Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/af15eb-7a4d-4b0e-bebb-e9bede00c6af/1/6BtmlVaDH1V4i8ojs8RLnDocnqw.roa
File: 6BtmlVaDH1V4i8ojs8RLnDocnqw.roa (raw, json)
Hash identifier: a+Oz4QhPTz99vKZtbSitHgmQEwUYeaApMKWe60MLdIw=
Subject key identifier: E8:1B:66:95:56:83:1F:55:78:8B:CA:23:B3:C4:4B:9C:3A:1C:9E:AC
Certificate issuer: /CN=9d7bb004201fd05b49d1221fce4759ea70bec684
Certificate serial: 018CC9BC5189E6CDA35D33C87041408ABB0F
Authority key identifier: 9D:7B:B0:04:20:1F:D0:5B:49:D1:22:1F:CE:47:59:EA:70:BE:C6:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nXuwBCAf0FtJ0SIfzkdZ6nC-xoQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/af15eb-7a4d-4b0e-bebb-e9bede00c6af/1/6BtmlVaDH1V4i8ojs8RLnDocnqw.roa
Signing time: Tue 02 Jan 2024 10:33:31 +0000
ROA not before: Tue 02 Jan 2024 10:33:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44842
IP address blocks: 185.86.48.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:51:89:e6:cd:a3:5d:33:c8:70:41:40:8a:bb:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d7bb004201fd05b49d1221fce4759ea70bec684
Validity
Not Before: Jan 2 10:33:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e81b669556831f55788bca23b3c44b9c3a1c9eac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:67:c5:3f:f8:5f:f1:41:de:d8:18:fb:37:dd:
cc:36:0d:b4:dc:37:9a:8f:10:e0:48:47:b6:9a:9f:
5f:2d:3f:f8:96:9f:5c:8c:1d:ff:ca:58:3a:84:d7:
97:f2:c5:02:cf:18:80:c4:e0:6c:31:fa:41:77:ab:
f3:9d:67:d1:30:46:03:a5:7d:1a:a3:71:58:c4:b6:
3b:9e:a1:0c:95:d6:6e:de:4f:8f:00:1b:97:ce:60:
b8:c1:c0:c5:ee:02:70:86:22:79:f7:eb:0f:95:df:
fa:d0:c0:09:e6:85:16:e8:28:57:1f:60:31:ea:d6:
9b:ae:e6:14:6c:0f:ea:15:9a:64:ed:31:67:56:0a:
c5:09:2d:b0:f5:f6:53:9f:19:9a:53:3d:df:d1:90:
5c:27:62:55:e0:ed:62:42:e3:a8:1e:7a:d0:54:87:
5c:84:ea:cc:a9:b9:5b:0c:a2:fb:25:08:67:de:19:
49:c9:6f:59:86:fe:9f:af:83:25:68:b7:ed:3b:20:
cc:53:b9:f4:f1:7b:7d:1a:cc:50:ae:2e:b8:30:95:
73:b9:ed:66:0f:e4:9e:8a:d5:06:c6:ab:cc:77:82:
77:2a:cd:d7:ee:c9:dd:bb:66:27:a3:14:b1:1f:fd:
6b:e8:d5:b9:ab:ca:3f:5c:77:f5:fc:c7:89:33:f4:
dc:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:1B:66:95:56:83:1F:55:78:8B:CA:23:B3:C4:4B:9C:3A:1C:9E:AC
X509v3 Authority Key Identifier:
keyid:9D:7B:B0:04:20:1F:D0:5B:49:D1:22:1F:CE:47:59:EA:70:BE:C6:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nXuwBCAf0FtJ0SIfzkdZ6nC-xoQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/af15eb-7a4d-4b0e-bebb-e9bede00c6af/1/6BtmlVaDH1V4i8ojs8RLnDocnqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/af15eb-7a4d-4b0e-bebb-e9bede00c6af/1/nXuwBCAf0FtJ0SIfzkdZ6nC-xoQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.48.0/22
