Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/5f8cea-54ba-4965-a454-07a449a50f08/1/6jFqyae1Vr3T5vvLtbSqSwdARfc.roa
File: 6jFqyae1Vr3T5vvLtbSqSwdARfc.roa (raw, json)
Hash identifier: gtkxQkEL3buyah6sBdYRakHs55aCVjSS/6hNttKvjtw=
Subject key identifier: EA:31:6A:C9:A7:B5:56:BD:D3:E6:FB:CB:B5:B4:AA:4B:07:40:45:F7
Certificate issuer: /CN=c5a82f3936f244edcb6013e121d51a7690d13599
Certificate serial: 018CC26D5CB8BAD468F3B348346A403D0F00
Authority key identifier: C5:A8:2F:39:36:F2:44:ED:CB:60:13:E1:21:D5:1A:76:90:D1:35:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xagvOTbyRO3LYBPhIdUadpDRNZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/5f8cea-54ba-4965-a454-07a449a50f08/1/6jFqyae1Vr3T5vvLtbSqSwdARfc.roa
Signing time: Mon 01 Jan 2024 00:29:56 +0000
ROA not before: Mon 01 Jan 2024 00:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 185.203.91.0/24 maxlen: 24
2a10:8c00::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:5c:b8:ba:d4:68:f3:b3:48:34:6a:40:3d:0f:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5a82f3936f244edcb6013e121d51a7690d13599
Validity
Not Before: Jan 1 00:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea316ac9a7b556bdd3e6fbcbb5b4aa4b074045f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:04:2d:32:41:97:fa:5d:73:b8:ac:04:63:9f:
86:b4:7b:15:67:d9:22:57:38:89:39:5f:55:fa:82:
84:25:e8:d0:a1:77:8c:bb:c6:50:ec:1a:85:7f:9a:
31:cc:81:6d:c5:0d:76:fa:88:d1:d2:d1:59:2c:33:
43:1d:2e:03:55:79:0e:61:25:eb:4f:92:b8:05:43:
bc:69:3c:f1:bf:c5:dd:c8:63:50:9d:99:65:6f:a9:
af:4e:36:67:87:61:b9:ca:09:90:d9:18:c8:c7:35:
28:24:a2:ae:07:0a:a2:48:e6:56:98:07:c9:eb:e0:
ba:a0:ff:91:46:68:97:82:ff:29:b7:eb:be:ed:04:
c6:72:ea:55:69:e2:dd:c9:86:fd:2d:85:28:17:84:
e9:de:d2:04:c0:c6:9a:8a:1f:a1:0d:30:1c:0b:54:
b3:9f:a8:19:d4:25:e5:89:31:61:ac:b3:81:c1:c9:
e1:72:af:0c:5f:a3:fc:c8:bd:8e:e2:ac:3c:f0:c1:
32:80:73:1c:fd:25:bc:0d:fa:31:50:cb:d3:22:b4:
70:ac:11:2e:2c:cb:42:ff:79:4b:ee:2d:c4:7d:08:
10:0c:27:4a:77:c9:2f:77:6f:ef:1a:aa:7e:d7:a2:
a6:9a:c1:be:87:0a:c4:85:6e:df:93:cb:26:c1:7c:
89:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:31:6A:C9:A7:B5:56:BD:D3:E6:FB:CB:B5:B4:AA:4B:07:40:45:F7
X509v3 Authority Key Identifier:
keyid:C5:A8:2F:39:36:F2:44:ED:CB:60:13:E1:21:D5:1A:76:90:D1:35:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xagvOTbyRO3LYBPhIdUadpDRNZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/5f8cea-54ba-4965-a454-07a449a50f08/1/6jFqyae1Vr3T5vvLtbSqSwdARfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/5f8cea-54ba-4965-a454-07a449a50f08/1/xagvOTbyRO3LYBPhIdUadpDRNZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.203.91.0/24
