Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/gz6VpT3bfieh231JvhuLfQL9qfA.roa
File: gz6VpT3bfieh231JvhuLfQL9qfA.roa (raw, json)
Hash identifier: hzB98Htb87TUoMXIjuWY+7su9/AdHHb4mrCZ988bK6g=
Subject key identifier: 83:3E:95:A5:3D:DB:7E:27:A1:DB:7D:49:BE:1B:8B:7D:02:FD:A9:F0
Certificate issuer: /CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Certificate serial: 018CC348CF57C0FC0CBDEC65C3219FDD9140
Authority key identifier: 0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/gz6VpT3bfieh231JvhuLfQL9qfA.roa
Signing time: Mon 01 Jan 2024 04:29:37 +0000
ROA not before: Mon 01 Jan 2024 04:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25311
IP address blocks: 86.105.206.0/23 maxlen: 24
195.182.220.0/23 maxlen: 24
2a03:9c20:2002::/48 maxlen: 56
2a03:9c20:3000::/36 maxlen: 48
Validation: Failed, certificate revoked on Mon 08 Apr 2024 11:40:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:cf:57:c0:fc:0c:bd:ec:65:c3:21:9f:dd:91:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Validity
Not Before: Jan 1 04:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=833e95a53ddb7e27a1db7d49be1b8b7d02fda9f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:55:f1:89:60:81:d3:20:59:b5:bb:a3:31:5b:
c4:c0:f8:71:0e:ff:eb:f8:7d:d0:27:b9:4c:43:b4:
98:60:64:66:d2:da:19:af:1f:c1:be:05:8b:65:cc:
c4:ca:bf:92:3f:6c:01:c0:fd:d2:eb:89:22:f5:4d:
58:aa:3f:cf:7f:f8:51:d0:71:59:33:31:21:c2:b8:
ae:8d:60:c0:02:86:2a:82:a2:ee:ee:e4:08:81:32:
a2:f4:a7:e1:6b:ae:de:01:30:5d:1d:a2:a3:4e:12:
87:c0:b3:7e:ef:15:c1:a9:82:b5:02:f5:02:34:92:
f0:7f:0d:11:a6:66:ea:dc:45:13:81:f8:32:6e:3b:
87:22:ba:d2:0f:18:8d:66:06:07:00:05:4b:86:77:
69:91:0d:4f:83:e2:17:e9:6e:6e:c6:a5:f5:d4:3a:
3f:53:0c:a3:9c:33:53:07:5f:10:1c:37:0d:60:26:
d8:5a:2f:96:f7:2f:61:d0:7e:bc:83:8a:bb:5b:c0:
ac:b6:d1:90:81:6d:eb:96:b0:49:59:0b:ee:92:36:
2f:58:ef:5b:01:0a:ed:96:5f:ff:6f:08:92:cb:83:
b9:41:36:a5:d6:4c:ec:53:60:ec:d7:b0:77:6d:ba:
f7:63:fc:3f:9e:93:d6:5f:2e:f9:db:f3:60:8b:3b:
ea:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:3E:95:A5:3D:DB:7E:27:A1:DB:7D:49:BE:1B:8B:7D:02:FD:A9:F0
X509v3 Authority Key Identifier:
keyid:0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/gz6VpT3bfieh231JvhuLfQL9qfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.206.0/23
195.182.220.0/23
IPv6:
2a03:9c20:2002::/48
2a03:9c20:3000::/36
Signature Algorithm: sha256WithRSAEncryption
