Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/abd004-c68f-49b1-a2c4-b9056ebbc576/1/bbA74SQlUBuB7ZhAUxwNtFwV1uk.roa
File: bbA74SQlUBuB7ZhAUxwNtFwV1uk.roa (raw, json)
Hash identifier: DKdP6vd/Riump9JPtodEkfZp7ZGOW0svikhdRkecd64=
Subject key identifier: 6D:B0:3B:E1:24:25:50:1B:81:ED:98:40:53:1C:0D:B4:5C:15:D6:E9
Certificate issuer: /CN=84f430d9ad9cb9c42c4bd6690e9f5812a457a02f
Certificate serial: 0191A45867856CE40C8E5BA48C16A7C72880
Authority key identifier: 84:F4:30:D9:AD:9C:B9:C4:2C:4B:D6:69:0E:9F:58:12:A4:57:A0:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPQw2a2cucQsS9ZpDp9YEqRXoC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/abd004-c68f-49b1-a2c4-b9056ebbc576/1/bbA74SQlUBuB7ZhAUxwNtFwV1uk.roa
Signing time: Fri 30 Aug 2024 17:32:22 +0000
ROA not before: Fri 30 Aug 2024 17:32:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39396
IP address blocks: 85.187.216.0/23 maxlen: 24
185.138.176.0/22 maxlen: 23
185.218.64.0/22 maxlen: 23
185.251.39.0/24 maxlen: 24
2a10:bac0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 29 Oct 2024 13:32:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a4:58:67:85:6c:e4:0c:8e:5b:a4:8c:16:a7:c7:28:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84f430d9ad9cb9c42c4bd6690e9f5812a457a02f
Validity
Not Before: Aug 30 17:32:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6db03be12425501b81ed9840531c0db45c15d6e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:cf:f2:c4:3e:c0:ad:e2:06:62:83:ad:9a:e4:
27:0d:03:39:e2:48:0c:b8:7a:ad:d7:03:97:ec:01:
d3:30:2d:2c:f5:31:c1:ec:6c:8c:fe:4f:fd:c0:b6:
f6:84:52:b8:0e:f7:14:a4:5a:c2:bf:03:a5:ce:b7:
cb:d6:00:93:68:86:c1:ee:92:3e:67:94:89:b3:1f:
cf:64:9e:25:c5:1e:dc:98:37:4a:fa:34:4a:ec:53:
ba:64:aa:77:88:dc:df:e3:4b:50:06:9e:98:20:ab:
d4:9f:21:0e:da:a2:2b:ea:39:f9:07:7b:91:18:6e:
ef:a2:92:da:a4:60:34:87:f9:d3:25:7b:9b:15:d6:
78:c8:a9:2f:cb:46:88:24:ba:a4:a3:1d:56:63:82:
ed:01:24:2d:79:01:95:2d:bc:25:4c:b5:ce:c4:34:
b1:97:b3:fc:38:4c:7c:95:05:0f:7f:90:e1:fd:54:
11:b6:80:c2:0c:3f:8b:52:af:9e:62:9c:49:e6:bd:
51:60:db:aa:60:c5:3d:a9:5e:0d:2f:71:d7:36:86:
94:1f:6d:5c:09:01:4e:df:c3:6d:9c:65:25:4f:a5:
be:b2:0c:80:56:fa:52:81:96:5d:96:57:68:d3:5a:
96:70:90:dc:90:19:59:c3:50:74:f6:28:02:d8:7b:
e3:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:B0:3B:E1:24:25:50:1B:81:ED:98:40:53:1C:0D:B4:5C:15:D6:E9
X509v3 Authority Key Identifier:
keyid:84:F4:30:D9:AD:9C:B9:C4:2C:4B:D6:69:0E:9F:58:12:A4:57:A0:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPQw2a2cucQsS9ZpDp9YEqRXoC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/abd004-c68f-49b1-a2c4-b9056ebbc576/1/bbA74SQlUBuB7ZhAUxwNtFwV1uk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/abd004-c68f-49b1-a2c4-b9056ebbc576/1/hPQw2a2cucQsS9ZpDp9YEqRXoC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.216.0/23
