Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/6m0HauFX9X7ruG17mZrgSY8zVP0.roa
File: 6m0HauFX9X7ruG17mZrgSY8zVP0.roa (raw, json)
Hash identifier: TiWFKyXfssFqDin61vBqScXiBXYbLwrgm9OO9+jWLho=
Subject key identifier: EA:6D:07:6A:E1:57:F5:7E:EB:B8:6D:7B:99:9A:E0:49:8F:33:54:FD
Certificate issuer: /CN=f030658f16d2d88d34164592fcd4de13131f1695
Certificate serial: 018B6C33314807DD8217D2448E200B300137
Authority key identifier: F0:30:65:8F:16:D2:D8:8D:34:16:45:92:FC:D4:DE:13:13:1F:16:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/6m0HauFX9X7ruG17mZrgSY8zVP0.roa
Signing time: Thu 26 Oct 2023 13:36:16 +0000
ROA not before: Thu 26 Oct 2023 13:36:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206728
IP address blocks: 217.197.107.0/24 maxlen: 24
217.196.98.0/24 maxlen: 24
217.196.103.0/24 maxlen: 24
217.196.102.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Nov 2023 13:43:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6c:33:31:48:07:dd:82:17:d2:44:8e:20:0b:30:01:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f030658f16d2d88d34164592fcd4de13131f1695
Validity
Not Before: Oct 26 13:36:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea6d076ae157f57eebb86d7b999ae0498f3354fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:8e:fd:39:73:21:04:59:82:ea:de:1e:f6:f6:
de:c2:56:3a:49:ac:69:74:d6:ee:e4:1a:1d:98:ae:
10:16:94:e2:b7:41:87:bf:6c:17:21:72:bc:06:ab:
f0:f5:db:2f:6e:12:e8:06:e4:19:4b:8e:c1:ee:82:
2a:3b:bd:77:fd:23:b2:37:6d:7f:a9:b7:e1:7f:5a:
81:a0:82:95:80:6e:3c:44:d0:21:0d:ba:31:50:fa:
20:9f:18:0b:05:c1:0a:55:ff:64:36:dc:a2:18:ac:
47:95:b5:3a:fc:5f:e7:9d:d2:15:3e:00:68:71:08:
a0:fc:13:d6:e5:d0:ea:bd:8c:a5:2b:2a:85:7c:0d:
fc:04:26:93:77:5f:3b:99:83:84:0c:3e:7d:16:00:
81:88:64:0b:fd:c7:ea:ee:5e:85:15:79:6d:a4:e1:
cf:94:8a:55:0e:b7:84:29:e8:43:97:c9:45:8e:eb:
b6:13:7f:91:0b:41:98:94:45:f4:4f:e4:ad:00:f9:
f0:df:53:60:31:06:15:28:89:7a:1a:33:c6:8d:24:
dc:3b:8e:9e:df:c2:3a:46:ea:e3:c5:24:26:81:8c:
d4:db:71:6c:9b:a5:7d:eb:6b:1b:09:36:e4:ec:1e:
ff:6d:7e:71:f9:3e:3e:5c:b8:3a:48:08:db:b7:14:
a8:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:6D:07:6A:E1:57:F5:7E:EB:B8:6D:7B:99:9A:E0:49:8F:33:54:FD
X509v3 Authority Key Identifier:
keyid:F0:30:65:8F:16:D2:D8:8D:34:16:45:92:FC:D4:DE:13:13:1F:16:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/6m0HauFX9X7ruG17mZrgSY8zVP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/8DBljxbS2I00FkWS_NTeExMfFpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.196.98.0/24
217.196.102.0/23
217.197.107.0/24
Signature Algorithm: sha256WithRSAEncryption
