Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/d71269-4b56-4572-a711-d84ecb2505c4/1/6SkG48oNXPJq5ZLp5W-0Z-cq9UA.roa
File: 6SkG48oNXPJq5ZLp5W-0Z-cq9UA.roa (raw, json)
Hash identifier: mmxfXvAcbeeAKfwk7GgcbMmf+HQLDYCpcNfAvdeKX3Y=
Subject key identifier: E9:29:06:E3:CA:0D:5C:F2:6A:E5:92:E9:E5:6F:B4:67:E7:2A:F5:40
Certificate issuer: /CN=e541a4c152b5f786d623d85c41465299cdda3389
Certificate serial: 01856D53F95C45A638204C4ADC3A3DFE9B2F
Authority key identifier: E5:41:A4:C1:52:B5:F7:86:D6:23:D8:5C:41:46:52:99:CD:DA:33:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5UGkwVK194bWI9hcQUZSmc3aM4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/d71269-4b56-4572-a711-d84ecb2505c4/1/6SkG48oNXPJq5ZLp5W-0Z-cq9UA.roa
Signing time: Sun 01 Jan 2023 12:34:57 +0000
ROA not before: Sun 01 Jan 2023 12:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60955
IP address blocks: 31.172.112.0/23 maxlen: 23
31.172.112.0/20 maxlen: 20
31.172.114.0/24 maxlen: 24
31.172.115.0/24 maxlen: 24
31.172.116.0/22 maxlen: 22
185.22.220.0/22 maxlen: 24
193.192.40.0/23 maxlen: 23
2a04:2200::/29 maxlen: 29
2a04:2201::/32 maxlen: 32
2a04:2200::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:f9:5c:45:a6:38:20:4c:4a:dc:3a:3d:fe:9b:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e541a4c152b5f786d623d85c41465299cdda3389
Validity
Not Before: Jan 1 12:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e92906e3ca0d5cf26ae592e9e56fb467e72af540
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:50:be:e7:da:49:b1:01:77:25:19:2a:54:71:
79:6a:e9:31:5e:1d:62:8a:78:65:02:ab:50:51:78:
16:5f:ec:36:cb:ca:be:6e:44:db:2f:39:0b:2e:c2:
12:0f:f9:d8:2c:ec:8d:fa:b9:ea:78:9a:ec:85:75:
11:be:fd:c7:29:a3:ba:47:bb:1d:51:a3:ab:97:93:
c9:02:f4:6e:08:fc:58:7d:34:75:2a:ea:10:c2:7a:
d2:5b:9b:96:de:49:63:fa:18:9b:a8:d3:67:07:a7:
58:cb:0c:54:8c:ec:6c:71:b4:9e:83:2c:27:5f:e5:
0f:3c:c0:07:ab:73:e9:a0:c4:98:79:39:c4:a6:22:
87:21:c7:ef:fc:63:62:ce:21:c7:6c:18:dc:44:80:
82:30:c4:71:c4:d2:36:d5:4b:b8:94:45:c2:4a:7b:
f7:0b:59:ae:b2:8b:04:14:0c:5d:26:d2:3c:7e:50:
b6:27:82:c3:ba:c2:58:43:8e:46:03:df:a7:72:0c:
03:32:fc:55:59:b3:49:a6:f8:05:ad:7a:b2:85:e4:
4c:11:e2:75:5d:13:90:02:71:68:5a:23:6e:73:5e:
b0:72:01:56:fd:2e:b5:16:68:e7:87:e0:74:22:bb:
cd:65:59:d7:b0:d5:bc:7d:0d:f7:a7:d5:3e:c2:8d:
08:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:29:06:E3:CA:0D:5C:F2:6A:E5:92:E9:E5:6F:B4:67:E7:2A:F5:40
X509v3 Authority Key Identifier:
keyid:E5:41:A4:C1:52:B5:F7:86:D6:23:D8:5C:41:46:52:99:CD:DA:33:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5UGkwVK194bWI9hcQUZSmc3aM4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/d71269-4b56-4572-a711-d84ecb2505c4/1/6SkG48oNXPJq5ZLp5W-0Z-cq9UA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/d71269-4b56-4572-a711-d84ecb2505c4/1/5UGkwVK194bWI9hcQUZSmc3aM4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.112.0/20
