Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/7d3f00-d48c-416f-919e-dc0389f9167d/1/6eWEWi0vfX1CG1W2ZQh3ah26Y6k.roa
File: 6eWEWi0vfX1CG1W2ZQh3ah26Y6k.roa (raw, json)
Hash identifier: foyIYDs/utg39nkTjDhSxqp/G9VXUIxbaY44r4Hxm4A=
Subject key identifier: E9:E5:84:5A:2D:2F:7D:7D:42:1B:55:B6:65:08:77:6A:1D:BA:63:A9
Certificate issuer: /CN=971a6cbb2df6e7faccc5853ba5400f1f470eab16
Certificate serial: 01856F797C297E2ECF34A01B209C555273A7
Authority key identifier: 97:1A:6C:BB:2D:F6:E7:FA:CC:C5:85:3B:A5:40:0F:1F:47:0E:AB:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lxpsuy325_rMxYU7pUAPH0cOqxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/7d3f00-d48c-416f-919e-dc0389f9167d/1/6eWEWi0vfX1CG1W2ZQh3ah26Y6k.roa
Signing time: Sun 01 Jan 2023 22:35:10 +0000
ROA not before: Sun 01 Jan 2023 22:35:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59989
IP address blocks: 185.22.34.0/24 maxlen: 24
185.22.32.0/22 maxlen: 22
185.22.33.0/24 maxlen: 24
185.22.35.0/24 maxlen: 24
185.22.32.0/24 maxlen: 24
185.100.202.0/24 maxlen: 24
185.100.201.0/24 maxlen: 24
185.100.200.0/22 maxlen: 22
185.100.203.0/24 maxlen: 24
185.100.200.0/24 maxlen: 24
2a00:5e60::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:7c:29:7e:2e:cf:34:a0:1b:20:9c:55:52:73:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=971a6cbb2df6e7faccc5853ba5400f1f470eab16
Validity
Not Before: Jan 1 22:35:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e9e5845a2d2f7d7d421b55b66508776a1dba63a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:55:13:af:a5:b9:76:a7:e4:15:0c:2a:23:33:
79:41:34:98:7f:c4:80:5a:74:60:ce:c3:66:45:c6:
c4:36:c1:13:7f:c3:32:c8:40:fe:f4:9b:03:4c:49:
40:62:fd:60:8c:11:c0:1e:da:3f:16:48:17:44:54:
7f:5f:ef:83:46:02:e6:e9:6a:16:56:aa:d6:c3:33:
71:e3:62:1c:80:c9:54:34:9a:9a:4f:54:b6:78:41:
c1:d0:ed:60:a8:92:17:24:85:e8:49:ad:63:f9:18:
0a:e3:3f:ee:c2:e2:df:bb:5e:12:3a:32:59:6a:a9:
0b:e6:dc:b8:e5:68:7e:f5:55:ee:05:13:a1:24:bf:
dc:5f:1c:cb:27:64:53:06:1d:49:d6:c5:26:8a:84:
58:76:a6:65:aa:be:cb:cc:ae:53:04:f8:50:b9:58:
94:2c:ff:47:ea:6b:44:5c:70:f7:8b:cb:f4:49:ec:
5f:1f:77:ca:7e:40:29:27:0b:5d:84:91:8c:b4:33:
36:53:34:15:61:aa:e9:0c:90:14:0e:a7:d8:85:1b:
b1:1f:98:ab:02:f3:f3:7e:28:80:8e:2a:b2:4f:2d:
b8:29:76:d8:e8:32:7b:65:0c:3e:2d:29:8d:d7:cf:
79:74:20:97:e5:66:52:25:dc:8a:1a:65:1b:56:49:
88:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:E5:84:5A:2D:2F:7D:7D:42:1B:55:B6:65:08:77:6A:1D:BA:63:A9
X509v3 Authority Key Identifier:
keyid:97:1A:6C:BB:2D:F6:E7:FA:CC:C5:85:3B:A5:40:0F:1F:47:0E:AB:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lxpsuy325_rMxYU7pUAPH0cOqxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/7d3f00-d48c-416f-919e-dc0389f9167d/1/6eWEWi0vfX1CG1W2ZQh3ah26Y6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/7d3f00-d48c-416f-919e-dc0389f9167d/1/lxpsuy325_rMxYU7pUAPH0cOqxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.32.0/22
