Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/1fde18-2873-4fe0-869c-3820f7ee2cb8/1/6KD29ufXvcw5i923Hgs5LLJGXL4.roa
File: 6KD29ufXvcw5i923Hgs5LLJGXL4.roa (raw, json)
Hash identifier: /W3x8AletQurAC9GtylMVApdZf62++rYb3n41QiOoHY=
Subject key identifier: E8:A0:F6:F6:E7:D7:BD:CC:39:8B:DD:B7:1E:0B:39:2C:B2:46:5C:BE
Certificate issuer: /CN=63495a4cecbeafb3eadf6ed0349bb0b96da464ee
Certificate serial: 019350CA3703C1F51BA096DBBCEB800D4B6F
Authority key identifier: 63:49:5A:4C:EC:BE:AF:B3:EA:DF:6E:D0:34:9B:B0:B9:6D:A4:64:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y0laTOy-r7Pq327QNJuwuW2kZO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/1fde18-2873-4fe0-869c-3820f7ee2cb8/1/6KD29ufXvcw5i923Hgs5LLJGXL4.roa
Signing time: Thu 21 Nov 2024 22:14:09 +0000
ROA not before: Thu 21 Nov 2024 22:14:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8468
IP address blocks: 178.16.224.0/21 maxlen: 21
178.16.224.0/22 maxlen: 22
178.16.228.0/23 maxlen: 23
178.16.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Nov 2024 12:49:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:50:ca:37:03:c1:f5:1b:a0:96:db:bc:eb:80:0d:4b:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63495a4cecbeafb3eadf6ed0349bb0b96da464ee
Validity
Not Before: Nov 21 22:14:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e8a0f6f6e7d7bdcc398bddb71e0b392cb2465cbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c3:09:ef:3d:66:15:03:08:11:f0:94:55:75:
eb:c2:f0:e8:f2:e4:24:a1:1a:98:e1:4c:8d:da:53:
02:6a:bb:56:57:01:75:a2:4b:05:b1:32:bf:b3:22:
55:e6:d1:80:34:8b:e4:a4:14:08:79:36:15:27:22:
85:30:bc:83:2f:d8:aa:f0:b2:c2:f7:65:da:71:19:
8f:3a:ca:d8:e7:35:ee:1f:a4:fc:18:fe:9a:a4:22:
7c:8e:eb:79:58:4d:d5:d2:e2:e0:18:67:36:0f:6c:
52:90:7d:4a:15:82:67:78:77:bf:3f:7e:a7:d8:9e:
33:c9:9f:08:e3:89:f1:21:0f:75:a9:33:72:5e:47:
f2:2a:7a:a9:3a:37:40:48:67:35:91:a8:55:70:f3:
a6:8c:e5:30:08:e2:cc:19:e5:9c:a1:1d:d0:20:a8:
73:01:06:9f:78:01:88:26:bb:f9:01:1c:06:00:64:
33:a2:ff:37:f1:2d:bb:3e:b2:3f:85:b0:87:15:20:
76:f7:04:15:06:61:49:52:57:aa:a1:7b:67:ad:b1:
07:17:41:69:79:62:d1:08:c5:33:26:b6:be:40:ee:
97:d1:ed:75:b3:cb:d7:08:a9:10:c7:f0:4e:1a:9f:
69:9e:b5:23:fd:33:0e:8f:dc:b7:43:fc:0e:14:90:
dc:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:A0:F6:F6:E7:D7:BD:CC:39:8B:DD:B7:1E:0B:39:2C:B2:46:5C:BE
X509v3 Authority Key Identifier:
keyid:63:49:5A:4C:EC:BE:AF:B3:EA:DF:6E:D0:34:9B:B0:B9:6D:A4:64:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y0laTOy-r7Pq327QNJuwuW2kZO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/1fde18-2873-4fe0-869c-3820f7ee2cb8/1/6KD29ufXvcw5i923Hgs5LLJGXL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/1fde18-2873-4fe0-869c-3820f7ee2cb8/1/Y0laTOy-r7Pq327QNJuwuW2kZO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.16.224.0/21
