Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/6nmIS5Y8J4KlOHvRIBGQlBffQKU.roa
File: 6nmIS5Y8J4KlOHvRIBGQlBffQKU.roa (raw, json)
Hash identifier: DE4Dhsaduje7KYDRcZk/RvqRQsRaLLqD0M1Fiko/4ss=
Subject key identifier: EA:79:88:4B:96:3C:27:82:A5:38:7B:D1:20:11:90:94:17:DF:40:A5
Certificate issuer: /CN=fc282a794b3f7ab4cd6feb6c5fd6b3d256afc461
Certificate serial: 0186C0B16CB9DF65A2CF0B40C38341B7F61E
Authority key identifier: FC:28:2A:79:4B:3F:7A:B4:CD:6F:EB:6C:5F:D6:B3:D2:56:AF:C4:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_CgqeUs_erTNb-tsX9az0lavxGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/6nmIS5Y8J4KlOHvRIBGQlBffQKU.roa
Signing time: Wed 08 Mar 2023 10:08:18 +0000
ROA not before: Wed 08 Mar 2023 10:08:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 185.144.236.0/24 maxlen: 24
185.144.236.0/22 maxlen: 22
2a07:4407::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 08 Mar 2023 10:24:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c0:b1:6c:b9:df:65:a2:cf:0b:40:c3:83:41:b7:f6:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc282a794b3f7ab4cd6feb6c5fd6b3d256afc461
Validity
Not Before: Mar 8 10:08:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea79884b963c2782a5387bd12011909417df40a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:8f:54:ad:33:52:4a:a8:72:b3:44:fd:de:e2:
6b:fd:8f:4e:f1:ec:b7:26:4f:4d:ce:09:6b:72:2a:
92:97:77:86:f2:9f:5c:23:4b:a8:2b:13:ec:7f:6e:
03:ca:69:b9:50:12:7e:1a:06:3c:fe:3b:52:b6:6d:
f5:d0:80:34:6b:a2:5c:0e:54:f8:34:34:e8:79:3b:
73:ff:9c:74:1b:17:d4:e8:cc:ab:53:64:60:48:1e:
6b:88:18:50:b7:3e:15:de:fb:6e:a4:be:68:0b:a5:
99:3a:7e:a7:b2:1c:2c:be:ec:39:6c:82:5c:bf:eb:
93:43:66:0a:ee:84:52:2b:fe:47:ba:ab:ce:21:a6:
0f:1e:d0:a1:a9:82:72:94:ea:ba:86:3f:f8:a7:49:
a8:8e:d9:e4:40:2c:92:5e:d6:d5:bd:1b:76:a8:47:
79:24:52:1b:5a:3a:a7:0b:4a:3a:dc:b7:96:8e:20:
95:af:2f:70:83:38:c0:fe:11:ed:c9:be:00:21:1a:
a6:7f:8b:fe:d8:c3:4e:94:fd:b7:53:96:e4:34:44:
02:22:9a:3f:c7:b3:12:1b:ce:0a:8d:be:2e:72:a8:
ad:d7:f8:c0:dc:d8:29:f6:c8:06:c5:73:6b:d4:fd:
79:62:69:7b:b4:df:03:0b:fa:59:dd:0d:1f:a3:6f:
c6:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:79:88:4B:96:3C:27:82:A5:38:7B:D1:20:11:90:94:17:DF:40:A5
X509v3 Authority Key Identifier:
keyid:FC:28:2A:79:4B:3F:7A:B4:CD:6F:EB:6C:5F:D6:B3:D2:56:AF:C4:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_CgqeUs_erTNb-tsX9az0lavxGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/6nmIS5Y8J4KlOHvRIBGQlBffQKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/_CgqeUs_erTNb-tsX9az0lavxGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.236.0/22
IPv6:
