Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/6CiPhNhyRs-ZPoNaqpSR0icByRY.roa
File: 6CiPhNhyRs-ZPoNaqpSR0icByRY.roa (raw, json)
Hash identifier: 4BZMX2mjlvYvoVNZOcfEuJad1asxPBn4Oy5/QHLxrrc=
Subject key identifier: E8:28:8F:84:D8:72:46:CF:99:3E:83:5A:AA:94:91:D2:27:01:C9:16
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 01904E934C69EC8952BC32E944F85D508E32
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/6CiPhNhyRs-ZPoNaqpSR0icByRY.roa
Signing time: Tue 25 Jun 2024 08:46:34 +0000
ROA not before: Tue 25 Jun 2024 08:46:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30738
IP address blocks: 188.130.182.0/24 maxlen: 24
195.211.53.0/24 maxlen: 24
2001:1468::/32 maxlen: 33
2001:1468:8000::/36 maxlen: 36
Validation: Failed, certificate revoked on Mon 02 Sep 2024 14:49:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4e:93:4c:69:ec:89:52:bc:32:e9:44:f8:5d:50:8e:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jun 25 08:46:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e8288f84d87246cf993e835aaa9491d22701c916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:48:d2:dc:66:13:d8:83:af:4a:a6:08:d1:e8:
74:64:21:75:2a:20:2d:5a:a6:b1:df:93:8c:eb:71:
e0:20:cc:3e:b9:fe:06:13:cd:1d:ec:2f:e9:05:49:
d7:e6:c3:58:7d:43:e1:49:08:07:de:78:c1:73:15:
22:97:b4:8a:20:9a:e4:a4:50:25:81:11:2c:71:eb:
5b:b4:a4:4d:4b:29:82:dc:0b:1d:65:50:44:ec:de:
63:20:cb:78:30:e2:2e:3d:9a:2b:21:12:46:a2:31:
81:2c:31:fc:53:34:88:4c:80:cb:32:d7:81:09:bf:
7e:ed:f8:e1:91:c6:b2:a2:12:f8:e6:02:9f:d6:db:
5d:04:4d:b7:5d:bc:12:2c:e1:01:b8:b8:14:2f:e9:
16:40:e7:9a:ca:15:23:b3:eb:93:71:1a:7d:cd:c5:
b9:71:ef:e5:11:6b:36:4c:9d:b6:d1:a3:ba:81:40:
c5:91:4d:54:74:38:99:e9:35:db:f9:35:2e:21:58:
7a:bb:88:94:0a:87:5a:81:9f:58:02:d7:e3:cf:fd:
d2:ab:01:4a:68:f0:19:8b:1d:c9:ef:a5:5a:1b:07:
7d:15:40:28:36:85:72:d4:0a:c9:be:d4:8f:9b:64:
cf:7c:44:b2:bb:50:42:d1:d1:40:c9:2a:f7:6b:b7:
bf:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:28:8F:84:D8:72:46:CF:99:3E:83:5A:AA:94:91:D2:27:01:C9:16
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/6CiPhNhyRs-ZPoNaqpSR0icByRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.130.182.0/24
195.211.53.0/24
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
95:d8:a7:2b:c3:e6:37:9a:d9:63:67:ff:f9:c0:a5:b9:b1:8d:
5f:bb:46:fb:4d:2b:5f:3b:98:c2:00:d0:f4:d0:e4:0e:46:ed:
6b:4e:04:e2:26:6b:75:bb:4f:c1:f1:17:57:d9:17:cc:aa:0d:
9b:98:6a:77:2e:88:8f:3d:2b:4b:94:ac:19:40:06:43:05:c6:
c1:4c:c0:73:20:66:40:94:62:9b:28:9a:08:b4:a3:b1:4e:49:
d0:8b:e9:06:f7:7a:90:e5:bb:24:63:80:92:3c:9d:26:d7:a1:
bf:dd:b3:dc:01:ac:1c:51:28:9b:99:0f:56:d3:0e:a8:ff:c3:
13:b2:bc:5a:93:af:8f:f2:74:44:20:05:ad:d7:9a:1f:fa:83:
73:93:79:c8:3c:3e:5b:51:ea:58:42:f0:03:8b:d2:38:8c:14:
4f:67:c6:13:f5:87:34:73:c8:8f:70:4d:83:44:d4:b0:dd:38:
0f:23:0d:e2:97:01:3c:33:96:db:4b:75:8f:d9:b8:cd:17:18:
3c:0c:44:39:68:27:d9:54:02:d1:24:45:65:19:cd:1a:73:17:
8d:76:27:7d:c5:c3:e0:87:64:5c:cf:91:d8:38:72:96:09:97:
fd:59:73:24:1f:4f:d4:96:17:d0:69:bc:9e:75:8a:bc:e1:5d:
17:2f:5d:2a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZBOk0xp7IlSvDLpRPhdUI4yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQwNjI1MDg0NjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODI4OGY4NGQ4NzI0NmNmOTkzZTgzNWFhYTk0OTFkMjI3MDFjOTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzEjS3GYT2IOvSqYI0eh0ZCF1KiAt
Wqax35OM63HgIMw+uf4GE80d7C/pBUnX5sNYfUPhSQgH3njBcxUil7SKIJrkpFAl
gREscetbtKRNSymC3AsdZVBE7N5jIMt4MOIuPZorIRJGojGBLDH8UzSITIDLMteB
Cb9+7fjhkcayohL45gKf1ttdBE23XbwSLOEBuLgUL+kWQOeayhUjs+uTcRp9zcW5
ce/lEWs2TJ220aO6gUDFkU1UdDiZ6TXb+TUuIVh6u4iUCodagZ9YAtfjz/3SqwFK
aPAZix3J76VaGwd9FUAoNoVy1ArJvtSPm2TPfESyu1BC0dFAySr3a7e/LQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOgoj4TYckbPmT6DWqqUkdInAckWMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvNkNpUGhOaHlScy1aUG9OYXFwU1IwaWNCeVJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAvIK2AwQA
w9M1MA0EAgACMAcDBQAgARRoMA0GCSqGSIb3DQEBCwUAA4IBAQCV2Kcrw+Y3mtlj
Z//5wKW5sY1fu0b7TStfO5jCAND00OQORu1rTgTiJmt1u0/B8RdX2RfMqg2bmGp3
LoiPPStLlKwZQAZDBcbBTMBzIGZAlGKbKJoItKOxTknQi+kG93qQ5bskY4CSPJ0m
16G/3bPcAawcUSibmQ9W0w6o/8MTsrxak6+P8nREIAWt15of+oNzk3nIPD5bUepY
QvADi9I4jBRPZ8YT9Yc0c8iPcE2DRNSw3TgPIw3ilwE8M5bbS3WP2bjNFxg8DEQ5
aCfZVALRJEVlGc0acxeNdid9xcPgh2Rcz5HYOHKWCZf9WXMkH0/UlhfQabyedYq8
4V0XL10q
-----END CERTIFICATE-----
Generated at Mon Sep 2 18:31:11 2024 by rpki-client on console-ams.rpki-client.org