Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/al64_swM6K1Yho0-6imJnNJpxpc.roa
File: al64_swM6K1Yho0-6imJnNJpxpc.roa (raw, json)
Hash identifier: wG1sHffcnct59OsDqSgXC0Tvr8CNvBiVJAKg1XTdBEw=
Subject key identifier: 6A:5E:B8:FE:CC:0C:E8:AD:58:86:8D:3E:EA:29:89:9C:D2:69:C6:97
Certificate issuer: /CN=fb2aa5acfc9bb0fe6b911f1ecad3eb54d45cb36f
Certificate serial: 018B1E4145266B4DBC83B9DED736E540A4BA
Authority key identifier: FB:2A:A5:AC:FC:9B:B0:FE:6B:91:1F:1E:CA:D3:EB:54:D4:5C:B3:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-yqlrPybsP5rkR8eytPrVNRcs28.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/al64_swM6K1Yho0-6imJnNJpxpc.roa
Signing time: Wed 11 Oct 2023 10:21:15 +0000
ROA not before: Wed 11 Oct 2023 10:21:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49981
IP address blocks: 188.208.196.0/23 maxlen: 23
2a06:f940::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 07 Dec 2023 10:22:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1e:41:45:26:6b:4d:bc:83:b9:de:d7:36:e5:40:a4:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb2aa5acfc9bb0fe6b911f1ecad3eb54d45cb36f
Validity
Not Before: Oct 11 10:21:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a5eb8fecc0ce8ad58868d3eea29899cd269c697
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:bb:c1:cd:75:75:9e:7b:54:db:33:0f:d6:c9:
8a:d4:e7:06:cd:34:7f:fc:67:cc:ab:0f:92:55:f3:
63:42:9b:65:11:13:f3:b1:38:6c:ce:5b:c7:90:01:
42:b8:ea:f2:ef:d5:c4:94:95:5b:ac:51:af:69:38:
da:89:fb:fd:40:fe:5d:34:af:7f:c1:d7:f4:d7:2c:
52:ae:e0:d2:a7:24:f8:e3:68:fa:97:1f:a8:3e:97:
de:79:04:71:b4:a5:70:89:d1:cf:83:ca:2e:83:67:
ec:26:7e:60:a7:14:48:c6:23:70:7d:08:08:5a:f7:
94:4b:5c:10:16:31:2d:83:fb:70:72:aa:bc:a9:47:
e8:44:e3:6a:19:bd:46:2d:84:32:25:2f:7a:9c:6f:
20:2f:91:ec:7e:15:0c:02:4e:30:e0:d8:66:2a:b1:
c0:38:53:5c:85:5f:09:00:a8:08:8f:e6:f2:6f:1f:
82:6e:9e:5f:3d:75:5a:1c:c3:c0:7a:46:1f:2f:19:
58:66:b6:6f:cc:40:6d:86:1a:6f:b5:6d:b8:79:0f:
d9:c1:68:aa:4f:fa:ff:0c:5d:77:bf:90:9b:a7:e0:
21:e0:03:0d:9c:df:3d:b7:ac:09:7d:36:e6:19:a2:
40:13:ed:cc:af:80:4a:c5:ad:c8:c0:17:1d:3f:c7:
f9:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:5E:B8:FE:CC:0C:E8:AD:58:86:8D:3E:EA:29:89:9C:D2:69:C6:97
X509v3 Authority Key Identifier:
keyid:FB:2A:A5:AC:FC:9B:B0:FE:6B:91:1F:1E:CA:D3:EB:54:D4:5C:B3:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-yqlrPybsP5rkR8eytPrVNRcs28.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/al64_swM6K1Yho0-6imJnNJpxpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/1-yqlrPybsP5rkR8eytPrVNRcs28.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.208.196.0/23
IPv6:
2a06:f940::/48
Signature Algorithm: sha256WithRSAEncryption
34:b5:1b:2f:10:05:7b:a3:4f:a7:78:34:6e:9b:fb:17:c8:24:
3f:90:b0:ff:5d:46:99:ae:81:11:95:24:09:71:f0:24:5e:58:
e0:f9:86:bc:78:c2:8e:79:28:68:dc:88:bf:42:af:d8:1a:97:
41:08:14:7f:c2:a4:9e:0d:8a:46:5d:46:5f:3b:3f:ea:b2:47:
2f:d7:ba:68:46:54:83:7e:0c:5f:38:48:21:a1:3c:fa:f7:7c:
6c:b7:a5:1f:83:76:7c:c2:56:98:a9:4d:76:e6:44:bf:95:bf:
92:7b:ac:1a:fa:09:32:31:5d:9c:ea:08:46:29:44:21:af:f1:
82:c2:72:da:1b:eb:e9:60:3d:81:46:fd:47:76:3c:20:c5:37:
e4:39:26:5f:2e:92:87:cf:60:ce:56:29:53:05:61:d6:aa:ca:
c1:63:77:99:7d:33:cd:ea:69:e9:73:46:8e:1f:83:f8:a4:3c:
d9:ba:81:20:a9:b2:eb:e3:1b:5e:77:14:8d:34:d1:df:72:cb:
a4:67:f4:f8:86:8d:68:b0:4c:a6:99:0d:1b:9c:8d:2a:82:49:
d0:c7:d0:09:90:a9:ff:2e:cf:93:6e:0c:a1:59:c1:68:35:f0:
31:b4:2f:55:f7:20:0f:59:13:24:34:da:35:a3:76:1e:66:fc:
28:49:3a:78
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYseQUUma028g7ne1zblQKS6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMmFhNWFjZmM5YmIwZmU2YjkxMWYxZWNhZDNlYjU0ZDQ1
Y2IzNmYwHhcNMjMxMDExMTAyMTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTVlYjhmZWNjMGNlOGFkNTg4NjhkM2VlYTI5ODk5Y2QyNjljNjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7vBzXV1nntU2zMP1smK1OcGzTR/
/GfMqw+SVfNjQptlERPzsThszlvHkAFCuOry79XElJVbrFGvaTjaifv9QP5dNK9/
wdf01yxSruDSpyT442j6lx+oPpfeeQRxtKVwidHPg8oug2fsJn5gpxRIxiNwfQgI
WveUS1wQFjEtg/twcqq8qUfoRONqGb1GLYQyJS96nG8gL5HsfhUMAk4w4NhmKrHA
OFNchV8JAKgIj+bybx+Cbp5fPXVaHMPAekYfLxlYZrZvzEBthhpvtW24eQ/ZwWiq
T/r/DF13v5Cbp+Ah4AMNnN89t6wJfTbmGaJAE+3Mr4BKxa3IwBcdP8f5ZwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFGpeuP7MDOitWIaNPuopiZzSacaXMB8GA1UdIwQY
MBaAFPsqpaz8m7D+a5EfHsrT61TUXLNvMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS15cWxyUHlic1A1cmtSOGV5dFByVk5SY3MyOC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEvZDllN2VkLTNjMGYtNGE5Mi04NzE2
LWVlMDU3Y2Y5YzE2MS8xL2FsNjRfc3dNNksxWWhvMC02aW1Kbk5KcHhwYy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjEvZDllN2VkLTNjMGYtNGE5Mi04NzE2LWVlMDU3Y2Y5YzE2
MS8xLzEteXFsclB5YnNQNXJrUjhleXRQclZOUmNzMjguY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAG80MQw
DwQCAAIwCQMHACoG+UAAADANBgkqhkiG9w0BAQsFAAOCAQEANLUbLxAFe6NPp3g0
bpv7F8gkP5Cw/11Gma6BEZUkCXHwJF5Y4PmGvHjCjnkoaNyIv0Kv2BqXQQgUf8Kk
ng2KRl1GXzs/6rJHL9e6aEZUg34MXzhIIaE8+vd8bLelH4N2fMJWmKlNduZEv5W/
knusGvoJMjFdnOoIRilEIa/xgsJy2hvr6WA9gUb9R3Y8IMU35DkmXy6Sh89gzlYp
UwVh1qrKwWN3mX0zzepp6XNGjh+D+KQ82bqBIKmy6+MbXncUjTTR33LLpGf0+IaN
aLBMppkNG5yNKoJJ0MfQCZCp/y7Pk24MoVnBaDXwMbQvVfcgD1kTJDTaNaN2Hmb8
KEk6eA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:10 2024 by rpki-client on console-ams.rpki-client.org