185.22.220.0/22
193.192.40.0/23
IPv6:
2a04:2200::/29
Signature Algorithm: sha256WithRSAEncryption
73:7c:1c:4c:ad:8e:d0:98:27:1b:1a:a7:fb:ff:21:73:be:ee:
23:22:9f:00:85:c7:3a:9e:1d:a0:33:03:dc:fd:dd:a0:52:21:
ed:fc:09:c8:a3:20:4f:d7:74:8f:00:ff:3b:a3:39:50:7b:8e:
15:15:4e:5d:64:eb:2f:b9:51:ea:2c:1f:da:47:63:3f:ff:8b:
ac:24:27:a2:b9:a4:71:e3:a4:fa:ad:93:25:8d:95:d1:8f:bb:
b5:f5:eb:53:88:57:74:9c:4e:c4:90:0a:5e:43:aa:5e:01:23:
0d:e7:cb:ef:a3:95:e6:d9:71:82:70:ce:76:ca:52:f7:ce:61:
ea:a0:5b:2e:b8:02:48:0a:4b:51:f8:33:4b:bb:2f:43:4b:6c:
f8:50:d9:8a:8c:ec:cb:a8:6e:39:87:05:07:55:cf:c6:77:1a:
62:06:d0:9c:68:50:3e:22:bc:c2:a9:a0:e0:d1:14:e8:2a:85:
93:ee:4f:b2:b0:8c:2b:72:4e:7e:77:72:8a:b4:1c:90:8a:ed:
a1:48:50:de:19:57:24:6e:0d:93:ac:e5:b9:dc:b2:bd:00:75:
67:40:d0:d9:df:35:28:ff:2c:4a:c3:74:cf:20:0a:02:35:fa:
d6:4f:eb:50:8a:6f:5d:58:ff:4d:5f:d7:1c:da:d9:49:a5:d7:
44:2e:ea:23
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVtU/lcRaY4IExK3Do9/psvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NDFhNGMxNTJiNWY3ODZkNjIzZDg1YzQxNDY1Mjk5Y2Rk
YTMzODkwHhcNMjMwMTAxMTIzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTI5MDZlM2NhMGQ1Y2YyNmFlNTkyZTllNTZmYjQ2N2U3MmFmNTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1C+59pJsQF3JRkqVHF5aukxXh1i
inhlAqtQUXgWX+w2y8q+bkTbLzkLLsISD/nYLOyN+rnqeJrshXURvv3HKaO6R7sd
UaOrl5PJAvRuCPxYfTR1KuoQwnrSW5uW3klj+hibqNNnB6dYywxUjOxscbSegywn
X+UPPMAHq3PpoMSYeTnEpiKHIcfv/GNiziHHbBjcRICCMMRxxNI21Uu4lEXCSnv3
C1musosEFAxdJtI8flC2J4LDusJYQ45GA9+ncgwDMvxVWbNJpvgFrXqyheRMEeJ1
XROQAnFoWiNuc16wcgFW/S61Fmjnh+B0IrvNZVnXsNW8fQ33p9U+wo0I3wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOkpBuPKDVzyauWS6eVvtGfnKvVAMB8GA1UdIwQY
MBaAFOVBpMFStfeG1iPYXEFGUpnN2jOJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVVHa3dWSzE5NGJXSTloY1FVWlNtYzNhTTRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9kNzEyNjktNGI1Ni00NTcyLWE3MTEt
ZDg0ZWNiMjUwNWM0LzEvNlNrRzQ4b05YUEpxNVpMcDVXLTBaLWNxOVVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9kNzEyNjktNGI1Ni00NTcyLWE3MTEtZDg0ZWNiMjUwNWM0
LzEvNVVHa3dWSzE5NGJXSTloY1FVWlNtYzNhTTRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEH6xwAwQC
uRbcAwQBwcAoMA0EAgACMAcDBQMqBCIAMA0GCSqGSIb3DQEBCwUAA4IBAQBzfBxM
rY7QmCcbGqf7/yFzvu4jIp8Ahcc6nh2gMwPc/d2gUiHt/AnIoyBP13SPAP87ozlQ
e44VFU5dZOsvuVHqLB/aR2M//4usJCeiuaRx46T6rZMljZXRj7u19etTiFd0nE7E
kApeQ6peASMN58vvo5Xm2XGCcM52ylL3zmHqoFsuuAJICktR+DNLuy9DS2z4UNmK
jOzLqG45hwUHVc/GdxpiBtCcaFA+IrzCqaDg0RToKoWT7k+ysIwrck5+d3KKtByQ
iu2hSFDeGVckbg2TrOW53LK9AHVnQNDZ3zUo/yxKw3TPIAoCNfrWT+tQim9dWP9N
X9cc2tlJpddELuoj
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:41:19 2024 by rpki-client on console-ams.rpki-client.org