Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/7e0ebb-4686-406e-b99f-21faf144cb62/1/sDbXgQEqDG63QZLAKxi08DbPbvw.roa
File: sDbXgQEqDG63QZLAKxi08DbPbvw.roa (raw, json)
Hash identifier: hFy7OeQR3NNuXnhZxxIz3w7z7UoRszJ/JyyucLF4RC0=
Subject key identifier: B0:36:D7:81:01:2A:0C:6E:B7:41:92:C0:2B:18:B4:F0:36:CF:6E:FC
Certificate issuer: /CN=9a7b9a8cd819f4a920334d7e72ec2340870d7749
Certificate serial: 018842EF62C426F1D17CF71EF87EF8BFE434
Authority key identifier: 9A:7B:9A:8C:D8:19:F4:A9:20:33:4D:7E:72:EC:23:40:87:0D:77:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mnuajNgZ9KkgM01-cuwjQIcNd0k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/7e0ebb-4686-406e-b99f-21faf144cb62/1/sDbXgQEqDG63QZLAKxi08DbPbvw.roa
Signing time: Mon 22 May 2023 10:09:24 +0000
ROA not before: Mon 22 May 2023 10:09:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24638
IP address blocks: 81.19.64.0/19 maxlen: 24
91.220.133.0/24 maxlen: 24
185.110.56.0/22 maxlen: 24
2a02:6b0::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:42:ef:62:c4:26:f1:d1:7c:f7:1e:f8:7e:f8:bf:e4:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a7b9a8cd819f4a920334d7e72ec2340870d7749
Validity
Not Before: May 22 10:09:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b036d781012a0c6eb74192c02b18b4f036cf6efc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:57:3d:16:19:89:35:5d:9b:f7:6a:05:cf:e3:
28:7d:52:8f:03:62:5d:2a:e2:b0:91:56:75:bb:e1:
d3:be:8a:c6:1b:1b:d0:0d:22:2f:33:43:7a:76:8b:
9e:4e:74:9c:1d:fe:65:de:51:91:b7:37:8f:9c:47:
3b:34:4e:f6:f5:61:14:a1:57:91:67:05:76:8c:b7:
aa:3f:69:cf:05:d1:f6:39:73:b1:3d:20:39:79:d1:
3e:e8:74:a2:c5:d4:a3:18:02:1b:33:f4:c4:fe:2a:
28:b1:3e:d2:34:87:dd:7c:84:58:ac:d9:39:3b:27:
93:cf:a4:54:04:d2:6f:2f:b7:20:1a:10:6e:49:bf:
bc:30:ea:b4:92:73:ed:b5:0e:ad:92:b2:53:9f:77:
04:20:ba:9c:2b:d1:60:5d:72:64:ba:82:ca:74:02:
51:55:97:49:9d:2c:3e:ad:05:c0:b5:00:4c:3f:f9:
19:bb:7f:b1:31:fe:31:5b:70:67:00:19:95:6e:97:
32:a6:79:92:55:46:09:02:41:ac:2c:32:b8:21:d4:
5f:d4:46:c7:27:36:00:58:74:07:30:8e:31:12:87:
19:5e:7a:46:da:d6:74:fa:70:53:7d:c0:15:7d:09:
e9:0e:7a:7a:ac:af:9d:0b:3d:e4:05:43:e1:12:1e:
06:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:36:D7:81:01:2A:0C:6E:B7:41:92:C0:2B:18:B4:F0:36:CF:6E:FC
X509v3 Authority Key Identifier:
keyid:9A:7B:9A:8C:D8:19:F4:A9:20:33:4D:7E:72:EC:23:40:87:0D:77:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mnuajNgZ9KkgM01-cuwjQIcNd0k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7e0ebb-4686-406e-b99f-21faf144cb62/1/sDbXgQEqDG63QZLAKxi08DbPbvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7e0ebb-4686-406e-b99f-21faf144cb62/1/mnuajNgZ9KkgM01-cuwjQIcNd0k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.64.0/19
