Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/e56811-9801-4595-87e7-13d168d59b11/1/6hmmyf--wg8iQPfwZFbTfkg_Mrg.roa
File: 6hmmyf--wg8iQPfwZFbTfkg_Mrg.roa (raw, json)
Hash identifier: 8RoU9xc1Elh4n0xuK9Yu8++bMJDJPT3axl7xHziY768=
Subject key identifier: EA:19:A6:C9:FF:BE:C2:0F:22:40:F7:F0:64:56:D3:7E:48:3F:32:B8
Certificate issuer: /CN=68639a21759796fe3a1d919f9b5737eb68d708e4
Certificate serial: 01856FE71A4B2971B585BFFE4FEAE8FF276F
Authority key identifier: 68:63:9A:21:75:97:96:FE:3A:1D:91:9F:9B:57:37:EB:68:D7:08:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aGOaIXWXlv46HZGfm1c362jXCOQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/e56811-9801-4595-87e7-13d168d59b11/1/6hmmyf--wg8iQPfwZFbTfkg_Mrg.roa
Signing time: Mon 02 Jan 2023 00:34:54 +0000
ROA not before: Mon 02 Jan 2023 00:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30936
IP address blocks: 185.39.116.0/22 maxlen: 22
82.116.32.0/19 maxlen: 19
82.116.63.0/24 maxlen: 24
87.238.232.0/21 maxlen: 21
2a01:4420::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:31:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e7:1a:4b:29:71:b5:85:bf:fe:4f:ea:e8:ff:27:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68639a21759796fe3a1d919f9b5737eb68d708e4
Validity
Not Before: Jan 2 00:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea19a6c9ffbec20f2240f7f06456d37e483f32b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:5c:e2:9b:7c:b7:05:6b:8d:7d:b1:3e:07:fc:
cc:96:29:f1:e1:d6:13:27:e2:c2:d6:15:f5:0b:14:
07:3f:5d:f2:f1:c5:09:4c:3c:f1:37:21:5d:d4:fd:
8d:2d:c4:1d:83:58:b7:4c:f1:69:63:d8:9e:f0:af:
44:18:ba:89:97:2c:df:51:73:09:26:8c:63:57:f4:
df:a4:3e:d6:6b:85:e9:3e:63:68:4f:e4:8f:95:ef:
a2:af:49:4a:b9:bc:c8:1f:0a:b0:df:fb:71:ec:73:
b0:6c:a0:d2:87:0e:df:bc:1f:36:fc:4f:46:bd:f1:
66:1e:65:a5:4e:33:7d:96:11:a1:ba:07:68:5d:d6:
31:cc:d2:87:3c:6b:00:d6:c9:3a:a0:07:b0:02:78:
7c:16:61:0c:f8:93:83:e8:e7:41:0f:3a:dc:93:56:
ed:5c:ec:6a:df:70:f4:44:af:95:3e:4f:75:a0:7e:
76:98:eb:00:41:cc:4a:9e:08:0a:43:02:3b:c4:b5:
8c:90:22:f4:56:0e:ab:8c:b6:e5:d3:fc:5a:3c:d7:
c0:67:84:ef:15:3b:79:33:36:30:81:ec:ea:1a:a1:
48:2a:3c:96:3f:6a:10:a0:5f:e2:8c:a1:88:a7:b9:
17:28:df:64:7a:ea:f8:99:1b:25:1f:b1:c1:5c:1f:
07:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:19:A6:C9:FF:BE:C2:0F:22:40:F7:F0:64:56:D3:7E:48:3F:32:B8
X509v3 Authority Key Identifier:
keyid:68:63:9A:21:75:97:96:FE:3A:1D:91:9F:9B:57:37:EB:68:D7:08:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aGOaIXWXlv46HZGfm1c362jXCOQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e56811-9801-4595-87e7-13d168d59b11/1/6hmmyf--wg8iQPfwZFbTfkg_Mrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e56811-9801-4595-87e7-13d168d59b11/1/aGOaIXWXlv46HZGfm1c362jXCOQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.116.32.0/19
