Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/6HHt-_4NGII7io7UL5bNI_AOk9U.roa
File: 6HHt-_4NGII7io7UL5bNI_AOk9U.roa (raw, json)
Hash identifier: WhHmJQ/S9UTBvtkzmUgE4NGJFxiE7iEqM+Jl3+y3pp0=
Subject key identifier: E8:71:ED:FB:FE:0D:18:82:3B:8A:8E:D4:2F:96:CD:23:F0:0E:93:D5
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 01870E15DF5B02EC059122F9AB53A15FDFDD
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/6HHt-_4NGII7io7UL5bNI_AOk9U.roa
Signing time: Thu 23 Mar 2023 10:48:46 +0000
ROA not before: Thu 23 Mar 2023 10:48:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52000
IP address blocks: 195.149.87.0/24 maxlen: 24
185.250.151.0/24 maxlen: 24
74.119.192.0/24 maxlen: 24
80.92.205.0/24 maxlen: 24
80.92.204.0/24 maxlen: 24
74.119.194.0/24 maxlen: 24
2a09:7c41::/32 maxlen: 32
2a09:7c42::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 01 Sep 2023 13:16:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0e:15:df:5b:02:ec:05:91:22:f9:ab:53:a1:5f:df:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Mar 23 10:48:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e871edfbfe0d18823b8a8ed42f96cd23f00e93d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d9:79:fb:07:15:4d:98:24:c8:0b:63:24:ec:
c8:ae:4a:14:e4:9e:09:12:85:d7:c1:41:3d:4d:91:
d4:1d:bd:7f:b7:4a:ba:cc:be:54:7b:06:90:c4:ab:
e8:a0:5a:01:fe:8f:08:23:a8:76:19:b1:c7:20:f2:
f6:2f:57:b8:ab:e3:d0:17:48:eb:b3:70:59:e8:50:
60:bc:f6:7d:9d:c2:5c:c9:ab:6c:44:b5:47:9d:2a:
e7:be:6a:32:64:c1:9b:53:d4:23:79:27:70:3d:aa:
17:b2:11:a6:bc:3d:7f:91:03:a7:17:06:29:25:bd:
0b:f9:34:29:fd:d2:a2:c8:27:27:d1:0e:0c:05:b3:
50:c2:1d:20:f9:b6:29:b8:a5:ed:fd:82:50:e4:9f:
ef:3f:8b:6d:15:19:dc:49:cf:de:54:77:02:e4:8e:
96:39:9b:a4:91:d1:18:8a:80:42:18:02:b5:5a:8e:
ea:ac:c7:fc:a1:b4:23:a2:91:11:96:31:e9:46:17:
b8:c6:67:89:eb:70:69:92:04:6d:0f:d7:62:55:46:
4a:0b:5b:b0:21:0d:fd:d1:20:bf:fd:d1:f7:4d:c2:
92:a3:51:3e:41:60:c8:d7:af:73:3d:c0:b8:a5:ae:
9e:37:8d:34:25:de:dd:be:4e:c5:1f:af:b7:7f:29:
db:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:71:ED:FB:FE:0D:18:82:3B:8A:8E:D4:2F:96:CD:23:F0:0E:93:D5
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/6HHt-_4NGII7io7UL5bNI_AOk9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
74.119.192.0/24
74.119.194.0/24
80.92.204.0/23
185.250.151.0/24
195.149.87.0/24
IPv6:
2a09:7c41::-2a09:7c42:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
06:55:34:31:5a:e5:b5:9e:da:d2:98:37:09:07:15:2e:34:44:
44:cc:b2:55:71:29:b2:05:ed:41:5d:e3:91:03:1a:d8:87:ec:
fa:42:28:12:16:35:90:31:84:4e:36:57:4f:cf:03:38:90:e1:
89:e6:7b:61:8f:e4:e3:24:62:f0:bd:18:c0:c3:e2:a7:46:18:
c3:c1:e8:2b:73:cd:84:20:6d:4f:dc:52:bf:2f:51:23:7e:b4:
81:d0:53:c8:c3:c4:07:6d:e4:27:ef:f1:2e:f0:3e:fc:92:b6:
7e:88:fb:8b:9b:35:69:d8:fe:4f:d2:77:99:3a:6c:95:40:d1:
ff:ce:2a:b2:f0:75:40:80:0c:b4:1c:38:fe:dc:ce:1a:40:23:
62:5b:e3:15:c9:e9:07:04:f1:d8:e3:f9:14:0c:cf:2b:86:ee:
0d:91:57:53:8c:f9:54:9d:2c:ee:e9:64:0b:4e:49:02:71:25:
7a:73:10:52:c8:11:20:33:aa:e6:15:d3:72:20:3a:14:cc:d1:
1a:d0:85:9d:77:ef:97:17:e2:9d:d0:cc:f2:d2:05:bf:b4:a0:
db:f3:6e:f2:1b:5b:7b:98:39:3f:af:8c:bc:92:f2:85:96:c8:
69:0a:0c:e0:75:39:1d:e7:75:c5:ff:24:c4:42:7e:fb:c4:f5:
d5:3f:6e:3f
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYcOFd9bAuwFkSL5q1OhX9/dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjMwMzIzMTA0ODQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODcxZWRmYmZlMGQxODgyM2I4YThlZDQyZjk2Y2QyM2YwMGU5M2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9l5+wcVTZgkyAtjJOzIrkoU5J4J
EoXXwUE9TZHUHb1/t0q6zL5UewaQxKvooFoB/o8II6h2GbHHIPL2L1e4q+PQF0jr
s3BZ6FBgvPZ9ncJcyatsRLVHnSrnvmoyZMGbU9QjeSdwPaoXshGmvD1/kQOnFwYp
Jb0L+TQp/dKiyCcn0Q4MBbNQwh0g+bYpuKXt/YJQ5J/vP4ttFRncSc/eVHcC5I6W
OZukkdEYioBCGAK1Wo7qrMf8obQjopERljHpRhe4xmeJ63BpkgRtD9diVUZKC1uw
IQ390SC//dH3TcKSo1E+QWDI169zPcC4pa6eN400Jd7dvk7FH6+3fynbiwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFOhx7fv+DRiCO4qO1C+WzSPwDpPVMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvNkhIdC1fNE5HSUk3aW83VUw1Yk5JX0FPazlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAkBAIAATAeAwQASnfAAwQA
SnfCAwQBUFzMAwQAufqXAwQAw5VXMBYEAgACMBAwDgMFACoJfEEDBQAqCXxCMA0G
CSqGSIb3DQEBCwUAA4IBAQAGVTQxWuW1ntrSmDcJBxUuNEREzLJVcSmyBe1BXeOR
AxrYh+z6QigSFjWQMYRONldPzwM4kOGJ5nthj+TjJGLwvRjAw+KnRhjDwegrc82E
IG1P3FK/L1EjfrSB0FPIw8QHbeQn7/Eu8D78krZ+iPuLmzVp2P5P0neZOmyVQNH/
ziqy8HVAgAy0HDj+3M4aQCNiW+MVyekHBPHY4/kUDM8rhu4NkVdTjPlUnSzu6WQL
TkkCcSV6cxBSyBEgM6rmFdNyIDoUzNEa0IWdd++XF+Kd0Mzy0gW/tKDb827yG1t7
mDk/r4y8kvKFlshpCgzgdTkd53XF/yTEQn77xPXVP24/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:28 2024 by rpki-client on console-ams.rpki-client.org