Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/6GhkmNHaoXYSjrkMOAwdHmPSFS0.roa
File: 6GhkmNHaoXYSjrkMOAwdHmPSFS0.roa (raw, json)
Hash identifier: mcHdCZN2sOT1YfxOa12KSdwAC9kmnBeApT5e0aHNxCw=
Subject key identifier: E8:68:64:98:D1:DA:A1:76:12:8E:B9:0C:38:0C:1D:1E:63:D2:15:2D
Certificate issuer: /CN=9295b1f1dcd8fa6ac1ef788278c489e15eacae70
Certificate serial: 0185E40B71175770537CDF949BB7762A211D
Authority key identifier: 92:95:B1:F1:DC:D8:FA:6A:C1:EF:78:82:78:C4:89:E1:5E:AC:AE:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpWx8dzY-mrB73iCeMSJ4V6srnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/6GhkmNHaoXYSjrkMOAwdHmPSFS0.roa
Signing time: Tue 24 Jan 2023 13:50:33 +0000
ROA not before: Tue 24 Jan 2023 13:50:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8560
IP address blocks: 217.72.192.0/20 maxlen: 24
217.160.0.0/16 maxlen: 24
213.165.64.0/19 maxlen: 24
195.20.224.0/19 maxlen: 24
87.106.0.0/16 maxlen: 24
81.173.112.0/22 maxlen: 24
82.165.0.0/16 maxlen: 24
185.48.116.0/22 maxlen: 24
194.126.206.0/24 maxlen: 24
212.227.0.0/16 maxlen: 24
213.244.192.0/24 maxlen: 24
157.97.104.0/21 maxlen: 24
157.97.105.0/24 maxlen: 32
157.97.104.0/24 maxlen: 32
85.184.248.0/22 maxlen: 24
217.160.150.0/23 maxlen: 32
2001:8d8::/32 maxlen: 48
2a02:2478::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 25 Apr 2023 16:07:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:0b:71:17:57:70:53:7c:df:94:9b:b7:76:2a:21:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9295b1f1dcd8fa6ac1ef788278c489e15eacae70
Validity
Not Before: Jan 24 13:50:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e8686498d1daa176128eb90c380c1d1e63d2152d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e5:46:0e:26:e7:18:87:93:42:9a:b2:1c:8b:
01:b5:41:d0:e9:b9:41:32:1d:35:61:a9:60:09:de:
c9:bc:4e:24:64:ba:68:c7:0d:d5:6c:d6:ed:0a:99:
b5:b1:e5:27:15:b7:ee:d1:6e:59:67:ce:c8:b2:87:
b7:41:67:b7:42:80:87:08:b1:5b:10:c4:a2:43:8e:
b2:05:7c:0d:d0:3d:7c:cd:31:bd:f4:fc:76:88:83:
0c:52:7e:0f:44:2a:1d:92:da:a6:aa:50:65:0e:d3:
d7:fd:14:da:37:ae:2a:70:a7:0b:9a:9e:07:f3:ce:
a6:d3:26:19:48:61:32:bd:be:ec:b4:0c:42:ba:cd:
da:cd:1e:53:20:ce:b1:ca:4b:eb:95:77:33:19:03:
e0:4a:bc:76:ea:06:48:18:4d:11:f9:62:c0:04:a6:
b5:51:5f:66:c7:dd:10:92:0b:3e:9f:19:fa:57:35:
95:89:ee:0e:a4:99:e9:12:7e:a7:f8:7b:54:00:12:
dd:6a:10:79:5d:6b:97:ed:41:80:9f:0a:ef:b0:6b:
cc:ed:66:84:e8:6e:62:21:cc:dd:39:ab:0b:67:45:
c0:f4:c2:a8:79:01:1b:7b:cf:7f:57:cf:be:4b:70:
c8:6c:fa:47:eb:8d:a2:20:0e:1c:b9:de:1c:09:42:
12:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:68:64:98:D1:DA:A1:76:12:8E:B9:0C:38:0C:1D:1E:63:D2:15:2D
X509v3 Authority Key Identifier:
keyid:92:95:B1:F1:DC:D8:FA:6A:C1:EF:78:82:78:C4:89:E1:5E:AC:AE:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpWx8dzY-mrB73iCeMSJ4V6srnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/6GhkmNHaoXYSjrkMOAwdHmPSFS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/kpWx8dzY-mrB73iCeMSJ4V6srnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.173.112.0/22
