Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/d51adf-1492-4c14-8821-b9bd0659483a/1/c6ecGb0KfuWEtDfuZJsed0gLpcg.roa
File: c6ecGb0KfuWEtDfuZJsed0gLpcg.roa (raw, json)
Hash identifier: rxS3fZNJhkSTd2Hs73QWaCinsdlo4lwBDbTIbEyqZqM=
Subject key identifier: 73:A7:9C:19:BD:0A:7E:E5:84:B4:37:EE:64:9B:1E:77:48:0B:A5:C8
Certificate issuer: /CN=b2a48af3d96931bd90c3bfd55f1fa3047b356014
Certificate serial: 0186C2A8E29323612A50DFB7D3DEE1F979B4
Authority key identifier: B2:A4:8A:F3:D9:69:31:BD:90:C3:BF:D5:5F:1F:A3:04:7B:35:60:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sqSK89lpMb2Qw7_VXx-jBHs1YBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/d51adf-1492-4c14-8821-b9bd0659483a/1/c6ecGb0KfuWEtDfuZJsed0gLpcg.roa
Signing time: Wed 08 Mar 2023 19:18:13 +0000
ROA not before: Wed 08 Mar 2023 19:18:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34515
IP address blocks: 185.95.186.0/24 maxlen: 24
185.95.184.0/24 maxlen: 24
185.95.185.0/24 maxlen: 24
185.95.187.0/24 maxlen: 24
2a09:a0c6::/32 maxlen: 32
2a09:a0c1::/32 maxlen: 32
2a09:a0c3::/32 maxlen: 32
2a09:a0c4::/32 maxlen: 32
2a09:a0c7::/32 maxlen: 32
2a09:a0c0::/32 maxlen: 32
2a09:a0c2::/32 maxlen: 32
2a09:a0c5::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c2:a8:e2:93:23:61:2a:50:df:b7:d3:de:e1:f9:79:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2a48af3d96931bd90c3bfd55f1fa3047b356014
Validity
Not Before: Mar 8 19:18:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73a79c19bd0a7ee584b437ee649b1e77480ba5c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:5b:9f:c3:2f:68:ac:eb:a6:78:ab:e5:b1:cd:
d6:8a:31:f3:21:97:12:12:00:e4:a2:44:1f:91:cc:
5a:d4:7d:ec:3c:cd:22:38:f1:ee:13:c4:3d:1b:01:
de:1c:f5:c6:9f:bd:75:90:ef:35:38:3b:a3:60:31:
93:88:d6:5b:c2:2a:07:68:cd:68:95:62:4e:9b:3f:
50:a0:5f:00:92:05:40:95:62:4a:5e:1c:02:cf:bd:
ec:f9:c3:39:a5:95:72:98:7d:d6:55:2e:48:ca:68:
d3:df:f0:3a:1b:4e:6c:ca:c4:b7:1c:ff:08:cf:a9:
e0:95:b7:ce:7f:b4:c3:9d:50:ba:a3:97:fa:75:aa:
83:ed:0e:5c:0a:35:39:27:4e:93:c1:20:b3:b8:f5:
08:97:20:37:9e:aa:8d:a1:38:0a:08:cf:d4:f1:9b:
f4:ed:d8:f2:ab:d0:80:05:2f:5f:2c:11:9d:bc:e6:
c7:d7:25:70:04:89:c9:3f:43:a5:1e:94:0e:62:bb:
09:73:44:c6:89:cc:79:2e:5e:85:1c:12:dd:4e:5d:
52:6d:02:af:b9:5d:a1:b4:6b:90:c6:58:f2:18:38:
f8:10:6e:b7:68:f8:79:d3:e8:63:67:f1:da:32:5e:
53:c3:17:54:6f:13:1c:aa:f9:b3:99:2e:c3:9b:99:
a5:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:A7:9C:19:BD:0A:7E:E5:84:B4:37:EE:64:9B:1E:77:48:0B:A5:C8
X509v3 Authority Key Identifier:
keyid:B2:A4:8A:F3:D9:69:31:BD:90:C3:BF:D5:5F:1F:A3:04:7B:35:60:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sqSK89lpMb2Qw7_VXx-jBHs1YBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/d51adf-1492-4c14-8821-b9bd0659483a/1/c6ecGb0KfuWEtDfuZJsed0gLpcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/d51adf-1492-4c14-8821-b9bd0659483a/1/sqSK89lpMb2Qw7_VXx-jBHs1YBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.184.0/22
