Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/dd7beb-6f78-419b-957d-37a60c335a5d/1/n6aYRBGHlUZYpb4iw-twmkyDdgo.roa
File: n6aYRBGHlUZYpb4iw-twmkyDdgo.roa (raw, json)
Hash identifier: am/k1hBT4qPJJ38h2KMPc9KLjo9prPqxp7muzfNW00w=
Subject key identifier: 9F:A6:98:44:11:87:95:46:58:A5:BE:22:C3:EB:70:9A:4C:83:76:0A
Certificate issuer: /CN=7e45a9a0353a33c6a4f93608f9d25f27c85948b7
Certificate serial: 01856B77AA89961DAA67E7EF9669666936D0
Authority key identifier: 7E:45:A9:A0:35:3A:33:C6:A4:F9:36:08:F9:D2:5F:27:C8:59:48:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fkWpoDU6M8ak-TYI-dJfJ8hZSLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/dd7beb-6f78-419b-957d-37a60c335a5d/1/n6aYRBGHlUZYpb4iw-twmkyDdgo.roa
Signing time: Sun 01 Jan 2023 03:54:42 +0000
ROA not before: Sun 01 Jan 2023 03:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43207
IP address blocks: 46.231.8.0/21 maxlen: 24
91.209.142.0/24 maxlen: 24
185.44.248.0/22 maxlen: 24
151.249.64.0/20 maxlen: 24
85.95.32.0/19 maxlen: 19
209.35.128.0/20 maxlen: 20
185.168.144.0/22 maxlen: 22
185.113.0.0/22 maxlen: 24
91.214.228.0/22 maxlen: 24
5.133.172.0/22 maxlen: 24
2a01:5640::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:77:aa:89:96:1d:aa:67:e7:ef:96:69:66:69:36:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e45a9a0353a33c6a4f93608f9d25f27c85948b7
Validity
Not Before: Jan 1 03:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9fa698441187954658a5be22c3eb709a4c83760a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:fc:7b:6b:de:10:c6:16:bb:72:d1:6d:47:be:
b5:45:66:16:d2:f8:c3:09:36:cc:a2:f6:02:8e:7d:
84:1b:ce:d8:5c:6d:3a:22:27:10:54:a0:33:aa:68:
97:ab:bd:c2:0a:63:5f:dc:1c:c2:0c:d2:60:b2:83:
dd:8f:4d:55:8d:f2:da:f7:a6:91:09:df:bf:63:36:
16:26:fe:c1:f8:99:fe:3b:5d:8f:c6:f8:93:3d:f8:
99:f3:4c:34:53:80:e9:46:ea:1a:86:2f:29:97:f4:
b3:6c:a3:a9:ea:0a:57:0e:9e:b7:4e:5e:2a:e8:51:
c2:33:9e:d9:61:e8:5e:3e:52:92:0c:bb:31:df:7b:
0e:aa:5d:ca:9a:29:ec:0a:fb:4b:78:ff:e0:f5:b2:
27:8b:e1:23:db:bf:ea:a7:cb:0f:cf:72:f0:7a:09:
ff:47:06:20:a1:89:8f:ed:3d:5d:9d:ca:af:24:7f:
f5:e7:39:e8:e5:7f:34:a0:dd:36:b8:b8:0f:fa:b4:
81:53:3c:f7:aa:8d:77:3c:e2:01:06:f8:17:33:ec:
43:e1:7b:9f:27:6a:69:24:8b:90:08:6a:f1:5c:b1:
e2:3e:04:ff:55:36:81:a2:ce:82:3a:8d:63:b0:c3:
3b:f2:5b:51:64:4f:ba:bc:ac:60:3d:b6:c6:64:e9:
34:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:A6:98:44:11:87:95:46:58:A5:BE:22:C3:EB:70:9A:4C:83:76:0A
X509v3 Authority Key Identifier:
keyid:7E:45:A9:A0:35:3A:33:C6:A4:F9:36:08:F9:D2:5F:27:C8:59:48:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fkWpoDU6M8ak-TYI-dJfJ8hZSLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/dd7beb-6f78-419b-957d-37a60c335a5d/1/n6aYRBGHlUZYpb4iw-twmkyDdgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/dd7beb-6f78-419b-957d-37a60c335a5d/1/fkWpoDU6M8ak-TYI-dJfJ8hZSLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.172.0/22
