Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/a5cKxRvJClVIz7hFKCfE2Ic9GJk.roa
File: a5cKxRvJClVIz7hFKCfE2Ic9GJk.roa (raw, json)
Hash identifier: EnARLqvxwR4sWrOcqfLgdjvm9tvGlgOVhiwwOxbZhMs=
Subject key identifier: 6B:97:0A:C5:1B:C9:0A:55:48:CF:B8:45:28:27:C4:D8:87:3D:18:99
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018DF468D9643FF0F93480A422B44FD04572
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/a5cKxRvJClVIz7hFKCfE2Ic9GJk.roa
Signing time: Thu 29 Feb 2024 10:28:48 +0000
ROA not before: Thu 29 Feb 2024 10:28:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 176.125.248.0/24 maxlen: 24
185.210.232.0/24 maxlen: 24
185.214.102.0/24 maxlen: 24
185.225.0.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Mar 2024 18:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f4:68:d9:64:3f:f0:f9:34:80:a4:22:b4:4f:d0:45:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Feb 29 10:28:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b970ac51bc90a5548cfb8452827c4d8873d1899
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:9e:fe:9b:6a:7e:55:2a:66:32:ad:e5:6c:ee:
11:41:0d:6d:a1:c4:e0:68:52:87:97:9f:12:7b:be:
b0:77:69:e9:78:e6:b4:0c:5c:e5:b0:62:a2:18:6c:
69:a6:82:9d:1d:93:d0:a5:19:19:46:93:2f:72:e5:
5c:79:a6:96:29:00:b1:e6:3d:b0:f9:38:2b:e9:fa:
09:b6:10:d6:fe:44:9a:c2:c0:31:27:dc:ed:f5:1d:
ec:03:c7:21:a4:ab:fe:40:a6:86:13:03:8a:ee:31:
fb:b5:56:f9:c5:c3:ad:4b:04:1c:09:f0:73:90:8c:
86:5a:bc:99:8e:0f:95:86:cf:aa:a9:83:8a:d6:cf:
be:3a:7a:fc:e1:2b:85:fb:91:06:fa:1e:45:6a:78:
52:7c:20:ba:8a:e4:d9:83:46:dd:b9:9c:2a:f8:27:
52:e7:f9:8c:dd:bc:d2:35:01:75:b4:49:d6:16:57:
20:81:3e:e0:41:16:56:70:b4:d0:6d:b3:c6:51:0f:
71:d7:a8:b2:60:1a:c1:42:35:09:d1:e4:6e:73:b2:
2c:ea:9c:9a:7e:ba:49:37:21:ca:78:fc:99:d5:0d:
70:e5:a8:1e:d8:ba:46:80:08:e3:ed:f0:62:55:7a:
32:2c:74:a0:00:14:bf:08:1a:70:08:da:91:3f:e6:
cf:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:97:0A:C5:1B:C9:0A:55:48:CF:B8:45:28:27:C4:D8:87:3D:18:99
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/a5cKxRvJClVIz7hFKCfE2Ic9GJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.248.0/24
185.210.232.0/24
185.214.102.0/24
185.225.0.0/24
185.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
14:c7:e0:0d:44:8e:25:85:d4:af:8c:4e:99:d8:70:49:38:b2:
6f:b2:d3:c0:47:d4:9b:a4:22:78:55:c1:59:36:83:d2:00:6f:
2c:b4:7d:b1:6b:d4:6c:2f:74:13:28:61:16:77:10:aa:56:f4:
44:54:07:c4:95:e9:e0:a3:b0:40:9f:8d:95:1b:36:ab:b0:1d:
9a:98:e9:fc:86:49:2c:44:46:c3:99:3b:e8:5f:26:40:ba:27:
ca:3a:45:02:f8:2a:58:a0:c9:c9:61:d0:e2:4b:55:98:c4:8b:
f1:c5:4f:62:a0:6d:81:0a:f2:06:42:e7:21:3f:51:33:24:70:
65:57:db:8c:32:fa:cd:36:c4:9c:7b:c2:18:5b:5c:c5:a6:d8:
1b:1a:e6:70:3b:2b:56:15:dc:d2:84:1f:54:d3:ce:bf:d7:d7:
39:7f:49:71:bb:6a:e7:e1:dc:69:42:45:23:c4:76:71:27:84:
d8:7b:33:f6:25:b7:cc:08:3f:6a:f1:97:25:a6:07:2b:91:00:
45:5b:14:63:db:6f:8a:cd:cd:42:48:ae:3e:75:1a:69:0f:65:
b8:04:97:a9:ab:e9:77:22:68:14:a2:cc:af:cf:0b:be:48:93:
c1:a3:79:15:bd:8e:52:0e:a7:f5:03:e4:ee:e9:6e:ed:f5:0e:
1d:df:a7:b1
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY30aNlkP/D5NICkIrRP0EVyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMjI5MTAyODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yjk3MGFjNTFiYzkwYTU1NDhjZmI4NDUyODI3YzRkODg3M2QxODk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtp7+m2p+VSpmMq3lbO4RQQ1tocTg
aFKHl58Se76wd2npeOa0DFzlsGKiGGxppoKdHZPQpRkZRpMvcuVceaaWKQCx5j2w
+Tgr6foJthDW/kSawsAxJ9zt9R3sA8chpKv+QKaGEwOK7jH7tVb5xcOtSwQcCfBz
kIyGWryZjg+Vhs+qqYOK1s++Onr84SuF+5EG+h5FanhSfCC6iuTZg0bduZwq+CdS
5/mM3bzSNQF1tEnWFlcggT7gQRZWcLTQbbPGUQ9x16iyYBrBQjUJ0eRuc7Is6pya
frpJNyHKePyZ1Q1w5age2LpGgAjj7fBiVXoyLHSgABS/CBpwCNqRP+bPjQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGuXCsUbyQpVSM+4RSgnxNiHPRiZMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvYTVjS3hSdkpDbFZJejdoRktDZkUySWM5R0prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAsH34AwQA
udLoAwQAudZmAwQAueEAAwQAufvnMA0GCSqGSIb3DQEBCwUAA4IBAQAUx+ANRI4l
hdSvjE6Z2HBJOLJvstPAR9SbpCJ4VcFZNoPSAG8stH2xa9RsL3QTKGEWdxCqVvRE
VAfElengo7BAn42VGzarsB2amOn8hkksREbDmTvoXyZAuifKOkUC+CpYoMnJYdDi
S1WYxIvxxU9ioG2BCvIGQuchP1EzJHBlV9uMMvrNNsSce8IYW1zFptgbGuZwOytW
FdzShB9U086/19c5f0lxu2rn4dxpQkUjxHZxJ4TYezP2JbfMCD9q8ZclpgcrkQBF
WxRj22+Kzc1CSK4+dRppD2W4BJepq+l3ImgUosyvzwu+SJPBo3kVvY5SDqf1A+Tu
6W7t9Q4d36ex
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:27 2024 by rpki-client on console-ams.rpki-client.org