Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/6tM2kSwJ5pMRY7V5fGG7eC7QLqE.roa
File: 6tM2kSwJ5pMRY7V5fGG7eC7QLqE.roa (raw, json)
Hash identifier: yTmLDafRKgY7sgzZY+ObyjLxTjfAw7tgtwjyO4wGYs4=
Subject key identifier: EA:D3:36:91:2C:09:E6:93:11:63:B5:79:7C:61:BB:78:2E:D0:2E:A1
Certificate issuer: /CN=d3600cbafd26fee5064fc89f301dfc8e3c1d3ca5
Certificate serial: 01856C78433BCB94DA199530D47A6ECD4337
Authority key identifier: D3:60:0C:BA:FD:26:FE:E5:06:4F:C8:9F:30:1D:FC:8E:3C:1D:3C:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/6tM2kSwJ5pMRY7V5fGG7eC7QLqE.roa
Signing time: Sun 01 Jan 2023 08:34:58 +0000
ROA not before: Sun 01 Jan 2023 08:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56910
IP address blocks: 185.36.232.0/22 maxlen: 24
185.4.236.0/22 maxlen: 24
31.177.56.0/21 maxlen: 24
185.109.16.0/22 maxlen: 24
185.106.36.0/22 maxlen: 24
91.220.184.0/24 maxlen: 24
188.214.127.0/24 maxlen: 24
2a04:3e00::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 06 Dec 2023 08:48:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:43:3b:cb:94:da:19:95:30:d4:7a:6e:cd:43:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3600cbafd26fee5064fc89f301dfc8e3c1d3ca5
Validity
Not Before: Jan 1 08:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ead336912c09e6931163b5797c61bb782ed02ea1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:09:f8:eb:5d:60:b8:47:d6:62:cb:fd:39:e4:
b6:44:59:ab:7b:9a:65:9e:b1:10:18:65:18:9a:6c:
10:b2:3b:81:dc:e2:7b:61:08:2c:76:f4:92:1d:33:
a8:9e:76:b3:e9:d0:81:65:eb:59:43:9d:45:84:27:
70:66:fd:8a:b3:f5:c9:bb:39:12:86:41:2a:62:21:
76:e9:17:e1:1b:68:0e:bc:56:d7:0b:c1:f2:bc:72:
10:0f:a8:95:dd:f0:89:3b:50:c0:ec:b7:59:27:f0:
c5:ba:b0:85:a1:91:f7:77:9f:4f:d9:ac:ef:e3:50:
9a:38:17:dc:cc:65:9d:84:81:c4:65:d6:b5:55:70:
e1:96:89:82:0e:ea:13:98:c9:dd:28:c0:dd:1e:0e:
1b:16:17:39:c7:03:3c:2c:0d:47:95:31:78:d2:80:
e3:b3:fe:b5:f3:cd:2d:d9:3a:95:54:c0:63:bd:a4:
58:a4:f0:6f:3f:b0:a1:b9:7c:ae:63:9b:5d:25:15:
f2:92:73:bf:46:f6:94:31:38:73:7f:c2:41:af:bb:
95:fa:d5:fc:9b:f7:37:58:73:61:0c:e6:12:d2:d8:
c2:43:48:0f:7c:a3:b3:c3:42:c4:0a:a5:9f:7a:90:
17:24:ee:96:3a:5a:85:65:53:ae:db:89:98:d1:2e:
93:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:D3:36:91:2C:09:E6:93:11:63:B5:79:7C:61:BB:78:2E:D0:2E:A1
X509v3 Authority Key Identifier:
keyid:D3:60:0C:BA:FD:26:FE:E5:06:4F:C8:9F:30:1D:FC:8E:3C:1D:3C:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/6tM2kSwJ5pMRY7V5fGG7eC7QLqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/02AMuv0m_uUGT8ifMB38jjwdPKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.56.0/21
91.220.184.0/24
185.4.236.0/22
185.36.232.0/22
185.106.36.0/22
185.109.16.0/22
