Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/4f2800-a555-4f82-8936-f208365051cb/1/6-XObGQoT97LZMCQR6iKZaSY00I.roa
File: 6-XObGQoT97LZMCQR6iKZaSY00I.roa (raw, json)
Hash identifier: XWEQ61yC/Gui374wFD9Nz8O4BId/ycVWRK0C3CVPWlA=
Subject key identifier: EB:E5:CE:6C:64:28:4F:DE:CB:64:C0:90:47:A8:8A:65:A4:98:D3:42
Certificate issuer: /CN=f169902ad6b7bf4601eeaa5e723ef23d70fa7714
Certificate serial: 01856D01AE796D7E0B943838B03620AE1158
Authority key identifier: F1:69:90:2A:D6:B7:BF:46:01:EE:AA:5E:72:3E:F2:3D:70:FA:77:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8WmQKta3v0YB7qpecj7yPXD6dxQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/4f2800-a555-4f82-8936-f208365051cb/1/6-XObGQoT97LZMCQR6iKZaSY00I.roa
Signing time: Sun 01 Jan 2023 11:05:04 +0000
ROA not before: Sun 01 Jan 2023 11:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47998
IP address blocks: 94.228.64.0/20 maxlen: 24
2a00:1068::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:ae:79:6d:7e:0b:94:38:38:b0:36:20:ae:11:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f169902ad6b7bf4601eeaa5e723ef23d70fa7714
Validity
Not Before: Jan 1 11:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ebe5ce6c64284fdecb64c09047a88a65a498d342
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:95:1e:6f:1a:49:64:48:82:45:37:f9:42:9c:
60:cd:ba:c4:a4:8b:ee:66:b5:46:cc:25:aa:61:12:
f1:b1:91:a2:3a:b6:26:f6:d0:eb:2b:e4:1e:85:81:
fa:80:74:92:7d:cb:e1:0e:30:10:ac:56:af:fd:e8:
f3:fb:46:92:9e:bf:28:cf:dc:16:0b:31:9a:24:0f:
f8:f8:86:37:b3:8c:56:20:d4:06:f2:ea:7a:3d:aa:
13:2d:4b:d2:9f:d2:31:ea:57:df:8c:04:e1:d9:75:
e6:ac:62:e7:89:98:50:4d:cc:a8:32:df:70:59:07:
82:71:ca:b3:45:ca:46:93:65:1c:82:bf:bc:0b:f6:
88:ef:a1:b0:9a:43:12:56:2f:bd:76:0f:c3:7f:14:
a0:3f:4c:71:ff:d1:16:cc:c2:f6:2e:a2:f3:79:ec:
df:f9:3f:94:3a:ac:19:c7:f8:b9:df:c1:c5:a7:59:
4f:02:72:76:db:3e:e0:28:22:d7:6b:61:5c:59:bb:
23:e5:3e:c0:1e:82:71:cf:3d:56:09:cb:99:bc:1b:
c4:95:43:9f:07:f0:87:5c:69:4d:f8:7e:5a:68:be:
d1:df:66:aa:b4:74:86:a2:5a:94:23:65:cb:fa:77:
19:ad:59:1d:af:17:53:b2:53:96:20:67:cd:8d:2c:
c5:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:E5:CE:6C:64:28:4F:DE:CB:64:C0:90:47:A8:8A:65:A4:98:D3:42
X509v3 Authority Key Identifier:
keyid:F1:69:90:2A:D6:B7:BF:46:01:EE:AA:5E:72:3E:F2:3D:70:FA:77:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8WmQKta3v0YB7qpecj7yPXD6dxQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/4f2800-a555-4f82-8936-f208365051cb/1/6-XObGQoT97LZMCQR6iKZaSY00I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/4f2800-a555-4f82-8936-f208365051cb/1/8WmQKta3v0YB7qpecj7yPXD6dxQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.228.64.0/20