2a07:4407::/32
Signature Algorithm: sha256WithRSAEncryption
be:7e:92:e3:85:f8:e1:9b:82:86:bf:f2:5e:e2:f9:e8:f4:c9:
ab:e8:23:dc:79:aa:01:04:33:89:5b:88:95:9f:62:a9:c3:38:
31:16:86:8c:eb:49:84:26:31:4a:f2:f8:fd:e0:f0:d0:25:3d:
37:e3:07:7c:a0:76:15:b4:82:45:c2:92:73:65:a0:91:dd:c6:
2c:b0:24:0a:3b:35:c6:0e:7f:9d:62:de:72:76:4a:ac:62:b7:
4a:1e:a8:2e:ba:5f:e1:7b:8e:f9:81:42:12:76:7d:8d:b7:81:
0f:63:55:b2:b2:98:37:2a:7a:9a:22:77:a1:e4:f2:45:4f:49:
65:ee:91:93:4c:c5:5c:d7:45:a5:cd:1c:c7:63:b3:94:ec:81:
11:12:c6:1e:b6:4e:39:31:6c:6b:46:2a:31:93:a2:e9:cf:36:
56:17:35:37:b7:32:17:93:77:b8:2f:70:44:a7:f8:fe:f0:9d:
74:37:fb:57:73:80:27:7c:9b:ff:63:56:18:fc:df:bb:4f:61:
55:ed:0a:56:4f:5a:30:74:1d:c3:ee:bd:41:73:18:9f:36:a2:
f3:26:91:b5:78:7a:a3:ea:cf:37:97:5b:91:5e:f4:49:00:c9:
45:d0:d1:ac:ba:38:a4:04:2b:00:7e:38:25:85:82:a6:cc:22:
aa:44:a6:62
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYbAsWy532WizwtAw4NBt/YeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjMjgyYTc5NGIzZjdhYjRjZDZmZWI2YzVmZDZiM2QyNTZh
ZmM0NjEwHhcNMjMwMzA4MTAwODE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTc5ODg0Yjk2M2MyNzgyYTUzODdiZDEyMDExOTA5NDE3ZGY0MGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk49UrTNSSqhys0T93uJr/Y9O8ey3
Jk9NzglrciqSl3eG8p9cI0uoKxPsf24Dymm5UBJ+GgY8/jtStm310IA0a6JcDlT4
NDToeTtz/5x0GxfU6MyrU2RgSB5riBhQtz4V3vtupL5oC6WZOn6nshwsvuw5bIJc
v+uTQ2YK7oRSK/5HuqvOIaYPHtChqYJylOq6hj/4p0mojtnkQCySXtbVvRt2qEd5
JFIbWjqnC0o63LeWjiCVry9wgzjA/hHtyb4AIRqmf4v+2MNOlP23U5bkNEQCIpo/
x7MSG84Kjb4ucqit1/jA3Ngp9sgGxXNr1P15Yml7tN8DC/pZ3Q0fo2/GswIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOp5iEuWPCeCpTh70SARkJQX30ClMB8GA1UdIwQY
MBaAFPwoKnlLP3q0zW/rbF/Ws9JWr8RhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0NncWVVc19lclROYi10c1g5YXowbGF2eEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9lNDg1ZTEtYTY1Zi00M2Q0LWI1NzIt
ZDMzMjZjNTliY2QyLzEvNm5tSVM1WThKNEtsT0h2UklCR1FsQmZmUUtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9lNDg1ZTEtYTY1Zi00M2Q0LWI1NzItZDMzMjZjNTliY2Qy
LzEvX0NncWVVc19lclROYi10c1g5YXowbGF2eEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZDsMA0E
AgACMAcDBQAqB0QHMA0GCSqGSIb3DQEBCwUAA4IBAQC+fpLjhfjhm4KGv/Je4vno
9Mmr6CPceaoBBDOJW4iVn2KpwzgxFoaM60mEJjFK8vj94PDQJT034wd8oHYVtIJF
wpJzZaCR3cYssCQKOzXGDn+dYt5ydkqsYrdKHqguul/he475gUISdn2Nt4EPY1Wy
spg3KnqaIneh5PJFT0ll7pGTTMVc10WlzRzHY7OU7IEREsYetk45MWxrRioxk6Lp
zzZWFzU3tzIXk3e4L3BEp/j+8J10N/tXc4AnfJv/Y1YY/N+7T2FV7QpWT1owdB3D
7r1BcxifNqLzJpG1eHqj6s83l1uRXvRJAMlF0NGsujikBCsAfjglhYKmzCKqRKZi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:20 2024 by rpki-client on console-ams.rpki-client.org