Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/6pJ-SFc9QWFvw3j5eFOTPk6_VWs.roa
File: 6pJ-SFc9QWFvw3j5eFOTPk6_VWs.roa (raw, json)
Hash identifier: i3WYVLZn3cLXH7kfvj3qt8i5+8A1hgz7M5lw5xwbaBo=
Subject key identifier: EA:92:7E:48:57:3D:41:61:6F:C3:78:F9:78:53:93:3E:4E:BF:55:6B
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 018CC2DADDBDEAD28B00C32261369321BE7E
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/6pJ-SFc9QWFvw3j5eFOTPk6_VWs.roa
Signing time: Mon 01 Jan 2024 02:29:32 +0000
ROA not before: Mon 01 Jan 2024 02:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201113
IP address blocks: 195.136.162.0/23 maxlen: 23
88.220.154.0/24 maxlen: 24
88.220.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:dd:bd:ea:d2:8b:00:c3:22:61:36:93:21:be:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 1 02:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea927e48573d41616fc378f97853933e4ebf556b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:27:50:ce:1f:15:db:80:e5:73:62:5c:78:aa:
e1:f2:fe:1e:37:2f:99:5b:2b:0c:89:42:0d:f8:9a:
77:c7:ae:7d:e2:a7:a4:22:5d:74:66:43:78:13:1d:
d1:a6:40:29:e6:46:4f:61:48:57:ec:68:19:2f:e8:
83:39:12:eb:6c:e2:a3:e3:9f:ef:11:98:bb:d8:e6:
5c:69:7f:e9:42:c1:8f:8c:fb:0f:94:c6:fe:e1:cc:
25:23:52:14:20:2a:0d:b9:af:94:cf:14:47:5d:0c:
59:e8:01:5a:86:05:3e:d5:ca:5a:02:fa:3b:53:c0:
d7:59:11:9a:1d:0f:05:8e:6d:7d:16:f2:74:62:63:
7f:22:f1:af:ac:72:9f:e9:bb:f6:7a:72:5f:be:3b:
4f:cc:45:4a:14:ac:21:44:88:9f:c2:18:9e:91:89:
13:27:c5:4c:d1:94:49:57:23:e3:4d:9b:c3:ec:28:
2c:b4:61:de:76:9d:b0:5b:b5:1d:44:93:58:04:d1:
39:0d:84:7c:74:bc:bf:aa:26:d1:17:05:79:cd:da:
6e:65:21:61:52:43:f6:ef:c9:6d:d7:16:c5:f6:6f:
76:c8:e9:5a:e5:75:79:61:e2:b3:3c:cb:84:d1:51:
36:f9:fd:43:87:bd:8b:5d:66:7f:5f:48:b3:83:cd:
fe:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:92:7E:48:57:3D:41:61:6F:C3:78:F9:78:53:93:3E:4E:BF:55:6B
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/6pJ-SFc9QWFvw3j5eFOTPk6_VWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.220.154.0/24
88.220.167.0/24
195.136.162.0/23
Signature Algorithm: sha256WithRSAEncryption
63:39:d1:f9:06:89:09:4a:eb:d3:73:2b:e2:83:24:d1:11:43:
f3:10:8b:d9:5b:13:70:a5:aa:02:94:ff:d0:11:75:83:7e:3c:
d1:d7:b1:ba:ce:e4:18:9d:5a:f5:94:dd:aa:ce:85:2a:51:72:
2a:18:9d:18:79:3d:8d:a7:4c:3a:b3:67:d1:a4:25:1b:fa:f2:
c5:77:4a:b5:c5:4e:e3:9f:4b:26:94:86:68:21:c4:6f:13:a8:
2b:e2:bd:f3:bd:ce:8d:8c:ef:58:a1:87:d6:f5:4a:8f:30:21:
c9:09:29:9d:62:d8:34:b5:74:28:41:2a:e0:90:41:f4:7a:33:
8c:ce:d6:66:e4:b4:00:a5:a7:ff:7b:c4:98:c6:7c:18:2e:6d:
03:a4:6c:c3:2d:b5:89:16:3f:21:14:cb:76:d0:67:87:d3:48:
45:c7:d3:16:5c:4e:d2:42:79:ed:7b:74:b4:0d:44:74:a8:a9:
2e:2d:a4:05:ef:5c:49:a7:28:c6:d0:63:75:bc:16:ce:15:22:
39:8f:48:fd:f5:f5:28:ae:f7:6b:d1:37:1b:f8:f4:40:d7:4d:
5a:80:dc:87:37:83:49:d1:11:0a:1e:e1:b6:75:97:d3:47:58:
ae:31:d6:1e:03:84:8a:07:34:0c:8b:53:28:a1:fe:b2:be:1a:
8a:cc:08:20
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzC2t296tKLAMMiYTaTIb5+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjQwMTAxMDIyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTkyN2U0ODU3M2Q0MTYxNmZjMzc4Zjk3ODUzOTMzZTRlYmY1NTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSdQzh8V24Dlc2JceKrh8v4eNy+Z
WysMiUIN+Jp3x6594qekIl10ZkN4Ex3RpkAp5kZPYUhX7GgZL+iDORLrbOKj45/v
EZi72OZcaX/pQsGPjPsPlMb+4cwlI1IUICoNua+UzxRHXQxZ6AFahgU+1cpaAvo7
U8DXWRGaHQ8Fjm19FvJ0YmN/IvGvrHKf6bv2enJfvjtPzEVKFKwhRIifwhiekYkT
J8VM0ZRJVyPjTZvD7CgstGHedp2wW7UdRJNYBNE5DYR8dLy/qibRFwV5zdpuZSFh
UkP278lt1xbF9m92yOla5XV5YeKzPMuE0VE2+f1Dh72LXWZ/X0izg83+LwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOqSfkhXPUFhb8N4+XhTkz5Ov1VrMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvNnBKLVNGYzlRV0Z2dzNqNWVGT1RQazZfVldzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWNyaAwQA
WNynAwQBw4iiMA0GCSqGSIb3DQEBCwUAA4IBAQBjOdH5BokJSuvTcyvigyTREUPz
EIvZWxNwpaoClP/QEXWDfjzR17G6zuQYnVr1lN2qzoUqUXIqGJ0YeT2Np0w6s2fR
pCUb+vLFd0q1xU7jn0smlIZoIcRvE6gr4r3zvc6NjO9YoYfW9UqPMCHJCSmdYtg0
tXQoQSrgkEH0ejOMztZm5LQApaf/e8SYxnwYLm0DpGzDLbWJFj8hFMt20GeH00hF
x9MWXE7SQnnte3S0DUR0qKkuLaQF71xJpyjG0GN1vBbOFSI5j0j99fUorvdr0Tcb
+PRA101agNyHN4NJ0REKHuG2dZfTR1iuMdYeA4SKBzQMi1Moof6yvhqKzAgg
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:51:16 2025 by rpki-client