Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/6M3gHRn_iawwi-1TPsw8aY2Ih10.roa
File: 6M3gHRn_iawwi-1TPsw8aY2Ih10.roa (raw, json)
Hash identifier: zG8uYQdevnfNTLavdxE3qjp6oSgzEjpcukHPD0wABpg=
Subject key identifier: E8:CD:E0:1D:19:FF:89:AC:30:8B:ED:53:3E:CC:3C:69:8D:88:87:5D
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 01945EA7EF6FF53882BDB5ADFC1D420D4F1A
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/6M3gHRn_iawwi-1TPsw8aY2Ih10.roa
Signing time: Mon 13 Jan 2025 07:54:11 +0000
ROA not before: Mon 13 Jan 2025 07:54:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59432
IP address blocks: 194.143.209.0/24 maxlen: 24
195.114.192.0/24 maxlen: 24
195.114.205.0/24 maxlen: 24
213.220.20.0/24 maxlen: 24
213.220.58.0/24 maxlen: 24
213.220.59.0/24 maxlen: 24
213.220.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Jan 2025 07:55:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:5e:a7:ef:6f:f5:38:82:bd:b5:ad:fc:1d:42:0d:4f:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Jan 13 07:54:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e8cde01d19ff89ac308bed533ecc3c698d88875d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f2:ad:29:3b:92:ca:22:a6:48:85:9a:ee:fb:
cd:38:de:82:74:44:1f:7c:b6:cd:a7:30:2e:72:4e:
e1:82:29:f0:b9:26:23:a5:c6:6e:fb:d6:bd:82:df:
b6:f2:b9:26:fa:f8:2d:cb:20:b6:3e:06:7b:dd:07:
4f:a1:ec:44:0f:f4:54:13:da:ae:98:81:00:da:b7:
ab:a9:97:19:87:0c:5c:6d:51:40:ff:b1:6b:2b:31:
69:c6:a3:9e:2a:f7:49:a6:81:8c:8b:55:06:53:9f:
46:8a:3b:07:87:e7:d4:21:64:15:8f:bb:64:aa:b6:
94:fd:9c:c6:8d:34:a3:87:da:88:ea:15:d8:b7:cd:
9b:37:84:c9:37:09:12:ec:e3:fa:e9:13:6b:11:04:
a5:af:c9:15:05:a5:2b:de:73:e8:a2:97:86:9d:1b:
94:13:87:13:54:a4:56:2a:e5:e8:ec:d2:57:65:eb:
a7:bb:80:a8:ba:d8:af:4f:29:da:68:3e:e6:d9:88:
83:f1:c7:91:e2:92:df:1c:d9:56:a6:b7:e2:ba:8d:
45:95:c5:49:f7:a5:e2:28:bb:f3:55:79:c5:99:c3:
42:08:d4:49:d6:2c:64:93:00:df:c7:8d:cc:4c:79:
32:92:24:eb:75:8e:79:ca:b1:65:5e:78:95:bf:3f:
4e:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:CD:E0:1D:19:FF:89:AC:30:8B:ED:53:3E:CC:3C:69:8D:88:87:5D
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/6M3gHRn_iawwi-1TPsw8aY2Ih10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.143.209.0/24
195.114.192.0/24
195.114.205.0/24
213.220.20.0/24
213.220.58.0/23
213.220.62.0/24
Signature Algorithm: sha256WithRSAEncryption
22:76:fb:71:d5:fc:65:6b:a0:c3:09:27:04:c5:a6:1b:9a:94:
08:cb:a4:d4:95:f2:25:c8:a8:0a:02:ee:37:d2:d3:c5:9f:4e:
7e:f7:c3:73:e1:e5:91:9c:8e:1d:1b:77:04:df:c1:d5:3d:2e:
7b:b8:47:9f:89:fe:38:eb:c1:3c:06:ba:b1:94:42:7f:7a:a3:
7e:aa:79:14:86:41:29:da:c7:4d:6c:b7:5c:69:e8:09:f6:41:
90:34:7a:66:d4:b3:86:25:8f:3a:38:4c:f5:8a:0b:a6:40:6c:
7a:07:89:00:7e:61:b7:a7:06:4f:e5:54:2e:83:24:56:ae:82:
05:ec:3c:66:99:a6:56:f4:b9:84:0a:40:64:43:51:a6:81:09:
a5:ea:d1:11:3c:f1:44:f5:8b:6b:e6:7b:d3:ac:65:3b:64:99:
19:fd:e8:6d:54:fe:41:47:bf:b2:17:98:0d:3a:c3:c9:48:65:
13:33:69:75:dc:c6:70:f4:36:e7:16:cd:f9:c6:c1:cc:51:a2:
18:8e:c0:1a:3b:8d:71:55:aa:a3:dc:c1:8c:e2:7a:eb:5b:1d:
65:65:b1:63:01:62:31:73:ad:58:2b:79:47:05:05:fd:50:49:
a2:f3:0a:0c:ed:d3:46:dd:2d:32:cd:01:fe:c0:da:8e:73:5d:
15:a7:f9:3f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZRep+9v9TiCvbWt/B1CDU8aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjUwMTEzMDc1NDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGNkZTAxZDE5ZmY4OWFjMzA4YmVkNTMzZWNjM2M2OThkODg4NzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfKtKTuSyiKmSIWa7vvNON6CdEQf
fLbNpzAuck7hginwuSYjpcZu+9a9gt+28rkm+vgtyyC2PgZ73QdPoexED/RUE9qu
mIEA2rerqZcZhwxcbVFA/7FrKzFpxqOeKvdJpoGMi1UGU59GijsHh+fUIWQVj7tk
qraU/ZzGjTSjh9qI6hXYt82bN4TJNwkS7OP66RNrEQSlr8kVBaUr3nPoopeGnRuU
E4cTVKRWKuXo7NJXZeunu4CoutivTynaaD7m2YiD8ceR4pLfHNlWprfiuo1FlcVJ
96XiKLvzVXnFmcNCCNRJ1ixkkwDfx43MTHkykiTrdY55yrFlXniVvz9OKQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOjN4B0Z/4msMIvtUz7MPGmNiIddMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvNk0zZ0hSbl9pYXd3aS0xVFBzdzhhWTJJaDEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwo/RAwQA
w3LAAwQAw3LNAwQA1dwUAwQB1dw6AwQA1dw+MA0GCSqGSIb3DQEBCwUAA4IBAQAi
dvtx1fxla6DDCScExaYbmpQIy6TUlfIlyKgKAu430tPFn05+98Nz4eWRnI4dG3cE
38HVPS57uEefif4468E8BrqxlEJ/eqN+qnkUhkEp2sdNbLdcaegJ9kGQNHpm1LOG
JY86OEz1igumQGx6B4kAfmG3pwZP5VQugyRWroIF7DxmmaZW9LmECkBkQ1GmgQml
6tERPPFE9Ytr5nvTrGU7ZJkZ/ehtVP5BR7+yF5gNOsPJSGUTM2l13MZw9DbnFs35
xsHMUaIYjsAaO41xVaqj3MGM4nrrWx1lZbFjAWIxc61YK3lHBQX9UEmi8woM7dNG
3S0yzQH+wNqOc10Vp/k/
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:22:22 2025 by rpki-client