Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/6gF5PKQwwyeZPdRNLLfxfunMCzE.roa
File: 6gF5PKQwwyeZPdRNLLfxfunMCzE.roa (raw, json)
Hash identifier: dModd42KL7xMFp8APWgi7Mk20pkYnFzEnIcO95uE53k=
Subject key identifier: EA:01:79:3C:A4:30:C3:27:99:3D:D4:4D:2C:B7:F1:7E:E9:CC:0B:31
Certificate issuer: /CN=dc86e3e928c7f0c9db69515ff3aa1f678cee43c0
Certificate serial: 018CC2DAFBE3AE5C6682822406FBF1CA619D
Authority key identifier: DC:86:E3:E9:28:C7:F0:C9:DB:69:51:5F:F3:AA:1F:67:8C:EE:43:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/6gF5PKQwwyeZPdRNLLfxfunMCzE.roa
Signing time: Mon 01 Jan 2024 02:29:40 +0000
ROA not before: Mon 01 Jan 2024 02:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200350
IP address blocks: 89.169.128.0/18 maxlen: 24
84.201.128.0/18 maxlen: 24
217.28.224.0/20 maxlen: 24
62.84.112.0/20 maxlen: 24
130.193.32.0/19 maxlen: 24
185.206.164.0/22 maxlen: 24
45.133.96.0/22 maxlen: 24
185.216.194.0/23 maxlen: 24
193.32.216.0/22 maxlen: 24
158.160.0.0/16 maxlen: 24
46.21.244.0/22 maxlen: 24
178.154.192.0/18 maxlen: 24
84.252.128.0/20 maxlen: 24
51.250.0.0/17 maxlen: 24
217.198.168.0/21 maxlen: 24
2a0d:d6c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 19 Feb 2024 11:45:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:fb:e3:ae:5c:66:82:82:24:06:fb:f1:ca:61:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc86e3e928c7f0c9db69515ff3aa1f678cee43c0
Validity
Not Before: Jan 1 02:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea01793ca430c327993dd44d2cb7f17ee9cc0b31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:11:43:9a:53:a7:e8:12:41:13:d0:4e:7c:68:
86:f1:6b:e7:9a:db:d3:4b:84:55:17:77:59:66:63:
6b:bf:04:27:8d:78:ae:1f:c4:42:30:cf:57:bd:59:
50:87:60:90:f3:ab:7f:81:be:e6:6d:02:7b:63:10:
89:34:ae:7a:6e:45:21:62:b4:90:a4:4f:c0:ae:be:
d3:0b:94:e4:e2:5f:7f:7c:75:90:6e:af:18:68:34:
48:fa:53:b4:af:99:4b:87:4c:aa:7c:0c:92:56:79:
bf:7f:0c:98:30:d8:21:f4:b1:4e:12:9e:b1:7e:cb:
2d:08:0b:1e:e9:36:50:d0:66:b8:05:ac:91:fb:15:
c6:f6:c5:e2:e0:b4:1f:e2:c3:73:c1:f2:76:b6:82:
33:99:04:f3:d2:fe:cd:55:f1:5d:7b:cc:9c:48:33:
c7:ac:a3:9f:1d:18:cf:18:31:4e:e7:ea:de:be:03:
f3:08:11:d9:f8:16:5b:2e:26:a0:d8:e7:6b:63:43:
7a:06:82:b2:39:b7:d6:a9:8b:a2:98:58:94:68:ef:
aa:89:c8:a9:3f:f9:2f:28:5c:0f:7c:5d:f9:9a:aa:
1b:52:69:79:f3:e0:df:59:13:e5:30:4a:67:34:12:
eb:f4:f5:27:39:eb:c4:dc:43:42:39:72:a9:91:6b:
5f:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:01:79:3C:A4:30:C3:27:99:3D:D4:4D:2C:B7:F1:7E:E9:CC:0B:31
X509v3 Authority Key Identifier:
keyid:DC:86:E3:E9:28:C7:F0:C9:DB:69:51:5F:F3:AA:1F:67:8C:EE:43:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/6gF5PKQwwyeZPdRNLLfxfunMCzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.96.0/22
46.21.244.0/22
51.250.0.0/17
62.84.112.0/20
84.201.128.0/18
84.252.128.0/20
89.169.128.0/18
130.193.32.0/19
158.160.0.0/16
