Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/95sxa6G581XOmscAY9mgNlPAhX8.roa
File: 95sxa6G581XOmscAY9mgNlPAhX8.roa (raw, json)
Hash identifier: C6UTt3DI/3wmBrOZEqL8lQujzNX8+YECGywswLXd6aY=
Subject key identifier: F7:9B:31:6B:A1:B9:F3:55:CE:9A:C7:00:63:D9:A0:36:53:C0:85:7F
Certificate issuer: /CN=6cc69c3d7030cec19f8fb66e543bde65595708a2
Certificate serial: 018CFEF5F2787AA670EB1FDC8DD20F63B3A5
Authority key identifier: 6C:C6:9C:3D:70:30:CE:C1:9F:8F:B6:6E:54:3B:DE:65:59:57:08:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bMacPXAwzsGfj7ZuVDveZVlXCKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/95sxa6G581XOmscAY9mgNlPAhX8.roa
Signing time: Fri 12 Jan 2024 18:36:20 +0000
ROA not before: Fri 12 Jan 2024 18:36:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204033
IP address blocks: 185.20.7.0/24 maxlen: 24
2a13:3d00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 30 Jan 2024 14:15:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fe:f5:f2:78:7a:a6:70:eb:1f:dc:8d:d2:0f:63:b3:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cc69c3d7030cec19f8fb66e543bde65595708a2
Validity
Not Before: Jan 12 18:36:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f79b316ba1b9f355ce9ac70063d9a03653c0857f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:82:4f:57:5d:94:cd:fc:8b:90:75:82:28:ab:
68:db:da:ca:8f:40:bc:fa:67:c3:ef:ed:71:1a:19:
ce:80:81:21:7b:57:73:60:82:d2:13:18:9d:64:2c:
92:ac:71:f8:45:32:29:55:7b:ba:2d:8f:4e:c5:d8:
9e:23:b7:0b:fa:b8:e3:c9:fc:33:9b:59:33:b4:1e:
22:1f:07:b9:d8:d2:1a:d9:97:71:44:b3:ec:55:0d:
15:1c:d3:a7:b5:d4:e3:06:99:c7:84:18:cd:82:2c:
12:b4:de:5d:6d:7d:02:7a:49:4c:2e:20:7a:1e:d5:
e0:e6:73:e1:26:75:7b:b5:55:72:da:df:8f:76:d3:
ca:49:9e:75:dc:8d:a8:7b:bb:14:ae:3e:3e:64:8e:
3e:8f:16:b0:0d:48:7f:ef:ba:03:97:12:60:44:9d:
68:cb:07:d7:a3:8d:d1:97:92:21:b6:f1:99:0f:d7:
85:45:e9:b0:f6:9c:bc:4d:85:f3:20:34:63:ed:c5:
ca:91:e8:00:d7:80:c5:1f:4b:aa:55:c8:16:e7:ca:
69:c7:a5:27:5f:ba:26:1c:bd:95:a3:fa:b2:c8:16:
4e:1c:fe:6d:b3:10:bc:ca:d4:c8:cf:7f:f7:90:b8:
ba:b2:48:19:8d:3d:80:b2:93:e4:08:af:2e:4b:66:
a2:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:9B:31:6B:A1:B9:F3:55:CE:9A:C7:00:63:D9:A0:36:53:C0:85:7F
X509v3 Authority Key Identifier:
keyid:6C:C6:9C:3D:70:30:CE:C1:9F:8F:B6:6E:54:3B:DE:65:59:57:08:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bMacPXAwzsGfj7ZuVDveZVlXCKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/95sxa6G581XOmscAY9mgNlPAhX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/bMacPXAwzsGfj7ZuVDveZVlXCKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.20.7.0/24
IPv6:
