Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/5fe88a-16e1-481f-98e8-031e58905923/1/bK15-4z9mS942x9rmEYwLnd0kNo.roa
File: bK15-4z9mS942x9rmEYwLnd0kNo.roa (raw, json)
Hash identifier: b+LnUHGG7sgYhJgrQtqduPD9MPCJxlxoMw9onY3wFQo=
Subject key identifier: 6C:AD:79:FB:8C:FD:99:2F:78:DB:1F:6B:98:46:30:2E:77:74:90:DA
Certificate issuer: /CN=40339d304499d069aecd8bd0e8fba02e522f576a
Certificate serial: 018626E7C7E9FB213B4243B0C787681BDDCF
Authority key identifier: 40:33:9D:30:44:99:D0:69:AE:CD:8B:D0:E8:FB:A0:2E:52:2F:57:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QDOdMESZ0GmuzYvQ6PugLlIvV2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/5fe88a-16e1-481f-98e8-031e58905923/1/bK15-4z9mS942x9rmEYwLnd0kNo.roa
Signing time: Mon 06 Feb 2023 13:26:09 +0000
ROA not before: Mon 06 Feb 2023 13:26:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8676
IP address blocks: 194.13.108.0/23 maxlen: 24
194.13.236.0/23 maxlen: 24
194.13.140.0/23 maxlen: 24
194.11.244.0/23 maxlen: 24
2a06:2100::/30 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:26:e7:c7:e9:fb:21:3b:42:43:b0:c7:87:68:1b:dd:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40339d304499d069aecd8bd0e8fba02e522f576a
Validity
Not Before: Feb 6 13:26:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6cad79fb8cfd992f78db1f6b9846302e777490da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:38:2f:ac:b6:4c:e0:d3:5e:e6:16:77:99:8f:
6f:25:1a:d2:d9:99:04:b9:79:91:7e:2c:29:7e:28:
15:6b:96:4e:67:9c:1c:e2:46:98:db:51:85:34:a9:
e4:2b:b5:43:3f:eb:85:41:0f:13:45:06:e8:24:12:
7b:55:9a:a8:10:37:94:ad:b8:64:d1:75:e7:e6:ad:
06:43:3b:c9:f1:f1:26:8c:f0:66:bf:2a:4e:d9:e2:
5e:5c:32:8f:a2:7c:63:24:f5:fd:96:2a:a7:da:a5:
d6:0e:ab:f0:ae:da:7f:cc:00:32:2f:36:b8:f2:16:
b3:4e:c1:3d:55:ba:42:9d:67:d6:47:83:59:f7:56:
f9:85:4a:63:1a:b6:7d:1d:79:94:ca:3d:fc:92:4e:
4f:67:cd:2b:37:97:8d:13:84:e3:d2:43:9c:88:c5:
52:a3:1a:4e:6e:fc:6f:7f:c4:74:b1:32:cc:b7:fe:
c1:fa:9f:69:c1:71:16:13:17:23:58:8f:83:ab:38:
7b:b0:ff:a4:da:4a:7a:86:90:ff:ed:2b:c7:95:6c:
72:e1:b7:a2:72:34:91:d3:79:b7:3a:71:6e:cb:4a:
69:27:de:c8:71:8a:b6:70:8a:c9:ac:33:f2:33:58:
74:9a:23:b2:21:46:e1:89:4b:f5:ed:1e:c7:61:e1:
67:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:AD:79:FB:8C:FD:99:2F:78:DB:1F:6B:98:46:30:2E:77:74:90:DA
X509v3 Authority Key Identifier:
keyid:40:33:9D:30:44:99:D0:69:AE:CD:8B:D0:E8:FB:A0:2E:52:2F:57:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QDOdMESZ0GmuzYvQ6PugLlIvV2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/5fe88a-16e1-481f-98e8-031e58905923/1/bK15-4z9mS942x9rmEYwLnd0kNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/5fe88a-16e1-481f-98e8-031e58905923/1/QDOdMESZ0GmuzYvQ6PugLlIvV2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.11.244.0/23