178.16.237.0/24
Signature Algorithm: sha256WithRSAEncryption
86:8d:d5:fd:3f:28:49:75:90:96:65:34:83:00:86:14:62:04:
58:71:79:2a:86:ff:5a:b3:bc:7b:7a:1e:92:f7:47:84:f9:ce:
a6:e0:cc:b1:e4:a4:c3:50:e9:0a:aa:82:2e:23:ea:d1:ef:c6:
90:e6:6e:e9:31:aa:6f:20:7a:ba:2a:ae:61:49:85:4f:73:6f:
ce:b3:21:e5:e0:14:b2:9c:ac:9c:2a:63:02:34:7b:91:01:8e:
33:b0:f3:02:d7:a9:76:b9:0d:3f:6f:ef:1e:41:c5:4c:de:c1:
81:45:3b:73:b4:23:47:21:1d:76:26:07:2a:f8:17:5e:60:b9:
95:d0:74:5f:2c:ad:00:6f:b4:af:ae:ae:3f:51:dd:d7:8f:d9:
2d:e7:25:74:52:17:e5:0f:70:89:e6:0e:ff:8b:81:07:b3:7e:
6e:e2:aa:d0:bc:d9:1a:5d:2b:92:8a:04:31:72:59:26:98:87:
8d:1a:b8:fe:84:7d:3b:67:b0:5c:95:03:ef:c0:8b:4f:90:71:
9b:00:75:b7:58:bd:a1:54:d3:69:bb:5a:1c:31:3d:80:75:cb:
22:1d:9b:ab:10:9c:81:b3:ab:cc:e5:7d:c1:3c:08:22:e1:83:
cd:a1:00:e9:f8:11:88:17:6d:5d:e2:07:09:7f:f6:8d:a8:fb:
62:3d:eb:a7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZNQyjcDwfUboJbbvOuADUtvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNDk1YTRjZWNiZWFmYjNlYWRmNmVkMDM0OWJiMGI5NmRh
NDY0ZWUwHhcNMjQxMTIxMjIxNDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGEwZjZmNmU3ZDdiZGNjMzk4YmRkYjcxZTBiMzkyY2IyNDY1Y2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMMJ7z1mFQMIEfCUVXXrwvDo8uQk
oRqY4UyN2lMCartWVwF1oksFsTK/syJV5tGANIvkpBQIeTYVJyKFMLyDL9iq8LLC
92XacRmPOsrY5zXuH6T8GP6apCJ8jut5WE3V0uLgGGc2D2xSkH1KFYJneHe/P36n
2J4zyZ8I44nxIQ91qTNyXkfyKnqpOjdASGc1kahVcPOmjOUwCOLMGeWcoR3QIKhz
AQafeAGIJrv5ARwGAGQzov838S27PrI/hbCHFSB29wQVBmFJUleqoXtnrbEHF0Fp
eWLRCMUzJra+QO6X0e11s8vXCKkQx/BOGp9pnrUj/TMOj9y3Q/wOFJDcjQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOig9vbn173MOYvdtx4LOSyyRly+MB8GA1UdIwQY
MBaAFGNJWkzsvq+z6t9u0DSbsLltpGTuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTBsYVRPeS1yN1BxMzI3UU5KdXd1VzJrWk80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8xZmRlMTgtMjg3My00ZmUwLTg2OWMt
MzgyMGY3ZWUyY2I4LzEvNktEMjl1Zlh2Y3c1aTkyM0hnczVMTEpHWEw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8xZmRlMTgtMjg3My00ZmUwLTg2OWMtMzgyMGY3ZWUyY2I4
LzEvWTBsYVRPeS1yN1BxMzI3UU5KdXd1VzJrWk80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDshDgAwQA
shDtMA0GCSqGSIb3DQEBCwUAA4IBAQCGjdX9PyhJdZCWZTSDAIYUYgRYcXkqhv9a
s7x7eh6S90eE+c6m4Myx5KTDUOkKqoIuI+rR78aQ5m7pMapvIHq6Kq5hSYVPc2/O
syHl4BSynKycKmMCNHuRAY4zsPMC16l2uQ0/b+8eQcVM3sGBRTtztCNHIR12Jgcq
+BdeYLmV0HRfLK0Ab7Svrq4/Ud3Xj9kt5yV0UhflD3CJ5g7/i4EHs35u4qrQvNka
XSuSigQxclkmmIeNGrj+hH07Z7BclQPvwItPkHGbAHW3WL2hVNNpu1ocMT2Adcsi
HZurEJyBs6vM5X3BPAgi4YPNoQDp+BGIF21d4gcJf/aNqPtiPeun
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:13:29 2024 by rpki-client on console-fra.rpki-client.org