Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/alW6UcP2bwRRkM035clxTjWBM2s.roa
File: alW6UcP2bwRRkM035clxTjWBM2s.roa (raw, json)
Hash identifier: gVcAGfQMt11HAlKfdVwICmFIJLM2HUjMPIoBkSDHcGs=
Subject key identifier: 6A:55:BA:51:C3:F6:6F:04:51:90:CD:37:E5:C9:71:4E:35:81:33:6B
Certificate issuer: /CN=9dc28ae9937ff7e49ec4f1234e53d8b9dd694541
Certificate serial: 018BEC5789BFA0A74817A93860A2DB9373B9
Authority key identifier: 9D:C2:8A:E9:93:7F:F7:E4:9E:C4:F1:23:4E:53:D8:B9:DD:69:45:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ncKK6ZN_9-SexPEjTlPYud1pRUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/alW6UcP2bwRRkM035clxTjWBM2s.roa
Signing time: Mon 20 Nov 2023 10:47:21 +0000
ROA not before: Mon 20 Nov 2023 10:47:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.149.151.0/24 maxlen: 24
146.19.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Nov 2023 17:53:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ec:57:89:bf:a0:a7:48:17:a9:38:60:a2:db:93:73:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dc28ae9937ff7e49ec4f1234e53d8b9dd694541
Validity
Not Before: Nov 20 10:47:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a55ba51c3f66f045190cd37e5c9714e3581336b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:e7:16:85:3f:fb:3b:6b:53:ce:8c:a9:ea:b4:
1f:09:b3:3f:b7:c9:c8:6d:1a:bd:68:7d:89:db:09:
51:4c:33:e4:32:55:39:80:4a:08:b4:b4:90:71:a4:
ea:3e:fe:6b:a3:77:ca:f0:bc:30:f8:9f:64:ea:6f:
5e:ed:82:b3:09:34:92:86:cb:60:d4:e7:2e:73:0e:
e5:15:56:e2:69:e7:42:95:2b:b3:f9:3f:b7:12:e6:
e4:ac:85:3a:40:1b:40:63:ab:df:3f:22:91:c0:b4:
1b:e5:59:80:ff:9b:f9:ab:4f:54:70:35:34:1a:fc:
00:12:5b:6e:ce:17:49:69:22:8f:07:11:77:06:fb:
60:12:32:db:db:9a:c5:b7:02:b2:d3:e8:4b:3c:ea:
47:c8:5b:3f:be:73:a1:9c:f9:c1:1e:ac:6a:1d:d2:
53:ee:01:be:58:06:4d:75:e8:c2:e5:31:73:d4:0c:
fa:d1:a3:2c:7e:89:54:84:7e:10:84:87:06:4f:15:
14:7d:63:f1:0d:22:68:b6:95:9c:35:12:8b:76:0c:
f8:44:ed:e2:db:5f:a6:8e:e2:48:c1:4d:75:3a:94:
74:d2:6f:86:fa:a9:88:f7:68:3f:3a:58:48:0f:1a:
2e:9e:e2:f1:6a:e5:38:0e:4c:78:33:ca:c5:1e:fd:
7d:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:55:BA:51:C3:F6:6F:04:51:90:CD:37:E5:C9:71:4E:35:81:33:6B
X509v3 Authority Key Identifier:
keyid:9D:C2:8A:E9:93:7F:F7:E4:9E:C4:F1:23:4E:53:D8:B9:DD:69:45:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ncKK6ZN_9-SexPEjTlPYud1pRUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/alW6UcP2bwRRkM035clxTjWBM2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/ncKK6ZN_9-SexPEjTlPYud1pRUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.227.0/24
185.149.151.0/24
