eb:2a:16:a0:07:d2:13:5f:27:b9:8e:df:48:11:70:
aa:70:b1:89:dc:70:3e:86:df:08:40:57:92:16:3f:e0:fc:00:
8e:98:07:08:3c:60:01:35:7a:72:4a:29:dd:8d:e1:15:8b:c2:
db:59:8c:ca:07:bd:a6:31:ef:95:87:fa:37:06:18:dc:24:72:
6b:f8:b7:c4:6e:33:40:40:5d:c3:ea:01:dd:c8:a0:53:e8:f2:
a6:3e:d4:f3:78:54:b3:0b:4c:ea:35:6a:54:6a:df:c8:97:e8:
05:aa:eb:f8:71:2a:a6:1e:bd:dd:ef:53:2a:37:d0:6e:e2:43:
79:4c:85:16:c0:d1:6d:e8:cb:86:a5:3e:d2:cd:c5:a7:f5:52:
1c:f2:28:29:8c:b0:28:90:4d:cc:9c:60:c0:a6:9a:75:23:69:
a4:b4:a4:38:16:ab:e7:ce:55:1f:74:8a:df:2c:b6:13:a0:2a:
52:8e:8b:57:b1:87:46:d7:3a:c8:f2:7e:ae:f3:b5:e2:9c:48:
6d:0d:c8:42:3a:65:d1:14:aa:e2:d3:c2:24:8b:e7:f6:6e:3c:
36:90:1a:31:2d:d9:f2:bb:b8:5f:d7:3b:45:e3:86:e6:f2:55:
2b:ac:5f:4f
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYiaSAe6ZZGFvwogLsTt0S5nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGUxZDlkY2RiMjVjMWU1MzJjNWM5YjY5ZGZhNzU3ZTMw
NjIxMGUwHhcNMjMwNjA4MDkxMzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODMzZjcyNTg0N2Y5YjYwNzAyYjVmOGRhYTJhNmMyYjE5ZTU0NjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnyxV1lYMqV64CUs7IFWmy1yDgqf
soVMsknLroXK3WSJXh5FmhOE/k2VRaO2+yMlHQjVw237igjK0Gyt8epym+awuNcv
cbXuUpJ4qnzJ/EN0MQ64ro5YGbuxRvywYd3s+gNob6ViokDvRGWO6oV+NNjUc94z
7v5Hi5hvZecOxHCfQwCe7BeDcyrwgVtjHdw06vXv+VcU1Kc9+stjwd4ZwRpPaYdD
0AEY3T2DXL9vrqQhUwdJ9vsYs76KKOvzCCliw29RVtmy3HWmXtNfKcfl6pMDbEoO
qSGqQkoRAINU4cqrmxcvDsNJXf7FPNGrrrCjqIVP7XT4huJMdgljr9f8ewIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFOgz9yWEf5tgcCtfjaoqbCsZ5UZFMB8GA1UdIwQY
MBaAFGbeHZ3NslweUyxcm2nfp1fjBiEOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYt
NDA0Nzk4NzA5NzZlLzEvNkRQM0pZUl9tMkJ3SzEtTnFpcHNLeG5sUmtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYtNDA0Nzk4NzA5NzZl
LzEvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBOBAIAATBIAwQCLQrgAwQC
LV58AwQFVXYgAwQEW22wAwQEgMzgAwQEjf+QAwQDshQwAwQCuXYAAwQCuXsYAwQC
ubG0AwQFvHngAwQE1FWQMBQEAgACMA4DBQAqABuIAwUDKgIheDANBgkqhkiG9w0B
AQsFAAOCAQEAEwlzvZYWKI9hJ7NiQSiwdpMpKMXt6yoWoAfSE18nuY7fSBFwqnCx
idxwPobfCEBXkhY/4PwAjpgHCDxgATV6ckop3Y3hFYvC21mMyge9pjHvlYf6NwYY
3CRya/i3xG4zQEBdw+oB3cigU+jypj7U83hUswtM6jVqVGrfyJfoBarr+HEqph69
3e9TKjfQbuJDeUyFFsDRbejLhqU+0s3Fp/VSHPIoKYywKJBNzJxgwKaadSNppLSk
OBar585VH3SK3yy2E6AqUo6LV7GHRtc6yPJ+rvO14pxIbQ3IQjpl0RSq4tPCJIvn
9m48NpAaMS3Z8ru4X9c7ReOG5vJVK6xfTw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:47 2024 by rpki-client on console-ams.rpki-client.org