Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/36486b-b7b7-43a2-bb27-77ab05e0cf62/1/brekQY2PRseJ9IHGT2hNkWZtRTA.roa
File: brekQY2PRseJ9IHGT2hNkWZtRTA.roa (raw, json)
Hash identifier: y/mH+B3D//vyD6+FHTuz1UXeE+iziljuVP0+ElO1d98=
Subject key identifier: 6E:B7:A4:41:8D:8F:46:C7:89:F4:81:C6:4F:68:4D:91:66:6D:45:30
Certificate issuer: /CN=e24a32278ce7b4cb205dfccad786014a3b0ae323
Certificate serial: 01856FA7178A306449F395548DDD4DBA1D83
Authority key identifier: E2:4A:32:27:8C:E7:B4:CB:20:5D:FC:CA:D7:86:01:4A:3B:0A:E3:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4koyJ4zntMsgXfzK14YBSjsK4yM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/36486b-b7b7-43a2-bb27-77ab05e0cf62/1/brekQY2PRseJ9IHGT2hNkWZtRTA.roa
Signing time: Sun 01 Jan 2023 23:24:59 +0000
ROA not before: Sun 01 Jan 2023 23:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8535
IP address blocks: 80.252.0.0/20 maxlen: 20
193.42.228.0/22 maxlen: 22
194.149.228.0/22 maxlen: 22
2a02:bd8::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a7:17:8a:30:64:49:f3:95:54:8d:dd:4d:ba:1d:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e24a32278ce7b4cb205dfccad786014a3b0ae323
Validity
Not Before: Jan 1 23:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6eb7a4418d8f46c789f481c64f684d91666d4530
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:24:32:bf:0e:f4:6a:b8:b2:36:e5:b3:8f:f0:
b8:80:4a:45:6d:f8:41:b5:91:a7:94:9a:08:23:87:
37:03:11:67:63:23:ac:95:54:a9:26:fa:03:74:17:
bb:92:86:48:d3:38:ff:f6:37:37:bb:cb:51:61:74:
37:25:ef:2a:b4:e9:3d:22:de:52:f4:34:b5:e6:a7:
da:13:0a:80:58:c7:d9:7c:6d:07:53:7e:23:5c:00:
2c:69:85:9f:44:4c:d2:fb:e4:65:1c:4d:31:a8:ee:
4f:d9:83:ca:1e:7d:69:26:3a:29:bf:be:f5:e1:1d:
3f:4d:80:90:a3:14:68:6c:4f:d7:36:47:ce:db:cf:
40:0b:33:12:0f:60:68:7f:f4:88:9d:72:e1:b5:69:
fe:aa:6e:86:d1:96:e6:ea:c2:99:81:45:66:49:b1:
19:e3:a6:08:6f:f6:09:63:63:32:0c:ec:84:64:ee:
e2:eb:a0:1f:03:29:dd:c2:d6:f7:34:e0:97:fe:6d:
1f:0a:48:12:03:8f:2c:a8:50:92:1d:0a:d1:34:a1:
0b:7f:43:fd:39:bd:34:22:cb:57:e0:70:75:e4:5b:
f0:35:63:63:ce:18:a1:63:b7:ff:58:7d:4d:46:78:
99:cc:45:12:cb:d6:94:90:6a:fd:bc:7f:20:b0:11:
0b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:B7:A4:41:8D:8F:46:C7:89:F4:81:C6:4F:68:4D:91:66:6D:45:30
X509v3 Authority Key Identifier:
keyid:E2:4A:32:27:8C:E7:B4:CB:20:5D:FC:CA:D7:86:01:4A:3B:0A:E3:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4koyJ4zntMsgXfzK14YBSjsK4yM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/36486b-b7b7-43a2-bb27-77ab05e0cf62/1/brekQY2PRseJ9IHGT2hNkWZtRTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/36486b-b7b7-43a2-bb27-77ab05e0cf62/1/4koyJ4zntMsgXfzK14YBSjsK4yM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.252.0.0/20
