Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/13fb65-4ee7-4026-aa3a-9d56e3adca90/1/Bi6Mk3EJ3SQDPDq_rlNRbR6FTMo.roa
File: Bi6Mk3EJ3SQDPDq_rlNRbR6FTMo.roa (raw, json)
Hash identifier: h2pDgw6llcHz8Y1X0TiJe/20wzzOL/C/GiN7XpOTzlw=
Subject key identifier: 06:2E:8C:93:71:09:DD:24:03:3C:3A:BF:AE:53:51:6D:1E:85:4C:CA
Certificate issuer: /CN=d612742b91d770fe8efbc9b5dcf8dc38984dd0f0
Certificate serial: 018CC8DF844C2A3AAA11F13CB304B18D1FFB
Authority key identifier: D6:12:74:2B:91:D7:70:FE:8E:FB:C9:B5:DC:F8:DC:38:98:4D:D0:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1hJ0K5HXcP6O-8m13PjcOJhN0PA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/13fb65-4ee7-4026-aa3a-9d56e3adca90/1/Bi6Mk3EJ3SQDPDq_rlNRbR6FTMo.roa
Signing time: Tue 02 Jan 2024 06:32:20 +0000
ROA not before: Tue 02 Jan 2024 06:32:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58316
IP address blocks: 185.56.216.0/23 maxlen: 23
185.17.104.0/23 maxlen: 23
185.198.120.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:47:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:84:4c:2a:3a:aa:11:f1:3c:b3:04:b1:8d:1f:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d612742b91d770fe8efbc9b5dcf8dc38984dd0f0
Validity
Not Before: Jan 2 06:32:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=062e8c937109dd24033c3abfae53516d1e854cca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:0e:07:9e:36:9d:28:a1:c6:85:32:ba:eb:c7:
99:50:37:3d:eb:6a:9d:ef:79:92:56:a5:ed:35:1a:
5e:c2:d7:96:e1:94:f3:e1:fb:9c:d7:0f:e0:69:61:
f7:24:01:30:a5:d5:ab:1a:0b:2a:3f:2d:c6:68:9f:
3b:ff:7c:0f:bc:23:5f:c0:48:ce:0f:61:c9:16:e9:
91:a7:75:be:32:63:e1:30:14:f1:69:de:99:2e:50:
2a:b9:0d:f7:ea:0d:a3:28:79:44:be:55:14:e7:f8:
97:60:a7:76:11:b1:f2:7e:cb:7f:9c:2f:73:fc:43:
eb:e8:5f:09:7c:7b:b6:19:fc:76:c6:28:b6:03:b9:
25:cd:d5:60:71:ca:2f:8e:3b:ba:47:23:38:54:4f:
59:c6:45:37:46:47:0f:39:84:0e:b7:26:67:60:fe:
2d:ac:11:07:86:56:02:6b:fe:52:e9:4f:7d:77:57:
46:6f:79:21:54:69:25:25:83:7b:14:3f:d2:2e:d0:
5b:4f:e2:2f:53:85:09:0a:69:16:1c:5f:f4:36:6b:
76:11:c7:78:1b:73:90:2b:18:e5:23:1f:eb:d8:10:
d7:7d:90:f9:de:ca:f7:17:1b:51:34:b6:c0:88:aa:
3f:00:fc:16:da:50:78:ed:00:f0:52:47:ff:03:16:
eb:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:2E:8C:93:71:09:DD:24:03:3C:3A:BF:AE:53:51:6D:1E:85:4C:CA
X509v3 Authority Key Identifier:
keyid:D6:12:74:2B:91:D7:70:FE:8E:FB:C9:B5:DC:F8:DC:38:98:4D:D0:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1hJ0K5HXcP6O-8m13PjcOJhN0PA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/13fb65-4ee7-4026-aa3a-9d56e3adca90/1/Bi6Mk3EJ3SQDPDq_rlNRbR6FTMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/13fb65-4ee7-4026-aa3a-9d56e3adca90/1/1hJ0K5HXcP6O-8m13PjcOJhN0PA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.17.104.0/23