46.231.8.0/21
85.95.32.0/19
91.209.142.0/24
91.214.228.0/22
151.249.64.0/20
185.44.248.0/22
185.113.0.0/22
185.168.144.0/22
209.35.128.0/20
IPv6:
2a01:5640::/32
Signature Algorithm: sha256WithRSAEncryption
62:3e:8e:cb:b1:85:9f:42:12:d6:6a:0d:93:b7:b3:e4:3a:76:
03:a2:5a:b1:27:ed:ee:fd:2d:5a:fa:ff:96:43:b7:32:11:dd:
04:dd:e7:90:8f:eb:76:f0:cf:f4:ea:5f:80:46:fb:76:7f:29:
94:63:34:f3:91:4c:d0:37:af:bd:6b:57:4a:36:55:ad:f8:43:
53:ca:8d:69:32:91:e4:fe:29:80:52:3a:51:d5:cf:2a:31:a9:
17:cb:15:6e:7e:52:ba:38:97:4e:20:42:a0:29:b4:6d:2a:86:
ac:13:d7:78:7e:aa:3a:0c:fa:39:9d:63:e1:db:30:01:a3:1e:
2b:85:79:fb:eb:3d:f7:13:0d:da:5b:cc:b4:7b:e0:04:97:dc:
94:93:11:75:16:37:1c:97:93:af:47:dd:b8:4a:09:fb:98:c1:
8f:66:ef:22:4a:51:b4:08:b0:f7:dd:e3:87:38:5a:d2:f7:5e:
43:0a:f9:07:7a:97:8f:14:76:d9:17:f2:8f:72:14:c4:ef:a6:
18:fb:00:53:92:1f:07:03:5f:41:ab:74:db:ea:0b:b5:34:39:
05:28:4f:74:73:84:29:98:b1:53:e0:74:7e:ac:a0:9f:13:01:
9e:a9:4f:97:ce:ca:03:74:5b:5f:a7:e3:07:e4:3e:e7:07:17:
2f:ec:d3:3f
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYVrd6qJlh2qZ+fvlmlmaTbQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlNDVhOWEwMzUzYTMzYzZhNGY5MzYwOGY5ZDI1ZjI3Yzg1
OTQ4YjcwHhcNMjMwMTAxMDM1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmE2OTg0NDExODc5NTQ2NThhNWJlMjJjM2ViNzA5YTRjODM3NjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPx7a94Qxha7ctFtR761RWYW0vjD
CTbMovYCjn2EG87YXG06IicQVKAzqmiXq73CCmNf3BzCDNJgsoPdj01VjfLa96aR
Cd+/YzYWJv7B+Jn+O12PxviTPfiZ80w0U4DpRuoahi8pl/SzbKOp6gpXDp63Tl4q
6FHCM57ZYehePlKSDLsx33sOql3KminsCvtLeP/g9bIni+Ej27/qp8sPz3Lwegn/
RwYgoYmP7T1dncqvJH/15zno5X80oN02uLgP+rSBUzz3qo13POIBBvgXM+xD4Xuf
J2ppJIuQCGrxXLHiPgT/VTaBos6COo1jsMM78ltRZE+6vKxgPbbGZOk0fwIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFJ+mmEQRh5VGWKW+IsPrcJpMg3YKMB8GA1UdIwQY
MBaAFH5FqaA1OjPGpPk2CPnSXyfIWUi3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmtXcG9EVTZNOGFrLVRZSS1kSmZKOGhaU0xjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9kZDdiZWItNmY3OC00MTliLTk1N2Qt
MzdhNjBjMzM1YTVkLzEvbjZhWVJCR0hsVVpZcGI0aXctdHdta3lEZGdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9kZDdiZWItNmY3OC00MTliLTk1N2QtMzdhNjBjMzM1YTVk
LzEvZmtXcG9EVTZNOGFrLVRZSS1kSmZKOGhaU0xjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQCBYWsAwQD
LucIAwQFVV8gAwQAW9GOAwQCW9bkAwQEl/lAAwQCuSz4AwQCuXEAAwQCuaiQAwQE
0SOAMA0EAgACMAcDBQAqAVZAMA0GCSqGSIb3DQEBCwUAA4IBAQBiPo7LsYWfQhLW
ag2Tt7PkOnYDolqxJ+3u/S1a+v+WQ7cyEd0E3eeQj+t28M/06l+ARvt2fymUYzTz
kUzQN6+9a1dKNlWt+ENTyo1pMpHk/imAUjpR1c8qMakXyxVuflK6OJdOIEKgKbRt
KoasE9d4fqo6DPo5nWPh2zABox4rhXn76z33Ew3aW8y0e+AEl9yUkxF1Fjccl5Ov
R924Sgn7mMGPZu8iSlG0CLD33eOHOFrS915DCvkHepePFHbZF/KPchTE76YY+wBT
kh8HA19Bq3Tb6gu1NDkFKE90c4QpmLFT4HR+rKCfEwGeqU+XzsoDdFtfp+MH5D7n
Bxcv7NM/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:23 2024 by rpki-client on console-fra.rpki-client.org