IPv6:
2a10:8c00::/32
Signature Algorithm: sha256WithRSAEncryption
83:ac:f3:0f:ed:48:38:39:21:a4:39:71:da:ae:c0:5b:d9:60:
db:bd:17:a3:b6:1f:a0:c7:34:05:c1:e6:52:ca:f9:df:46:55:
74:25:80:c7:a1:34:06:1a:41:63:af:22:5d:85:dc:b3:1c:9c:
80:2c:b4:1d:9d:ce:2e:9d:37:a0:ec:51:08:99:f2:66:d2:70:
e6:8f:b6:53:59:ee:85:fd:09:d8:49:b7:98:5f:06:5d:79:32:
6f:b1:b8:da:2c:1d:9d:6a:37:31:2d:4c:92:cc:f9:b6:80:e8:
5d:d0:33:da:be:cb:f2:40:56:f1:42:88:57:14:bb:c4:fc:34:
d8:a9:05:f4:6a:54:e8:04:e4:4e:69:d7:26:5b:58:44:4a:81:
ed:be:af:6f:68:3b:a0:be:65:cc:03:b9:0c:3f:d8:f7:9b:53:
a1:c1:2b:dd:9b:07:5a:1c:e1:d0:29:3c:3b:f5:81:b1:9a:ee:
fc:07:35:11:78:78:e5:c6:b6:f5:71:d3:3e:4c:ac:f9:89:15:
b9:ae:0d:11:eb:6e:8a:c5:d9:2c:b0:d3:10:8a:b3:36:3b:43:
9b:3b:39:a1:0f:de:42:e1:50:77:09:e0:d1:0f:4b:dd:14:1d:
b7:47:9b:d9:60:ec:c5:ff:a4:d9:53:3f:f6:6a:b2:b7:f1:32:
5a:91:e1:1d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzCbVy4utRo87NINGpAPQ8AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YTgyZjM5MzZmMjQ0ZWRjYjYwMTNlMTIxZDUxYTc2OTBk
MTM1OTkwHhcNMjQwMTAxMDAyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTMxNmFjOWE3YjU1NmJkZDNlNmZiY2JiNWI0YWE0YjA3NDA0NWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwQtMkGX+l1zuKwEY5+GtHsVZ9ki
VziJOV9V+oKEJejQoXeMu8ZQ7BqFf5oxzIFtxQ12+ojR0tFZLDNDHS4DVXkOYSXr
T5K4BUO8aTzxv8XdyGNQnZllb6mvTjZnh2G5ygmQ2RjIxzUoJKKuBwqiSOZWmAfJ
6+C6oP+RRmiXgv8pt+u+7QTGcupVaeLdyYb9LYUoF4Tp3tIEwMaaih+hDTAcC1Sz
n6gZ1CXliTFhrLOBwcnhcq8MX6P8yL2O4qw88MEygHMc/SW8DfoxUMvTIrRwrBEu
LMtC/3lL7i3EfQgQDCdKd8kvd2/vGqp+16KmmsG+hwrEhW7fk8smwXyJjQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOoxasmntVa90+b7y7W0qksHQEX3MB8GA1UdIwQY
MBaAFMWoLzk28kTty2AT4SHVGnaQ0TWZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGFndk9UYnlSTzNMWUJQaElkVWFkcERSTlprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS81ZjhjZWEtNTRiYS00OTY1LWE0NTQt
MDdhNDQ5YTUwZjA4LzEvNmpGcXlhZTFWcjNUNXZ2THRiU3FTd2RBUmZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS81ZjhjZWEtNTRiYS00OTY1LWE0NTQtMDdhNDQ5YTUwZjA4
LzEveGFndk9UYnlSTzNMWUJQaElkVWFkcERSTlprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuctbMA0E
AgACMAcDBQAqEIwAMA0GCSqGSIb3DQEBCwUAA4IBAQCDrPMP7Ug4OSGkOXHarsBb
2WDbvRejth+gxzQFweZSyvnfRlV0JYDHoTQGGkFjryJdhdyzHJyALLQdnc4unTeg
7FEImfJm0nDmj7ZTWe6F/QnYSbeYXwZdeTJvsbjaLB2dajcxLUySzPm2gOhd0DPa
vsvyQFbxQohXFLvE/DTYqQX0alToBOROadcmW1hESoHtvq9vaDugvmXMA7kMP9j3
m1OhwSvdmwdaHOHQKTw79YGxmu78BzUReHjlxrb1cdM+TKz5iRW5rg0R626Kxdks
sNMQirM2O0ObOzmhD95C4VB3CeDRD0vdFB23R5vZYOzF/6TZUz/2arK38TJakeEd
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:14:52 2025 by rpki-client