Signature Algorithm: sha256WithRSAEncryption
91:66:5d:58:b9:b3:d8:32:dd:67:61:43:b6:47:f1:a0:5b:84:
8b:71:fa:24:59:d1:2b:17:92:9f:47:4a:97:c3:b3:8b:ed:5f:
d7:6f:0b:58:78:42:2f:ab:0c:64:93:cd:fd:7b:df:1b:9e:54:
21:61:ef:c3:9f:ac:a7:71:c5:f5:84:35:02:e2:c8:4b:ee:0e:
a9:2d:42:f6:2a:c2:51:8f:89:82:55:7e:d0:5d:07:eb:92:67:
da:9f:a3:97:47:4a:ae:46:fb:db:96:7a:7b:58:97:3c:9a:1a:
f6:e9:08:8b:b2:d4:1e:12:d2:46:6e:ba:26:ec:ed:e7:9a:34:
94:4c:86:bb:83:3c:9c:ef:a9:05:9e:5d:f6:fa:fb:df:a5:ec:
86:7c:46:a4:7b:8d:0a:96:05:ee:37:72:80:c9:aa:c9:29:b4:
44:19:09:43:53:71:a8:b5:a3:0a:bc:9f:a9:aa:75:fd:fd:20:
47:75:c7:b8:52:3f:48:a5:29:bf:63:cd:5a:07:81:e0:fd:81:
bc:0a:9c:0e:95:b7:ce:13:cd:ce:62:64:53:fa:73:16:d7:09:
e0:7c:4a:67:aa:5a:18:91:39:6a:05:71:a0:97:95:35:c0:9b:
5c:7e:ba:73:89:f4:30:ea:06:a9:54:69:a0:87:14:02:a3:f1:
b2:97:35:a4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvsV4m/oKdIF6k4YKLbk3O5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYzI4YWU5OTM3ZmY3ZTQ5ZWM0ZjEyMzRlNTNkOGI5ZGQ2
OTQ1NDEwHhcNMjMxMTIwMTA0NzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTU1YmE1MWMzZjY2ZjA0NTE5MGNkMzdlNWM5NzE0ZTM1ODEzMzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2OcWhT/7O2tTzoyp6rQfCbM/t8nI
bRq9aH2J2wlRTDPkMlU5gEoItLSQcaTqPv5ro3fK8Lww+J9k6m9e7YKzCTSShstg
1Ocucw7lFVbiaedClSuz+T+3EubkrIU6QBtAY6vfPyKRwLQb5VmA/5v5q09UcDU0
GvwAEltuzhdJaSKPBxF3BvtgEjLb25rFtwKy0+hLPOpHyFs/vnOhnPnBHqxqHdJT
7gG+WAZNdejC5TFz1Az60aMsfolUhH4QhIcGTxUUfWPxDSJotpWcNRKLdgz4RO3i
21+mjuJIwU11OpR00m+G+qmI92g/OlhIDxounuLxauU4Dkx4M8rFHv19TQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGpVulHD9m8EUZDNN+XJcU41gTNrMB8GA1UdIwQY
MBaAFJ3CiumTf/fknsTxI05T2LndaUVBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmNLSzZaTl85LVNleFBFalRsUFl1ZDFwUlVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9jMDMzMGMtOTg3Mi00YWM2LWEyMmMt
MTkyY2JkMDhkYjUxLzEvYWxXNlVjUDJid1JSa00wMzVjbHhUaldCTTJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9jMDMzMGMtOTg3Mi00YWM2LWEyMmMtMTkyY2JkMDhkYjUx
LzEvbmNLSzZaTl85LVNleFBFalRsUFl1ZDFwUlVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAkhPjAwQA
uZWXMA0GCSqGSIb3DQEBCwUAA4IBAQCRZl1YubPYMt1nYUO2R/GgW4SLcfokWdEr
F5KfR0qXw7OL7V/XbwtYeEIvqwxkk839e98bnlQhYe/Dn6ynccX1hDUC4shL7g6p
LUL2KsJRj4mCVX7QXQfrkmfan6OXR0quRvvblnp7WJc8mhr26QiLstQeEtJGbrom
7O3nmjSUTIa7gzyc76kFnl32+vvfpeyGfEake40KlgXuN3KAyarJKbREGQlDU3Go
taMKvJ+pqnX9/SBHdce4Uj9IpSm/Y81aB4Hg/YG8CpwOlbfOE83OYmRT+nMW1wng
fEpnqloYkTlqBXGgl5U1wJtcfrpzifQw6gapVGmghxQCo/GylzWk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:54 2024 by rpki-client on console-fra.rpki-client.org