Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/aJ6J8rH-9DL7_FhBDExhjDDr928.roa
File: aJ6J8rH-9DL7_FhBDExhjDDr928.roa (raw, json)
Hash identifier: d/f0pOuUKvVnAY9gVfL5WAkXNJyIA4nEpy1fks36kLY=
Subject key identifier: 68:9E:89:F2:B1:FE:F4:32:FB:FC:58:41:0C:4C:61:8C:30:EB:F7:6F
Certificate issuer: /CN=ab1c800aa1b78a17a43e19fd9938355d0411e94a
Certificate serial: 018963E669827F0CCBB58AB0FC6CAD764A1D
Authority key identifier: AB:1C:80:0A:A1:B7:8A:17:A4:3E:19:FD:99:38:35:5D:04:11:E9:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qxyACqG3ihekPhn9mTg1XQQR6Uo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/aJ6J8rH-9DL7_FhBDExhjDDr928.roa
Signing time: Mon 17 Jul 2023 12:49:51 +0000
ROA not before: Mon 17 Jul 2023 12:49:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21182
IP address blocks: 217.173.192.0/21 maxlen: 21
217.173.200.0/23 maxlen: 23
217.173.206.0/23 maxlen: 23
185.178.158.0/24 maxlen: 24
185.178.156.0/23 maxlen: 23
185.178.156.0/22 maxlen: 22
2a04:9440::/30 maxlen: 30
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:63:e6:69:82:7f:0c:cb:b5:8a:b0:fc:6c:ad:76:4a:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab1c800aa1b78a17a43e19fd9938355d0411e94a
Validity
Not Before: Jul 17 12:49:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=689e89f2b1fef432fbfc58410c4c618c30ebf76f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:99:9e:14:6a:f6:70:bf:66:47:26:e8:67:29:
63:d5:d7:ed:43:31:73:00:3a:51:68:68:3a:a2:31:
62:df:ab:b5:b2:8a:c2:64:a2:dd:7a:42:8a:31:e1:
bb:9c:f9:02:aa:35:3c:04:6f:03:3e:5a:e7:fd:63:
ec:d2:e3:fd:88:9c:ed:fa:70:0f:2a:99:a4:6d:13:
ab:50:94:77:11:cd:e5:8c:91:f2:e0:13:31:9e:c3:
57:54:1d:f6:60:97:66:40:19:6d:61:d1:2f:16:32:
b8:70:08:de:b1:7a:b9:d9:ba:e3:2b:48:9e:15:da:
0b:df:dd:4d:86:ed:00:82:a5:90:79:26:95:dd:87:
f6:8d:05:8d:00:f0:55:08:c3:ed:96:97:c1:db:05:
bc:42:6b:42:78:13:41:8b:b5:5c:66:2f:0d:e4:ae:
97:72:e2:3c:52:8a:45:41:59:d8:41:0b:b5:93:e1:
c0:66:51:7c:1a:e7:0d:e1:d9:f6:10:76:40:49:95:
89:47:cf:9e:c7:a6:77:68:ce:5b:ae:7e:7c:a5:e8:
a9:31:32:ad:28:9b:18:e9:49:70:86:52:47:b4:4a:
0d:14:8f:62:64:19:2b:60:f8:24:02:3f:f7:86:c0:
5a:ca:39:76:a4:b4:5e:d8:cd:03:89:19:3f:68:65:
4e:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:9E:89:F2:B1:FE:F4:32:FB:FC:58:41:0C:4C:61:8C:30:EB:F7:6F
X509v3 Authority Key Identifier:
keyid:AB:1C:80:0A:A1:B7:8A:17:A4:3E:19:FD:99:38:35:5D:04:11:E9:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qxyACqG3ihekPhn9mTg1XQQR6Uo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/aJ6J8rH-9DL7_FhBDExhjDDr928.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/qxyACqG3ihekPhn9mTg1XQQR6Uo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.178.156.0/22
