Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/60dc0f-0aed-4bee-90b7-367dc385261a/1/6JBjUPT2G4DyRqAIglbuRg7xauU.roa
File: 6JBjUPT2G4DyRqAIglbuRg7xauU.roa (raw, json)
Hash identifier: 3c3mlNKULYr3bQuMMS2xmmdJE9f8PaQtyTbk1kMwFjU=
Subject key identifier: E8:90:63:50:F4:F6:1B:80:F2:46:A0:08:82:56:EE:46:0E:F1:6A:E5
Certificate issuer: /CN=1820f13139161384eaf13a1f7db60e2c68a43956
Certificate serial: 01856EB913167883F9C989988A2AABFABD99
Authority key identifier: 18:20:F1:31:39:16:13:84:EA:F1:3A:1F:7D:B6:0E:2C:68:A4:39:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GCDxMTkWE4Tq8ToffbYOLGikOVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/60dc0f-0aed-4bee-90b7-367dc385261a/1/6JBjUPT2G4DyRqAIglbuRg7xauU.roa
Signing time: Sun 01 Jan 2023 19:05:00 +0000
ROA not before: Sun 01 Jan 2023 19:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42611
IP address blocks: 84.18.224.0/19 maxlen: 24
85.208.12.0/22 maxlen: 24
91.193.8.0/22 maxlen: 24
2a09:8040::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b9:13:16:78:83:f9:c9:89:98:8a:2a:ab:fa:bd:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1820f13139161384eaf13a1f7db60e2c68a43956
Validity
Not Before: Jan 1 19:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e8906350f4f61b80f246a0088256ee460ef16ae5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:eb:eb:b7:e2:39:e8:12:d4:f6:39:93:9e:c0:
3d:e4:fc:89:a9:90:48:cf:ed:91:12:1c:b7:a9:e5:
59:8c:62:7b:4c:cb:a9:76:c1:dd:9a:03:e8:e9:92:
a1:bb:3b:0d:46:89:59:7d:b4:1e:ad:84:ed:fd:42:
be:43:a8:dc:d4:d0:6d:f1:b3:82:46:5d:a1:cd:b5:
3f:45:7a:61:69:19:c7:a2:94:5a:83:de:e9:75:bc:
0f:4c:e9:76:77:a8:d0:ee:e6:48:72:ee:47:ed:e6:
f0:db:43:66:48:ec:0c:67:34:ed:06:b2:2e:d8:d7:
5f:2a:57:54:f6:6d:af:cf:32:71:79:ad:cf:78:d0:
0a:55:24:8d:ed:6d:bf:4c:5f:af:1d:a2:59:58:ab:
c2:17:6c:de:62:d5:7a:f9:d4:aa:01:ee:7e:81:e5:
0c:71:0c:4a:76:b5:a2:d9:c3:2d:82:33:1e:55:08:
c2:ed:be:7f:3f:81:62:dc:a9:13:b5:a2:73:da:7b:
a8:7c:48:16:cb:81:b6:a7:78:25:45:31:53:d1:76:
f3:b3:3a:72:d0:6d:42:68:ee:81:c7:2b:f0:5d:2d:
e0:49:32:2a:33:f3:a8:b6:3d:db:40:90:88:e5:ce:
21:8d:a9:e9:ca:9d:bc:94:38:53:34:94:49:bc:5e:
ff:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:90:63:50:F4:F6:1B:80:F2:46:A0:08:82:56:EE:46:0E:F1:6A:E5
X509v3 Authority Key Identifier:
keyid:18:20:F1:31:39:16:13:84:EA:F1:3A:1F:7D:B6:0E:2C:68:A4:39:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GCDxMTkWE4Tq8ToffbYOLGikOVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/60dc0f-0aed-4bee-90b7-367dc385261a/1/6JBjUPT2G4DyRqAIglbuRg7xauU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/60dc0f-0aed-4bee-90b7-367dc385261a/1/GCDxMTkWE4Tq8ToffbYOLGikOVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.18.224.0/19
