Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/4dd198-93cb-459c-bee2-2d1daa299e83/1/6RnoxMY3H-Uuai9wTKY9bYV-o7I.roa
File: 6RnoxMY3H-Uuai9wTKY9bYV-o7I.roa (raw, json)
Hash identifier: ZVmiRaHxVLgttD2MtV6W8ogeOaVoeYPSDhZ5Z3f5B6I=
Subject key identifier: E9:19:E8:C4:C6:37:1F:E5:2E:6A:2F:70:4C:A6:3D:6D:85:7E:A3:B2
Certificate issuer: /CN=b7c8df3da33938bf1b245f1c4479fd24dd9f94f0
Certificate serial: 01856D93F755A42473EFA049CB573FCC44C5
Authority key identifier: B7:C8:DF:3D:A3:39:38:BF:1B:24:5F:1C:44:79:FD:24:DD:9F:94:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t8jfPaM5OL8bJF8cRHn9JN2flPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/4dd198-93cb-459c-bee2-2d1daa299e83/1/6RnoxMY3H-Uuai9wTKY9bYV-o7I.roa
Signing time: Sun 01 Jan 2023 13:44:51 +0000
ROA not before: Sun 01 Jan 2023 13:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200064
IP address blocks: 185.238.164.0/24 maxlen: 24
185.238.166.0/24 maxlen: 24
185.238.165.0/24 maxlen: 24
185.238.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Jun 2023 13:03:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:93:f7:55:a4:24:73:ef:a0:49:cb:57:3f:cc:44:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7c8df3da33938bf1b245f1c4479fd24dd9f94f0
Validity
Not Before: Jan 1 13:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e919e8c4c6371fe52e6a2f704ca63d6d857ea3b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:fc:bb:1c:e7:2c:01:48:a4:d4:fa:ec:0a:a6:
e9:64:39:cd:18:a3:53:bf:67:5b:f6:aa:c1:90:56:
f1:c9:21:cf:c0:54:5f:c0:32:0b:21:6e:83:70:1e:
54:69:65:f2:92:71:d8:93:5a:b5:9c:2b:1e:e1:2e:
97:f6:96:f5:e3:4f:df:61:f5:09:e5:2f:18:e5:64:
a8:cb:e8:d4:e6:b4:63:b5:cd:b7:45:11:67:81:e3:
ce:cf:2c:e0:55:51:b9:b1:b6:78:62:52:0d:c2:9d:
58:8c:b5:97:a7:74:52:b5:77:c9:47:33:7d:ff:81:
d5:07:d9:c5:34:4d:e5:1e:14:67:bb:44:49:c3:ea:
2e:db:a0:b4:57:be:65:92:c1:4c:ee:4e:64:f9:c3:
ff:49:5c:16:c2:e5:cd:2a:d9:b1:d1:a9:04:9b:f9:
54:b6:57:8d:45:1a:19:fc:9f:c7:b2:3e:38:b6:42:
b3:9e:04:81:a3:50:1a:c2:b8:b8:60:6f:c3:c8:fe:
1a:28:e0:e8:54:72:d0:f9:ce:3b:aa:3b:6a:75:3c:
1d:75:e5:01:e1:c8:31:06:de:78:65:97:84:1a:56:
b4:3d:d0:44:b6:55:9f:47:f6:ff:a8:73:6c:9e:89:
5d:69:a5:db:e2:28:05:04:43:5c:bb:52:eb:dc:9a:
51:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:19:E8:C4:C6:37:1F:E5:2E:6A:2F:70:4C:A6:3D:6D:85:7E:A3:B2
X509v3 Authority Key Identifier:
keyid:B7:C8:DF:3D:A3:39:38:BF:1B:24:5F:1C:44:79:FD:24:DD:9F:94:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t8jfPaM5OL8bJF8cRHn9JN2flPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/4dd198-93cb-459c-bee2-2d1daa299e83/1/6RnoxMY3H-Uuai9wTKY9bYV-o7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/4dd198-93cb-459c-bee2-2d1daa299e83/1/t8jfPaM5OL8bJF8cRHn9JN2flPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.164.0/22