193.42.228.0/22
194.149.228.0/22
IPv6:
2a02:bd8::/32
Signature Algorithm: sha256WithRSAEncryption
5d:36:f0:cf:d8:0e:d2:9f:fd:ef:e4:4f:86:57:ea:87:0f:1f:
5c:bc:ba:3f:2e:28:4e:66:fa:70:4d:45:5f:37:30:2d:c0:3b:
aa:66:af:3b:2a:5e:40:40:f7:04:9f:e6:0f:14:fe:4a:ce:80:
86:b0:b9:6d:81:ce:da:ff:17:f9:9c:49:75:76:d8:b0:e2:aa:
04:ff:e4:7a:db:22:46:5a:50:09:2e:77:5e:fb:21:fb:6e:1d:
ce:d2:5d:43:7a:e7:18:bd:ce:82:b3:f6:bf:31:01:fc:ea:54:
c5:89:71:22:93:cb:d8:c6:1f:64:32:c8:5f:82:95:d2:d4:0a:
a8:74:be:df:1a:a3:4e:7c:3b:a6:89:0f:8a:dc:76:24:16:a1:
1a:9b:4d:42:40:cd:2b:76:53:6e:46:8e:db:36:d0:7c:4f:c1:
2c:a8:60:0b:ce:50:6d:73:91:e0:de:aa:68:38:37:d9:97:63:
a5:fe:0e:30:7a:df:93:f3:5a:f7:40:c5:dd:96:e4:5e:24:d5:
43:6a:9e:35:69:70:f2:90:8a:81:e9:80:1f:98:58:ab:57:2a:
84:e6:d6:e3:08:b5:55:f1:b0:28:a9:17:b4:b4:e5:77:de:e5:
3c:ae:0a:18:96:37:51:29:3a:1d:7a:78:1f:ec:70:a5:bd:9b:
98:5e:6a:e0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVvpxeKMGRJ85VUjd1Nuh2DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyNGEzMjI3OGNlN2I0Y2IyMDVkZmNjYWQ3ODYwMTRhM2Iw
YWUzMjMwHhcNMjMwMTAxMjMyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWI3YTQ0MThkOGY0NmM3ODlmNDgxYzY0ZjY4NGQ5MTY2NmQ0NTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSQyvw70ariyNuWzj/C4gEpFbfhB
tZGnlJoII4c3AxFnYyOslVSpJvoDdBe7koZI0zj/9jc3u8tRYXQ3Je8qtOk9It5S
9DS15qfaEwqAWMfZfG0HU34jXAAsaYWfREzS++RlHE0xqO5P2YPKHn1pJjopv771
4R0/TYCQoxRobE/XNkfO289ACzMSD2Bof/SInXLhtWn+qm6G0Zbm6sKZgUVmSbEZ
46YIb/YJY2MyDOyEZO7i66AfAyndwtb3NOCX/m0fCkgSA48sqFCSHQrRNKELf0P9
Ob00IstX4HB15FvwNWNjzhihY7f/WH1NRniZzEUSy9aUkGr9vH8gsBELQwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFG63pEGNj0bHifSBxk9oTZFmbUUwMB8GA1UdIwQY
MBaAFOJKMieM57TLIF38yteGAUo7CuMjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGtveUo0em50TXNnWGZ6SzE0WUJTanNLNHlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8zNjQ4NmItYjdiNy00M2EyLWJiMjct
NzdhYjA1ZTBjZjYyLzEvYnJla1FZMlBSc2VKOUlIR1QyaE5rV1p0UlRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8zNjQ4NmItYjdiNy00M2EyLWJiMjctNzdhYjA1ZTBjZjYy
LzEvNGtveUo0em50TXNnWGZ6SzE0WUJTanNLNHlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEUPwAAwQC
wSrkAwQCwpXkMA0EAgACMAcDBQAqAgvYMA0GCSqGSIb3DQEBCwUAA4IBAQBdNvDP
2A7Sn/3v5E+GV+qHDx9cvLo/LihOZvpwTUVfNzAtwDuqZq87Kl5AQPcEn+YPFP5K
zoCGsLltgc7a/xf5nEl1dtiw4qoE/+R62yJGWlAJLnde+yH7bh3O0l1DeucYvc6C
s/a/MQH86lTFiXEik8vYxh9kMshfgpXS1AqodL7fGqNOfDumiQ+K3HYkFqEam01C
QM0rdlNuRo7bNtB8T8EsqGALzlBtc5Hg3qpoODfZl2Ol/g4wet+T81r3QMXdluRe
JNVDap41aXDykIqB6YAfmFirVyqE5tbjCLVV8bAoqRe0tOV33uU8rgoYljdRKTod
engf7HClvZuYXmrg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:57 2024 by rpki-client on console-ams.rpki-client.org