Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/3587eb-ebd4-40ab-a19b-22920565cda4/1/6BU03cLkvptlI2vJL0YGAsBfhas.roa
File: 6BU03cLkvptlI2vJL0YGAsBfhas.roa (raw, json)
Hash identifier: QTW37j4Ng7iOD0nOP8PFQ943NsJbqmals7pZe9WsgyM=
Subject key identifier: E8:15:34:DD:C2:E4:BE:9B:65:23:6B:C9:2F:46:06:02:C0:5F:85:AB
Certificate issuer: /CN=d50cda48c35e54eb802575aaa408cce579927216
Certificate serial: 018CC348EB1887157181574107082410546E
Authority key identifier: D5:0C:DA:48:C3:5E:54:EB:80:25:75:AA:A4:08:CC:E5:79:92:72:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1QzaSMNeVOuAJXWqpAjM5XmSchY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/3587eb-ebd4-40ab-a19b-22920565cda4/1/6BU03cLkvptlI2vJL0YGAsBfhas.roa
Signing time: Mon 01 Jan 2024 04:29:45 +0000
ROA not before: Mon 01 Jan 2024 04:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396982
IP address blocks: 217.12.224.0/22 maxlen: 28
217.12.234.0/23 maxlen: 28
Validation: Failed, certificate revoked on Wed 14 Feb 2024 12:28:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:eb:18:87:15:71:81:57:41:07:08:24:10:54:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d50cda48c35e54eb802575aaa408cce579927216
Validity
Not Before: Jan 1 04:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e81534ddc2e4be9b65236bc92f460602c05f85ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:94:c0:a9:29:21:b5:ac:11:09:8a:c4:17:c1:
14:cd:6f:e7:c4:fd:c9:4e:d0:67:6a:4f:a3:01:cd:
66:01:cb:c0:09:30:92:f8:66:62:95:45:d7:76:cb:
fd:0b:7e:22:f0:bb:91:fe:12:2e:f3:54:1b:cd:9f:
73:ec:2a:94:e7:c3:3c:7e:d1:d8:0e:47:4a:84:56:
e8:9d:8f:00:6b:b1:c3:8b:af:d7:f1:d8:2c:f5:c0:
42:e6:5a:66:cf:ce:4a:75:9b:5e:80:0a:c0:57:e8:
7c:e9:31:bf:ad:13:06:14:0c:7f:2a:14:bc:a1:06:
c9:eb:86:e3:c3:67:b0:97:f5:d8:82:23:c8:6e:2b:
e4:5a:78:dc:bd:4f:01:f2:7e:d5:f7:8b:7d:a1:c3:
2c:ae:fc:ee:90:4a:a5:88:b5:b5:0a:22:57:51:bf:
d3:e7:a9:54:41:76:85:ba:44:d6:ca:8e:06:05:e2:
56:b5:53:8f:55:12:e4:92:ae:12:74:dd:f7:5b:11:
22:71:53:74:f8:86:61:e9:d2:2e:5e:7c:c4:f1:ec:
70:bd:2b:e6:21:19:16:3b:99:27:21:5e:88:84:32:
aa:a3:ca:34:a3:76:d9:15:50:9d:6f:e7:7c:83:b9:
75:33:ed:6b:36:4e:5a:12:42:13:91:0f:14:72:f4:
14:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:15:34:DD:C2:E4:BE:9B:65:23:6B:C9:2F:46:06:02:C0:5F:85:AB
X509v3 Authority Key Identifier:
keyid:D5:0C:DA:48:C3:5E:54:EB:80:25:75:AA:A4:08:CC:E5:79:92:72:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QzaSMNeVOuAJXWqpAjM5XmSchY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/3587eb-ebd4-40ab-a19b-22920565cda4/1/6BU03cLkvptlI2vJL0YGAsBfhas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/3587eb-ebd4-40ab-a19b-22920565cda4/1/1QzaSMNeVOuAJXWqpAjM5XmSchY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.12.224.0/22
