Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/6iOn0MsgrFapY9CGAHzppmNI4UA.roa
File: 6iOn0MsgrFapY9CGAHzppmNI4UA.roa (raw, json)
Hash identifier: CmRSCeICMwdq8roaj962oeBX4L/owRTzdPMrqkDXIhc=
Subject key identifier: EA:23:A7:D0:CB:20:AC:56:A9:63:D0:86:00:7C:E9:A6:63:48:E1:40
Certificate issuer: /CN=96bfc5a172654dd6009db1d82d92ffaf71234120
Certificate serial: 01856C53F4657E0EACA6ABA275A605875CAB
Authority key identifier: 96:BF:C5:A1:72:65:4D:D6:00:9D:B1:D8:2D:92:FF:AF:71:23:41:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/6iOn0MsgrFapY9CGAHzppmNI4UA.roa
Signing time: Sun 01 Jan 2023 07:55:19 +0000
ROA not before: Sun 01 Jan 2023 07:55:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213081
IP address blocks: 91.194.139.0/24 maxlen: 24
147.78.194.0/23 maxlen: 24
185.203.114.0/23 maxlen: 23
2a0a:e5c0::/29 maxlen: 48
2a09:2940::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 28 Jun 2023 18:38:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:f4:65:7e:0e:ac:a6:ab:a2:75:a6:05:87:5c:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96bfc5a172654dd6009db1d82d92ffaf71234120
Validity
Not Before: Jan 1 07:55:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea23a7d0cb20ac56a963d086007ce9a66348e140
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:98:f3:f5:13:3c:e6:c9:46:b5:ee:1b:de:89:
ca:0d:36:e7:81:7f:50:3d:cf:0e:ed:e4:5d:b7:b0:
a3:1d:cc:79:7d:20:72:2c:6d:ca:e9:20:90:45:78:
10:24:15:16:95:60:f2:9c:5c:66:80:e8:aa:89:8e:
77:16:02:89:fa:fc:e1:06:26:ac:7d:f7:42:81:49:
f0:fb:6b:3c:e1:9f:63:b4:fa:4d:49:aa:16:f0:c5:
cb:83:7b:c8:c8:1f:73:27:94:89:9d:54:51:5c:a4:
53:2f:5f:d2:29:97:26:d1:2c:c9:9a:04:6a:ae:29:
75:f7:83:d5:95:45:c4:5b:11:07:02:2c:a4:bb:b1:
07:b8:6c:90:6b:a8:1b:2c:a2:8a:4e:20:e6:e1:b7:
4a:e5:23:2e:d0:f3:ef:c7:3a:48:32:5d:08:dd:05:
2b:0a:28:57:68:62:98:51:fe:cd:70:67:d1:29:79:
f6:22:94:23:9c:bd:48:87:b0:d3:89:28:da:16:ba:
61:b1:62:87:c7:ba:ee:fb:aa:3e:1a:bb:7c:8d:98:
11:7c:fe:16:fe:04:d5:01:91:5e:85:cc:d7:4e:7c:
c0:5c:9e:b2:a8:59:8c:ec:da:e9:2d:fc:aa:a5:14:
9c:7d:1d:70:88:13:a0:ed:50:bf:35:47:7c:ef:c4:
b1:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:23:A7:D0:CB:20:AC:56:A9:63:D0:86:00:7C:E9:A6:63:48:E1:40
X509v3 Authority Key Identifier:
keyid:96:BF:C5:A1:72:65:4D:D6:00:9D:B1:D8:2D:92:FF:AF:71:23:41:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/6iOn0MsgrFapY9CGAHzppmNI4UA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/lr_FoXJlTdYAnbHYLZL_r3EjQSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.139.0/24
147.78.194.0/23
185.203.114.0/23
IPv6:
2a09:2940::/29
2a0a:e5c0::/29