185.56.216.0/23
185.198.120.0/22
Signature Algorithm: sha256WithRSAEncryption
92:cb:bf:5f:d2:6d:03:56:ab:c8:3b:19:ea:e8:d2:15:1f:14:
62:9c:77:27:da:11:21:50:28:4e:01:77:f9:c4:59:5b:b5:37:
41:f4:57:d1:8c:e4:fd:c7:2e:c8:40:28:c6:82:0c:3e:18:80:
95:71:b8:02:bc:5d:54:8b:a9:22:47:11:f0:c9:07:8c:92:d5:
c0:b4:38:cd:31:9e:67:1d:c0:b6:87:3a:03:a6:54:56:ca:f8:
89:31:84:4e:f0:79:2b:1e:30:bb:4e:08:19:11:00:77:e5:eb:
1d:51:31:26:f1:af:76:15:85:a1:1d:c5:de:40:cb:cd:4d:83:
47:6d:8a:6c:39:95:79:ed:45:c8:a0:34:f3:28:63:94:2f:f5:
32:37:b8:ea:24:dc:e4:a6:0a:23:68:35:9d:0f:a0:74:a9:8c:
88:3c:1d:16:9c:53:ef:26:5b:74:6a:31:b9:5f:ae:b8:40:7c:
cb:2f:73:c3:9d:3c:cb:60:c5:bb:f4:39:b5:cd:f5:02:b2:44:
78:dc:89:84:31:87:cc:03:8d:81:9e:cc:b4:da:2e:29:ba:c1:
f6:9b:6e:e0:a9:89:e6:fd:6f:2b:c7:09:de:a9:d6:94:06:e7:
37:6f:c1:7e:6f:3b:a3:07:9e:1d:bf:16:ad:4b:21:78:bd:82:
4e:9d:53:39
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzI34RMKjqqEfE8swSxjR/7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MTI3NDJiOTFkNzcwZmU4ZWZiYzliNWRjZjhkYzM4OTg0
ZGQwZjAwHhcNMjQwMTAyMDYzMjIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjJlOGM5MzcxMDlkZDI0MDMzYzNhYmZhZTUzNTE2ZDFlODU0Y2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjw4HnjadKKHGhTK668eZUDc962qd
73mSVqXtNRpewteW4ZTz4fuc1w/gaWH3JAEwpdWrGgsqPy3GaJ87/3wPvCNfwEjO
D2HJFumRp3W+MmPhMBTxad6ZLlAquQ336g2jKHlEvlUU5/iXYKd2EbHyfst/nC9z
/EPr6F8JfHu2Gfx2xii2A7klzdVgccovjju6RyM4VE9ZxkU3RkcPOYQOtyZnYP4t
rBEHhlYCa/5S6U99d1dGb3khVGklJYN7FD/SLtBbT+IvU4UJCmkWHF/0Nmt2Ecd4
G3OQKxjlIx/r2BDXfZD53sr3FxtRNLbAiKo/APwW2lB47QDwUkf/Axbr5wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAYujJNxCd0kAzw6v65TUW0ehUzKMB8GA1UdIwQY
MBaAFNYSdCuR13D+jvvJtdz43DiYTdDwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWhKMEs1SFhjUDZPLThtMTNQamNPSmhOMFBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8xM2ZiNjUtNGVlNy00MDI2LWFhM2Et
OWQ1NmUzYWRjYTkwLzEvQmk2TWszRUozU1FEUERxX3JsTlJiUjZGVE1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8xM2ZiNjUtNGVlNy00MDI2LWFhM2EtOWQ1NmUzYWRjYTkw
LzEvMWhKMEs1SFhjUDZPLThtMTNQamNPSmhOMFBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBuRFoAwQB
uTjYAwQCucZ4MA0GCSqGSIb3DQEBCwUAA4IBAQCSy79f0m0DVqvIOxnq6NIVHxRi
nHcn2hEhUChOAXf5xFlbtTdB9FfRjOT9xy7IQCjGggw+GICVcbgCvF1Ui6kiRxHw
yQeMktXAtDjNMZ5nHcC2hzoDplRWyviJMYRO8HkrHjC7TggZEQB35esdUTEm8a92
FYWhHcXeQMvNTYNHbYpsOZV57UXIoDTzKGOUL/UyN7jqJNzkpgojaDWdD6B0qYyI
PB0WnFPvJlt0ajG5X664QHzLL3PDnTzLYMW79Dm1zfUCskR43ImEMYfMA42Bnsy0
2i4pusH2m27gqYnm/W8rxwneqdaUBuc3b8F+bzujB54dvxatSyF4vYJOnVM5
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:19 2025 by rpki-client