IPv6:
2a00:1068::/32
Signature Algorithm: sha256WithRSAEncryption
66:4f:08:82:01:d6:91:5d:bf:46:5b:70:87:bb:9b:54:85:be:
d4:dc:03:8a:59:5b:a2:7f:4c:b9:ef:2d:90:7c:a8:74:da:08:
bb:0f:8f:39:22:19:af:e9:55:df:34:5b:59:dc:04:17:e8:d0:
f3:02:eb:ff:e4:4d:dc:72:0f:28:94:07:de:8f:66:5b:d8:3c:
08:72:7a:ae:4e:28:c4:99:50:e8:a9:72:be:03:a3:63:5b:d5:
0a:93:73:5b:34:92:26:d1:a0:a9:f4:e0:ab:f9:90:a4:4b:db:
49:23:e6:c0:e7:ac:17:b3:bb:98:0c:26:58:e2:ab:8c:b8:cb:
7a:cc:af:b9:bb:fb:ab:ee:3f:33:0a:6b:b5:2b:d5:bf:de:b0:
c8:2b:e3:15:62:64:1f:09:7d:53:3b:5a:95:c8:c5:66:cc:e7:
8c:17:df:a9:13:b9:e2:64:3c:71:7e:f3:41:d6:29:b8:d1:a4:
e8:ac:e1:c7:a0:35:28:02:c8:31:f3:68:e3:1d:2f:04:ac:28:
c1:54:9a:34:d0:97:28:9d:9d:97:82:a1:06:de:dd:af:53:dc:
87:ca:bf:53:62:8c:44:0b:52:71:cd:ff:e5:29:a6:b2:b5:e0:
eb:fa:36:44:12:d5:58:3f:9b:f9:21:b1:7e:39:c0:26:24:d6:
04:e8:49:bd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtAa55bX4LlDg4sDYgrhFYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNjk5MDJhZDZiN2JmNDYwMWVlYWE1ZTcyM2VmMjNkNzBm
YTc3MTQwHhcNMjMwMTAxMTEwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmU1Y2U2YzY0Mjg0ZmRlY2I2NGMwOTA0N2E4OGE2NWE0OThkMzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpUebxpJZEiCRTf5QpxgzbrEpIvu
ZrVGzCWqYRLxsZGiOrYm9tDrK+QehYH6gHSSfcvhDjAQrFav/ejz+0aSnr8oz9wW
CzGaJA/4+IY3s4xWINQG8up6PaoTLUvSn9Ix6lffjATh2XXmrGLniZhQTcyoMt9w
WQeCccqzRcpGk2Ucgr+8C/aI76GwmkMSVi+9dg/DfxSgP0xx/9EWzML2LqLzeezf
+T+UOqwZx/i538HFp1lPAnJ22z7gKCLXa2FcWbsj5T7AHoJxzz1WCcuZvBvElUOf
B/CHXGlN+H5aaL7R32aqtHSGolqUI2XL+ncZrVkdrxdTslOWIGfNjSzFZQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOvlzmxkKE/ey2TAkEeoimWkmNNCMB8GA1UdIwQY
MBaAFPFpkCrWt79GAe6qXnI+8j1w+ncUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFdtUUt0YTN2MFlCN3FwZWNqN3lQWEQ2ZHhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy80ZjI4MDAtYTU1NS00ZjgyLTg5MzYt
ZjIwODM2NTA1MWNiLzEvNi1YT2JHUW9UOTdMWk1DUVI2aUtaYVNZMDBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy80ZjI4MDAtYTU1NS00ZjgyLTg5MzYtZjIwODM2NTA1MWNi
LzEvOFdtUUt0YTN2MFlCN3FwZWNqN3lQWEQ2ZHhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEXuRAMA0E
AgACMAcDBQAqABBoMA0GCSqGSIb3DQEBCwUAA4IBAQBmTwiCAdaRXb9GW3CHu5tU
hb7U3AOKWVuif0y57y2QfKh02gi7D485Ihmv6VXfNFtZ3AQX6NDzAuv/5E3ccg8o
lAfej2Zb2DwIcnquTijEmVDoqXK+A6NjW9UKk3NbNJIm0aCp9OCr+ZCkS9tJI+bA
56wXs7uYDCZY4quMuMt6zK+5u/ur7j8zCmu1K9W/3rDIK+MVYmQfCX1TO1qVyMVm
zOeMF9+pE7niZDxxfvNB1im40aTorOHHoDUoAsgx82jjHS8ErCjBVJo00JconZ2X
gqEG3t2vU9yHyr9TYoxEC1Jxzf/lKaayteDr+jZEEtVYP5v5IbF+OcAmJNYE6Em9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:04 2024 by rpki-client on console-ams.rpki-client.org