178.154.192.0/18
185.206.164.0/22
185.216.194.0/23
193.32.216.0/22
217.28.224.0/20
217.198.168.0/21
IPv6:
2a0d:d6c0::/29
Signature Algorithm: sha256WithRSAEncryption
04:ea:18:a6:43:8b:c5:c8:62:91:47:2e:5c:a4:c9:eb:69:73:
03:f2:f2:32:aa:ad:5f:da:5d:cb:a3:65:ba:71:a5:ba:c4:d3:
82:43:46:b5:1b:0d:f0:04:aa:0e:0a:4a:60:20:0f:d6:2f:9e:
26:0a:25:c1:f5:27:6c:98:23:03:72:4d:62:ba:15:6f:06:27:
d7:18:7d:37:a6:42:ca:70:b3:b6:d7:b1:36:ee:75:90:42:76:
14:d9:69:94:a9:b1:f0:06:64:76:c1:c1:ff:64:42:87:ac:d0:
cb:68:19:fd:f8:25:56:fc:c4:a9:d9:f3:19:3e:13:f9:9f:38:
aa:17:dd:f2:8d:5a:56:82:e1:ef:76:bb:a4:d5:a0:e9:18:e1:
95:cd:f2:80:81:4a:34:44:d9:b1:8c:0b:dd:1a:00:da:ff:53:
b0:39:55:ea:15:19:51:09:05:01:ff:1e:08:70:89:43:60:46:
6e:5e:c6:c1:4b:a1:1a:81:b4:ff:22:1d:ae:65:cf:6d:21:1b:
8e:ba:1c:3a:70:b9:5e:3c:9d:6d:ca:06:4f:02:36:d7:a2:5d:
bf:2e:8e:40:c1:c6:6c:2c:15:a2:5a:c0:a7:c7:6a:34:3d:75:
ab:da:90:55:0d:8c:f8:e2:91:25:e5:b6:0e:57:47:67:a2:bf:
4b:8b:2f:9e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAYzC2vvjrlxmgoIkBvvxymGdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjODZlM2U5MjhjN2YwYzlkYjY5NTE1ZmYzYWExZjY3OGNl
ZTQzYzAwHhcNMjQwMTAxMDIyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTAxNzkzY2E0MzBjMzI3OTkzZGQ0NGQyY2I3ZjE3ZWU5Y2MwYjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxFDmlOn6BJBE9BOfGiG8WvnmtvT
S4RVF3dZZmNrvwQnjXiuH8RCMM9XvVlQh2CQ86t/gb7mbQJ7YxCJNK56bkUhYrSQ
pE/Arr7TC5Tk4l9/fHWQbq8YaDRI+lO0r5lLh0yqfAySVnm/fwyYMNgh9LFOEp6x
fsstCAse6TZQ0Ga4BayR+xXG9sXi4LQf4sNzwfJ2toIzmQTz0v7NVfFde8ycSDPH
rKOfHRjPGDFO5+revgPzCBHZ+BZbLiag2OdrY0N6BoKyObfWqYuimFiUaO+qicip
P/kvKFwPfF35mqobUml58+DfWRPlMEpnNBLr9PUnOevE3ENCOXKpkWtf6wIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFOoBeTykMMMnmT3UTSy38X7pzAsxMB8GA1UdIwQY
MBaAFNyG4+kox/DJ22lRX/OqH2eM7kPAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0liajZTakg4TW5iYVZGZjg2b2ZaNHp1UThBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC80NzFhYTUtYzNmNy00YWZkLWIxMjIt
OWM4ZTU5YzI3NzFjLzEvNmdGNVBLUXd3eWVaUGRSTkxMZnhmdW5NQ3pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC80NzFhYTUtYzNmNy00YWZkLWIxMjItOWM4ZTU5YzI3NzFj
LzEvM0liajZTakg4TW5iYVZGZjg2b2ZaNHp1UThBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwXwQCAAEwWQMEAi2FYAME
Ai4V9AMEBzP6AAMEBD5UcAMEBlTJgAMEBFT8gAMEBlmpgAMEBYLBIAMDAJ6gAwQG
sprAAwQCuc6kAwQBudjCAwQCwSDYAwQE2RzgAwQD2caoMA0EAgACMAcDBQMqDdbA
MA0GCSqGSIb3DQEBCwUAA4IBAQAE6himQ4vFyGKRRy5cpMnraXMD8vIyqq1f2l3L
o2W6caW6xNOCQ0a1Gw3wBKoOCkpgIA/WL54mCiXB9SdsmCMDck1iuhVvBifXGH03
pkLKcLO217E27nWQQnYU2WmUqbHwBmR2wcH/ZEKHrNDLaBn9+CVW/MSp2fMZPhP5
nziqF93yjVpWguHvdruk1aDpGOGVzfKAgUo0RNmxjAvdGgDa/1OwOVXqFRlRCQUB
/x4IcIlDYEZuXsbBS6EagbT/Ih2uZc9tIRuOuhw6cLlePJ1tygZPAjbXol2/Lo5A
wcZsLBWiWsCnx2o0PXWr2pBVDYz44pEl5bYOV0dnor9Liy+e
-----END CERTIFICATE-----
Generated at Mon Feb 19 15:05:15 2024 by rpki-client on console-ams.rpki-client.org