Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/6Qh82t5GuefArhOxgZC48ZGwTFU.roa
File: 6Qh82t5GuefArhOxgZC48ZGwTFU.roa (raw, json)
Hash identifier: +IJw66NH3hhdUXV98c31Emy1ybXaI4gKMS3wjeaoXsU=
Subject key identifier: E9:08:7C:DA:DE:46:B9:E7:C0:AE:13:B1:81:90:B8:F1:91:B0:4C:55
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 018EEF183ADB6D6FFFD11754C68301F513C3
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/6Qh82t5GuefArhOxgZC48ZGwTFU.roa
Signing time: Thu 18 Apr 2024 02:45:26 +0000
ROA not before: Thu 18 Apr 2024 02:45:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30738
IP address blocks: 46.8.224.0/20 maxlen: 24
188.130.154.0/24 maxlen: 24
188.130.182.0/24 maxlen: 24
195.211.53.0/24 maxlen: 24
2001:1468::/32 maxlen: 33
2001:1468:8000::/36 maxlen: 36
Validation: Failed, certificate revoked on Tue 04 Jun 2024 09:16:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ef:18:3a:db:6d:6f:ff:d1:17:54:c6:83:01:f5:13:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Apr 18 02:45:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e9087cdade46b9e7c0ae13b18190b8f191b04c55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:c1:08:21:3c:5e:f5:2f:1c:52:34:df:72:eb:
de:2c:88:0f:73:26:be:b6:72:f5:ee:d1:56:b5:37:
7a:8f:30:27:f0:2c:5b:63:f4:2c:89:e8:68:01:aa:
44:bb:ae:e9:fe:76:0f:45:e9:55:ec:3d:da:94:9f:
3c:11:b7:17:26:18:b0:93:88:e4:69:70:be:2a:52:
c7:9f:e7:f5:94:0a:0e:8d:6d:68:0e:db:a3:46:3a:
93:0d:52:d0:58:22:b4:34:ed:18:4a:55:83:bd:a7:
f4:0e:e9:3b:41:e3:1b:d5:28:b1:0f:58:11:fa:ca:
e3:51:33:9f:78:d9:9e:5c:a1:fa:e9:72:a4:3b:a7:
20:5e:b7:8d:5e:d4:3e:e0:6c:d1:e0:d9:f1:0d:ad:
34:53:37:de:65:0c:87:84:37:bf:a9:d1:5f:07:67:
ab:a0:32:c8:01:32:34:d1:73:22:af:62:b7:4e:19:
4f:5b:e7:3a:3f:04:a2:6c:15:91:95:96:2b:e6:5f:
7f:7f:ab:ed:2f:fa:f9:06:58:d6:e7:cf:a5:8a:2d:
78:70:8d:40:a0:c1:69:d4:16:70:cb:30:81:a7:48:
ec:a9:9a:61:90:89:61:ae:34:48:eb:c5:12:5e:55:
46:a4:37:67:36:ff:5e:e7:3d:df:06:6b:37:84:ea:
df:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:08:7C:DA:DE:46:B9:E7:C0:AE:13:B1:81:90:B8:F1:91:B0:4C:55
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/6Qh82t5GuefArhOxgZC48ZGwTFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.224.0/20
188.130.154.0/24
188.130.182.0/24
195.211.53.0/24
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
95:ee:e4:8b:68:8c:cd:a4:3b:c3:06:ec:b4:96:99:69:6e:10:
89:7d:e0:6f:2c:2b:f4:68:ee:b0:11:a4:4a:d6:eb:b4:4b:44:
01:d4:62:43:1c:5a:4b:12:8a:3e:fd:bf:b5:bb:d3:7d:ed:b7:
40:14:fa:89:e8:c5:4e:b6:fc:08:b4:1d:f8:80:42:07:20:50:
48:91:fb:74:ff:34:52:58:a5:7d:d0:c1:7b:68:cf:fe:0b:b5:
8d:da:29:60:2a:03:59:d1:b0:36:1e:5f:8a:60:6d:97:2e:8b:
7f:1e:e3:15:6d:49:2d:29:e7:43:b1:3f:2f:d9:5f:f0:3f:58:
63:e9:92:26:4e:c5:da:1d:97:28:27:e0:b4:35:a4:a8:22:8a:
55:90:af:36:ff:00:7f:83:62:a4:19:e0:9b:da:f2:d7:b6:ac:
0a:f0:79:4f:c6:6d:cb:b6:fd:3b:cc:17:c8:a2:50:b5:6b:fa:
39:ab:31:51:7a:46:c8:b2:d3:67:8b:06:50:b4:11:4c:ac:e9:
7f:49:ba:07:ff:30:b2:c5:cf:f1:36:35:5e:dd:4d:86:1e:d3:
88:41:63:44:fd:08:22:52:8a:59:77:c1:85:a7:e3:8f:16:05:
29:b0:45:03:69:83:50:32:b9:6c:d1:2d:43:ac:3b:c9:20:a2:
e7:51:7c:63
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY7vGDrbbW//0RdUxoMB9RPDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQwNDE4MDI0NTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTA4N2NkYWRlNDZiOWU3YzBhZTEzYjE4MTkwYjhmMTkxYjA0YzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8EIITxe9S8cUjTfcuveLIgPcya+
tnL17tFWtTd6jzAn8CxbY/QsiehoAapEu67p/nYPRelV7D3alJ88EbcXJhiwk4jk
aXC+KlLHn+f1lAoOjW1oDtujRjqTDVLQWCK0NO0YSlWDvaf0Duk7QeMb1SixD1gR
+srjUTOfeNmeXKH66XKkO6cgXreNXtQ+4GzR4NnxDa00UzfeZQyHhDe/qdFfB2er
oDLIATI00XMir2K3ThlPW+c6PwSibBWRlZYr5l9/f6vtL/r5BljW58+lii14cI1A
oMFp1BZwyzCBp0jsqZphkIlhrjRI68USXlVGpDdnNv9e5z3fBms3hOrf/wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFOkIfNreRrnnwK4TsYGQuPGRsExVMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvNlFoODJ0NUd1ZWZBcmhPeGdaQzQ4Wkd3VEZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQELgjgAwQA
vIKaAwQAvIK2AwQAw9M1MA0EAgACMAcDBQAgARRoMA0GCSqGSIb3DQEBCwUAA4IB
AQCV7uSLaIzNpDvDBuy0lplpbhCJfeBvLCv0aO6wEaRK1uu0S0QB1GJDHFpLEoo+
/b+1u9N97bdAFPqJ6MVOtvwItB34gEIHIFBIkft0/zRSWKV90MF7aM/+C7WN2ilg
KgNZ0bA2Hl+KYG2XLot/HuMVbUktKedDsT8v2V/wP1hj6ZImTsXaHZcoJ+C0NaSo
IopVkK82/wB/g2KkGeCb2vLXtqwK8HlPxm3Ltv07zBfIolC1a/o5qzFRekbIstNn
iwZQtBFMrOl/SboH/zCyxc/xNjVe3U2GHtOIQWNE/QgiUopZd8GFp+OPFgUpsEUD
aYNQMrls0S1DrDvJIKLnUXxj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:00 2024 by rpki-client on console-ams.rpki-client.org