217.173.192.0-217.173.201.255
217.173.206.0/23
IPv6:
2a04:9440::/30
Signature Algorithm: sha256WithRSAEncryption
c9:d5:1b:56:02:df:fc:7c:d8:0b:34:60:6c:38:8f:67:80:b7:
0c:db:4e:de:8c:1f:0b:17:e5:a7:28:93:00:e3:ae:6c:72:a9:
3c:c8:4a:cd:e4:dd:d4:c7:98:fc:4d:1e:2a:0b:33:f7:b9:0f:
b5:0a:0a:a7:e5:06:86:05:be:68:55:91:ec:df:85:53:75:7a:
74:72:62:bd:5b:c7:ac:53:b0:fc:b9:0f:01:cf:77:78:7b:cd:
39:93:f3:12:e1:e6:ca:6e:98:64:93:e2:74:c4:91:58:a2:12:
72:82:1a:d3:5c:ea:6e:a2:b0:e6:73:ae:8b:86:00:46:d2:fd:
ad:a8:f2:e7:9d:67:e6:2c:fb:83:54:b9:dd:90:f7:94:4a:e7:
cb:a6:97:69:3e:50:db:6d:05:59:9f:25:ea:89:ce:3d:25:ed:
9b:b5:2e:b7:90:4c:5e:e8:62:72:81:fc:2e:b2:05:1e:2e:b6:
15:6e:6b:48:1a:07:ac:44:07:d4:fe:f6:c6:d0:75:f5:a4:12:
1e:25:6d:56:23:7b:27:16:24:7b:a3:1c:62:b9:1f:73:6d:0d:
71:85:2f:60:b9:88:fc:d2:10:62:7c:e1:9c:72:cc:f1:81:96:
5d:ba:6d:41:4b:e3:79:1d:e4:82:66:3a:27:5f:a3:43:60:80:
f4:5b:27:1e
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYlj5mmCfwzLtYqw/GytdkodMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMWM4MDBhYTFiNzhhMTdhNDNlMTlmZDk5MzgzNTVkMDQx
MWU5NGEwHhcNMjMwNzE3MTI0OTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODllODlmMmIxZmVmNDMyZmJmYzU4NDEwYzRjNjE4YzMwZWJmNzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZmeFGr2cL9mRyboZylj1dftQzFz
ADpRaGg6ojFi36u1sorCZKLdekKKMeG7nPkCqjU8BG8DPlrn/WPs0uP9iJzt+nAP
KpmkbROrUJR3Ec3ljJHy4BMxnsNXVB32YJdmQBltYdEvFjK4cAjesXq52brjK0ie
FdoL391Nhu0AgqWQeSaV3Yf2jQWNAPBVCMPtlpfB2wW8QmtCeBNBi7VcZi8N5K6X
cuI8UopFQVnYQQu1k+HAZlF8GucN4dn2EHZASZWJR8+ex6Z3aM5brn58peipMTKt
KJsY6UlwhlJHtEoNFI9iZBkrYPgkAj/3hsBayjl2pLRe2M0DiRk/aGVOrwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFGieifKx/vQy+/xYQQxMYYww6/dvMB8GA1UdIwQY
MBaAFKscgAqht4oXpD4Z/Zk4NV0EEelKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXh5QUNxRzNpaGVrUGhuOW1UZzFYUVFSNlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS8xYjFjYTAtYmJmMi00NDE5LThhMGMt
NTBjYmNiNWIxOWMyLzEvYUo2SjhySC05REw3X0ZoQkRFeGhqRERyOTI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS8xYjFjYTAtYmJmMi00NDE5LThhMGMtNTBjYmNiNWIxOWMy
LzEvcXh5QUNxRzNpaGVrUGhuOW1UZzFYUVFSNlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCubKcMAwD
BAbZrcADBAHZrcgDBAHZrc4wDQQCAAIwBwMFAioElEAwDQYJKoZIhvcNAQELBQAD
ggEBAMnVG1YC3/x82As0YGw4j2eAtwzbTt6MHwsX5acokwDjrmxyqTzISs3k3dTH
mPxNHioLM/e5D7UKCqflBoYFvmhVkezfhVN1enRyYr1bx6xTsPy5DwHPd3h7zTmT
8xLh5spumGST4nTEkViiEnKCGtNc6m6isOZzrouGAEbS/a2o8uedZ+Ys+4NUud2Q
95RK58uml2k+UNttBVmfJeqJzj0l7Zu1LreQTF7oYnKB/C6yBR4uthVua0gaB6xE
B9T+9sbQdfWkEh4lbVYjeycWJHujHGK5H3NtDXGFL2C5iPzSEGJ84ZxyzPGBll26
bUFL43kd5IJmOidfo0NggPRbJx4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:42 2024 by rpki-client on console-fra.rpki-client.org