Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/P6_hMV1QULSxtn99jPt1lj71B2o.roa
File: P6_hMV1QULSxtn99jPt1lj71B2o.roa (raw, json)
Hash identifier: 1VXLfgaJIOZcTyfi5zcCI+6hfbCkqU+MvKZlNYqDoc0=
Subject key identifier: 3F:AF:E1:31:5D:50:50:B4:B1:B6:7F:7D:8C:FB:75:96:3E:F5:07:6A
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018E0FEEF0FBA1B989AFD5B0B5951CF8EE22
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/P6_hMV1QULSxtn99jPt1lj71B2o.roa
Signing time: Tue 05 Mar 2024 18:45:01 +0000
ROA not before: Tue 05 Mar 2024 18:45:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 176.125.248.0/24 maxlen: 24
185.210.232.0/24 maxlen: 24
185.210.235.0/24 maxlen: 24
185.214.102.0/24 maxlen: 24
185.225.0.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Apr 2024 20:59:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0f:ee:f0:fb:a1:b9:89:af:d5:b0:b5:95:1c:f8:ee:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Mar 5 18:45:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3fafe1315d5050b4b1b67f7d8cfb75963ef5076a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:32:4a:12:c8:85:e3:88:7c:00:03:e6:10:e4:
81:e9:a4:5e:3d:64:f7:1b:91:71:db:c7:7a:db:57:
c8:6a:a0:89:38:9d:d6:2a:8b:57:63:af:14:c6:46:
f0:73:f5:cc:f3:bf:90:ae:56:d0:e8:64:61:57:5a:
38:7d:34:6c:5e:3a:ad:f4:d7:66:23:bd:68:61:4f:
4d:fc:91:bb:ad:b0:12:e6:25:97:42:5b:82:3c:e4:
ad:3e:0b:80:4b:1c:7d:83:58:d7:38:c5:c9:21:22:
c7:b3:b7:ad:75:b0:df:a2:14:f1:a6:a2:fc:d5:bd:
33:74:fa:03:e5:e4:ce:cd:a1:2b:11:28:35:45:79:
1f:ab:f8:a6:23:24:1e:4e:14:41:e2:14:97:f0:b3:
28:ee:12:89:08:99:ec:5a:77:07:71:af:c0:a8:c6:
81:c2:54:b9:1d:58:70:cb:ce:85:ea:6c:08:60:47:
f3:8e:08:bb:5d:70:31:dd:57:52:36:07:57:fa:56:
87:9d:bf:a8:da:40:9e:10:af:2b:25:4e:80:13:45:
25:d5:67:04:cd:20:9b:e1:80:a1:99:b0:f6:c6:e2:
88:61:73:cb:96:e9:46:48:b2:30:19:51:e0:3e:b4:
8c:20:87:48:06:e6:0d:ad:5e:2f:c5:94:78:7d:b1:
e7:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:AF:E1:31:5D:50:50:B4:B1:B6:7F:7D:8C:FB:75:96:3E:F5:07:6A
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/P6_hMV1QULSxtn99jPt1lj71B2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.248.0/24
185.210.232.0/24
185.210.235.0/24
185.214.102.0/24
185.225.0.0/24
185.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
21:a1:e9:47:e1:bc:af:3f:73:b2:8c:22:f3:fc:cc:75:59:06:
c9:2c:62:94:67:63:2c:6d:b5:3e:73:ad:a4:2b:b5:51:83:70:
2a:76:b2:69:5f:93:4e:c7:89:c0:28:34:2f:ce:ec:aa:b6:6b:
df:c2:0b:ad:8a:ea:46:0b:15:1f:8e:8c:b5:70:59:60:64:c8:
ee:01:e3:2f:e2:5a:bb:a1:bf:62:3d:e4:74:1e:a7:ab:bf:04:
bd:3b:93:02:93:50:a0:9a:22:90:88:62:62:38:7b:f8:c0:5a:
04:37:b3:52:f1:11:0c:40:d3:ce:0a:ce:3a:21:84:f4:0a:80:
80:ae:c7:77:7c:47:15:d8:bd:c1:46:80:1e:9f:a2:ea:54:8e:
bd:24:6f:44:31:30:25:ee:69:6a:44:d4:cc:a9:b3:a6:4d:21:
df:6e:33:a2:64:e7:7a:05:51:6a:63:14:a6:b2:79:dd:f8:d1:
ba:38:85:14:e3:af:49:95:dc:9f:20:9b:06:6a:dc:51:fe:a5:
3b:41:eb:f1:53:c1:28:d8:2d:a4:d9:a8:bb:32:73:8d:8a:b7:
a9:11:a8:f5:36:17:d7:bf:bc:de:16:96:a9:73:5e:02:e5:9a:
c2:19:29:94:f5:00:72:60:3a:b2:66:18:1d:97:e6:6f:e1:f2:
9d:13:b4:d5
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY4P7vD7obmJr9WwtZUc+O4iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMzA1MTg0NTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmFmZTEzMTVkNTA1MGI0YjFiNjdmN2Q4Y2ZiNzU5NjNlZjUwNzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzJKEsiF44h8AAPmEOSB6aRePWT3
G5Fx28d621fIaqCJOJ3WKotXY68Uxkbwc/XM87+QrlbQ6GRhV1o4fTRsXjqt9Ndm
I71oYU9N/JG7rbAS5iWXQluCPOStPguASxx9g1jXOMXJISLHs7etdbDfohTxpqL8
1b0zdPoD5eTOzaErESg1RXkfq/imIyQeThRB4hSX8LMo7hKJCJnsWncHca/AqMaB
wlS5HVhwy86F6mwIYEfzjgi7XXAx3VdSNgdX+laHnb+o2kCeEK8rJU6AE0Ul1WcE
zSCb4YChmbD2xuKIYXPLlulGSLIwGVHgPrSMIIdIBuYNrV4vxZR4fbHnuwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFD+v4TFdUFC0sbZ/fYz7dZY+9QdqMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvUDZfaE1WMVFVTFN4dG45OWpQdDFsajcxQjJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAsH34AwQA
udLoAwQAudLrAwQAudZmAwQAueEAAwQAufvnMA0GCSqGSIb3DQEBCwUAA4IBAQAh
oelH4byvP3OyjCLz/Mx1WQbJLGKUZ2MsbbU+c62kK7VRg3AqdrJpX5NOx4nAKDQv
zuyqtmvfwgutiupGCxUfjoy1cFlgZMjuAeMv4lq7ob9iPeR0HqervwS9O5MCk1Cg
miKQiGJiOHv4wFoEN7NS8REMQNPOCs46IYT0CoCArsd3fEcV2L3BRoAen6LqVI69
JG9EMTAl7mlqRNTMqbOmTSHfbjOiZOd6BVFqYxSmsnnd+NG6OIUU469JldyfIJsG
atxR/qU7QevxU8Eo2C2k2ai7MnONirepEaj1NhfXv7zeFpapc14C5ZrCGSmU9QBy
YDqyZhgdl+Zv4fKdE7TV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:41 2024 by rpki-client on console-fra.rpki-client.org