91.220.133.0/24
185.110.56.0/22
IPv6:
2a02:6b0::/32
Signature Algorithm: sha256WithRSAEncryption
6f:83:82:7f:96:5c:85:40:94:6d:04:f6:4d:df:3e:a3:b0:73:
22:9c:26:5b:13:ab:df:5e:32:6f:81:e9:aa:7a:3a:b6:ea:d9:
f5:17:f9:28:5e:0c:24:bf:8d:ec:56:ce:ff:91:74:b0:cd:9f:
c0:31:a3:74:6a:e9:35:1d:bc:70:76:84:1e:de:06:32:fb:50:
3a:b8:74:a4:fc:ca:6f:05:ec:9b:60:20:c8:43:c4:95:27:20:
14:79:77:94:81:08:66:9e:2f:84:cf:94:87:65:73:ac:74:36:
b0:67:d2:4f:85:82:b6:d1:1b:f2:3a:df:b2:5a:c4:15:be:3b:
38:d1:77:a8:6a:c3:14:fb:99:d3:d1:c8:f3:d5:1a:e3:f2:79:
67:3e:35:86:eb:83:50:7f:1a:37:e1:c0:5f:d0:1f:c5:09:c9:
8b:07:7b:6c:65:46:4d:40:a3:71:7e:5b:06:fb:92:c2:c5:14:
0e:0b:52:d5:0c:c4:58:5c:b1:5b:a2:4d:b1:14:a7:aa:19:f8:
17:b6:a2:9b:d2:df:ea:bc:79:69:16:80:24:4e:f4:84:3e:1b:
8f:29:5b:2d:4f:4c:6a:a7:18:2d:38:a3:b0:7d:f9:68:36:98:
ba:97:7d:12:44:ac:fa:13:f1:01:c5:c3:f9:fa:07:7a:47:7f:
b2:5d:e4:2d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYhC72LEJvHRfPce+H74v+Q0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhN2I5YThjZDgxOWY0YTkyMDMzNGQ3ZTcyZWMyMzQwODcw
ZDc3NDkwHhcNMjMwNTIyMTAwOTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDM2ZDc4MTAxMmEwYzZlYjc0MTkyYzAyYjE4YjRmMDM2Y2Y2ZWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1c9FhmJNV2b92oFz+MofVKPA2Jd
KuKwkVZ1u+HTvorGGxvQDSIvM0N6doueTnScHf5l3lGRtzePnEc7NE729WEUoVeR
ZwV2jLeqP2nPBdH2OXOxPSA5edE+6HSixdSjGAIbM/TE/ioosT7SNIfdfIRYrNk5
OyeTz6RUBNJvL7cgGhBuSb+8MOq0knPttQ6tkrJTn3cEILqcK9FgXXJkuoLKdAJR
VZdJnSw+rQXAtQBMP/kZu3+xMf4xW3BnABmVbpcypnmSVUYJAkGsLDK4IdRf1EbH
JzYAWHQHMI4xEocZXnpG2tZ0+nBTfcAVfQnpDnp6rK+dCz3kBUPhEh4GjwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLA214EBKgxut0GSwCsYtPA2z278MB8GA1UdIwQY
MBaAFJp7mozYGfSpIDNNfnLsI0CHDXdJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbW51YWpOZ1o5S2tnTTAxLWN1d2pRSWNOZDBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS83ZTBlYmItNDY4Ni00MDZlLWI5OWYt
MjFmYWYxNDRjYjYyLzEvc0RiWGdRRXFERzYzUVpMQUt4aTA4RGJQYnZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS83ZTBlYmItNDY4Ni00MDZlLWI5OWYtMjFmYWYxNDRjYjYy
LzEvbW51YWpOZ1o5S2tnTTAxLWN1d2pRSWNOZDBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFURNAAwQA
W9yFAwQCuW44MA0EAgACMAcDBQAqAgawMA0GCSqGSIb3DQEBCwUAA4IBAQBvg4J/
llyFQJRtBPZN3z6jsHMinCZbE6vfXjJvgemqejq26tn1F/koXgwkv43sVs7/kXSw
zZ/AMaN0auk1HbxwdoQe3gYy+1A6uHSk/MpvBeybYCDIQ8SVJyAUeXeUgQhmni+E
z5SHZXOsdDawZ9JPhYK20RvyOt+yWsQVvjs40XeoasMU+5nT0cjz1Rrj8nlnPjWG
64NQfxo34cBf0B/FCcmLB3tsZUZNQKNxflsG+5LCxRQOC1LVDMRYXLFbok2xFKeq
GfgXtqKb0t/qvHlpFoAkTvSEPhuPKVstT0xqpxgtOKOwffloNpi6l30SRKz6E/EB
xcP5+gd6R3+yXeQt
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:54 2024 by rpki-client on console-fra.rpki-client.org