82.165.0.0/16
85.184.248.0/22
87.106.0.0/16
157.97.104.0/21
185.48.116.0/22
194.126.206.0/24
195.20.224.0/19
212.227.0.0/16
213.165.64.0/19
213.244.192.0/24
217.72.192.0/20
217.160.0.0/16
IPv6:
2001:8d8::/32
2a02:2478::/29
Signature Algorithm: sha256WithRSAEncryption
80:77:9e:4a:3d:86:32:78:3e:7c:e1:78:27:32:7c:7a:d1:d7:
86:b6:51:7d:53:ab:a4:c5:23:42:3b:42:7a:1b:88:aa:7d:54:
5c:4a:e0:2d:12:e7:41:15:0c:39:0b:34:d6:57:4c:e9:c4:3d:
db:45:3a:1b:32:fb:06:64:55:46:f1:b2:d9:8f:b7:cb:6e:40:
03:4b:97:bd:11:a4:53:0f:02:8e:55:cf:ae:50:64:48:be:62:
5b:ae:39:0b:ec:91:e7:58:dd:fc:e0:c9:23:c2:a6:a5:3c:d5:
a0:c8:a1:3d:ca:10:12:34:4c:f8:07:12:1f:c4:8a:e7:c0:32:
d4:36:8a:ab:64:ba:31:fe:ad:31:ab:09:71:b9:3e:29:45:ff:
5f:e0:9c:a6:58:98:1d:89:e4:58:03:37:d7:bb:53:77:43:3e:
b3:19:e3:cb:be:17:ed:59:4b:77:e5:37:47:56:2f:d3:07:ce:
b1:86:16:c6:93:ed:a3:f2:61:3c:6a:9c:b2:0f:84:d5:f8:1e:
4e:c0:32:7e:9c:b1:4b:79:15:9f:6b:a1:25:60:c2:62:5d:c0:
4a:ca:52:df:00:f6:3d:64:53:15:54:84:ed:94:20:50:d7:8f:
3b:86:e6:44:1c:7a:ea:b9:f7:55:58:76:73:c0:41:2c:74:7a:
14:6b:9e:09
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYXkC3EXV3BTfN+Um7d2KiEdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTViMWYxZGNkOGZhNmFjMWVmNzg4Mjc4YzQ4OWUxNWVh
Y2FlNzAwHhcNMjMwMTI0MTM1MDMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODY4NjQ5OGQxZGFhMTc2MTI4ZWI5MGMzODBjMWQxZTYzZDIxNTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuVGDibnGIeTQpqyHIsBtUHQ6blB
Mh01YalgCd7JvE4kZLpoxw3VbNbtCpm1seUnFbfu0W5ZZ87Isoe3QWe3QoCHCLFb
EMSiQ46yBXwN0D18zTG99Px2iIMMUn4PRCodktqmqlBlDtPX/RTaN64qcKcLmp4H
886m0yYZSGEyvb7stAxCus3azR5TIM6xykvrlXczGQPgSrx26gZIGE0R+WLABKa1
UV9mx90Qkgs+nxn6VzWVie4OpJnpEn6n+HtUABLdahB5XWuX7UGAnwrvsGvM7WaE
6G5iIczdOasLZ0XA9MKoeQEbe89/V8++S3DIbPpH642iIA4cud4cCUISmQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFOhoZJjR2qF2Eo65DDgMHR5j0hUtMB8GA1UdIwQY
MBaAFJKVsfHc2Ppqwe94gnjEieFerK5wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BXeDhkelktbXJCNzNpQ2VNU0o0VjZzcm5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wZmJjMmUtZmQ4OC00ZGYyLWFhZTMt
OWViNDBjYzVmNjhiLzEvNkdoa21OSGFvWFlTanJrTU9Bd2RIbVBTRlMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wZmJjMmUtZmQ4OC00ZGYyLWFhZTMtOWViNDBjYzVmNjhi
LzEva3BXeDhkelktbXJCNzNpQ2VNU0o0VjZzcm5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBQBAIAATBKAwQCUa1wAwMA
UqUDBAJVuPgDAwBXagMEA51haAMEArkwdAMEAMJ+zgMEBcMU4AMDANTjAwQF1aVA
AwQA1fTAAwQE2UjAAwMA2aAwFAQCAAIwDgMFACABCNgDBQMqAiR4MA0GCSqGSIb3
DQEBCwUAA4IBAQCAd55KPYYyeD584XgnMnx60deGtlF9U6ukxSNCO0J6G4iqfVRc
SuAtEudBFQw5CzTWV0zpxD3bRTobMvsGZFVG8bLZj7fLbkADS5e9EaRTDwKOVc+u
UGRIvmJbrjkL7JHnWN384MkjwqalPNWgyKE9yhASNEz4BxIfxIrnwDLUNoqrZLox
/q0xqwlxuT4pRf9f4JymWJgdieRYAzfXu1N3Qz6zGePLvhftWUt35TdHVi/TB86x
hhbGk+2j8mE8apyyD4TV+B5OwDJ+nLFLeRWfa6ElYMJiXcBKylLfAPY9ZFMVVITt
lCBQ1487huZEHHrqufdVWHZzwEEsdHoUa54J
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:21 2024 by rpki-client on console-fra.rpki-client.org