85.208.12.0/22
91.193.8.0/22
IPv6:
2a09:8040::/29
Signature Algorithm: sha256WithRSAEncryption
7f:e4:8b:43:95:6e:57:85:62:f5:07:73:b8:05:e4:57:e6:c6:
9d:58:7c:5b:fe:18:b0:12:0e:56:28:78:18:79:18:01:84:7c:
ae:2c:db:a9:e1:b1:41:5c:61:5b:51:c1:90:fe:bf:b7:a4:f9:
a3:b8:15:4e:4e:4e:c5:59:38:f9:17:16:e5:b0:1d:18:29:90:
a8:a7:ca:20:aa:76:ea:da:4c:e0:47:26:44:03:0a:b6:a2:ca:
51:25:f2:95:d5:15:ad:3d:d0:c3:46:db:39:93:a7:94:dd:11:
66:74:d0:f3:33:86:c7:54:5a:86:38:d9:03:28:ea:31:63:96:
fc:44:73:30:b8:27:3b:f2:a6:19:05:5b:b9:02:c8:33:81:fc:
a4:46:0a:5f:24:38:f1:92:97:f2:82:b8:34:fe:6f:b7:6f:76:
8f:ba:b2:26:36:5a:8d:5f:f4:bb:1c:36:ee:55:09:c9:36:21:
98:34:6b:3c:a8:41:51:5d:67:77:1d:82:11:f9:69:b4:91:bd:
5e:b7:74:37:85:a8:7e:9b:88:2b:ed:10:ca:35:a0:6b:fb:5b:
bb:12:cb:0a:26:38:0a:2c:55:46:c8:e2:bf:d8:80:1d:7e:a0:
a8:c6:22:11:50:f1:24:b5:14:9c:16:69:ac:38:8d:2b:f2:0a:
4b:fe:fd:18
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVuuRMWeIP5yYmYiiqr+r2ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MjBmMTMxMzkxNjEzODRlYWYxM2ExZjdkYjYwZTJjNjhh
NDM5NTYwHhcNMjMwMTAxMTkwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODkwNjM1MGY0ZjYxYjgwZjI0NmEwMDg4MjU2ZWU0NjBlZjE2YWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+vrt+I56BLU9jmTnsA95PyJqZBI
z+2REhy3qeVZjGJ7TMupdsHdmgPo6ZKhuzsNRolZfbQerYTt/UK+Q6jc1NBt8bOC
Rl2hzbU/RXphaRnHopRag97pdbwPTOl2d6jQ7uZIcu5H7ebw20NmSOwMZzTtBrIu
2NdfKldU9m2vzzJxea3PeNAKVSSN7W2/TF+vHaJZWKvCF2zeYtV6+dSqAe5+geUM
cQxKdrWi2cMtgjMeVQjC7b5/P4Fi3KkTtaJz2nuofEgWy4G2p3glRTFT0Xbzszpy
0G1CaO6BxyvwXS3gSTIqM/Ootj3bQJCI5c4hjanpyp28lDhTNJRJvF7/rwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOiQY1D09huA8kagCIJW7kYO8WrlMB8GA1UdIwQY
MBaAFBgg8TE5FhOE6vE6H322DixopDlWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0NEeE1Ua1dFNFRxOFRvZmZiWU9MR2lrT1ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi82MGRjMGYtMGFlZC00YmVlLTkwYjct
MzY3ZGMzODUyNjFhLzEvNkpCalVQVDJHNER5UnFBSWdsYnVSZzd4YXVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi82MGRjMGYtMGFlZC00YmVlLTkwYjctMzY3ZGMzODUyNjFh
LzEvR0NEeE1Ua1dFNFRxOFRvZmZiWU9MR2lrT1ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFVBLgAwQC
VdAMAwQCW8EIMA0EAgACMAcDBQMqCYBAMA0GCSqGSIb3DQEBCwUAA4IBAQB/5ItD
lW5XhWL1B3O4BeRX5sadWHxb/hiwEg5WKHgYeRgBhHyuLNup4bFBXGFbUcGQ/r+3
pPmjuBVOTk7FWTj5FxblsB0YKZCop8ogqnbq2kzgRyZEAwq2ospRJfKV1RWtPdDD
Rts5k6eU3RFmdNDzM4bHVFqGONkDKOoxY5b8RHMwuCc78qYZBVu5AsgzgfykRgpf
JDjxkpfygrg0/m+3b3aPurImNlqNX/S7HDbuVQnJNiGYNGs8qEFRXWd3HYIR+Wm0
kb1et3Q3hah+m4gr7RDKNaBr+1u7EssKJjgKLFVGyOK/2IAdfqCoxiIRUPEktRSc
FmmsOI0r8gpL/v0Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:50 2024 by rpki-client on console-fra.rpki-client.org