Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/6Kdj39M5SY4D8F9FBqI08ZX1mZo.roa
File: 6Kdj39M5SY4D8F9FBqI08ZX1mZo.roa (raw, json)
Hash identifier: P+YIlklW40Yl99Swxxvx4jRhLvo4xaX0Gee6jdBekN4=
Subject key identifier: E8:A7:63:DF:D3:39:49:8E:03:F0:5F:45:06:A2:34:F1:95:F5:99:9A
Certificate issuer: /CN=75ea894ee05775e0ef061d086ca252147f5c91de
Certificate serial: 0191D63E663C49730A1AC9E025FC55BEDDE4
Authority key identifier: 75:EA:89:4E:E0:57:75:E0:EF:06:1D:08:6C:A2:52:14:7F:5C:91:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/deqJTuBXdeDvBh0IbKJSFH9ckd4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/6Kdj39M5SY4D8F9FBqI08ZX1mZo.roa
Signing time: Mon 09 Sep 2024 10:04:59 +0000
ROA not before: Mon 09 Sep 2024 10:04:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58075
IP address blocks: 37.235.80.0/21 maxlen: 24
45.154.44.0/22 maxlen: 24
185.21.52.0/22 maxlen: 24
185.43.20.0/22 maxlen: 24
185.186.172.0/22 maxlen: 24
195.96.158.0/24 maxlen: 24
2a04:9380::/29 maxlen: 64
Validation: Failed, certificate revoked on Mon 09 Sep 2024 12:28:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d6:3e:66:3c:49:73:0a:1a:c9:e0:25:fc:55:be:dd:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75ea894ee05775e0ef061d086ca252147f5c91de
Validity
Not Before: Sep 9 10:04:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e8a763dfd339498e03f05f4506a234f195f5999a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:52:9d:23:54:19:d6:23:98:3e:19:c1:a1:ea:
af:04:93:eb:b4:57:cf:47:42:05:c3:4c:57:6f:2e:
d0:22:ac:a0:21:54:f4:3b:02:0c:63:cc:f6:3f:40:
05:07:73:f8:d8:41:92:f2:d4:b4:e0:18:04:c0:dd:
a5:b8:aa:2a:01:84:cc:ec:36:b9:b4:a1:24:e7:7a:
cb:d8:01:7a:90:2a:7a:8e:58:70:28:29:a7:2b:15:
30:fb:d0:70:f6:68:a4:c8:fd:15:b4:87:79:39:17:
c1:4f:fe:9f:2a:02:3b:09:48:c7:ae:eb:b9:18:0e:
d0:67:dd:00:78:e0:48:4a:85:3f:68:6d:08:54:23:
81:62:86:d2:5d:57:02:b8:f5:fb:05:64:82:ce:eb:
02:9c:4a:b7:1e:0a:8b:f9:88:f9:8f:99:58:96:41:
cb:c3:4b:0a:47:20:98:ce:57:14:7c:a4:a2:4a:4f:
49:e9:8d:50:8a:eb:38:9e:ab:52:67:93:62:a1:05:
ec:3b:54:f7:6a:4c:67:34:eb:f5:59:80:1f:78:ae:
01:5d:ab:b9:6a:9d:af:26:c0:83:9e:fc:16:73:41:
60:a4:bf:8c:d9:6f:6d:52:58:61:43:93:c0:d6:57:
7f:56:2c:a0:a9:9b:86:f1:d2:e4:72:55:8a:14:75:
11:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:A7:63:DF:D3:39:49:8E:03:F0:5F:45:06:A2:34:F1:95:F5:99:9A
X509v3 Authority Key Identifier:
keyid:75:EA:89:4E:E0:57:75:E0:EF:06:1D:08:6C:A2:52:14:7F:5C:91:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/deqJTuBXdeDvBh0IbKJSFH9ckd4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/6Kdj39M5SY4D8F9FBqI08ZX1mZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/deqJTuBXdeDvBh0IbKJSFH9ckd4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.80.0/21
