Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/6hQjBW5ZI7IGd1Cw74UHTZwDey0.roa
File: 6hQjBW5ZI7IGd1Cw74UHTZwDey0.roa (raw, json)
Hash identifier: BZmaQoP5t66R90a0DNyKXOi+nPoryObnUmk4khP8hLg=
Subject key identifier: EA:14:23:05:6E:59:23:B2:06:77:50:B0:EF:85:07:4D:9C:03:7B:2D
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 018F3D11EF3A6F51D43D346467DE8F526282
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/6hQjBW5ZI7IGd1Cw74UHTZwDey0.roa
Signing time: Fri 03 May 2024 06:08:56 +0000
ROA not before: Fri 03 May 2024 06:08:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39700
IP address blocks: 78.108.128.0/20 maxlen: 24
80.246.202.0/24 maxlen: 24
81.30.38.0/24 maxlen: 24
91.142.240.0/22 maxlen: 22
91.142.246.0/23 maxlen: 23
91.142.248.0/22 maxlen: 22
176.74.224.0/24 maxlen: 24
2001:4cb8::/29 maxlen: 48
2001:4cb9::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 05 May 2024 14:24:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:3d:11:ef:3a:6f:51:d4:3d:34:64:67:de:8f:52:62:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: May 3 06:08:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea1423056e5923b2067750b0ef85074d9c037b2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ae:ed:0d:3b:ae:6b:36:7b:ef:0d:c5:f2:e2:
6b:f7:dd:3b:c1:01:27:43:b3:60:03:0c:2f:e7:83:
22:6b:23:c3:11:5d:14:4c:a8:73:3d:9c:00:52:92:
42:08:0a:15:2a:6f:22:4d:15:b2:11:a2:ce:d6:55:
d0:23:a3:ea:39:63:1a:04:dc:89:06:17:1d:35:36:
31:47:8e:b3:9a:60:ed:30:e4:cf:e0:30:30:b0:cd:
83:3a:13:84:23:81:1c:89:fd:72:49:ff:ae:17:e3:
9a:eb:82:e9:06:c3:d2:ca:07:4f:f1:35:d5:f7:2c:
63:04:5c:d0:c6:3d:69:39:e2:4c:cf:b9:1a:7e:ee:
9d:34:7a:bd:7b:e7:b5:77:97:05:5e:4b:ef:90:a0:
55:c8:89:34:b9:1c:a9:14:4d:f8:00:bc:d6:d2:57:
2f:d3:ec:1c:1f:4c:cd:63:90:15:b2:c0:84:cc:eb:
9a:7d:5b:84:bf:00:c7:dc:ac:a7:b2:d3:fb:25:91:
fe:d1:e0:98:23:34:ae:02:db:7e:71:60:d5:f5:fc:
16:77:63:64:10:de:b7:82:b2:0b:07:6a:23:73:92:
54:17:aa:4c:42:51:8d:d6:e0:9e:c2:9f:85:57:09:
80:15:50:81:5c:0c:26:84:30:90:39:98:66:59:b1:
a6:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:14:23:05:6E:59:23:B2:06:77:50:B0:EF:85:07:4D:9C:03:7B:2D
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/6hQjBW5ZI7IGd1Cw74UHTZwDey0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.108.128.0/20
80.246.202.0/24
81.30.38.0/24
91.142.240.0/22
91.142.246.0-91.142.251.255
176.74.224.0/24
IPv6:
2001:4cb8::/29
Signature Algorithm: sha256WithRSAEncryption
b9:96:3f:93:86:bc:7a:ab:7a:25:15:05:6c:dd:e5:6a:c3:a1:
ad:7a:b0:96:4a:49:5a:65:82:58:e7:07:05:15:0c:2b:be:88:
98:a9:fc:dc:c2:3b:2a:dd:ba:ae:2a:84:92:7c:c8:83:e4:e6:
ef:28:bf:ea:1b:c7:c4:0e:b3:ba:0e:fa:4d:49:a3:8b:e8:39:
f3:ba:4e:b8:c3:0a:1f:84:fc:7d:a6:e2:5e:56:7a:b9:aa:f7:
8a:cf:96:b8:ab:7f:16:25:f5:5c:1f:fd:9c:89:db:5d:8f:a0:
5f:9c:df:be:13:ab:31:5a:88:6a:01:6a:53:3d:e5:50:ee:eb:
85:d0:1e:39:2f:c4:c1:2b:22:75:a9:ba:f5:49:d3:6d:9c:91:
c0:1d:3f:3a:15:94:42:2e:36:16:c8:57:96:8d:a0:2f:c2:a1:
be:7c:7e:06:3c:e0:57:83:05:f1:63:c3:03:c8:16:0b:72:7b:
4c:d5:bf:18:c1:9f:33:d0:90:64:b7:a1:fe:7a:a5:71:90:15:
ba:88:80:f4:c2:e9:11:3c:2f:49:da:51:8a:a5:13:7e:37:82:
59:86:0e:f3:15:13:fb:8a:c6:fc:58:29:09:95:bc:0d:71:4d:
11:74:ef:a4:c8:03:1a:80:5c:f2:dc:0d:98:cc:ef:25:8b:d7:
32:97:ed:bf
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAY89Ee86b1HUPTRkZ96PUmKCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjQwNTAzMDYwODU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTE0MjMwNTZlNTkyM2IyMDY3NzUwYjBlZjg1MDc0ZDljMDM3YjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlK7tDTuuazZ77w3F8uJr9907wQEn
Q7NgAwwv54MiayPDEV0UTKhzPZwAUpJCCAoVKm8iTRWyEaLO1lXQI6PqOWMaBNyJ
BhcdNTYxR46zmmDtMOTP4DAwsM2DOhOEI4Ecif1ySf+uF+Oa64LpBsPSygdP8TXV
9yxjBFzQxj1pOeJMz7kafu6dNHq9e+e1d5cFXkvvkKBVyIk0uRypFE34ALzW0lcv
0+wcH0zNY5AVssCEzOuafVuEvwDH3KynstP7JZH+0eCYIzSuAtt+cWDV9fwWd2Nk
EN63grILB2ojc5JUF6pMQlGN1uCewp+FVwmAFVCBXAwmhDCQOZhmWbGmfwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFOoUIwVuWSOyBndQsO+FB02cA3stMB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvNmhRakJXNVpJN0lHZDFDdzc0VUhUWndEZXkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQETmyAAwQA
UPbKAwQAUR4mAwQCW47wMAwDBAFbjvYDBAJbjvgDBACwSuAwDQQCAAIwBwMFAyAB
TLgwDQYJKoZIhvcNAQELBQADggEBALmWP5OGvHqreiUVBWzd5WrDoa16sJZKSVpl
gljnBwUVDCu+iJip/NzCOyrduq4qhJJ8yIPk5u8ov+obx8QOs7oO+k1Jo4voOfO6
TrjDCh+E/H2m4l5Wermq94rPlrirfxYl9Vwf/ZyJ212PoF+c374TqzFaiGoBalM9
5VDu64XQHjkvxMErInWpuvVJ022ckcAdPzoVlEIuNhbIV5aNoC/Cob58fgY84FeD
BfFjwwPIFgtye0zVvxjBnzPQkGS3of56pXGQFbqIgPTC6RE8L0naUYqlE343glmG
DvMVE/uKxvxYKQmVvA1xTRF076TIAxqAXPLcDZjM7yWL1zKX7b8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:04 2024 by rpki-client on console-ams.rpki-client.org