Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/28fce4-81f1-4cd3-a8ed-ab94affb903a/1/6lYMgPBmLNhR_-KRuLRYkTNEFTo.roa
File: 6lYMgPBmLNhR_-KRuLRYkTNEFTo.roa (raw, json)
Hash identifier: 2NR4q2UgufRzPsgbJ31HzOOkZ0ajsQ2b49gosql4ED8=
Subject key identifier: EA:56:0C:80:F0:66:2C:D8:51:FF:E2:91:B8:B4:58:91:33:44:15:3A
Certificate issuer: /CN=3ff58dffba4df6ac34bd9f48119ae11cfef8a76c
Certificate serial: 01856CF82C8D8103A9B3CC7B2A8959AFF080
Authority key identifier: 3F:F5:8D:FF:BA:4D:F6:AC:34:BD:9F:48:11:9A:E1:1C:FE:F8:A7:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P_WN_7pN9qw0vZ9IEZrhHP74p2w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/28fce4-81f1-4cd3-a8ed-ab94affb903a/1/6lYMgPBmLNhR_-KRuLRYkTNEFTo.roa
Signing time: Sun 01 Jan 2023 10:54:41 +0000
ROA not before: Sun 01 Jan 2023 10:54:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209836
IP address blocks: 213.232.124.0/24 maxlen: 24
185.126.201.0/24 maxlen: 24
213.232.125.0/24 maxlen: 24
185.126.200.0/24 maxlen: 24
213.232.127.0/24 maxlen: 24
213.232.126.0/24 maxlen: 24
2a13:6b00::/32 maxlen: 32
2a0a:2fc0::/30 maxlen: 30
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:2c:8d:81:03:a9:b3:cc:7b:2a:89:59:af:f0:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ff58dffba4df6ac34bd9f48119ae11cfef8a76c
Validity
Not Before: Jan 1 10:54:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea560c80f0662cd851ffe291b8b458913344153a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:0b:92:e5:08:90:d8:f0:a4:17:7a:f7:1a:14:
89:42:99:26:c4:c2:10:e1:d4:63:33:fd:75:b1:ff:
43:ae:66:d4:f9:21:6d:c9:c4:8d:0f:74:35:4b:03:
ac:af:41:f0:af:b9:44:d4:77:a6:16:a3:a7:d0:97:
16:b8:77:17:ee:fb:82:4f:78:0f:74:e3:d0:28:97:
6f:69:e3:26:58:89:5d:e7:58:54:33:a2:84:90:87:
e0:d4:2a:18:bd:93:fd:d2:96:40:78:68:34:a5:7a:
3e:ff:b2:c4:89:37:23:2a:a3:37:9c:8f:11:9a:5a:
eb:44:7e:8a:d0:10:b1:f2:32:df:89:2a:ec:ef:d6:
5a:5b:e7:dc:b6:3e:76:05:cd:eb:f5:c3:ad:e4:a8:
3b:b5:1d:fb:c2:4e:69:23:32:8b:bc:d1:24:1a:f7:
2d:87:5f:02:d2:44:02:6d:ae:ca:d7:34:9b:e4:73:
43:da:1e:0e:f9:0b:2d:69:b2:68:03:7b:80:39:d1:
13:25:5a:f6:f8:22:4e:f2:e3:02:8b:78:47:55:78:
d2:3b:81:dc:69:d7:e4:bf:c5:f0:26:20:95:bd:14:
f7:73:f7:34:c7:0e:7e:6b:4a:a3:72:f2:1b:e3:13:
ea:27:6c:4d:6f:84:34:85:4e:97:f5:56:6b:3f:0f:
06:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:56:0C:80:F0:66:2C:D8:51:FF:E2:91:B8:B4:58:91:33:44:15:3A
X509v3 Authority Key Identifier:
keyid:3F:F5:8D:FF:BA:4D:F6:AC:34:BD:9F:48:11:9A:E1:1C:FE:F8:A7:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P_WN_7pN9qw0vZ9IEZrhHP74p2w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/28fce4-81f1-4cd3-a8ed-ab94affb903a/1/6lYMgPBmLNhR_-KRuLRYkTNEFTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/28fce4-81f1-4cd3-a8ed-ab94affb903a/1/P_WN_7pN9qw0vZ9IEZrhHP74p2w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.200.0/23