194.13.108.0/23
194.13.140.0/23
194.13.236.0/23
IPv6:
2a06:2100::/30
Signature Algorithm: sha256WithRSAEncryption
42:f3:c6:04:e0:5f:f4:d6:d0:73:d6:72:8b:4b:ea:0e:73:92:
fb:57:85:29:64:54:f5:75:65:1f:41:63:0c:d3:bb:28:d7:a5:
06:d0:bd:5b:6a:89:ca:f6:e6:6e:e2:83:29:55:f6:71:04:96:
bb:1e:09:99:8c:0d:b0:55:33:83:8e:ab:79:a9:28:23:fd:da:
fd:41:c2:b4:64:0d:07:63:8a:4f:f7:f1:8a:c2:c9:c6:e8:a8:
78:10:61:d0:11:db:ff:94:62:84:61:fc:ef:59:1c:0e:cd:ac:
5d:2c:54:ec:8e:11:c0:ab:8f:36:d5:a7:48:f7:0a:60:c9:12:
a6:22:26:4a:0a:c0:10:f9:02:47:2e:bd:b0:a0:5e:13:7a:1d:
0d:1e:81:16:23:3a:d2:49:65:80:55:f4:66:1e:4a:c3:72:45:
1c:3f:f1:be:14:88:ae:ad:b0:34:7a:6b:ff:1f:21:57:25:a7:
73:81:b2:38:54:df:b7:53:74:d1:76:bd:88:06:58:21:ba:93:
d6:01:73:22:60:45:d2:1e:08:13:6c:aa:2d:2d:c3:e2:fb:5e:
c1:1f:bb:34:f7:3c:ec:1e:6b:8c:2e:e8:e3:22:65:c8:91:13:
2b:e8:29:43:96:2f:06:24:ff:41:82:1f:22:9a:ac:9d:10:f5:
ea:00:b0:09
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYYm58fp+yE7QkOwx4doG93PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMzM5ZDMwNDQ5OWQwNjlhZWNkOGJkMGU4ZmJhMDJlNTIy
ZjU3NmEwHhcNMjMwMjA2MTMyNjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2FkNzlmYjhjZmQ5OTJmNzhkYjFmNmI5ODQ2MzAyZTc3NzQ5MGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDgvrLZM4NNe5hZ3mY9vJRrS2ZkE
uXmRfiwpfigVa5ZOZ5wc4kaY21GFNKnkK7VDP+uFQQ8TRQboJBJ7VZqoEDeUrbhk
0XXn5q0GQzvJ8fEmjPBmvypO2eJeXDKPonxjJPX9liqn2qXWDqvwrtp/zAAyLza4
8hazTsE9VbpCnWfWR4NZ91b5hUpjGrZ9HXmUyj38kk5PZ80rN5eNE4Tj0kOciMVS
oxpObvxvf8R0sTLMt/7B+p9pwXEWExcjWI+Dqzh7sP+k2kp6hpD/7SvHlWxy4bei
cjSR03m3OnFuy0ppJ97IcYq2cIrJrDPyM1h0miOyIUbhiUv17R7HYeFnpwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGytefuM/ZkveNsfa5hGMC53dJDaMB8GA1UdIwQY
MBaAFEAznTBEmdBprs2L0Oj7oC5SL1dqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUURPZE1FU1owR211ell2UTZQdWdMbEl2VjJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS81ZmU4OGEtMTZlMS00ODFmLTk4ZTgt
MDMxZTU4OTA1OTIzLzEvYksxNS00ejltUzk0Mng5cm1FWXdMbmQwa05vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS81ZmU4OGEtMTZlMS00ODFmLTk4ZTgtMDMxZTU4OTA1OTIz
LzEvUURPZE1FU1owR211ell2UTZQdWdMbEl2VjJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBwgv0AwQB
wg1sAwQBwg2MAwQBwg3sMA0EAgACMAcDBQIqBiEAMA0GCSqGSIb3DQEBCwUAA4IB
AQBC88YE4F/01tBz1nKLS+oOc5L7V4UpZFT1dWUfQWMM07so16UG0L1baonK9uZu
4oMpVfZxBJa7HgmZjA2wVTODjqt5qSgj/dr9QcK0ZA0HY4pP9/GKwsnG6Kh4EGHQ
Edv/lGKEYfzvWRwOzaxdLFTsjhHAq4821adI9wpgyRKmIiZKCsAQ+QJHLr2woF4T
eh0NHoEWIzrSSWWAVfRmHkrDckUcP/G+FIiurbA0emv/HyFXJadzgbI4VN+3U3TR
dr2IBlghupPWAXMiYEXSHggTbKotLcPi+17BH7s09zzsHmuMLujjImXIkRMr6ClD
li8GJP9Bgh8imqydEPXqALAJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:12 2024 by rpki-client on console-fra.rpki-client.org