185.100.200.0/22
IPv6:
2a00:5e60::/32
Signature Algorithm: sha256WithRSAEncryption
ba:34:4e:4d:76:0b:77:e9:82:28:08:d8:5d:0c:40:28:a5:d6:
5f:97:e2:cd:d0:0e:0c:c2:5a:5d:cd:49:2e:a0:46:eb:cb:c2:
5c:ac:2a:d1:74:b8:2b:18:ac:85:5b:4e:5f:8c:13:73:10:7e:
f7:1e:db:d0:8b:b2:7a:a5:ca:0b:ff:ac:33:0e:06:c5:e7:b9:
57:b1:30:21:53:69:54:ac:d0:01:7b:3a:79:bb:74:d1:72:c4:
8f:d7:97:9f:6f:c2:65:2a:b8:dc:53:eb:7c:f8:f1:51:c1:53:
38:73:89:77:97:ce:f5:32:92:ec:a7:45:b8:1d:b7:64:19:cd:
aa:a9:bb:af:9c:1d:6b:05:4a:68:85:38:45:58:00:a4:ba:e6:
cd:a0:a6:8c:63:a4:47:8b:e1:1d:34:b9:d4:22:33:98:68:4c:
ae:c1:1c:3a:44:20:3c:fd:5d:f3:10:27:ff:bc:f3:bd:1d:1e:
eb:b2:c6:d9:b0:ab:b8:50:ed:dc:7f:a3:9a:e2:89:ca:96:c3:
2a:81:c6:74:d3:55:82:b6:e4:3d:57:95:0a:e0:74:7e:38:71:
12:eb:72:ca:93:74:89:22:f1:8e:d0:5e:e7:8d:82:92:91:a0:
0a:1e:a4:28:a9:0a:69:59:81:2c:c7:85:7f:78:33:1e:b9:d5:
e4:ec:32:ae
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVveXwpfi7PNKAbIJxVUnOnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3MWE2Y2JiMmRmNmU3ZmFjY2M1ODUzYmE1NDAwZjFmNDcw
ZWFiMTYwHhcNMjMwMTAxMjIzNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWU1ODQ1YTJkMmY3ZDdkNDIxYjU1YjY2NTA4Nzc2YTFkYmE2M2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1UTr6W5dqfkFQwqIzN5QTSYf8SA
WnRgzsNmRcbENsETf8MyyED+9JsDTElAYv1gjBHAHto/FkgXRFR/X++DRgLm6WoW
VqrWwzNx42IcgMlUNJqaT1S2eEHB0O1gqJIXJIXoSa1j+RgK4z/uwuLfu14SOjJZ
aqkL5ty45Wh+9VXuBROhJL/cXxzLJ2RTBh1J1sUmioRYdqZlqr7LzK5TBPhQuViU
LP9H6mtEXHD3i8v0SexfH3fKfkApJwtdhJGMtDM2UzQVYarpDJAUDqfYhRuxH5ir
AvPzfiiAjiqyTy24KXbY6DJ7ZQw+LSmN1895dCCX5WZSJdyKGmUbVkmIeQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOnlhFotL319QhtVtmUId2odumOpMB8GA1UdIwQY
MBaAFJcabLst9uf6zMWFO6VADx9HDqsWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHhwc3V5MzI1X3JNeFlVN3BVQVBIMGNPcXhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS83ZDNmMDAtZDQ4Yy00MTZmLTkxOWUt
ZGMwMzg5ZjkxNjdkLzEvNmVXRVdpMHZmWDFDRzFXMlpRaDNhaDI2WTZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS83ZDNmMDAtZDQ4Yy00MTZmLTkxOWUtZGMwMzg5ZjkxNjdk
LzEvbHhwc3V5MzI1X3JNeFlVN3BVQVBIMGNPcXhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuRYgAwQC
uWTIMA0EAgACMAcDBQAqAF5gMA0GCSqGSIb3DQEBCwUAA4IBAQC6NE5Ndgt36YIo
CNhdDEAopdZfl+LN0A4MwlpdzUkuoEbry8JcrCrRdLgrGKyFW05fjBNzEH73HtvQ
i7J6pcoL/6wzDgbF57lXsTAhU2lUrNABezp5u3TRcsSP15efb8JlKrjcU+t8+PFR
wVM4c4l3l871MpLsp0W4HbdkGc2qqbuvnB1rBUpohThFWACkuubNoKaMY6RHi+Ed
NLnUIjOYaEyuwRw6RCA8/V3zECf/vPO9HR7rssbZsKu4UO3cf6Oa4onKlsMqgcZ0
01WCtuQ9V5UK4HR+OHES63LKk3SJIvGO0F7njYKSkaAKHqQoqQppWYEsx4V/eDMe
udXk7DKu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:05 2024 by rpki-client on console-fra.rpki-client.org