87.238.232.0/21
185.39.116.0/22
IPv6:
2a01:4420::/32
Signature Algorithm: sha256WithRSAEncryption
04:87:1c:b6:72:a3:5d:5e:35:22:6b:3b:e6:07:97:cf:aa:f1:
1c:42:c0:c2:75:86:ad:74:78:a4:2b:25:fc:46:b4:ee:b4:b3:
cb:db:31:14:fd:e1:a2:9a:4f:bb:84:22:52:ee:fc:38:fa:00:
1b:7c:d0:7a:6c:e4:5f:67:40:7f:55:5c:09:90:71:8d:45:36:
11:dc:46:3e:25:55:37:a6:ee:1d:63:77:d7:8f:bc:92:d6:a9:
83:34:58:42:47:12:ff:b5:1e:fe:24:c4:31:86:61:86:43:5d:
a2:d7:b1:47:8f:aa:bc:56:5f:d1:62:a5:15:0a:46:0c:4a:4c:
ea:1e:97:84:8b:c1:6f:97:23:fa:c4:d0:e8:b9:69:2a:a3:49:
af:c1:b4:8f:2d:ce:c3:d1:f7:f5:99:d4:f0:53:cd:06:89:bc:
64:a3:43:96:6e:7f:c6:4d:35:a9:9f:9e:c8:00:c2:65:75:20:
77:fb:a2:b8:01:db:e3:14:9c:b2:c9:4c:54:28:a4:15:9b:75:
19:2e:c1:a1:6e:b6:82:75:72:76:80:39:47:d1:e9:c0:93:b9:
f2:5c:5f:8b:ab:e9:90:f8:7e:ab:d1:cc:3d:fb:6b:e9:4e:36:
ae:3e:3a:65:d5:76:b4:7b:b5:cf:0f:6d:32:b1:93:66:64:19:
d2:f5:a5:69
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVv5xpLKXG1hb/+T+ro/ydvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NjM5YTIxNzU5Nzk2ZmUzYTFkOTE5ZjliNTczN2ViNjhk
NzA4ZTQwHhcNMjMwMTAyMDAzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTE5YTZjOWZmYmVjMjBmMjI0MGY3ZjA2NDU2ZDM3ZTQ4M2YzMmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA61zim3y3BWuNfbE+B/zMlinx4dYT
J+LC1hX1CxQHP13y8cUJTDzxNyFd1P2NLcQdg1i3TPFpY9ie8K9EGLqJlyzfUXMJ
JoxjV/TfpD7Wa4XpPmNoT+SPle+ir0lKubzIHwqw3/tx7HOwbKDShw7fvB82/E9G
vfFmHmWlTjN9lhGhugdoXdYxzNKHPGsA1sk6oAewAnh8FmEM+JOD6OdBDzrck1bt
XOxq33D0RK+VPk91oH52mOsAQcxKnggKQwI7xLWMkCL0Vg6rjLbl0/xaPNfAZ4Tv
FTt5MzYwgezqGqFIKjyWP2oQoF/ijKGIp7kXKN9keur4mRslH7HBXB8HgQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOoZpsn/vsIPIkD38GRW035IPzK4MB8GA1UdIwQY
MBaAFGhjmiF1l5b+Oh2Rn5tXN+to1wjkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUdPYUlYV1hsdjQ2SFpHZm0xYzM2MmpYQ09RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9lNTY4MTEtOTgwMS00NTk1LTg3ZTct
MTNkMTY4ZDU5YjExLzEvNmhtbXlmLS13ZzhpUVBmd1pGYlRma2dfTXJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9lNTY4MTEtOTgwMS00NTk1LTg3ZTctMTNkMTY4ZDU5YjEx
LzEvYUdPYUlYV1hsdjQ2SFpHZm0xYzM2MmpYQ09RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFUnQgAwQD
V+7oAwQCuSd0MA0EAgACMAcDBQAqAUQgMA0GCSqGSIb3DQEBCwUAA4IBAQAEhxy2
cqNdXjUiazvmB5fPqvEcQsDCdYatdHikKyX8RrTutLPL2zEU/eGimk+7hCJS7vw4
+gAbfNB6bORfZ0B/VVwJkHGNRTYR3EY+JVU3pu4dY3fXj7yS1qmDNFhCRxL/tR7+
JMQxhmGGQ12i17FHj6q8Vl/RYqUVCkYMSkzqHpeEi8FvlyP6xNDouWkqo0mvwbSP
Lc7D0ff1mdTwU80Gibxko0OWbn/GTTWpn57IAMJldSB3+6K4AdvjFJyyyUxUKKQV
m3UZLsGhbraCdXJ2gDlH0enAk7nyXF+Lq+mQ+H6r0cw9+2vpTjauPjpl1Xa0e7XP
D20ysZNmZBnS9aVp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:10 2024 by rpki-client on console-ams.rpki-client.org