Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/G6mETtfv4fKp8jS_phCPFnXXxlQ.roa
File: G6mETtfv4fKp8jS_phCPFnXXxlQ.roa (raw, json)
Hash identifier: hicgFdg8qp41kJIu9y5P5Ifzd47dLj6jK9Ix8BFMu3g=
Subject key identifier: 1B:A9:84:4E:D7:EF:E1:F2:A9:F2:34:BF:A6:10:8F:16:75:D7:C6:54
Certificate issuer: /CN=09dcf1e897e598ec3f1ab60bd443328726dedae4
Certificate serial: 0187E17C27640B86B97458A0A07E75585C88
Authority key identifier: 09:DC:F1:E8:97:E5:98:EC:3F:1A:B6:0B:D4:43:32:87:26:DE:DA:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cdzx6JflmOw_GrYL1EMyhybe2uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/G6mETtfv4fKp8jS_phCPFnXXxlQ.roa
Signing time: Wed 03 May 2023 12:00:22 +0000
ROA not before: Wed 03 May 2023 12:00:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202914
IP address blocks: 84.246.242.0/24 maxlen: 24
141.98.12.0/24 maxlen: 24
141.98.13.0/24 maxlen: 24
141.98.14.0/23 maxlen: 24
141.98.12.0/22 maxlen: 22
185.121.172.0/22 maxlen: 22
185.121.172.0/23 maxlen: 24
185.150.196.0/22 maxlen: 24
84.246.240.0/22 maxlen: 24
84.246.240.0/23 maxlen: 23
185.121.174.0/24 maxlen: 24
185.121.174.0/23 maxlen: 23
185.121.175.0/24 maxlen: 24
91.210.56.0/22 maxlen: 24
2a0d:3e80::/29 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e1:7c:27:64:0b:86:b9:74:58:a0:a0:7e:75:58:5c:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09dcf1e897e598ec3f1ab60bd443328726dedae4
Validity
Not Before: May 3 12:00:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ba9844ed7efe1f2a9f234bfa6108f1675d7c654
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:59:7b:07:16:2b:d8:2f:e4:df:e0:ee:2e:c9:
27:07:2f:3b:eb:03:04:e8:42:5f:2a:14:df:a8:22:
05:d6:79:7d:a3:87:7b:bd:0c:8b:10:8d:20:a3:b2:
87:6c:fb:ca:71:81:27:8f:1e:95:bf:12:a8:d3:f3:
3b:a6:7a:88:89:e1:46:53:46:04:cb:49:6d:be:0c:
37:ee:44:ec:74:00:6a:c3:82:6e:62:51:fd:bb:0b:
27:2e:d6:d2:cb:30:e5:aa:70:8a:34:59:b5:e5:81:
ed:93:bc:44:a9:39:98:6b:41:e9:9a:53:b5:2e:1a:
ca:68:1a:46:f0:9f:16:61:a7:70:26:c5:af:fd:b8:
aa:db:df:53:a1:53:a4:db:0b:bf:b2:6c:de:5e:ad:
6c:0f:40:26:08:c5:b4:e4:f8:be:ab:28:b2:15:82:
5b:eb:49:03:94:d9:32:31:3d:1e:46:c0:f3:c3:63:
89:52:25:86:0e:96:97:83:fa:ce:db:3d:cc:34:cd:
23:0f:7e:57:77:f7:6a:62:97:9f:51:13:d5:96:67:
7d:f0:90:b3:f0:6e:77:61:3e:3b:29:c6:61:4f:29:
48:54:f9:b4:49:b2:3e:50:0e:89:87:64:23:38:7a:
ab:31:e4:21:bb:99:d4:96:9c:95:1f:2e:58:b3:4d:
9a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:A9:84:4E:D7:EF:E1:F2:A9:F2:34:BF:A6:10:8F:16:75:D7:C6:54
X509v3 Authority Key Identifier:
keyid:09:DC:F1:E8:97:E5:98:EC:3F:1A:B6:0B:D4:43:32:87:26:DE:DA:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cdzx6JflmOw_GrYL1EMyhybe2uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/G6mETtfv4fKp8jS_phCPFnXXxlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/Cdzx6JflmOw_GrYL1EMyhybe2uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.246.240.0/22