Signature Algorithm: sha256WithRSAEncryption
88:ea:0c:6e:1b:07:54:f0:b7:21:0d:6e:85:fb:5f:17:36:65:
fc:cf:6a:97:bc:0a:c1:36:49:3e:d3:2f:53:fc:51:6e:e4:80:
46:7c:07:1c:41:2d:f0:67:1c:60:7a:01:a2:8b:b5:04:3b:73:
b0:96:1a:29:ec:9f:d6:a7:4a:f0:bc:6d:35:3b:26:1d:96:b3:
8c:5b:1d:71:b0:63:5b:f6:bd:0b:fc:2d:d5:4d:3f:cb:a2:81:
1f:14:c1:2a:08:31:9a:37:e5:d6:b6:d6:c3:62:00:fe:7e:ba:
4e:9c:04:30:48:12:90:f2:a4:74:80:b4:2b:16:82:a2:f8:04:
a1:05:55:31:39:d4:aa:06:26:7e:65:77:58:5a:0d:f0:a3:67:
dc:f0:16:b3:46:7a:ff:d8:a0:8c:84:34:4c:16:c3:f1:69:8e:
64:02:58:93:c2:74:e2:ee:67:38:e0:b4:77:e8:91:5a:1c:d0:
ff:49:44:79:8e:23:f4:41:a9:ba:16:ab:46:10:df:86:51:4b:
63:d0:04:41:53:c7:8a:e7:6c:c4:22:01:78:34:1f:89:e9:89:
b1:30:d2:e7:d1:ad:d1:1c:fe:c2:f9:f8:ae:ab:14:a4:bd:1d:
b5:8a:9e:8c:49:5c:37:23:62:5e:e5:94:f7:8d:ff:c8:69:06:
20:ee:88:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvFGJ5s2jXTPIcEFAirsPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkN2JiMDA0MjAxZmQwNWI0OWQxMjIxZmNlNDc1OWVhNzBi
ZWM2ODQwHhcNMjQwMTAyMTAzMzMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODFiNjY5NTU2ODMxZjU1Nzg4YmNhMjNiM2M0NGI5YzNhMWM5ZWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA22fFP/hf8UHe2Bj7N93MNg203Dea
jxDgSEe2mp9fLT/4lp9cjB3/ylg6hNeX8sUCzxiAxOBsMfpBd6vznWfRMEYDpX0a
o3FYxLY7nqEMldZu3k+PABuXzmC4wcDF7gJwhiJ59+sPld/60MAJ5oUW6ChXH2Ax
6tabruYUbA/qFZpk7TFnVgrFCS2w9fZTnxmaUz3f0ZBcJ2JV4O1iQuOoHnrQVIdc
hOrMqblbDKL7JQhn3hlJyW9Zhv6fr4MlaLftOyDMU7n08Xt9GsxQri64MJVzue1m
D+SeitUGxqvMd4J3Ks3X7sndu2YnoxSxH/1r6NW5q8o/XHf1/MeJM/TcOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOgbZpVWgx9VeIvKI7PES5w6HJ6sMB8GA1UdIwQY
MBaAFJ17sAQgH9BbSdEiH85HWepwvsaEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblh1d0JDQWYwRnRKMFNJZnprZFo2bkMteG9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9hZjE1ZWItN2E0ZC00YjBlLWJlYmIt
ZTliZWRlMDBjNmFmLzEvNkJ0bWxWYURIMVY0aThvanM4UkxuRG9jbnF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9hZjE1ZWItN2E0ZC00YjBlLWJlYmItZTliZWRlMDBjNmFm
LzEvblh1d0JDQWYwRnRKMFNJZnprZFo2bkMteG9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVYwMA0G
CSqGSIb3DQEBCwUAA4IBAQCI6gxuGwdU8LchDW6F+18XNmX8z2qXvArBNkk+0y9T
/FFu5IBGfAccQS3wZxxgegGii7UEO3Owlhop7J/Wp0rwvG01OyYdlrOMWx1xsGNb
9r0L/C3VTT/LooEfFMEqCDGaN+XWttbDYgD+frpOnAQwSBKQ8qR0gLQrFoKi+ASh
BVUxOdSqBiZ+ZXdYWg3wo2fc8BazRnr/2KCMhDRMFsPxaY5kAliTwnTi7mc44LR3
6JFaHND/SUR5jiP0Qam6FqtGEN+GUUtj0ARBU8eK52zEIgF4NB+J6YmxMNLn0a3R
HP7C+fiuqxSkvR21ip6MSVw3I2Je5ZT3jf/IaQYg7ogj
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:28 2025 by rpki-client