Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/6hIzLM8gqpGrU7PxRhzbXDAIYnY.roa
File: 6hIzLM8gqpGrU7PxRhzbXDAIYnY.roa (raw, json)
Hash identifier: XVkwYpbFCRYkjYOmwRfAZHwKzdTUDZNIs0kDdDvDq3g=
Subject key identifier: EA:12:33:2C:CF:20:AA:91:AB:53:B3:F1:46:1C:DB:5C:30:08:62:76
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018ED12E7753461D37AB1CE16E0768422727
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/6hIzLM8gqpGrU7PxRhzbXDAIYnY.roa
Signing time: Fri 12 Apr 2024 07:21:07 +0000
ROA not before: Fri 12 Apr 2024 07:21:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 192.36.247.0/24 maxlen: 24
192.71.84.0/24 maxlen: 24
192.71.254.0/23 maxlen: 24
192.176.43.0/24 maxlen: 24
193.182.113.0/24 maxlen: 24
193.234.120.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d1:2e:77:53:46:1d:37:ab:1c:e1:6e:07:68:42:27:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Apr 12 07:21:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea12332ccf20aa91ab53b3f1461cdb5c30086276
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:09:26:8f:aa:65:eb:6c:f9:81:7d:c5:01:cb:
1f:d4:64:23:bd:3e:45:2d:68:16:30:a8:b9:b1:ff:
67:0e:3e:b1:12:79:53:8a:f7:8d:ed:bb:62:69:15:
a6:db:a6:2b:38:65:05:01:d3:d3:c7:12:ef:7f:43:
f4:08:40:a5:a3:39:5f:86:f5:87:4e:68:58:88:72:
bf:74:93:ef:6e:7d:8d:0d:bb:0b:0f:6d:f2:1a:4d:
89:96:24:d3:71:33:56:01:ef:9f:89:34:07:b3:07:
30:43:9e:a6:86:de:55:d1:76:ae:8a:3a:ab:97:0e:
f4:8f:7e:75:1e:7e:bd:bd:29:32:b3:a7:51:25:38:
10:53:6d:e9:e9:0a:bf:1f:1d:b8:0a:c1:b8:fc:6e:
d7:8b:20:76:43:2e:7f:c1:b6:4a:42:e0:c9:8c:fd:
a7:20:5b:55:93:17:2a:27:b0:63:7b:bc:f6:e2:13:
37:8b:05:7b:7f:2d:e2:9d:eb:c1:60:ee:14:f8:fe:
2f:7d:c6:a3:d6:6e:36:da:5f:45:cd:81:13:b0:24:
af:9b:b2:ee:15:cf:77:e0:ba:c2:c0:96:49:d3:25:
75:22:5b:da:c2:cb:6a:e2:b6:e3:a3:fb:fb:a0:ec:
32:cd:1c:3e:b3:34:a3:17:b2:99:06:a3:c3:30:34:
4d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:12:33:2C:CF:20:AA:91:AB:53:B3:F1:46:1C:DB:5C:30:08:62:76
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/6hIzLM8gqpGrU7PxRhzbXDAIYnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.247.0/24
192.71.84.0/24
192.71.254.0/23
192.176.43.0/24
193.182.113.0/24
193.234.120.0/22
Signature Algorithm: sha256WithRSAEncryption
94:a5:48:d3:8e:5d:5b:16:8e:3b:f6:f0:ce:e1:0f:c2:1b:d5:
c8:73:a5:32:75:b8:50:0c:20:42:fc:b5:67:ac:a4:4c:ef:76:
5e:89:9a:4d:8e:e4:97:a3:16:45:13:96:d7:5a:26:85:67:5e:
ce:82:13:ea:e9:d4:5b:8d:b0:f2:66:8c:96:64:9c:48:13:bd:
78:51:22:b9:ab:5b:70:0b:da:d0:33:ef:79:f0:d5:3e:5c:47:
bb:eb:c4:f9:b7:52:4b:c8:17:a2:12:16:77:5f:fe:70:ac:d3:
ef:d6:81:0b:67:5c:a4:01:81:25:aa:fa:88:ed:eb:be:8d:cb:
f2:0d:46:f3:5a:9d:de:47:60:2f:61:b4:2e:1f:c1:1b:de:3c:
10:78:28:cf:c4:8d:01:96:a5:bd:b5:85:4b:1d:1a:a1:dc:88:
f7:e9:be:59:47:6d:bd:e5:dd:00:04:8d:45:f6:dc:51:b7:04:
63:9b:3c:f0:bb:66:b8:4e:d9:eb:44:6b:e0:8a:6c:c4:26:19:
56:70:ec:90:58:5e:9e:27:50:fc:18:1f:b9:e0:d2:78:67:51:
84:67:4b:26:98:b7:e9:d6:f2:69:8a:c2:57:15:a2:56:46:32:
b1:73:01:1e:ec:e3:6f:ac:96:b4:7b:a4:12:98:b8:2d:ec:71:
8c:f6:e4:ab
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY7RLndTRh03qxzhbgdoQicnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwNDEyMDcyMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTEyMzMyY2NmMjBhYTkxYWI1M2IzZjE0NjFjZGI1YzMwMDg2Mjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwkmj6pl62z5gX3FAcsf1GQjvT5F
LWgWMKi5sf9nDj6xEnlTiveN7btiaRWm26YrOGUFAdPTxxLvf0P0CEClozlfhvWH
TmhYiHK/dJPvbn2NDbsLD23yGk2JliTTcTNWAe+fiTQHswcwQ56mht5V0Xauijqr
lw70j351Hn69vSkys6dRJTgQU23p6Qq/Hx24CsG4/G7XiyB2Qy5/wbZKQuDJjP2n
IFtVkxcqJ7Bje7z24hM3iwV7fy3inevBYO4U+P4vfcaj1m422l9FzYETsCSvm7Lu
Fc934LrCwJZJ0yV1Ilvawstq4rbjo/v7oOwyzRw+szSjF7KZBqPDMDRNdwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOoSMyzPIKqRq1Oz8UYc21wwCGJ2MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvNmhJekxNOGdxcEdyVTdQeFJoemJYREFJWW5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwCT3AwQA
wEdUAwQBwEf+AwQAwLArAwQAwbZxAwQCwep4MA0GCSqGSIb3DQEBCwUAA4IBAQCU
pUjTjl1bFo479vDO4Q/CG9XIc6UydbhQDCBC/LVnrKRM73ZeiZpNjuSXoxZFE5bX
WiaFZ17OghPq6dRbjbDyZoyWZJxIE714USK5q1twC9rQM+958NU+XEe768T5t1JL
yBeiEhZ3X/5wrNPv1oELZ1ykAYElqvqI7eu+jcvyDUbzWp3eR2AvYbQuH8Eb3jwQ
eCjPxI0BlqW9tYVLHRqh3Ij36b5ZR2295d0ABI1F9txRtwRjmzzwu2a4TtnrRGvg
imzEJhlWcOyQWF6eJ1D8GB+54NJ4Z1GEZ0smmLfp1vJpisJXFaJWRjKxcwEe7ONv
rJa0e6QSmLgt7HGM9uSr
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:36:55 2025 by rpki-client