Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/30b3ff-7036-4a2e-8eb5-074ffb423c13/1/6RYBxCxApzh5AkeqWnc1IorgrlA.roa
File: 6RYBxCxApzh5AkeqWnc1IorgrlA.roa (raw, json)
Hash identifier: uowWjypxRPuM+nSm0PSR/z4Hf0ezHPIjgq9j+515uhw=
Subject key identifier: E9:16:01:C4:2C:40:A7:38:79:02:47:AA:5A:77:35:22:8A:E0:AE:50
Certificate issuer: /CN=b0ad22643c2d97bd71f8b634fb8d1d4f9f01f4a7
Certificate serial: 018571D7B1A6D13B9AFC9F17B5A46CB9A9AA
Authority key identifier: B0:AD:22:64:3C:2D:97:BD:71:F8:B6:34:FB:8D:1D:4F:9F:01:F4:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sK0iZDwtl71x-LY0-40dT58B9Kc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/30b3ff-7036-4a2e-8eb5-074ffb423c13/1/6RYBxCxApzh5AkeqWnc1IorgrlA.roa
Signing time: Mon 02 Jan 2023 09:37:19 +0000
ROA not before: Mon 02 Jan 2023 09:37:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39020
IP address blocks: 193.203.118.0/24 maxlen: 24
193.203.119.0/24 maxlen: 24
195.88.152.0/24 maxlen: 24
195.88.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:30:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:b1:a6:d1:3b:9a:fc:9f:17:b5:a4:6c:b9:a9:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0ad22643c2d97bd71f8b634fb8d1d4f9f01f4a7
Validity
Not Before: Jan 2 09:37:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e91601c42c40a738790247aa5a7735228ae0ae50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:77:5e:a3:5b:85:f7:23:9c:a1:0a:25:ce:3a:
fc:3f:90:5e:7b:36:1b:32:d4:67:6c:c7:f6:95:3d:
b6:63:fd:e0:87:4c:dc:e1:b1:ad:c4:72:4e:37:21:
e6:5b:22:bc:ca:de:55:05:06:57:fe:81:e9:e4:a9:
23:4c:67:4a:52:f9:b9:8f:68:75:d7:3c:5b:ba:41:
53:5c:d7:07:48:5c:52:b3:27:57:c6:aa:87:70:2e:
5a:fa:c6:a0:a0:21:a8:bf:ea:5c:37:e0:f7:d7:d7:
41:58:8d:b8:7b:9f:c9:ca:4c:35:97:ac:dd:2b:45:
5a:14:b0:2e:dc:ef:f0:19:a9:6f:c5:c1:a4:aa:52:
b0:db:ed:02:b6:4f:c6:8c:1a:b2:e3:19:23:df:f9:
e6:96:6d:f2:4e:dd:5b:c0:7f:87:45:ff:0b:14:42:
62:72:08:60:34:aa:ed:9f:d4:ed:77:ab:e6:5c:5b:
0f:51:2a:13:e8:05:dc:82:a8:06:3c:5b:89:6d:63:
f4:d5:e2:f9:9b:e9:c1:42:55:66:f3:8b:bc:5f:8b:
e5:d8:e3:20:da:b2:a3:b7:07:f3:ba:f6:75:40:b7:
91:7b:5e:d4:b7:ce:6d:39:02:d6:12:ae:f2:d9:d4:
8d:9c:4c:30:08:f0:25:7d:de:ce:9a:06:90:41:a2:
44:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:16:01:C4:2C:40:A7:38:79:02:47:AA:5A:77:35:22:8A:E0:AE:50
X509v3 Authority Key Identifier:
keyid:B0:AD:22:64:3C:2D:97:BD:71:F8:B6:34:FB:8D:1D:4F:9F:01:F4:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sK0iZDwtl71x-LY0-40dT58B9Kc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/30b3ff-7036-4a2e-8eb5-074ffb423c13/1/6RYBxCxApzh5AkeqWnc1IorgrlA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/30b3ff-7036-4a2e-8eb5-074ffb423c13/1/sK0iZDwtl71x-LY0-40dT58B9Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.203.118.0/23
