Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/39081f-5003-41ed-b80a-3fae034c489e/1/6lAt2uKE_Yfl7SOy_BViO7iz4rY.roa
File: 6lAt2uKE_Yfl7SOy_BViO7iz4rY.roa (raw, json)
Hash identifier: v1KC7X6P/FVe1T0KQv4XFp8/gDD8P4vw0m9xYc12tDQ=
Subject key identifier: EA:50:2D:DA:E2:84:FD:87:E5:ED:23:B2:FC:15:62:3B:B8:B3:E2:B6
Certificate issuer: /CN=b169a49700e0c3b8e39a79130c987a5000ccffe2
Certificate serial: 01893E368F74B45D5AABC1AD5F0597C0393F
Authority key identifier: B1:69:A4:97:00:E0:C3:B8:E3:9A:79:13:0C:98:7A:50:00:CC:FF:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sWmklwDgw7jjmnkTDJh6UADM_-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/39081f-5003-41ed-b80a-3fae034c489e/1/6lAt2uKE_Yfl7SOy_BViO7iz4rY.roa
Signing time: Mon 10 Jul 2023 05:11:50 +0000
ROA not before: Mon 10 Jul 2023 05:11:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16302
IP address blocks: 83.142.72.0/21 maxlen: 21
217.119.32.0/20 maxlen: 20
77.246.192.0/20 maxlen: 20
79.134.96.0/19 maxlen: 19
80.248.240.0/20 maxlen: 20
185.163.14.0/23 maxlen: 23
188.127.192.0/19 maxlen: 19
185.9.8.0/22 maxlen: 22
2a00:1190::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:31:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:3e:36:8f:74:b4:5d:5a:ab:c1:ad:5f:05:97:c0:39:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b169a49700e0c3b8e39a79130c987a5000ccffe2
Validity
Not Before: Jul 10 05:11:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea502ddae284fd87e5ed23b2fc15623bb8b3e2b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:91:0e:5a:42:75:ef:69:18:3b:01:96:4a:0a:
d3:39:c8:e2:ca:15:2f:59:c7:dd:ba:74:8a:eb:83:
1a:90:d4:92:d6:b8:aa:7a:4e:5b:42:85:5d:0d:68:
9d:22:0c:34:70:eb:ac:38:6a:45:ed:95:bc:83:76:
c3:eb:f4:fe:c4:64:8f:4b:67:3f:1e:7c:1a:fb:07:
2e:df:47:7a:0d:45:11:ba:19:49:e4:c4:f1:b6:75:
09:cc:ce:54:7f:d2:4d:38:1d:f3:04:be:83:00:bb:
ce:e3:02:b1:61:22:db:39:8c:97:50:7d:b0:79:e5:
51:20:30:86:eb:ee:28:30:b7:7d:38:86:54:3d:2d:
ca:3a:9b:0d:7b:ad:d3:f8:e1:85:d8:4a:d6:a1:3d:
4e:da:5f:d4:68:bf:29:81:18:ac:0d:36:d1:dd:ab:
28:7a:e6:12:1a:2e:51:65:8b:3b:42:ad:59:73:33:
b2:0b:f7:d1:26:98:62:64:ab:66:c7:a6:5a:ff:f7:
62:ea:6a:e5:54:29:1e:c0:e8:55:cd:fd:34:c3:28:
f6:a7:fb:82:d5:a0:5a:4f:80:80:64:eb:5a:1b:27:
6a:54:d2:fd:c4:c9:0c:96:20:6f:48:51:d3:70:28:
ea:9c:e3:9b:49:ce:6b:2a:ac:ee:16:70:1a:05:f7:
f1:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:50:2D:DA:E2:84:FD:87:E5:ED:23:B2:FC:15:62:3B:B8:B3:E2:B6
X509v3 Authority Key Identifier:
keyid:B1:69:A4:97:00:E0:C3:B8:E3:9A:79:13:0C:98:7A:50:00:CC:FF:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sWmklwDgw7jjmnkTDJh6UADM_-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/39081f-5003-41ed-b80a-3fae034c489e/1/6lAt2uKE_Yfl7SOy_BViO7iz4rY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/39081f-5003-41ed-b80a-3fae034c489e/1/sWmklwDgw7jjmnkTDJh6UADM_-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.246.192.0/20