46:b4:da:45:7c:b7:a5:5c:24:0d:56:72:07:e9:e2:71:d7:e2:
12:6d:0c:81:17:dd:2f:b6:24:97:d9:5f:5c:9c:67:f8:ec:3e:
26:2c:cb:dc:c5:9d:e7:3a:05:a8:df:58:53:d7:52:3b:b9:77:
3d:a1:99:2e:3b:97:89:5e:7f:17:9b:7f:8d:e1:6c:66:54:ab:
d2:5f:3d:e1:09:a8:73:cf:1e:2d:cd:a5:03:6b:30:1b:60:70:
ec:19:d3:ad:1b:0b:ab:c4:b8:34:d5:96:c3:8e:da:9d:08:f0:
38:2a:b6:c0:d7:76:a2:91:81:0c:49:e6:25:3a:47:73:4a:86:
7e:6b:20:c0:7d:72:ab:1a:0a:a1:6d:6f:7d:85:fe:44:d3:71:
87:ae:26:fa:62:39:39:ae:a6:7d:85:8d:79:92:06:00:c5:9a:
7b:bf:b0:55:86:33:37:ac:1a:52:b0:d4:e0:9b:b8:82:74:fe:
26:ce:19:af:e4:02:4b:a9:64:ba:7f:6f:06:6e:b6:c4:af:03:
3f:c1:dc:12:9e:8b:73:0d:cf:f2:39:f7:02:39:61:37:e4:9b:
6c:43:16:b5:4f:8a:e5:eb:ae:04:7c:06:99:6b:af:cd:e3:eb:
59:07:1f:73:59:fb:e8:2f:fc:e6:ef:fb:40:f8:d1:eb:ec:6d:
8f:c7:6c:e6
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYzDSM9XwPwMvexlwyGf3ZFAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNTU2YWNiNWYzYjk2MWI1Y2MyNGEyOTk1ZjM0ZWU5MWY3
OWRjMTYwHhcNMjQwMTAxMDQyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzNlOTVhNTNkZGI3ZTI3YTFkYjdkNDliZTFiOGI3ZDAyZmRhOWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1XxiWCB0yBZtbujMVvEwPhxDv/r
+H3QJ7lMQ7SYYGRm0toZrx/BvgWLZczEyr+SP2wBwP3S64ki9U1Yqj/Pf/hR0HFZ
MzEhwriujWDAAoYqgqLu7uQIgTKi9Kfha67eATBdHaKjThKHwLN+7xXBqYK1AvUC
NJLwfw0Rpmbq3EUTgfgybjuHIrrSDxiNZgYHAAVLhndpkQ1Pg+IX6W5uxqX11Do/
UwyjnDNTB18QHDcNYCbYWi+W9y9h0H68g4q7W8CsttGQgW3rlrBJWQvukjYvWO9b
AQrtll//bwiSy4O5QTal1kzsU2Ds17B3bbr3Y/w/npPWXy752/NgizvqaQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFIM+laU9234nodt9Sb4bi30C/anwMB8GA1UdIwQY
MBaAFAtVastfO5YbXMJKKZXzTukfedwWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEt
ZDJiYmYzN2RhYmI0LzEvZ3o2VnBUM2JmaWVoMjMxSnZodUxmUUw5cWZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEtZDJiYmYzN2RhYmI0
LzEvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTASBAIAATAMAwQBVmnOAwQB
w7bcMBcEAgACMBEDBwAqA5wgIAIDBgQqA5wgMDANBgkqhkiG9w0BAQsFAAOCAQEA
RrTaRXy3pVwkDVZyB+nicdfiEm0MgRfdL7Ykl9lfXJxn+Ow+JizL3MWd5zoFqN9Y
U9dSO7l3PaGZLjuXiV5/F5t/jeFsZlSr0l894Qmoc88eLc2lA2swG2Bw7BnTrRsL
q8S4NNWWw47anQjwOCq2wNd2opGBDEnmJTpHc0qGfmsgwH1yqxoKoW1vfYX+RNNx
h64m+mI5Oa6mfYWNeZIGAMWae7+wVYYzN6waUrDU4Ju4gnT+Js4Zr+QCS6lkun9v
Bm62xK8DP8HcEp6Lcw3P8jn3AjlhN+SbbEMWtU+K5euuBHwGmWuvzePrWQcfc1n7
6C/85u/7QPjR6+xtj8ds5g==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:19:04 2025 by rpki-client