Signature Algorithm: sha256WithRSAEncryption
66:30:4a:98:b1:73:3b:35:70:10:ee:9f:65:b0:b9:bb:d7:5a:
91:98:f4:e9:3d:63:1e:e6:a3:51:81:83:bd:72:ae:b5:0d:c4:
cc:d9:80:5e:cd:40:26:b2:5e:d4:3d:cb:60:cd:1e:fc:ab:8d:
86:91:0a:4a:76:d8:fd:f6:b0:7a:15:c1:55:b3:b8:e7:2b:62:
87:bb:f1:30:76:2a:d3:22:c2:b4:32:b6:84:1e:82:e3:2d:70:
59:36:a4:57:43:e5:cf:62:36:73:fe:ec:ed:2d:e6:4a:42:11:
a2:07:ac:9a:c7:24:e3:69:db:7d:62:65:d8:34:cc:69:a8:64:
7a:bb:19:97:21:0f:da:61:08:3f:81:84:1f:1b:49:d2:38:b3:
b5:83:f2:bd:da:53:27:ad:b0:a4:85:72:db:8c:15:5e:b1:26:
14:45:99:98:13:c0:75:48:7e:24:7e:95:41:9e:d1:37:6a:40:
81:e8:83:a7:91:aa:10:9c:00:d8:c7:5a:c1:c5:b2:b4:57:14:
dd:6e:0c:d0:cc:63:9a:a3:30:e7:0e:e9:9d:c8:ed:3d:ef:34:
b8:0d:7d:77:03:63:52:7d:6d:b9:eb:76:e7:7b:a8:7a:35:54:
15:0d:f0:53:87:64:1c:28:c0:46:8c:89:5d:23:2d:19:18:be:
71:eb:41:0b
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVsU/Rlfg6spquidaYFh1yrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2YmZjNWExNzI2NTRkZDYwMDlkYjFkODJkOTJmZmFmNzEy
MzQxMjAwHhcNMjMwMTAxMDc1NTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTIzYTdkMGNiMjBhYzU2YTk2M2QwODYwMDdjZTlhNjYzNDhlMTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZjz9RM85slGte4b3onKDTbngX9Q
Pc8O7eRdt7CjHcx5fSByLG3K6SCQRXgQJBUWlWDynFxmgOiqiY53FgKJ+vzhBias
ffdCgUnw+2s84Z9jtPpNSaoW8MXLg3vIyB9zJ5SJnVRRXKRTL1/SKZcm0SzJmgRq
ril194PVlUXEWxEHAiyku7EHuGyQa6gbLKKKTiDm4bdK5SMu0PPvxzpIMl0I3QUr
CihXaGKYUf7NcGfRKXn2IpQjnL1Ih7DTiSjaFrphsWKHx7ru+6o+Grt8jZgRfP4W
/gTVAZFehczXTnzAXJ6yqFmM7NrpLfyqpRScfR1wiBOg7VC/NUd878SxnQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFOojp9DLIKxWqWPQhgB86aZjSOFAMB8GA1UdIwQY
MBaAFJa/xaFyZU3WAJ2x2C2S/69xI0EgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHJfRm9YSmxUZFlBbmJIWUxaTF9yM0VqUVNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8zNjMwY2ItZWJlYy00ZDg2LWIxMmIt
YmZmYjc1N2MzMTM0LzEvNmlPbjBNc2dyRmFwWTlDR0FIenBwbU5JNFVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8zNjMwY2ItZWJlYy00ZDg2LWIxMmItYmZmYjc1N2MzMTM0
LzEvbHJfRm9YSmxUZFlBbmJIWUxaTF9yM0VqUVNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQAW8KLAwQB
k07CAwQBuctyMBQEAgACMA4DBQMqCSlAAwUDKgrlwDANBgkqhkiG9w0BAQsFAAOC
AQEAZjBKmLFzOzVwEO6fZbC5u9dakZj06T1jHuajUYGDvXKutQ3EzNmAXs1AJrJe
1D3LYM0e/KuNhpEKSnbY/fawehXBVbO45ytih7vxMHYq0yLCtDK2hB6C4y1wWTak
V0Plz2I2c/7s7S3mSkIRogesmsck42nbfWJl2DTMaahkersZlyEP2mEIP4GEHxtJ
0jiztYPyvdpTJ62wpIVy24wVXrEmFEWZmBPAdUh+JH6VQZ7RN2pAgeiDp5GqEJwA
2MdawcWytFcU3W4M0MxjmqMw5w7pncjtPe80uA19dwNjUn1tuet253uoejVUFQ3w
U4dkHCjARoyJXSMtGRi+cetBCw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:34 2024 by rpki-client on console-ams.rpki-client.org