45.154.44.0/22
185.21.52.0/22
185.43.20.0/22
185.186.172.0/22
195.96.158.0/24
IPv6:
2a04:9380::/29
Signature Algorithm: sha256WithRSAEncryption
1b:57:aa:ce:3c:1e:79:a6:be:0a:57:34:b0:b6:76:3c:75:c4:
ad:3b:ed:34:70:30:f1:e6:bf:1a:b1:58:ee:44:8b:c7:25:66:
6d:23:97:43:66:3b:d5:ac:ef:00:06:68:3d:e0:27:7c:57:31:
fa:46:49:32:97:de:f8:49:7f:88:b5:cd:49:0a:bc:fb:13:70:
34:33:52:9b:b5:82:44:cf:bb:ca:64:fd:1d:5b:65:90:3a:c5:
e3:08:d7:bb:0e:ea:a2:46:c3:2c:07:bc:ec:aa:0b:7a:fd:98:
5e:7c:d1:43:39:65:85:14:be:4c:e3:3f:24:24:34:79:e1:84:
94:48:c5:ae:5d:84:8e:c1:59:ce:e8:97:62:e8:00:89:1c:7a:
ad:6e:b7:61:fd:65:1a:c1:33:e1:bd:35:a6:37:fc:fb:d7:6d:
7b:c5:54:ea:34:65:46:78:4d:8c:3c:cf:75:82:cd:f1:9c:fd:
77:1a:30:32:b1:2e:45:80:3c:e0:ee:23:e4:55:e3:b3:5f:cf:
0e:c4:af:bc:96:81:4a:4d:dd:d3:89:89:e3:25:0a:ca:a0:5f:
74:4e:6a:95:7c:c0:2e:0f:b3:13:56:7b:48:a3:80:e7:dc:96:
28:77:20:31:f3:36:2d:f8:25:8a:dd:1b:84:e2:dd:16:a3:c8:
f5:ad:8e:bc
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZHWPmY8SXMKGsngJfxVvt3kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZWE4OTRlZTA1Nzc1ZTBlZjA2MWQwODZjYTI1MjE0N2Y1
YzkxZGUwHhcNMjQwOTA5MTAwNDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGE3NjNkZmQzMzk0OThlMDNmMDVmNDUwNmEyMzRmMTk1ZjU5OTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFKdI1QZ1iOYPhnBoeqvBJPrtFfP
R0IFw0xXby7QIqygIVT0OwIMY8z2P0AFB3P42EGS8tS04BgEwN2luKoqAYTM7Da5
tKEk53rL2AF6kCp6jlhwKCmnKxUw+9Bw9mikyP0VtId5ORfBT/6fKgI7CUjHruu5
GA7QZ90AeOBISoU/aG0IVCOBYobSXVcCuPX7BWSCzusCnEq3HgqL+Yj5j5lYlkHL
w0sKRyCYzlcUfKSiSk9J6Y1Qius4nqtSZ5NioQXsO1T3akxnNOv1WYAfeK4BXau5
ap2vJsCDnvwWc0FgpL+M2W9tUlhhQ5PA1ld/ViygqZuG8dLkclWKFHUR+QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFOinY9/TOUmOA/BfRQaiNPGV9ZmaMB8GA1UdIwQY
MBaAFHXqiU7gV3Xg7wYdCGyiUhR/XJHeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGVxSlR1QlhkZUR2QmgwSWJLSlNGSDlja2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8xY2RjZTItYTNmOC00NGI2LWI1ZTEt
YjdmMjk4NGViNjUzLzEvNktkajM5TTVTWTREOEY5RkJxSTA4WlgxbVpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8xY2RjZTItYTNmOC00NGI2LWI1ZTEtYjdmMjk4NGViNjUz
LzEvZGVxSlR1QlhkZUR2QmgwSWJLSlNGSDlja2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDJetQAwQC
LZosAwQCuRU0AwQCuSsUAwQCubqsAwQAw2CeMA0EAgACMAcDBQMqBJOAMA0GCSqG
SIb3DQEBCwUAA4IBAQAbV6rOPB55pr4KVzSwtnY8dcStO+00cDDx5r8asVjuRIvH
JWZtI5dDZjvVrO8ABmg94Cd8VzH6Rkkyl974SX+Itc1JCrz7E3A0M1KbtYJEz7vK
ZP0dW2WQOsXjCNe7DuqiRsMsB7zsqgt6/ZhefNFDOWWFFL5M4z8kJDR54YSUSMWu
XYSOwVnO6Jdi6ACJHHqtbrdh/WUawTPhvTWmN/z71217xVTqNGVGeE2MPM91gs3x
nP13GjAysS5FgDzg7iPkVeOzX88OxK+8loFKTd3TiYnjJQrKoF90TmqVfMAuD7MT
VntIo4Dn3JYodyAx8zYt+CWK3RuE4t0Wo8j1rY68
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:02 2025 by rpki-client