Signature Algorithm: sha256WithRSAEncryption
68:2a:c2:35:a6:72:f0:f1:1d:06:36:10:2b:12:01:ab:5a:1a:
56:ec:37:d9:88:c8:b7:84:e8:7e:41:ae:22:23:fb:a6:be:4a:
4c:00:9e:70:56:12:4d:54:25:29:c2:dd:53:9e:33:19:51:f6:
03:b9:8b:a6:75:c6:76:75:44:bb:a2:76:85:9c:af:b3:dc:14:
b6:e6:42:49:1c:9b:76:30:50:b5:06:1d:08:70:f6:10:06:f0:
4b:e7:99:96:87:83:d6:b1:fd:d3:95:ca:36:b6:7e:09:97:a1:
44:16:95:38:68:19:75:35:8e:7d:e6:9f:8a:3a:bb:55:2c:00:
c9:73:d5:50:12:b7:51:78:cc:cb:4a:6c:82:e4:08:2c:5f:3b:
c0:4c:04:cf:0a:f5:f7:59:19:66:34:87:92:36:ec:51:a6:b5:
01:06:54:e8:32:95:77:8a:b5:6f:0d:3b:05:1c:24:b5:23:2a:
2b:3d:52:3b:0d:93:9c:81:8c:99:24:46:aa:f3:07:60:48:75:
e6:69:3c:50:98:95:c0:19:00:a9:ee:49:de:05:24:ee:8a:f6:
7a:5c:a3:dc:b0:75:4b:2a:63:5b:af:cf:c8:e2:ee:4f:e3:a6:
54:26:2b:2b:4a:6e:bd:e5:a4:5f:c3:e7:ec:7a:a3:1d:9b:0f:
5c:59:e7:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtk/dVpCRz76BJy1c/zETFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3YzhkZjNkYTMzOTM4YmYxYjI0NWYxYzQ0NzlmZDI0ZGQ5
Zjk0ZjAwHhcNMjMwMTAxMTM0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTE5ZThjNGM2MzcxZmU1MmU2YTJmNzA0Y2E2M2Q2ZDg1N2VhM2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/y7HOcsAUik1PrsCqbpZDnNGKNT
v2db9qrBkFbxySHPwFRfwDILIW6DcB5UaWXyknHYk1q1nCse4S6X9pb140/fYfUJ
5S8Y5WSoy+jU5rRjtc23RRFngePOzyzgVVG5sbZ4YlINwp1YjLWXp3RStXfJRzN9
/4HVB9nFNE3lHhRnu0RJw+ou26C0V75lksFM7k5k+cP/SVwWwuXNKtmx0akEm/lU
tleNRRoZ/J/Hsj44tkKzngSBo1Aawri4YG/DyP4aKODoVHLQ+c47qjtqdTwddeUB
4cgxBt54ZZeEGla0PdBEtlWfR/b/qHNsnoldaaXb4igFBENcu1Lr3JpR+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOkZ6MTGNx/lLmovcEymPW2FfqOyMB8GA1UdIwQY
MBaAFLfI3z2jOTi/GyRfHER5/STdn5TwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDhqZlBhTTVPTDhiSkY4Y1JIbjlKTjJmbFBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny80ZGQxOTgtOTNjYi00NTljLWJlZTIt
MmQxZGFhMjk5ZTgzLzEvNlJub3hNWTNILVV1YWk5d1RLWTliWVYtbzdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny80ZGQxOTgtOTNjYi00NTljLWJlZTItMmQxZGFhMjk5ZTgz
LzEvdDhqZlBhTTVPTDhiSkY4Y1JIbjlKTjJmbFBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCue6kMA0G
CSqGSIb3DQEBCwUAA4IBAQBoKsI1pnLw8R0GNhArEgGrWhpW7DfZiMi3hOh+Qa4i
I/umvkpMAJ5wVhJNVCUpwt1TnjMZUfYDuYumdcZ2dUS7onaFnK+z3BS25kJJHJt2
MFC1Bh0IcPYQBvBL55mWh4PWsf3Tlco2tn4Jl6FEFpU4aBl1NY595p+KOrtVLADJ
c9VQErdReMzLSmyC5AgsXzvATATPCvX3WRlmNIeSNuxRprUBBlToMpV3irVvDTsF
HCS1IyorPVI7DZOcgYyZJEaq8wdgSHXmaTxQmJXAGQCp7kneBSTuivZ6XKPcsHVL
KmNbr8/I4u5P46ZUJisrSm695aRfw+fseqMdmw9cWedF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:45 2024 by rpki-client on console-fra.rpki-client.org