217.12.234.0/23
Signature Algorithm: sha256WithRSAEncryption
01:c6:81:8b:38:79:7a:61:24:c3:8c:04:90:c4:b8:e6:21:1c:
a7:6b:fd:4f:df:12:1b:be:b5:41:ce:d8:40:a2:8b:07:2c:2a:
34:10:7f:dd:76:c9:89:0a:72:28:cd:e6:17:f3:96:e1:a8:e7:
34:36:d6:ed:bb:6a:6a:83:7a:31:2a:b1:c8:df:3c:02:38:1c:
e9:ab:58:eb:16:6b:b0:ef:44:a8:42:b5:64:56:ce:a3:f5:4c:
41:62:e4:c2:fb:8f:eb:5e:86:57:63:dc:f3:4f:3f:50:ab:e6:
48:e7:09:b0:8f:65:10:23:94:0c:fa:a5:48:ef:9c:9e:b4:2c:
62:4c:86:16:93:15:78:10:74:9d:46:0d:77:6c:55:ef:bf:1c:
fe:07:55:9a:82:fd:56:04:10:4f:71:8d:81:90:c2:2e:a1:27:
07:f1:3a:30:78:a4:18:19:41:bc:1d:55:0e:bc:99:c8:4d:7a:
c2:1e:7d:c0:1d:11:33:8a:af:be:db:53:00:40:f7:9a:38:1d:
1e:8b:e4:3a:78:c7:0b:00:c2:7a:ae:af:be:78:ee:0d:d5:24:
ba:2b:3a:44:1c:43:2c:40:1b:f2:fd:45:22:3b:07:7a:7d:08:
32:94:45:a7:3f:56:d9:9d:9d:88:5e:85:3d:66:c5:bd:8d:6d:
d7:06:57:bc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDSOsYhxVxgVdBBwgkEFRuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MGNkYTQ4YzM1ZTU0ZWI4MDI1NzVhYWE0MDhjY2U1Nzk5
MjcyMTYwHhcNMjQwMTAxMDQyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODE1MzRkZGMyZTRiZTliNjUyMzZiYzkyZjQ2MDYwMmMwNWY4NWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpTAqSkhtawRCYrEF8EUzW/nxP3J
TtBnak+jAc1mAcvACTCS+GZilUXXdsv9C34i8LuR/hIu81QbzZ9z7CqU58M8ftHY
DkdKhFbonY8Aa7HDi6/X8dgs9cBC5lpmz85KdZtegArAV+h86TG/rRMGFAx/KhS8
oQbJ64bjw2ewl/XYgiPIbivkWnjcvU8B8n7V94t9ocMsrvzukEqliLW1CiJXUb/T
56lUQXaFukTWyo4GBeJWtVOPVRLkkq4SdN33WxEicVN0+IZh6dIuXnzE8exwvSvm
IRkWO5knIV6IhDKqo8o0o3bZFVCdb+d8g7l1M+1rNk5aEkITkQ8UcvQU9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOgVNN3C5L6bZSNryS9GBgLAX4WrMB8GA1UdIwQY
MBaAFNUM2kjDXlTrgCV1qqQIzOV5knIWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVF6YVNNTmVWT3VBSlhXcXBBak01WG1TY2hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zNTg3ZWItZWJkNC00MGFiLWExOWIt
MjI5MjA1NjVjZGE0LzEvNkJVMDNjTGt2cHRsSTJ2SkwwWUdBc0JmaGFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zNTg3ZWItZWJkNC00MGFiLWExOWItMjI5MjA1NjVjZGE0
LzEvMVF6YVNNTmVWT3VBSlhXcXBBak01WG1TY2hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQC2QzgAwQB
2QzqMA0GCSqGSIb3DQEBCwUAA4IBAQABxoGLOHl6YSTDjASQxLjmIRyna/1P3xIb
vrVBzthAoosHLCo0EH/ddsmJCnIozeYX85bhqOc0Ntbtu2pqg3oxKrHI3zwCOBzp
q1jrFmuw70SoQrVkVs6j9UxBYuTC+4/rXoZXY9zzTz9Qq+ZI5wmwj2UQI5QM+qVI
75yetCxiTIYWkxV4EHSdRg13bFXvvxz+B1Wagv1WBBBPcY2BkMIuoScH8ToweKQY
GUG8HVUOvJnITXrCHn3AHREziq++21MAQPeaOB0ei+Q6eMcLAMJ6rq++eO4N1SS6
KzpEHEMsQBvy/UUiOwd6fQgylEWnP1bZnZ2IXoU9ZsW9jW3XBle8
-----END CERTIFICATE-----
Generated at Wed Feb 14 18:15:42 2024 by rpki-client on console-ams.rpki-client.org