Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/6deBOg01ZwO6WsKXTdCDEML2KV0.roa
File: 6deBOg01ZwO6WsKXTdCDEML2KV0.roa (raw, json)
Hash identifier: 34H/gU0jBslaKITZWP3Do/K1LkiT5ttc6vjOxFJDmWY=
Subject key identifier: E9:D7:81:3A:0D:35:67:03:BA:5A:C2:97:4D:D0:83:10:C2:F6:29:5D
Certificate issuer: /CN=96bfc5a172654dd6009db1d82d92ffaf71234120
Certificate serial: 01856C53F3A72D317A18B93B9E5A46E9035E
Authority key identifier: 96:BF:C5:A1:72:65:4D:D6:00:9D:B1:D8:2D:92:FF:AF:71:23:41:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/6deBOg01ZwO6WsKXTdCDEML2KV0.roa
Signing time: Sun 01 Jan 2023 07:55:19 +0000
ROA not before: Sun 01 Jan 2023 07:55:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209898
IP address blocks: 91.194.139.0/24 maxlen: 24
147.78.194.0/23 maxlen: 24
185.203.114.0/23 maxlen: 23
2a0a:e5c0::/29 maxlen: 48
2a0a:e5c0:2::/48 maxlen: 48
2a09:2940::/29 maxlen: 48
2a0a:e5c1:100::/40 maxlen: 48
2a0a:e5c0:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 04 Jul 2023 10:46:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:f3:a7:2d:31:7a:18:b9:3b:9e:5a:46:e9:03:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96bfc5a172654dd6009db1d82d92ffaf71234120
Validity
Not Before: Jan 1 07:55:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e9d7813a0d356703ba5ac2974dd08310c2f6295d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ae:8b:f7:81:70:1b:1e:1f:d7:d5:0e:24:19:
9c:57:88:6f:87:d8:80:49:87:5c:b9:8d:6b:0a:10:
b8:dd:3a:cf:16:ed:0e:b8:41:67:40:e7:d4:52:9b:
84:43:38:98:b8:a0:d5:bf:a7:fb:16:89:b9:ab:d2:
24:d9:10:c7:0b:f5:a7:75:0d:fd:51:a1:52:9f:77:
80:2e:be:80:99:4b:9a:4b:7e:f4:7c:f5:9c:55:b6:
8f:7c:b9:ce:ed:2d:0d:08:40:4f:8f:53:4e:39:22:
d1:b3:92:e9:ac:5a:45:91:f2:bf:7f:b7:6a:43:51:
95:cf:5c:ca:b8:c9:29:8e:57:36:4f:31:fd:89:f7:
fa:89:12:11:8e:d0:2d:8e:db:2c:d2:62:f0:e2:be:
50:cb:d7:40:70:c3:ef:21:1c:24:6c:77:6e:25:11:
fb:df:00:c1:22:b0:41:a0:19:d7:65:5e:84:61:fb:
2e:c8:8d:a8:0c:37:f9:8a:9d:4a:36:d3:fe:2b:8e:
c4:9b:a9:b9:97:4b:e5:09:53:ab:f5:60:2b:4a:6d:
1b:79:99:55:69:f6:04:00:90:77:b9:c1:67:2e:df:
b7:fb:93:36:95:36:44:fe:dc:d7:0b:31:cb:33:28:
12:9d:39:03:1b:6a:1c:4a:74:4f:78:9c:f8:17:4f:
cc:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:D7:81:3A:0D:35:67:03:BA:5A:C2:97:4D:D0:83:10:C2:F6:29:5D
X509v3 Authority Key Identifier:
keyid:96:BF:C5:A1:72:65:4D:D6:00:9D:B1:D8:2D:92:FF:AF:71:23:41:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/6deBOg01ZwO6WsKXTdCDEML2KV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/lr_FoXJlTdYAnbHYLZL_r3EjQSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.139.0/24
147.78.194.0/23
185.203.114.0/23
IPv6:
2a09:2940::/29
2a0a:e5c0::/29
Signature Algorithm: sha256WithRSAEncryption
6e:b2:bf:95:62:e4:74:a6:da:48:1e:0a:db:c5:0e:aa:e7:a0:
5f:e9:bc:67:15:a3:05:f6:4d:d1:98:92:8e:a6:e9:7f:e7:12:
a2:3b:cb:79:4a:e8:f3:83:15:c4:1e:f4:83:01:ef:c6:9f:c9:
2e:87:4e:21:7f:27:0c:be:44:2c:de:1d:92:92:51:25:5a:5b:
8f:eb:2a:e9:3c:b9:76:98:f1:9a:e8:c2:84:0a:81:1a:38:e0:
4b:01:7f:61:a2:b1:d0:47:b6:4a:b9:22:1e:da:c4:27:eb:92:
77:f0:d1:c0:0f:f8:df:90:59:f7:82:31:66:95:c5:52:fc:df:
c5:b0:44:53:2b:6d:bd:60:c4:68:c3:cb:da:1c:cb:70:73:a7:
43:19:71:e8:02:37:fc:b7:ed:e5:b4:16:8d:12:41:d8:76:d6:
a0:0f:9e:33:d0:64:c5:d6:b3:b3:39:87:be:68:dc:1a:77:01:
3a:49:a6:1f:57:a5:c7:f9:c7:67:b2:01:81:cf:dc:d1:9d:a2:
5e:bf:6b:80:a8:90:92:c1:48:dc:26:d1:01:27:2b:5d:49:e1:
d4:08:65:4b:1f:09:3d:46:dd:fd:68:10:46:e6:ff:0a:1e:e5:
d2:65:41:61:d2:d2:42:a4:ec:0b:df:93:b2:09:0b:dc:49:12:
57:ed:52:d8
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVsU/OnLTF6GLk7nlpG6QNeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2YmZjNWExNzI2NTRkZDYwMDlkYjFkODJkOTJmZmFmNzEy
MzQxMjAwHhcNMjMwMTAxMDc1NTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWQ3ODEzYTBkMzU2NzAzYmE1YWMyOTc0ZGQwODMxMGMyZjYyOTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt66L94FwGx4f19UOJBmcV4hvh9iA
SYdcuY1rChC43TrPFu0OuEFnQOfUUpuEQziYuKDVv6f7Fom5q9Ik2RDHC/WndQ39
UaFSn3eALr6AmUuaS370fPWcVbaPfLnO7S0NCEBPj1NOOSLRs5LprFpFkfK/f7dq
Q1GVz1zKuMkpjlc2TzH9iff6iRIRjtAtjtss0mLw4r5Qy9dAcMPvIRwkbHduJRH7
3wDBIrBBoBnXZV6EYfsuyI2oDDf5ip1KNtP+K47Em6m5l0vlCVOr9WArSm0beZlV
afYEAJB3ucFnLt+3+5M2lTZE/tzXCzHLMygSnTkDG2ocSnRPeJz4F0/MpwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFOnXgToNNWcDulrCl03QgxDC9ildMB8GA1UdIwQY
MBaAFJa/xaFyZU3WAJ2x2C2S/69xI0EgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHJfRm9YSmxUZFlBbmJIWUxaTF9yM0VqUVNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8zNjMwY2ItZWJlYy00ZDg2LWIxMmIt
YmZmYjc1N2MzMTM0LzEvNmRlQk9nMDFad082V3NLWFRkQ0RFTUwyS1YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8zNjMwY2ItZWJlYy00ZDg2LWIxMmItYmZmYjc1N2MzMTM0
LzEvbHJfRm9YSmxUZFlBbmJIWUxaTF9yM0VqUVNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQAW8KLAwQB
k07CAwQBuctyMBQEAgACMA4DBQMqCSlAAwUDKgrlwDANBgkqhkiG9w0BAQsFAAOC
AQEAbrK/lWLkdKbaSB4K28UOquegX+m8ZxWjBfZN0ZiSjqbpf+cSojvLeUro84MV
xB70gwHvxp/JLodOIX8nDL5ELN4dkpJRJVpbj+sq6Ty5dpjxmujChAqBGjjgSwF/
YaKx0Ee2SrkiHtrEJ+uSd/DRwA/435BZ94IxZpXFUvzfxbBEUyttvWDEaMPL2hzL
cHOnQxlx6AI3/Lft5bQWjRJB2HbWoA+eM9BkxdazszmHvmjcGncBOkmmH1elx/nH
Z7IBgc/c0Z2iXr9rgKiQksFI3CbRAScrXUnh1AhlSx8JPUbd/WgQRub/Ch7l0mVB
YdLSQqTsC9+TsgkL3EkSV+1S2A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:34 2024 by rpki-client on console-ams.rpki-client.org