IPv6:
2a09:a0c0::/29
Signature Algorithm: sha256WithRSAEncryption
48:e5:ab:5d:6f:6f:c4:a2:f7:e7:f0:78:e4:42:be:74:a6:10:
d3:69:b5:61:06:44:5a:5d:32:65:32:89:17:15:ff:49:ae:da:
e6:75:db:eb:e7:1e:97:2c:e9:f7:07:22:45:94:5f:8a:5a:d0:
3b:d7:54:b5:d7:21:d8:08:b7:1c:20:99:54:95:e6:65:b3:a1:
ae:0a:af:3e:07:ee:e4:27:0e:61:8e:25:49:16:a5:7f:56:da:
77:68:28:82:b7:93:34:af:ed:d4:67:d6:e7:7a:98:5b:41:9d:
2a:f5:18:e5:f0:54:c3:02:89:6d:53:3f:d9:da:8e:70:33:66:
5f:58:c1:78:97:64:1d:25:84:48:63:15:58:56:93:24:40:71:
5f:c4:35:15:e4:45:f0:54:d0:59:ff:27:81:6e:42:0c:47:82:
b2:06:82:26:3c:d6:22:d4:ce:97:95:d6:47:14:ab:a5:bd:56:
87:d0:04:fb:8c:f1:e0:99:c7:31:ed:2a:ea:33:e1:c5:1f:ce:
68:96:69:d8:b3:04:e9:45:34:e3:89:24:46:73:dc:f1:ce:e1:
84:c6:08:c2:2f:9e:a3:5a:17:09:1f:89:b9:23:76:56:88:a7:
4d:7d:a8:47:78:6b:db:be:23:ab:86:03:a2:68:a8:b6:58:8b:
a7:d5:19:db
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYbCqOKTI2EqUN+3097h+Xm0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYTQ4YWYzZDk2OTMxYmQ5MGMzYmZkNTVmMWZhMzA0N2Iz
NTYwMTQwHhcNMjMwMzA4MTkxODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2E3OWMxOWJkMGE3ZWU1ODRiNDM3ZWU2NDliMWU3NzQ4MGJhNWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFufwy9orOumeKvlsc3WijHzIZcS
EgDkokQfkcxa1H3sPM0iOPHuE8Q9GwHeHPXGn711kO81ODujYDGTiNZbwioHaM1o
lWJOmz9QoF8AkgVAlWJKXhwCz73s+cM5pZVymH3WVS5IymjT3/A6G05sysS3HP8I
z6nglbfOf7TDnVC6o5f6daqD7Q5cCjU5J06TwSCzuPUIlyA3nqqNoTgKCM/U8Zv0
7djyq9CABS9fLBGdvObH1yVwBInJP0OlHpQOYrsJc0TGicx5Ll6FHBLdTl1SbQKv
uV2htGuQxljyGDj4EG63aPh50+hjZ/HaMl5TwxdUbxMcqvmzmS7Dm5ml0QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHOnnBm9Cn7lhLQ37mSbHndIC6XIMB8GA1UdIwQY
MBaAFLKkivPZaTG9kMO/1V8fowR7NWAUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3FTSzg5bHBNYjJRdzdfVlh4LWpCSHMxWUJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kNTFhZGYtMTQ5Mi00YzE0LTg4MjEt
YjliZDA2NTk0ODNhLzEvYzZlY0diMEtmdVdFdERmdVpKc2VkMGdMcGNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kNTFhZGYtMTQ5Mi00YzE0LTg4MjEtYjliZDA2NTk0ODNh
LzEvc3FTSzg5bHBNYjJRdzdfVlh4LWpCSHMxWUJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuV+4MA0E
AgACMAcDBQMqCaDAMA0GCSqGSIb3DQEBCwUAA4IBAQBI5atdb2/Eovfn8HjkQr50
phDTabVhBkRaXTJlMokXFf9Jrtrmddvr5x6XLOn3ByJFlF+KWtA711S11yHYCLcc
IJlUleZls6GuCq8+B+7kJw5hjiVJFqV/Vtp3aCiCt5M0r+3UZ9bnephbQZ0q9Rjl
8FTDAoltUz/Z2o5wM2ZfWMF4l2QdJYRIYxVYVpMkQHFfxDUV5EXwVNBZ/yeBbkIM
R4KyBoImPNYi1M6XldZHFKulvVaH0AT7jPHgmccx7SrqM+HFH85olmnYswTpRTTj
iSRGc9zxzuGExgjCL56jWhcJH4m5I3ZWiKdNfahHeGvbviOrhgOiaKi2WIun1Rnb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:50 2024 by rpki-client on console-ams.rpki-client.org