Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/6dLhl53OWHLxz7Go4jdV4h7SEqI.roa
File: 6dLhl53OWHLxz7Go4jdV4h7SEqI.roa (raw, json)
Hash identifier: e9Omo+RbDl4fGRWCv0+WgA2i5XHn6Qq03/b4j6vIw10=
Subject key identifier: E9:D2:E1:97:9D:CE:58:72:F1:CF:B1:A8:E2:37:55:E2:1E:D2:12:A2
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 018A8B360EBB541D0A00AB547A1EEECCAAAC
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/6dLhl53OWHLxz7Go4jdV4h7SEqI.roa
Signing time: Tue 12 Sep 2023 21:04:50 +0000
ROA not before: Tue 12 Sep 2023 21:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42388
IP address blocks: 144.208.214.232/29 maxlen: 29
213.227.160.0/24 maxlen: 24
188.172.248.0/24 maxlen: 24
213.227.191.0/24 maxlen: 24
217.146.18.0/24 maxlen: 24
217.146.26.216/32 maxlen: 32
185.81.206.64/26 maxlen: 26
188.172.219.64/32 maxlen: 32
185.81.206.128/26 maxlen: 26
185.81.208.0/24 maxlen: 24
188.172.235.188/32 maxlen: 32
217.146.22.170/32 maxlen: 32
213.227.168.222/32 maxlen: 32
2a00:11c0:e:ffff:1::1000/128 maxlen: 128
2a00:11c0:d::1a/128 maxlen: 128
2a05:8900:aa1::/48 maxlen: 48
2a00:11c0:aa1::/48 maxlen: 48
2a00:11c0:48:13::/64 maxlen: 64
2a00:11c0:63:350::1000/128 maxlen: 128
2a00:11c0:11c0::/48 maxlen: 128
2a00:11c0:1010::/48 maxlen: 48
2a00:11c0:82:359::1000/128 maxlen: 128
2a00:11c0:5:613::1000/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8b:36:0e:bb:54:1d:0a:00:ab:54:7a:1e:ee:cc:aa:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Sep 12 21:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e9d2e1979dce5872f1cfb1a8e23755e21ed212a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:be:c7:93:1d:e5:b6:b1:32:62:60:98:0e:1f:
cb:ef:12:59:45:92:43:19:11:e2:70:a7:7e:91:ec:
e7:3b:fd:36:c1:11:c0:e0:d3:9d:ba:25:3d:d3:85:
2e:48:1d:9c:ed:62:b9:d2:15:de:b9:f0:09:52:b7:
70:60:04:05:ba:ae:bc:52:5b:1e:ad:76:32:16:c2:
0e:1c:d1:74:6e:a4:9f:02:fb:45:66:a5:89:70:fa:
e0:a8:7d:15:2d:d8:b2:fe:77:a4:fc:df:6f:86:84:
21:7d:8b:60:66:54:93:11:8d:cb:29:c8:36:cc:49:
2e:c6:6b:d5:7e:21:1d:39:78:73:2b:66:a2:5f:df:
5e:32:98:5f:c4:2b:30:8d:7c:b2:9c:da:e9:3c:df:
78:4b:a6:33:18:e4:4b:0a:8a:7c:f9:55:c8:90:97:
91:4e:91:2c:9d:9b:76:93:75:83:5f:30:55:aa:d9:
0d:33:4d:07:9e:f2:67:b2:1f:07:38:45:4b:9f:c9:
23:91:b2:bf:d0:b3:3d:14:3e:2a:4b:b7:2f:6e:34:
42:67:91:b5:f4:38:e9:6e:ef:e2:3e:b6:a2:c5:e8:
74:73:13:30:39:de:8b:90:5a:80:eb:3f:ea:14:66:
67:c8:ec:9a:f5:1f:99:34:7b:5d:43:3a:52:e5:85:
26:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:D2:E1:97:9D:CE:58:72:F1:CF:B1:A8:E2:37:55:E2:1E:D2:12:A2
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/6dLhl53OWHLxz7Go4jdV4h7SEqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.208.214.232/29
185.81.206.64-185.81.206.191
185.81.208.0/24
188.172.219.64/32
188.172.235.188/32
188.172.248.0/24
213.227.160.0/24
213.227.168.222/32
213.227.191.0/24
217.146.18.0/24