91.210.56.0/22
141.98.12.0/22
185.121.172.0/22
185.150.196.0/22
IPv6:
2a0d:3e80::/29
Signature Algorithm: sha256WithRSAEncryption
0e:76:de:c2:f9:2b:6e:52:dd:36:cc:39:42:03:c1:1c:8c:80:
97:81:35:85:1c:10:c3:6e:6c:2b:3c:01:69:fa:d1:27:52:ce:
ce:fa:67:b0:7f:d3:d7:c4:90:ae:28:ab:1c:f6:ce:fa:f1:8d:
8b:d1:87:a0:63:06:d2:9c:73:6a:c3:09:8d:ea:ed:e5:fa:7a:
8b:4a:8b:69:11:a0:53:c8:31:ef:cb:b6:5c:b4:7f:b9:0c:6e:
bb:db:c1:23:e8:de:ae:08:db:46:1e:5e:65:90:1b:d4:d1:6d:
eb:3e:d5:1e:29:b8:03:7f:58:03:eb:eb:e2:f0:0a:74:41:aa:
24:26:b2:11:34:21:b7:f8:27:a7:49:ec:ac:20:db:ea:4b:66:
59:dc:da:ec:d7:37:28:b4:83:0a:b8:52:56:25:16:ee:2a:b1:
b9:ae:a6:42:51:9e:53:cb:ec:d2:9c:6e:5f:05:f8:79:d9:3b:
0c:8c:c5:a2:68:08:22:f6:d4:dd:77:24:61:24:a3:ef:dc:68:
d2:ab:c3:31:87:af:63:63:73:08:eb:e2:e3:1c:74:dc:b0:96:
0d:47:4d:ef:00:f6:73:c4:d9:aa:8b:b5:98:62:31:3a:3a:55:
56:b8:5d:04:70:b7:f8:f4:59:af:e1:2d:52:ab:72:98:0a:0a:
65:5c:c0:20
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYfhfCdkC4a5dFigoH51WFyIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZGNmMWU4OTdlNTk4ZWMzZjFhYjYwYmQ0NDMzMjg3MjZk
ZWRhZTQwHhcNMjMwNTAzMTIwMDIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmE5ODQ0ZWQ3ZWZlMWYyYTlmMjM0YmZhNjEwOGYxNjc1ZDdjNjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1l7BxYr2C/k3+DuLsknBy876wME
6EJfKhTfqCIF1nl9o4d7vQyLEI0go7KHbPvKcYEnjx6VvxKo0/M7pnqIieFGU0YE
y0ltvgw37kTsdABqw4JuYlH9uwsnLtbSyzDlqnCKNFm15YHtk7xEqTmYa0HpmlO1
LhrKaBpG8J8WYadwJsWv/biq299ToVOk2wu/smzeXq1sD0AmCMW05Pi+qyiyFYJb
60kDlNkyMT0eRsDzw2OJUiWGDpaXg/rO2z3MNM0jD35Xd/dqYpefURPVlmd98JCz
8G53YT47KcZhTylIVPm0SbI+UA6Jh2QjOHqrMeQhu5nUlpyVHy5Ys02aDQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFBuphE7X7+HyqfI0v6YQjxZ118ZUMB8GA1UdIwQY
MBaAFAnc8eiX5ZjsPxq2C9RDMocm3trkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2R6eDZKZmxtT3dfR3JZTDFFTXloeWJlMnVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC85YmM0Y2MtYjY0Ni00NzAxLTg5NzUt
NjIzZTE5OWZkYmU5LzEvRzZtRVR0ZnY0ZktwOGpTX3BoQ1BGblhYeGxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC85YmM0Y2MtYjY0Ni00NzAxLTg5NzUtNjIzZTE5OWZkYmU5
LzEvQ2R6eDZKZmxtT3dfR3JZTDFFTXloeWJlMnVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCVPbwAwQC
W9I4AwQCjWIMAwQCuXmsAwQCuZbEMA0EAgACMAcDBQMqDT6AMA0GCSqGSIb3DQEB
CwUAA4IBAQAOdt7C+StuUt02zDlCA8EcjICXgTWFHBDDbmwrPAFp+tEnUs7O+mew
f9PXxJCuKKsc9s768Y2L0YegYwbSnHNqwwmN6u3l+nqLSotpEaBTyDHvy7ZctH+5
DG6728Ej6N6uCNtGHl5lkBvU0W3rPtUeKbgDf1gD6+vi8Ap0QaokJrIRNCG3+Cen
SeysINvqS2ZZ3Nrs1zcotIMKuFJWJRbuKrG5rqZCUZ5Ty+zSnG5fBfh52TsMjMWi
aAgi9tTddyRhJKPv3GjSq8Mxh69jY3MI6+LjHHTcsJYNR03vAPZzxNmqi7WYYjE6
OlVWuF0EcLf49Fmv4S1Sq3KYCgplXMAg
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:32:34 2024 by rpki-client on console-ams.rpki-client.org