24:ef:e3:ab:61:7c:21:98:61:24:f7:dc:a9:c3:71:8e:45:24:
3e:ba:0f:e9:1e:f6:ed:90:ea:45:be:34:e8:53:5e:4a:9e:79:
e3:44:11:37:19:ae:78:a6:b7:8c:1b:df:e6:7d:49:e9:e1:7a:
91:b9:e2:2b:e6:53:49:30:08:84:e0:41:13:96:58:0c:3c:cc:
60:0c:c0:ca:02:13:65:82:97:08:52:ec:3d:66:c4:bf:1c:78:
7a:a7:ed:6e:6e:7c:d8:30:97:1b:a5:fb:56:f8:5c:dc:17:30:
39:a3:a4:03:ba:bd:2b:56:f5:15:68:c4:6e:e6:fd:49:7f:03:
1a:f8:e4:61:d4:81:74:18:87:dd:81:27:eb:7e:73:84:39:6b:
a4:c2:91:36:6f:fd:2b:49:ba:18:7b:19:6d:40:1e:be:bc:1b:
1d:37:da:d8:f6:65:fa:53:f1:cb:b7:a2:d6:55:3c:03:5f:6f:
19:ed:cb:34:b7:48:63:91:95:c9:39:f8:1b:07:26:43:d6:94:
af:77:79:f5:56:4a:14:3f:47:29:4f:18:62:ab:5b:5b:d8:00:
c5:05:28:ad:fb:f3:ec:65:aa:48:59:6c:7e:3d:b2:a9:b0:ff:
c9:66:a2:55:a5:80:b2:f9:7a:a9:c4:61:bb:08:53:19:d4:da:
22:8f:84:26
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYtsMzFIB92CF9JEjiALMAE3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMzA2NThmMTZkMmQ4OGQzNDE2NDU5MmZjZDRkZTEzMTMx
ZjE2OTUwHhcNMjMxMDI2MTMzNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTZkMDc2YWUxNTdmNTdlZWJiODZkN2I5OTlhZTA0OThmMzM1NGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAno79OXMhBFmC6t4e9vbewlY6Saxp
dNbu5BodmK4QFpTit0GHv2wXIXK8Bqvw9dsvbhLoBuQZS47B7oIqO713/SOyN21/
qbfhf1qBoIKVgG48RNAhDboxUPognxgLBcEKVf9kNtyiGKxHlbU6/F/nndIVPgBo
cQig/BPW5dDqvYylKyqFfA38BCaTd187mYOEDD59FgCBiGQL/cfq7l6FFXltpOHP
lIpVDreEKehDl8lFjuu2E3+RC0GYlEX0T+StAPnw31NgMQYVKIl6GjPGjSTcO46e
38I6RurjxSQmgYzU23Fsm6V962sbCTbk7B7/bX5x+T4+XLg6SAjbtxSodQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOptB2rhV/V+67hte5ma4EmPM1T9MB8GA1UdIwQY
MBaAFPAwZY8W0tiNNBZFkvzU3hMTHxaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOERCbGp4YlMySTAwRmtXU19OVGVFeE1mRnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi82NjkzZTMtODljYS00NGExLWE4YjYt
ODk0ODA1Mjg5Y2MwLzEvNm0wSGF1Rlg5WDdydUcxN21acmdTWTh6VlAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi82NjkzZTMtODljYS00NGExLWE4YjYtODk0ODA1Mjg5Y2Mw
LzEvOERCbGp4YlMySTAwRmtXU19OVGVFeE1mRnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA2cRiAwQB
2cRmAwQA2cVrMA0GCSqGSIb3DQEBCwUAA4IBAQAk7+OrYXwhmGEk99ypw3GORSQ+
ug/pHvbtkOpFvjToU15KnnnjRBE3Ga54preMG9/mfUnp4XqRueIr5lNJMAiE4EET
llgMPMxgDMDKAhNlgpcIUuw9ZsS/HHh6p+1ubnzYMJcbpftW+FzcFzA5o6QDur0r
VvUVaMRu5v1JfwMa+ORh1IF0GIfdgSfrfnOEOWukwpE2b/0rSboYexltQB6+vBsd
N9rY9mX6U/HLt6LWVTwDX28Z7cs0t0hjkZXJOfgbByZD1pSvd3n1VkoUP0cpTxhi
q1tb2ADFBSit+/PsZapIWWx+PbKpsP/JZqJVpYCy+XqpxGG7CFMZ1Noij4Qm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:37 2024 by rpki-client on console-fra.rpki-client.org