213.232.124.0/22
IPv6:
2a0a:2fc0::/30
2a13:6b00::/32
Signature Algorithm: sha256WithRSAEncryption
85:d8:72:5d:12:28:e0:0b:ae:d6:b7:1e:14:05:44:1a:f2:72:
02:aa:5f:7e:29:34:bd:a6:ce:67:73:ec:26:62:75:5d:c2:fd:
c4:8d:8d:df:29:e3:cc:74:50:44:0c:30:9b:8e:0d:46:ab:cc:
72:c5:6b:d4:b0:4c:9e:3f:30:91:15:47:b2:d2:3d:ad:44:9d:
bd:47:1c:d1:70:b4:65:93:13:6f:bd:d9:aa:51:94:a8:61:4f:
2e:93:f6:0f:8c:35:10:66:ae:7c:6e:9b:70:97:cc:86:38:97:
4a:87:78:8c:cd:d7:55:b9:de:f7:a2:01:87:38:97:8f:58:59:
65:b7:92:85:b7:1b:7a:f2:14:5f:9d:69:76:49:3f:2c:b8:90:
47:f6:18:c2:d1:cc:a9:e8:b0:00:f7:c7:f6:35:b2:f8:1a:ca:
a1:0a:e7:eb:bd:63:b1:a9:6f:19:cd:44:73:de:4a:57:84:69:
81:7b:43:7d:c5:f1:1c:f5:29:1f:78:60:6e:17:5b:f5:b0:48:
f3:83:3b:9d:9b:fa:b2:3a:d4:fc:d4:f4:fa:de:23:ef:ca:24:
a4:9d:43:b4:63:1c:c3:f4:ca:71:c5:14:c7:2b:90:e5:35:71:
62:58:1c:2c:08:b3:cb:b0:c1:0e:df:d6:b5:49:61:84:bf:d3:
68:79:d8:a2
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVs+CyNgQOps8x7KolZr/CAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZjU4ZGZmYmE0ZGY2YWMzNGJkOWY0ODExOWFlMTFjZmVm
OGE3NmMwHhcNMjMwMTAxMTA1NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTU2MGM4MGYwNjYyY2Q4NTFmZmUyOTFiOGI0NTg5MTMzNDQxNTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wuS5QiQ2PCkF3r3GhSJQpkmxMIQ
4dRjM/11sf9DrmbU+SFtycSND3Q1SwOsr0Hwr7lE1HemFqOn0JcWuHcX7vuCT3gP
dOPQKJdvaeMmWIld51hUM6KEkIfg1CoYvZP90pZAeGg0pXo+/7LEiTcjKqM3nI8R
mlrrRH6K0BCx8jLfiSrs79ZaW+fctj52Bc3r9cOt5Kg7tR37wk5pIzKLvNEkGvct
h18C0kQCba7K1zSb5HND2h4O+QstabJoA3uAOdETJVr2+CJO8uMCi3hHVXjSO4Hc
adfkv8XwJiCVvRT3c/c0xw5+a0qjcvIb4xPqJ2xNb4Q0hU6X9VZrPw8GXwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFOpWDIDwZizYUf/ikbi0WJEzRBU6MB8GA1UdIwQY
MBaAFD/1jf+6TfasNL2fSBGa4Rz++KdsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUF9XTl83cE45cXcwdlo5SUVacmhIUDc0cDJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8yOGZjZTQtODFmMS00Y2QzLWE4ZWQt
YWI5NGFmZmI5MDNhLzEvNmxZTWdQQm1MTmhSXy1LUnVMUllrVE5FRlRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8yOGZjZTQtODFmMS00Y2QzLWE4ZWQtYWI5NGFmZmI5MDNh
LzEvUF9XTl83cE45cXcwdlo5SUVacmhIUDc0cDJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQBuX7IAwQC
1eh8MBQEAgACMA4DBQIqCi/AAwUAKhNrADANBgkqhkiG9w0BAQsFAAOCAQEAhdhy
XRIo4Auu1rceFAVEGvJyAqpffik0vabOZ3PsJmJ1XcL9xI2N3ynjzHRQRAwwm44N
RqvMcsVr1LBMnj8wkRVHstI9rUSdvUcc0XC0ZZMTb73ZqlGUqGFPLpP2D4w1EGau
fG6bcJfMhjiXSod4jM3XVbne96IBhziXj1hZZbeShbcbevIUX51pdkk/LLiQR/YY
wtHMqeiwAPfH9jWy+BrKoQrn671jsalvGc1Ec95KV4RpgXtDfcXxHPUpH3hgbhdb
9bBI84M7nZv6sjrU/NT0+t4j78okpJ1DtGMcw/TKccUUxyuQ5TVxYlgcLAizy7DB
Dt/WtUlhhL/TaHnYog==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:51 2024 by rpki-client on console-ams.rpki-client.org