Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/s6BhWX1VI0ge_DqkY5ZM4a90YjM.roa
File: s6BhWX1VI0ge_DqkY5ZM4a90YjM.roa (raw, json)
Hash identifier: f4E2zEWVwfORMAMSTmGf40bn05wulAzsId5RukgSMdU=
Subject key identifier: B3:A0:61:59:7D:55:23:48:1E:FC:3A:A4:63:96:4C:E1:AF:74:62:33
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018DC5C4B9D99DB9338C4D9A3A771E91B07B
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/s6BhWX1VI0ge_DqkY5ZM4a90YjM.roa
Signing time: Tue 20 Feb 2024 09:07:00 +0000
ROA not before: Tue 20 Feb 2024 09:07:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8434
IP address blocks: 192.71.158.0/24 maxlen: 24
194.14.129.0/24 maxlen: 24
194.68.99.0/24 maxlen: 24
194.71.27.0/24 maxlen: 24
194.71.83.0/24 maxlen: 24
194.71.140.0/23 maxlen: 23
194.71.248.0/21 maxlen: 21
194.132.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Feb 2024 15:16:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c5:c4:b9:d9:9d:b9:33:8c:4d:9a:3a:77:1e:91:b0:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Feb 20 09:07:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3a061597d5523481efc3aa463964ce1af746233
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a6:98:34:0a:15:3d:20:52:1c:f1:15:b3:57:
92:5e:ed:8c:b9:f4:43:10:13:12:04:7c:7c:71:b2:
62:f9:f7:00:ba:f5:56:ce:88:49:ee:6e:9f:9b:dc:
d0:d7:5e:b8:4a:ee:06:46:db:45:f5:98:0c:d6:d5:
cd:51:78:16:ca:c1:a1:3c:aa:f1:33:a9:bd:b6:88:
b6:50:f5:29:b5:e4:2b:5a:17:ec:53:4c:55:fd:3b:
a4:7e:20:fb:d8:9e:4b:11:fc:c7:d9:70:76:d5:36:
14:22:ab:76:66:2f:cd:65:d1:e6:fc:8f:ef:6f:d3:
19:9f:ad:db:3e:cd:23:2d:9e:fa:d6:62:00:92:c6:
a2:ef:f4:a3:6a:1a:26:6f:b5:9c:fb:83:2e:0c:3a:
f9:2c:c7:aa:ab:2f:4c:a3:e2:00:cd:e8:87:fa:72:
67:f2:52:41:c2:7f:37:64:ac:56:1a:d6:0a:25:ea:
b9:72:99:8e:7c:b7:15:b1:93:4c:13:68:86:10:38:
28:90:25:85:b1:3f:3e:56:02:3c:8c:82:b7:8f:64:
3b:3a:47:10:0d:40:7b:67:0a:c9:df:da:cf:2d:5d:
f3:68:56:f4:ce:58:87:25:36:a9:cf:2e:41:6a:ff:
6e:ba:94:18:86:2a:2a:eb:45:c3:43:37:3a:72:a0:
ef:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:A0:61:59:7D:55:23:48:1E:FC:3A:A4:63:96:4C:E1:AF:74:62:33
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/s6BhWX1VI0ge_DqkY5ZM4a90YjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.158.0/24
194.14.129.0/24
194.68.99.0/24
194.71.27.0/24
194.71.83.0/24
194.71.140.0/23
194.71.248.0/21
194.132.174.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:55:30:75:3d:f8:ec:b9:6f:cc:25:1e:e7:8f:df:ab:4a:e3:
e9:90:e7:cb:fc:12:23:e4:5a:77:74:84:71:59:8a:44:2d:ca:
68:80:39:cb:65:28:0c:70:69:bc:1e:44:67:92:7b:f2:be:16:
39:2b:84:1d:65:1f:3c:b1:5f:a1:f0:c4:1f:6b:4e:49:e8:8e:
6e:98:55:2c:51:f2:5a:74:a3:ea:91:b2:46:ad:91:ad:73:ab:
06:e6:5a:5d:1b:0c:d4:df:c1:35:b5:74:ca:a9:8d:9d:ad:1a:
44:e4:84:0c:0d:bd:41:34:98:d0:62:97:e4:c9:d3:96:c0:f1:
3c:ce:e9:98:e6:82:e0:b5:68:62:71:e0:59:ea:67:15:20:dc:
18:70:21:69:dc:dd:24:b8:00:a1:f3:c6:b1:e0:a2:94:60:ca:
a0:85:a8:c9:7c:86:38:67:6a:60:32:bb:9d:3b:31:28:f5:10:
fe:cf:78:e1:9e:b4:d6:8a:88:8c:11:42:8a:f7:8c:bd:ba:e5:
c1:82:d4:31:1a:01:e7:68:71:c1:09:c8:92:9e:15:93:9d:3c:
33:93:16:87:2b:2e:15:3e:84:5f:cc:9e:24:ac:00:07:78:3d:
61:9f:56:77:13:52:7e:51:4c:e9:aa:77:d6:d2:c0:07:dd:6e:
5d:98:76:7c
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY3FxLnZnbkzjE2aOncekbB7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMjIwMDkwNzAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2EwNjE1OTdkNTUyMzQ4MWVmYzNhYTQ2Mzk2NGNlMWFmNzQ2MjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsaaYNAoVPSBSHPEVs1eSXu2MufRD
EBMSBHx8cbJi+fcAuvVWzohJ7m6fm9zQ1164Su4GRttF9ZgM1tXNUXgWysGhPKrx
M6m9toi2UPUpteQrWhfsU0xV/TukfiD72J5LEfzH2XB21TYUIqt2Zi/NZdHm/I/v
b9MZn63bPs0jLZ761mIAksai7/Sjahomb7Wc+4MuDDr5LMeqqy9Mo+IAzeiH+nJn
8lJBwn83ZKxWGtYKJeq5cpmOfLcVsZNME2iGEDgokCWFsT8+VgI8jIK3j2Q7OkcQ
DUB7ZwrJ39rPLV3zaFb0zliHJTapzy5Bav9uupQYhioq60XDQzc6cqDvawIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFLOgYVl9VSNIHvw6pGOWTOGvdGIzMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvczZCaFdYMVZJMGdlX0Rxa1k1Wk00YTkwWWpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAwEeeAwQA
wg6BAwQAwkRjAwQAwkcbAwQAwkdTAwQBwkeMAwQDwkf4AwQAwoSuMA0GCSqGSIb3
DQEBCwUAA4IBAQCeVTB1PfjsuW/MJR7nj9+rSuPpkOfL/BIj5Fp3dIRxWYpELcpo
gDnLZSgMcGm8HkRnknvyvhY5K4QdZR88sV+h8MQfa05J6I5umFUsUfJadKPqkbJG
rZGtc6sG5lpdGwzU38E1tXTKqY2drRpE5IQMDb1BNJjQYpfkydOWwPE8zumY5oLg
tWhiceBZ6mcVINwYcCFp3N0kuACh88ax4KKUYMqghajJfIY4Z2pgMrudOzEo9RD+
z3jhnrTWioiMEUKK94y9uuXBgtQxGgHnaHHBCciSnhWTnTwzkxaHKy4VPoRfzJ4k
rAAHeD1hn1Z3E1J+UUzpqnfW0sAH3W5dmHZ8
-----END CERTIFICATE-----
Generated at Wed Feb 28 20:12:28 2024 by rpki-client on console-fra.rpki-client.org