185.138.176.0/22
185.218.64.0/22
185.251.39.0/24
IPv6:
2a10:bac0::/32
Signature Algorithm: sha256WithRSAEncryption
00:63:7f:ae:66:03:33:30:d0:ac:3f:04:50:8b:e7:76:df:02:
ee:8b:c4:e3:69:5b:15:fd:f7:be:c9:15:8c:26:e1:a2:1a:34:
92:ae:d8:8b:67:95:b5:15:d4:4a:49:9b:62:dd:64:11:c7:ac:
84:19:5d:89:e6:03:ad:0f:cd:82:30:46:40:04:49:f2:d6:50:
08:39:dc:e7:28:95:76:2c:7d:b9:74:ea:a8:9c:58:f6:96:87:
50:13:ed:64:5a:e5:9e:d3:b5:1e:e2:35:1d:43:06:91:e5:92:
01:9a:c0:4e:54:23:e4:c8:44:f5:73:03:15:b6:51:f7:e7:31:
68:15:4d:eb:c6:09:fb:6c:ba:2f:50:e3:bf:8e:f7:32:d7:c6:
e8:c8:a1:5f:20:b5:af:6f:ee:c7:e2:e2:56:c4:a9:fa:f0:a6:
b5:d5:95:38:30:dd:e0:1c:7f:3f:e3:26:f7:6d:60:5f:92:ef:
6e:38:00:98:fa:71:e3:68:f7:b9:31:b4:5c:f0:d8:c5:31:13:
90:72:39:3d:23:13:c0:dd:24:f8:24:d3:e4:00:ec:bd:60:20:
0d:de:1b:f4:cf:66:20:50:c6:42:19:f8:38:d6:e8:12:4e:f7:
08:96:bd:4b:e2:3b:81:df:07:56:ac:6e:08:51:3b:5c:1c:9d:
e9:3f:3f:5b
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZGkWGeFbOQMjlukjBanxyiAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjQzMGQ5YWQ5Y2I5YzQyYzRiZDY2OTBlOWY1ODEyYTQ1
N2EwMmYwHhcNMjQwODMwMTczMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGIwM2JlMTI0MjU1MDFiODFlZDk4NDA1MzFjMGRiNDVjMTVkNmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4s/yxD7AreIGYoOtmuQnDQM54kgM
uHqt1wOX7AHTMC0s9THB7GyM/k/9wLb2hFK4DvcUpFrCvwOlzrfL1gCTaIbB7pI+
Z5SJsx/PZJ4lxR7cmDdK+jRK7FO6ZKp3iNzf40tQBp6YIKvUnyEO2qIr6jn5B3uR
GG7vopLapGA0h/nTJXubFdZ4yKkvy0aIJLqkox1WY4LtASQteQGVLbwlTLXOxDSx
l7P8OEx8lQUPf5Dh/VQRtoDCDD+LUq+eYpxJ5r1RYNuqYMU9qV4NL3HXNoaUH21c
CQFO38NtnGUlT6W+sgyAVvpSgZZdlldo01qWcJDckBlZw1B09igC2Hvj2QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFG2wO+EkJVAbge2YQFMcDbRcFdbpMB8GA1UdIwQY
MBaAFIT0MNmtnLnELEvWaQ6fWBKkV6AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBRdzJhMmN1Y1FzUzlacERwOVlFcVJYb0M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hYmQwMDQtYzY4Zi00OWIxLWEyYzQt
YjkwNTZlYmJjNTc2LzEvYmJBNzRTUWxVQnVCN1poQVV4d050RndWMXVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hYmQwMDQtYzY4Zi00OWIxLWEyYzQtYjkwNTZlYmJjNTc2
LzEvaFBRdzJhMmN1Y1FzUzlacERwOVlFcVJYb0M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBVbvYAwQC
uYqwAwQCudpAAwQAufsnMA0EAgACMAcDBQAqELrAMA0GCSqGSIb3DQEBCwUAA4IB
AQAAY3+uZgMzMNCsPwRQi+d23wLui8TjaVsV/fe+yRWMJuGiGjSSrtiLZ5W1FdRK
SZti3WQRx6yEGV2J5gOtD82CMEZABEny1lAIOdznKJV2LH25dOqonFj2lodQE+1k
WuWe07Ue4jUdQwaR5ZIBmsBOVCPkyET1cwMVtlH35zFoFU3rxgn7bLovUOO/jvcy
18boyKFfILWvb+7H4uJWxKn68Ka11ZU4MN3gHH8/4yb3bWBfku9uOACY+nHjaPe5
MbRc8NjFMROQcjk9IxPA3ST4JNPkAOy9YCAN3hv0z2YgUMZCGfg41ugSTvcIlr1L
4juB3wdWrG4IUTtcHJ3pPz9b
-----END CERTIFICATE-----
Generated at Tue Oct 29 17:50:19 2024 by rpki-client on console-ams.rpki-client.org