217.146.22.170/32
217.146.26.216/32
IPv6:
2a00:11c0:5:613:0:0:0:1000/128
2a00:11c0:d:0:0:0:0:1a/128
2a00:11c0:e:ffff:1:0:0:1000/128
2a00:11c0:48:13::/64
2a00:11c0:63:350:0:0:0:1000/128
2a00:11c0:82:359:0:0:0:1000/128
2a00:11c0:aa1::/48
2a00:11c0:1010::/48
2a00:11c0:11c0::/48
2a05:8900:aa1::/48
Signature Algorithm: sha256WithRSAEncryption
53:a2:bd:79:7c:49:36:8f:e3:1e:02:6d:50:a1:40:42:25:a6:
58:18:76:40:fe:e3:8d:de:0f:a8:4a:9f:eb:5f:69:b3:57:84:
38:f2:bc:01:ca:b1:20:70:50:bb:e8:db:7a:83:ab:dd:1b:6e:
4a:10:8f:61:63:cf:d7:f8:d6:45:3a:fd:9d:10:18:9f:7a:2b:
1f:eb:82:7f:73:f3:99:3a:70:5d:1f:9d:0a:f9:d9:9b:ef:85:
24:8b:75:ba:5a:75:bd:03:0b:53:2e:9b:a4:43:b9:cf:73:00:
e4:d1:06:e9:fd:d4:a7:9f:97:1d:12:e6:62:74:08:72:ac:bb:
68:51:0a:92:2f:dd:21:c8:33:ce:ac:4d:17:b9:b0:5e:20:bb:
91:bf:f1:46:f5:25:66:1d:68:d6:7f:43:cb:ea:d0:05:5a:20:
75:55:a8:a6:a8:10:52:6b:5a:58:6a:e8:da:2d:ed:51:c4:5c:
33:4e:1a:04:53:4d:18:50:e3:16:c5:b8:a5:e6:5d:14:fb:78:
f6:c3:20:1d:c9:5a:65:4a:88:89:d6:ee:80:68:ff:55:ec:30:
20:08:13:5d:b9:2b:d7:4c:cb:c9:8f:58:bf:44:68:fb:37:7e:
ba:6b:5c:52:bd:33:86:42:5c:8b:eb:c3:d9:02:38:e7:2e:4f:
44:f4:3a:e6
-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgISAYqLNg67VB0KAKtUeh7uzKqsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjMwOTEyMjEwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWQyZTE5NzlkY2U1ODcyZjFjZmIxYThlMjM3NTVlMjFlZDIxMmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsr7Hkx3ltrEyYmCYDh/L7xJZRZJD
GRHicKd+keznO/02wRHA4NOduiU904UuSB2c7WK50hXeufAJUrdwYAQFuq68Ulse
rXYyFsIOHNF0bqSfAvtFZqWJcPrgqH0VLdiy/nek/N9vhoQhfYtgZlSTEY3LKcg2
zEkuxmvVfiEdOXhzK2aiX99eMphfxCswjXyynNrpPN94S6YzGORLCop8+VXIkJeR
TpEsnZt2k3WDXzBVqtkNM00HnvJnsh8HOEVLn8kjkbK/0LM9FD4qS7cvbjRCZ5G1
9Djpbu/iPraixeh0cxMwOd6LkFqA6z/qFGZnyOya9R+ZNHtdQzpS5YUmPQIDAQAB
o4IC9zCCAvMwHQYDVR0OBBYEFOnS4Zedzlhy8c+xqOI3VeIe0hKiMB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvNmRMaGw1M09XSEx4ejdHbzRqZFY0aDdTRXFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCwYIKwYBBQUHAQcBAf8EgfswgfgwXgQCAAEwWAMFA5DQ
1ugwDgMFBrlRzkADBQa5Uc6AAwQAuVHQAwUAvKzbQAMFALys67wDBAC8rPgDBADV
46ADBQDV46jeAwQA1eO/AwQA2ZISAwUA2ZIWqgMFANmSGtgwgZUEAgACMIGOAxEA
KgARwAAFBhMAAAAAAAAQAAMRACoAEcAADQAAAAAAAAAAABoDEQAqABHAAA7//wAB
AAAAABAAAwkAKgARwABIABMDEQAqABHAAGMDUAAAAAAAABAAAxEAKgARwACCA1kA
AAAAAAAQAAMHACoAEcAKoQMHACoAEcAQEAMHACoAEcARwAMHACoFiQAKoTANBgkq
hkiG9w0BAQsFAAOCAQEAU6K9eXxJNo/jHgJtUKFAQiWmWBh2QP7jjd4PqEqf619p
s1eEOPK8AcqxIHBQu+jbeoOr3RtuShCPYWPP1/jWRTr9nRAYn3orH+uCf3PzmTpw
XR+dCvnZm++FJIt1ulp1vQMLUy6bpEO5z3MA5NEG6f3Up5+XHRLmYnQIcqy7aFEK
ki/dIcgzzqxNF7mwXiC7kb/xRvUlZh1o1n9Dy+rQBVogdVWopqgQUmtaWGro2i3t
UcRcM04aBFNNGFDjFsW4peZdFPt49sMgHclaZUqIidbugGj/VewwIAgTXbkr10zL
yY9Yv0Ro+zd+umtcUr0zhkJci+vD2QI45y5PRPQ65g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:14 2024 by rpki-client on console-fra.rpki-client.org