79.134.96.0/19
80.248.240.0/20
83.142.72.0/21
185.9.8.0/22
185.163.14.0/23
188.127.192.0/19
217.119.32.0/20
IPv6:
2a00:1190::/32
Signature Algorithm: sha256WithRSAEncryption
90:76:84:59:fd:6f:20:b1:61:c4:58:85:ad:5f:3d:3a:22:f1:
6c:23:cc:c2:db:8a:18:8e:e6:7b:e2:e5:29:e3:29:f4:ad:fd:
a5:c2:a6:11:b7:d1:e8:6f:5b:2b:87:89:b1:a5:a5:26:81:94:
e1:65:b9:5b:88:0c:e4:2f:69:d7:88:d1:26:28:4a:11:fa:fb:
1a:3d:43:85:5b:30:c5:21:ae:64:6b:cf:0f:68:04:b1:a9:b4:
69:3f:c5:48:63:e1:00:0f:d4:fb:a9:9b:43:61:67:cf:90:44:
58:d7:6d:84:7d:59:65:7d:03:b6:34:f1:92:10:4a:64:99:0c:
7c:1d:9c:30:82:8c:fe:02:02:71:ad:65:8c:84:a6:ee:4f:62:
76:8c:5a:a7:fb:df:62:95:c7:9a:6e:6c:89:ec:8d:17:e0:17:
ad:c2:19:8f:99:0d:3c:fe:ba:5e:a7:ba:fd:97:44:df:32:f4:
a4:ac:32:ed:dd:f6:c6:68:c0:b5:11:ad:c1:a5:d2:f5:78:84:
9d:9e:1f:d7:e3:e1:06:09:5a:f6:b1:89:a7:87:4c:cd:c5:0e:
e3:c7:0d:21:a7:ff:25:16:22:54:01:8c:ba:5e:c9:db:f5:fe:
43:e1:e0:d5:81:cb:02:60:0c:b9:46:7c:34:cd:d3:61:a6:a7:
d9:ee:6f:e6
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYk+No90tF1aq8GtXwWXwDk/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNjlhNDk3MDBlMGMzYjhlMzlhNzkxMzBjOTg3YTUwMDBj
Y2ZmZTIwHhcNMjMwNzEwMDUxMTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTUwMmRkYWUyODRmZDg3ZTVlZDIzYjJmYzE1NjIzYmI4YjNlMmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5EOWkJ172kYOwGWSgrTOcjiyhUv
WcfdunSK64MakNSS1riqek5bQoVdDWidIgw0cOusOGpF7ZW8g3bD6/T+xGSPS2c/
Hnwa+wcu30d6DUURuhlJ5MTxtnUJzM5Uf9JNOB3zBL6DALvO4wKxYSLbOYyXUH2w
eeVRIDCG6+4oMLd9OIZUPS3KOpsNe63T+OGF2ErWoT1O2l/UaL8pgRisDTbR3aso
euYSGi5RZYs7Qq1ZczOyC/fRJphiZKtmx6Za//di6mrlVCkewOhVzf00wyj2p/uC
1aBaT4CAZOtaGydqVNL9xMkMliBvSFHTcCjqnOObSc5rKqzuFnAaBffxOwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFOpQLdrihP2H5e0jsvwVYju4s+K2MB8GA1UdIwQY
MBaAFLFppJcA4MO445p5EwyYelAAzP/iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1dta2x3RGd3N2pqbW5rVERKaDZVQURNXy1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zOTA4MWYtNTAwMy00MWVkLWI4MGEt
M2ZhZTAzNGM0ODllLzEvNmxBdDJ1S0VfWWZsN1NPeV9CVmlPN2l6NHJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zOTA4MWYtNTAwMy00MWVkLWI4MGEtM2ZhZTAzNGM0ODll
LzEvc1dta2x3RGd3N2pqbW5rVERKaDZVQURNXy1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQETfbAAwQF
T4ZgAwQEUPjwAwQDU45IAwQCuQkIAwQBuaMOAwQFvH/AAwQE2XcgMA0EAgACMAcD
BQAqABGQMA0GCSqGSIb3DQEBCwUAA4IBAQCQdoRZ/W8gsWHEWIWtXz06IvFsI8zC
24oYjuZ74uUp4yn0rf2lwqYRt9Hob1srh4mxpaUmgZThZblbiAzkL2nXiNEmKEoR
+vsaPUOFWzDFIa5ka88PaASxqbRpP8VIY+EAD9T7qZtDYWfPkERY122EfVllfQO2
NPGSEEpkmQx8HZwwgoz+AgJxrWWMhKbuT2J2jFqn+99ilceabmyJ7I0X4BetwhmP
mQ08/rpep7r9l0TfMvSkrDLt3fbGaMC1Ea3BpdL1eISdnh/X4+EGCVr2sYmnh0zN
xQ7jxw0hp/8lFiJUAYy6Xsnb9f5D4eDVgcsCYAy5Rnw0zdNhpqfZ7m/m
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:00 2024 by rpki-client on console-ams.rpki-client.org