195.88.152.0/23
Signature Algorithm: sha256WithRSAEncryption
09:7a:65:65:53:24:60:ae:7c:14:f3:c1:0a:21:d1:32:55:f4:
42:a3:0d:e7:9c:58:e1:dd:97:0d:a8:70:e9:9d:00:13:63:2e:
67:4d:ba:d4:08:3c:0a:8f:6f:76:c2:13:31:20:d0:3d:35:b7:
9a:ee:97:d1:70:60:14:a1:4c:94:3c:27:a4:7b:f9:59:87:d6:
80:b3:45:a1:24:2e:ff:28:a5:a1:75:08:46:7a:22:42:47:84:
75:70:f5:d5:04:13:6e:b7:53:b2:ce:90:52:4f:e0:8d:ad:27:
7b:07:be:bf:75:03:93:0f:21:08:49:46:1e:c3:b1:9f:40:75:
0c:13:30:59:44:7b:2b:3e:fd:aa:91:71:a5:3d:d5:f3:78:40:
40:96:5d:9f:c8:ed:1e:b9:18:d1:6e:31:ed:3f:4e:f1:69:e4:
34:78:dc:99:6d:2e:61:31:35:e0:c9:a8:91:a4:f8:e2:98:df:
3a:6a:9a:e2:51:00:ad:fb:78:84:e2:6f:29:fb:92:85:21:98:
40:2e:89:13:b3:23:fb:b1:d2:5b:74:0c:9b:0a:b7:ab:af:64:
17:00:09:ae:58:0d:98:06:89:6a:d4:83:dd:aa:a1:4d:5b:38:
7e:6c:1f:e7:d8:67:bf:27:31:86:b1:49:63:2b:44:ee:ee:90:
85:3b:77:60
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVx17Gm0Tua/J8XtaRsuamqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYWQyMjY0M2MyZDk3YmQ3MWY4YjYzNGZiOGQxZDRmOWYw
MWY0YTcwHhcNMjMwMTAyMDkzNzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTE2MDFjNDJjNDBhNzM4NzkwMjQ3YWE1YTc3MzUyMjhhZTBhZTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXdeo1uF9yOcoQolzjr8P5BeezYb
MtRnbMf2lT22Y/3gh0zc4bGtxHJONyHmWyK8yt5VBQZX/oHp5KkjTGdKUvm5j2h1
1zxbukFTXNcHSFxSsydXxqqHcC5a+sagoCGov+pcN+D319dBWI24e5/Jykw1l6zd
K0VaFLAu3O/wGalvxcGkqlKw2+0Ctk/GjBqy4xkj3/nmlm3yTt1bwH+HRf8LFEJi
cghgNKrtn9Ttd6vmXFsPUSoT6AXcgqgGPFuJbWP01eL5m+nBQlVm84u8X4vl2OMg
2rKjtwfzuvZ1QLeRe17Ut85tOQLWEq7y2dSNnEwwCPAlfd7OmgaQQaJEzwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOkWAcQsQKc4eQJHqlp3NSKK4K5QMB8GA1UdIwQY
MBaAFLCtImQ8LZe9cfi2NPuNHU+fAfSnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0swaVpEd3RsNzF4LUxZMC00MGRUNThCOUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8zMGIzZmYtNzAzNi00YTJlLThlYjUt
MDc0ZmZiNDIzYzEzLzEvNlJZQnhDeEFwemg1QWtlcVduYzFJb3JncmxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8zMGIzZmYtNzAzNi00YTJlLThlYjUtMDc0ZmZiNDIzYzEz
LzEvc0swaVpEd3RsNzF4LUxZMC00MGRUNThCOUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwct2AwQB
w1iYMA0GCSqGSIb3DQEBCwUAA4IBAQAJemVlUyRgrnwU88EKIdEyVfRCow3nnFjh
3ZcNqHDpnQATYy5nTbrUCDwKj292whMxINA9Nbea7pfRcGAUoUyUPCeke/lZh9aA
s0WhJC7/KKWhdQhGeiJCR4R1cPXVBBNut1OyzpBST+CNrSd7B76/dQOTDyEISUYe
w7GfQHUMEzBZRHsrPv2qkXGlPdXzeEBAll2fyO0euRjRbjHtP07xaeQ0eNyZbS5h
MTXgyaiRpPjimN86apriUQCt+3iE4m8p+5KFIZhALokTsyP7sdJbdAybCrerr2QX
AAmuWA2YBolq1IPdqqFNWzh+bB/n2Ge/JzGGsUljK0Tu7pCFO3dg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:09 2024 by rpki-client on console-fra.rpki-client.org