Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/6mk9BcUZlqHdgXlCFMVgvOI8Pd0.roa
File: 6mk9BcUZlqHdgXlCFMVgvOI8Pd0.roa (raw, json)
Hash identifier: 4+ol4Uo2UGr2RetTBEoHQF+lBxTIPHCz+b8EzPKURsY=
Subject key identifier: EA:69:3D:05:C5:19:96:A1:DD:81:79:42:14:C5:60:BC:E2:3C:3D:DD
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018F7285DAE56B00482309BA61B6B53E665F
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/6mk9BcUZlqHdgXlCFMVgvOI8Pd0.roa
Signing time: Mon 13 May 2024 15:15:25 +0000
ROA not before: Mon 13 May 2024 15:15:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57043
IP address blocks: 188.212.132.0/24 maxlen: 24
188.241.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 12 Oct 2024 16:25:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:72:85:da:e5:6b:00:48:23:09:ba:61:b6:b5:3e:66:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: May 13 15:15:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea693d05c51996a1dd81794214c560bce23c3ddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:7e:c0:1f:7a:88:25:07:c5:8d:9b:8f:e7:81:
82:f8:9c:e2:45:df:b1:d7:46:8e:6b:4a:ca:d5:52:
81:f3:fe:53:d9:cf:03:1d:3d:9a:68:e6:29:4c:b0:
3c:64:53:31:dc:df:35:71:37:14:4f:5d:c6:87:c9:
e2:04:cb:84:be:89:31:c1:b8:5b:9d:06:f6:34:f7:
85:6c:7b:b8:31:b7:bb:8d:e3:73:18:cf:fe:21:a2:
ee:46:30:6e:db:2c:c2:bd:eb:c7:7b:e1:b4:77:c6:
78:2a:9d:72:cc:6b:74:78:47:6b:ae:a8:ae:2c:88:
18:b3:aa:63:ae:03:27:bc:60:cf:04:2a:89:9d:f7:
6b:d4:5b:cd:4f:61:e7:2b:42:b1:65:e4:2c:88:02:
99:4e:79:bd:a8:1f:98:4c:b7:f4:44:7b:30:74:87:
ce:24:f1:28:a3:c2:cc:54:25:1b:35:10:19:64:d7:
1f:6d:28:3b:32:e8:bb:f7:d7:d7:65:99:e7:53:a9:
eb:92:32:44:e4:fe:52:c7:5f:70:56:a2:98:b4:7f:
03:d0:49:52:18:c5:e9:73:a0:23:df:11:26:7f:e5:
95:ad:26:5d:c7:21:88:df:dd:d0:2a:15:b4:a6:86:
02:9b:d1:b0:0b:fb:a9:df:a9:25:c7:4b:21:45:8c:
c8:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:69:3D:05:C5:19:96:A1:DD:81:79:42:14:C5:60:BC:E2:3C:3D:DD
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/6mk9BcUZlqHdgXlCFMVgvOI8Pd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.212.132.0/24
188.241.214.0/24
Signature Algorithm: sha256WithRSAEncryption
21:48:53:0e:5d:a3:0d:a2:38:aa:cf:1d:63:b2:b6:da:91:f3:
b4:51:66:1f:51:9b:e7:70:7f:ae:e1:e6:3b:52:5c:f7:6e:05:
40:63:e8:ab:00:6e:67:3f:ec:91:6b:00:77:49:72:81:6a:8d:
5b:8a:17:f7:68:60:16:38:6b:1f:f0:45:b5:87:88:4b:a9:e0:
f0:e5:65:7c:75:53:aa:f6:4a:34:44:0e:83:c9:29:10:a7:fc:
2c:2f:05:85:1c:4b:2a:ab:02:58:eb:4f:67:b0:16:80:60:2b:
e0:68:c1:89:4b:2e:10:c8:0c:e8:d7:82:2c:06:27:56:3e:79:
0c:93:89:35:38:e4:b8:06:d9:e5:32:c8:ef:4c:ee:de:bb:c1:
4b:cc:4f:f5:a3:bc:47:11:8a:28:35:09:95:71:c7:c4:23:03:
fd:f0:7d:a5:ca:12:b7:f0:2b:79:f4:66:80:d2:40:ca:80:ea:
30:e9:98:87:d1:b5:f1:0e:a9:b1:d1:81:97:c5:07:8a:a5:5c:
00:82:3b:71:73:64:e8:00:52:2d:9c:43:f5:78:78:e2:bc:3e:
49:b5:20:0c:86:ca:3b:d2:db:3e:f0:35:7f:0e:c4:6d:0c:2a:
37:95:27:30:2f:3d:7c:97:f0:70:ab:e1:50:a0:bb:03:91:fc:
ea:a2:72:95
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY9yhdrlawBIIwm6Yba1PmZfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwNTEzMTUxNTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTY5M2QwNWM1MTk5NmExZGQ4MTc5NDIxNGM1NjBiY2UyM2MzZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu37AH3qIJQfFjZuP54GC+JziRd+x
10aOa0rK1VKB8/5T2c8DHT2aaOYpTLA8ZFMx3N81cTcUT13Gh8niBMuEvokxwbhb
nQb2NPeFbHu4Mbe7jeNzGM/+IaLuRjBu2yzCvevHe+G0d8Z4Kp1yzGt0eEdrrqiu
LIgYs6pjrgMnvGDPBCqJnfdr1FvNT2HnK0KxZeQsiAKZTnm9qB+YTLf0RHswdIfO
JPEoo8LMVCUbNRAZZNcfbSg7Mui799fXZZnnU6nrkjJE5P5Sx19wVqKYtH8D0ElS
GMXpc6Aj3xEmf+WVrSZdxyGI393QKhW0poYCm9GwC/up36klx0shRYzIFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOppPQXFGZah3YF5QhTFYLziPD3dMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvNm1rOUJjVVpscUhkZ1hsQ0ZNVmd2T0k4UGQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvNSEAwQA
vPHWMA0GCSqGSIb3DQEBCwUAA4IBAQAhSFMOXaMNojiqzx1jsrbakfO0UWYfUZvn
cH+u4eY7Ulz3bgVAY+irAG5nP+yRawB3SXKBao1bihf3aGAWOGsf8EW1h4hLqeDw
5WV8dVOq9ko0RA6DySkQp/wsLwWFHEsqqwJY609nsBaAYCvgaMGJSy4QyAzo14Is
BidWPnkMk4k1OOS4BtnlMsjvTO7eu8FLzE/1o7xHEYooNQmVccfEIwP98H2lyhK3
8Ct59GaA0kDKgOow6ZiH0bXxDqmx0YGXxQeKpVwAgjtxc2ToAFItnEP1eHjivD5J
tSAMhso70ts+8DV/DsRtDCo3lScwLz18l/Bwq+FQoLsDkfzqonKV
-----END CERTIFICATE-----
Generated at Sat Oct 12 21:07:17 2024 by rpki-client on console-ams.rpki-client.org