Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/6dy0cOHtuFPltzZWfEcegQyb6BE.roa
File: 6dy0cOHtuFPltzZWfEcegQyb6BE.roa (raw, json)
Hash identifier: Hk+vCrVzGRyfIP638tO1BpgjYPGYdiYbspb6I9qkYG4=
Subject key identifier: E9:DC:B4:70:E1:ED:B8:53:E5:B7:36:56:7C:47:1E:81:0C:9B:E8:11
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018DCA27280A58025BFBCD31A0CA3F1A6588
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/6dy0cOHtuFPltzZWfEcegQyb6BE.roa
Signing time: Wed 21 Feb 2024 05:33:00 +0000
ROA not before: Wed 21 Feb 2024 05:33:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212042
IP address blocks: 2.57.242.0/24 maxlen: 24
89.34.219.0/24 maxlen: 24
89.35.130.0/24 maxlen: 24
185.198.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Mar 2024 18:38:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ca:27:28:0a:58:02:5b:fb:cd:31:a0:ca:3f:1a:65:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Feb 21 05:33:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e9dcb470e1edb853e5b736567c471e810c9be811
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:2b:7a:d7:4f:bf:2d:23:a2:27:20:bc:17:c8:
a9:94:fe:5d:f4:df:92:c9:72:4d:8e:a4:d1:34:7b:
77:3d:a5:d6:3a:d5:45:cb:79:f5:67:e2:51:51:ec:
05:d5:37:e8:01:86:4e:da:49:4b:22:c4:cc:79:83:
08:d7:5d:fd:b4:34:1a:74:7b:60:2f:c2:67:c6:94:
44:da:9f:37:da:04:18:24:04:67:c1:62:90:0f:26:
03:24:55:0c:30:84:fc:da:53:7a:67:5e:96:45:fc:
6d:37:2d:ff:b0:7c:4a:f3:cd:02:08:36:97:b4:7c:
1e:88:0c:07:9b:83:5f:a5:76:06:a2:ef:fd:cb:f9:
52:ce:72:b9:ff:fa:9d:7c:47:ca:13:42:7e:ef:79:
b9:9b:67:41:a8:30:e9:45:0b:65:5f:58:fe:f4:c8:
cd:ca:94:b8:81:ff:5a:1d:58:49:cd:1c:bf:fd:8f:
09:91:98:4f:95:6b:e4:38:a1:ea:4c:93:5a:8a:de:
c8:93:8e:53:61:de:89:8e:cf:ba:e9:c8:59:d2:f5:
31:0f:29:5c:a0:c1:ee:a4:37:ae:68:8f:0d:39:7a:
e0:c7:14:f7:a4:d9:4a:19:cf:5d:77:95:49:a1:b5:
67:2b:50:8e:56:a6:79:09:78:92:9e:9a:8f:31:79:
0b:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:DC:B4:70:E1:ED:B8:53:E5:B7:36:56:7C:47:1E:81:0C:9B:E8:11
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/6dy0cOHtuFPltzZWfEcegQyb6BE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.242.0/24
89.34.219.0/24
89.35.130.0/24
185.198.235.0/24
Signature Algorithm: sha256WithRSAEncryption
27:f9:e8:84:5f:79:5c:ec:a6:bd:72:73:11:03:e0:38:c1:25:
13:ce:1b:8d:3d:f7:af:44:c7:dc:14:a3:fb:ac:71:cd:5d:ff:
ac:67:cd:77:c9:cc:59:7f:60:cc:ca:7c:41:fe:0e:32:ff:7b:
83:20:96:62:28:6b:29:cf:10:5d:a8:2e:24:95:62:56:ea:10:
81:aa:01:19:27:91:61:d9:70:16:c0:e3:f4:87:c1:c4:5d:f8:
be:4d:1a:81:6b:6c:ee:79:fd:99:7b:01:c1:c6:be:27:48:25:
d6:8a:4b:20:95:ae:15:e7:af:06:e0:5c:de:ae:9f:a8:ea:50:
40:fe:e0:71:40:d7:d0:18:24:56:a0:48:16:4b:5a:02:fa:3f:
bc:2c:3d:b7:09:5d:f8:a1:46:36:5b:79:72:87:85:8b:42:94:
8c:0e:9c:5b:fd:2a:eb:24:70:aa:bf:d7:fa:ef:94:58:5f:86:
8c:f2:c8:e2:1c:1d:4b:4d:ed:3d:df:73:97:23:10:7c:47:04:
4d:f2:f5:fd:ea:c5:8b:93:b3:5a:42:5c:bb:f7:c0:39:70:1c:
cb:33:c4:28:6b:13:10:d4:ff:a0:08:62:90:61:6f:38:cc:cf:
22:82:fb:18:3c:19:e9:7e:4d:c0:d1:e8:d6:45:05:cd:08:52:
bd:87:cf:83
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY3KJygKWAJb+80xoMo/GmWIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwMjIxMDUzMzAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWRjYjQ3MGUxZWRiODUzZTViNzM2NTY3YzQ3MWU4MTBjOWJlODExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSt610+/LSOiJyC8F8iplP5d9N+S
yXJNjqTRNHt3PaXWOtVFy3n1Z+JRUewF1TfoAYZO2klLIsTMeYMI1139tDQadHtg
L8JnxpRE2p832gQYJARnwWKQDyYDJFUMMIT82lN6Z16WRfxtNy3/sHxK880CCDaX
tHweiAwHm4NfpXYGou/9y/lSznK5//qdfEfKE0J+73m5m2dBqDDpRQtlX1j+9MjN
ypS4gf9aHVhJzRy//Y8JkZhPlWvkOKHqTJNait7Ik45TYd6Jjs+66chZ0vUxDylc
oMHupDeuaI8NOXrgxxT3pNlKGc9dd5VJobVnK1COVqZ5CXiSnpqPMXkLWwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOnctHDh7bhT5bc2VnxHHoEMm+gRMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvNmR5MGNPSHR1RlBsdHpaV2ZFY2VnUXliNkJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAjnyAwQA
WSLbAwQAWSOCAwQAucbrMA0GCSqGSIb3DQEBCwUAA4IBAQAn+eiEX3lc7Ka9cnMR
A+A4wSUTzhuNPfevRMfcFKP7rHHNXf+sZ813ycxZf2DMynxB/g4y/3uDIJZiKGsp
zxBdqC4klWJW6hCBqgEZJ5Fh2XAWwOP0h8HEXfi+TRqBa2zuef2ZewHBxr4nSCXW
iksgla4V568G4Fzerp+o6lBA/uBxQNfQGCRWoEgWS1oC+j+8LD23CV34oUY2W3ly
h4WLQpSMDpxb/SrrJHCqv9f675RYX4aM8sjiHB1LTe0933OXIxB8RwRN8vX96sWL
k7NaQly798A5cBzLM8QoaxMQ1P+gCGKQYW84zM8igvsYPBnpfk3A0ejWRQXNCFK9
h8+D
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:12 2024 by rpki-client on console-ams.rpki-client.org