188.214.127.0/24
IPv6:
2a04:3e00::/29
Signature Algorithm: sha256WithRSAEncryption
9d:36:84:77:22:0d:61:80:17:19:2e:92:79:c3:50:2a:4e:20:
6d:90:54:d5:12:44:b3:66:84:64:5e:dd:f4:37:12:27:d0:ec:
98:b3:5a:93:83:62:2f:00:99:3f:5b:d9:08:69:2b:e5:9d:78:
54:e9:51:5a:4c:97:a4:7d:88:e8:a2:3c:d9:a2:40:1d:2b:e9:
4b:92:e9:89:91:71:09:0c:d5:11:56:2c:99:99:22:6a:85:57:
78:f7:8e:46:de:e5:69:9a:7a:5f:7d:ca:e6:0e:0f:56:db:f9:
4e:60:ae:2e:ac:90:da:79:7f:74:dd:72:65:c6:f4:08:cd:51:
3f:9c:ff:09:36:ec:58:67:de:b5:f9:4e:6c:01:6d:57:d1:73:
84:67:ea:9c:1e:db:73:d4:17:b4:3c:ee:89:8f:ff:9d:70:39:
06:60:15:a9:1d:32:b2:6b:15:18:4a:7e:e1:94:e3:83:ed:dd:
64:5c:af:aa:d5:ce:d2:cf:3d:90:b8:3a:43:ac:9e:90:0f:f3:
cb:7c:50:61:f3:f7:cd:33:b2:ab:32:0c:e3:d1:df:be:10:77:
5c:fb:8c:f9:66:e7:62:61:87:a1:f7:d7:e9:31:97:03:ae:7f:
9e:11:db:35:42:31:49:3a:2d:fb:4d:21:f0:1c:14:73:be:6b:
5a:56:14:61
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYVseEM7y5TaGZUw1HpuzUM3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNjAwY2JhZmQyNmZlZTUwNjRmYzg5ZjMwMWRmYzhlM2Mx
ZDNjYTUwHhcNMjMwMTAxMDgzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWQzMzY5MTJjMDllNjkzMTE2M2I1Nzk3YzYxYmI3ODJlZDAyZWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQn4611guEfWYsv9OeS2RFmre5pl
nrEQGGUYmmwQsjuB3OJ7YQgsdvSSHTOonnaz6dCBZetZQ51FhCdwZv2Ks/XJuzkS
hkEqYiF26RfhG2gOvFbXC8HyvHIQD6iV3fCJO1DA7LdZJ/DFurCFoZH3d59P2azv
41CaOBfczGWdhIHEZda1VXDhlomCDuoTmMndKMDdHg4bFhc5xwM8LA1HlTF40oDj
s/61880t2TqVVMBjvaRYpPBvP7ChuXyuY5tdJRXyknO/RvaUMThzf8JBr7uV+tX8
m/c3WHNhDOYS0tjCQ0gPfKOzw0LECqWfepAXJO6WOlqFZVOu24mY0S6TqQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFOrTNpEsCeaTEWO1eXxhu3gu0C6hMB8GA1UdIwQY
MBaAFNNgDLr9Jv7lBk/InzAd/I48HTylMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJBTXV2MG1fdVVHVDhpZk1CMzhqandkUEtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9iNzA2NTgtZTFkYy00OTQ0LWEwNmIt
MWM2ODBhZGY3YTI2LzEvNnRNMmtTd0o1cE1SWTdWNWZHRzdlQzdRTHFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9iNzA2NTgtZTFkYy00OTQ0LWEwNmItMWM2ODBhZGY3YTI2
LzEvMDJBTXV2MG1fdVVHVDhpZk1CMzhqandkUEtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDH7E4AwQA
W9y4AwQCuQTsAwQCuSToAwQCuWokAwQCuW0QAwQAvNZ/MA0EAgACMAcDBQMqBD4A
MA0GCSqGSIb3DQEBCwUAA4IBAQCdNoR3Ig1hgBcZLpJ5w1AqTiBtkFTVEkSzZoRk
Xt30NxIn0OyYs1qTg2IvAJk/W9kIaSvlnXhU6VFaTJekfYjoojzZokAdK+lLkumJ
kXEJDNURViyZmSJqhVd4945G3uVpmnpffcrmDg9W2/lOYK4urJDaeX903XJlxvQI
zVE/nP8JNuxYZ961+U5sAW1X0XOEZ+qcHttz1Be0PO6Jj/+dcDkGYBWpHTKyaxUY
Sn7hlOOD7d1kXK+q1c7Szz2QuDpDrJ6QD/PLfFBh8/fNM7KrMgzj0d++EHdc+4z5
ZudiYYeh99fpMZcDrn+eEds1QjFJOi37TSHwHBRzvmtaVhRh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:30 2024 by rpki-client on console-fra.rpki-client.org