2a13:3d00::/29
Signature Algorithm: sha256WithRSAEncryption
2d:bf:7f:6a:a2:11:dc:58:a8:56:21:64:d3:ef:c8:02:4a:26:
57:00:e3:10:8e:29:58:af:59:a3:84:9d:18:8d:7d:58:7f:8d:
4a:94:0f:19:7a:f3:a5:45:f5:e2:cd:b7:52:88:d2:4b:b3:fc:
f7:d6:da:df:13:be:0e:d2:20:17:04:f6:8d:ab:a5:51:90:17:
92:4e:7a:ee:aa:cf:0b:0e:c9:95:ea:21:6d:95:4b:90:64:8d:
95:4f:92:18:b5:f5:86:43:26:04:21:45:46:72:32:75:0c:3b:
14:4a:b2:81:df:7a:0f:ea:8a:2d:8f:7b:3e:ea:2d:04:88:82:
9e:c2:f0:88:4a:28:ad:78:b0:73:bc:61:51:10:1c:77:d4:9f:
d7:1c:73:59:36:fe:6f:32:f4:fb:b1:ce:43:a1:fe:fb:97:f7:
3e:4e:60:ee:f3:26:6f:f3:cf:5b:d2:2c:12:e9:4c:5d:6b:95:
82:e6:77:a6:7f:45:46:50:07:cf:27:28:4d:a5:b4:fa:69:4c:
0f:ce:7a:fb:dc:60:e3:fb:8b:bd:7d:c0:17:54:42:c4:ac:a8:
3f:ff:89:4b:ec:78:fc:8b:4b:57:15:71:99:06:c5:2c:ad:13:
a4:f8:0f:0a:1b:fe:60:0a:1e:58:ab:af:03:0c:74:49:f7:7a:
09:45:00:fb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYz+9fJ4eqZw6x/cjdIPY7OlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYzY5YzNkNzAzMGNlYzE5ZjhmYjY2ZTU0M2JkZTY1NTk1
NzA4YTIwHhcNMjQwMTEyMTgzNjIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzliMzE2YmExYjlmMzU1Y2U5YWM3MDA2M2Q5YTAzNjUzYzA4NTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIJPV12UzfyLkHWCKKto29rKj0C8
+mfD7+1xGhnOgIEhe1dzYILSExidZCySrHH4RTIpVXu6LY9OxdieI7cL+rjjyfwz
m1kztB4iHwe52NIa2ZdxRLPsVQ0VHNOntdTjBpnHhBjNgiwStN5dbX0CeklMLiB6
HtXg5nPhJnV7tVVy2t+PdtPKSZ513I2oe7sUrj4+ZI4+jxawDUh/77oDlxJgRJ1o
ywfXo43Rl5IhtvGZD9eFRemw9py8TYXzIDRj7cXKkegA14DFH0uqVcgW58ppx6Un
X7omHL2Vo/qyyBZOHP5tsxC8ytTIz3/3kLi6skgZjT2AspPkCK8uS2aiHQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPebMWuhufNVzprHAGPZoDZTwIV/MB8GA1UdIwQY
MBaAFGzGnD1wMM7Bn4+2blQ73mVZVwiiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk1hY1BYQXd6c0dmajdadVZEdmVaVmxYQ0tJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS85Y2E1OGUtOWUzMi00MjhmLTg0MTEt
MWFlYjZhNGU0NWFkLzEvOTVzeGE2RzU4MVhPbXNjQVk5bWdObFBBaFg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS85Y2E1OGUtOWUzMi00MjhmLTg0MTEtMWFlYjZhNGU0NWFk
LzEvYk1hY1BYQXd6c0dmajdadVZEdmVaVmxYQ0tJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuRQHMA0E
AgACMAcDBQMqEz0AMA0GCSqGSIb3DQEBCwUAA4IBAQAtv39qohHcWKhWIWTT78gC
SiZXAOMQjilYr1mjhJ0YjX1Yf41KlA8ZevOlRfXizbdSiNJLs/z31trfE74O0iAX
BPaNq6VRkBeSTnruqs8LDsmV6iFtlUuQZI2VT5IYtfWGQyYEIUVGcjJ1DDsUSrKB
33oP6ootj3s+6i0EiIKewvCISiiteLBzvGFREBx31J/XHHNZNv5vMvT7sc5Dof77
l/c+TmDu8yZv889b0iwS6Uxda5WC5nemf0VGUAfPJyhNpbT6aUwPznr73GDj+4u9
fcAXVELErKg//4lL7Hj8i0tXFXGZBsUsrROk+A8KG/5gCh5Yq68DDHRJ93oJRQD7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:43 2024 by rpki-client on console-ams.rpki-client.org