Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/ttS6sMKQLrLahefagBcCYJXGc-Y.roa
File: ttS6sMKQLrLahefagBcCYJXGc-Y.roa (raw, json)
Hash identifier: 7S8R83KVwSrXwMdsVseXhmA+UbplvMsVENKxHs2HDac=
Subject key identifier: B6:D4:BA:B0:C2:90:2E:B2:DA:85:E7:DA:80:17:02:60:95:C6:73:E6
Certificate issuer: /CN=9295b1f1dcd8fa6ac1ef788278c489e15eacae70
Certificate serial: 018BF6D95AD5DA21C1EF1BB6A38C6BC85F6E
Authority key identifier: 92:95:B1:F1:DC:D8:FA:6A:C1:EF:78:82:78:C4:89:E1:5E:AC:AE:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpWx8dzY-mrB73iCeMSJ4V6srnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/ttS6sMKQLrLahefagBcCYJXGc-Y.roa
Signing time: Wed 22 Nov 2023 11:45:21 +0000
ROA not before: Wed 22 Nov 2023 11:45:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8560
IP address blocks: 46.16.72.0/21 maxlen: 24
217.72.192.0/20 maxlen: 24
217.160.0.0/16 maxlen: 24
78.137.96.0/21 maxlen: 24
213.165.64.0/19 maxlen: 24
195.20.224.0/19 maxlen: 24
87.106.0.0/16 maxlen: 24
81.173.112.0/22 maxlen: 24
82.165.0.0/16 maxlen: 24
185.48.116.0/22 maxlen: 24
194.126.206.0/24 maxlen: 24
212.227.0.0/16 maxlen: 24
213.244.192.0/24 maxlen: 24
157.97.105.0/24 maxlen: 32
157.97.104.0/24 maxlen: 32
85.184.248.0/22 maxlen: 24
157.97.104.0/21 maxlen: 24
5.250.176.0/20 maxlen: 24
217.160.150.0/23 maxlen: 32
2001:8d8::/32 maxlen: 48
2a02:2478::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 21 Dec 2023 08:57:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f6:d9:5a:d5:da:21:c1:ef:1b:b6:a3:8c:6b:c8:5f:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9295b1f1dcd8fa6ac1ef788278c489e15eacae70
Validity
Not Before: Nov 22 11:45:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b6d4bab0c2902eb2da85e7da8017026095c673e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:4f:54:b4:ed:30:2b:48:08:61:32:b3:fb:01:
0a:b6:e5:73:30:61:22:b8:5a:ef:b8:67:78:6e:ba:
bb:ac:1b:12:d5:83:61:04:46:6e:b2:4b:2f:20:de:
2c:da:8a:c1:83:76:f2:71:4c:97:2f:99:ff:dc:e2:
9f:7c:0d:56:9d:a0:73:db:39:13:08:f4:26:6d:d0:
5d:16:07:b1:10:ad:af:cb:6f:57:d6:a1:b2:c2:df:
78:35:79:c5:c7:75:fc:ff:74:5e:80:a8:1e:4c:9b:
32:ed:c3:e9:74:09:ac:8d:09:8a:8c:95:cb:a2:20:
3f:70:07:76:e2:db:ac:1c:b0:c8:d8:e3:ce:1b:77:
d4:fc:b4:93:4e:05:2d:93:8e:ab:aa:d3:24:c6:75:
78:5a:22:8f:45:92:62:eb:7b:0b:7a:9f:9a:53:e5:
1d:0e:18:09:e6:5e:c0:b6:ff:1d:b4:12:4b:d5:24:
7c:32:fe:b1:f5:3b:bf:ac:e9:9d:76:ed:e9:55:f2:
08:81:e0:9f:ba:44:54:04:00:4b:1c:cc:35:6e:59:
e0:fe:63:5a:2f:05:39:eb:e4:9a:48:4d:23:85:9a:
37:46:81:ec:b4:d7:85:11:7f:c4:0e:e4:1d:25:57:
2a:0f:c9:70:be:79:41:88:10:e6:51:29:0b:cb:7c:
84:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:D4:BA:B0:C2:90:2E:B2:DA:85:E7:DA:80:17:02:60:95:C6:73:E6
X509v3 Authority Key Identifier:
keyid:92:95:B1:F1:DC:D8:FA:6A:C1:EF:78:82:78:C4:89:E1:5E:AC:AE:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpWx8dzY-mrB73iCeMSJ4V6srnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/ttS6sMKQLrLahefagBcCYJXGc-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/kpWx8dzY-mrB73iCeMSJ4V6srnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.250.176.0/20
46.16.72.0/21
78.137.96.0/21
81.173.112.0/22
82.165.0.0/16
85.184.248.0/22
87.106.0.0/16
157.97.104.0/21
185.48.116.0/22
194.126.206.0/24
195.20.224.0/19
212.227.0.0/16
213.165.64.0/19
213.244.192.0/24
217.72.192.0/20
217.160.0.0/16
IPv6:
2001:8d8::/32
2a02:2478::/29
Signature Algorithm: sha256WithRSAEncryption
2f:54:b7:57:c2:86:7c:e1:97:af:55:d5:6d:d7:9b:b6:33:99:
e0:62:b0:40:05:92:64:b5:8e:b9:61:a5:78:62:34:3d:ae:8d:
c9:c7:4c:f1:5a:86:5d:bb:0e:70:8e:c6:d1:5e:81:ec:0d:2f:
74:54:f9:d2:95:7f:2a:c3:63:36:d3:4c:f7:19:3c:81:87:b0:
61:3d:a1:1f:c5:bc:a6:65:d9:75:36:a8:7f:61:88:d7:8c:77:
1a:17:d2:0f:32:61:b7:39:61:ae:eb:d3:a1:82:e2:dd:f5:81:
7e:4f:23:48:aa:0c:92:d1:dc:9d:fa:c1:a4:f7:c5:ed:6a:4f:
76:a9:ca:c6:a6:03:2f:bb:67:a2:02:f0:49:b2:fd:2b:93:50:
15:40:40:cc:b0:87:55:c0:1c:89:f4:eb:9b:93:81:f2:78:81:
cf:a8:5b:1e:c5:97:3e:dd:ed:6b:b1:ac:5f:ad:e8:08:03:66:
54:ee:68:42:a6:a3:e9:68:37:83:6e:6e:77:97:ae:72:c4:60:
9b:22:0d:55:55:f8:c1:d5:d5:f8:17:e8:41:e5:61:79:53:f4:
6d:ad:fb:b4:f7:f0:c2:79:12:08:8a:31:b2:d8:3e:cc:9a:6c:
26:cb:b8:06:a6:70:7d:4a:ce:36:97:31:b6:37:7f:0c:0f:87:
2c:8d:7a:53
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAYv22VrV2iHB7xu2o4xryF9uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTViMWYxZGNkOGZhNmFjMWVmNzg4Mjc4YzQ4OWUxNWVh
Y2FlNzAwHhcNMjMxMTIyMTE0NTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmQ0YmFiMGMyOTAyZWIyZGE4NWU3ZGE4MDE3MDI2MDk1YzY3M2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxk9UtO0wK0gIYTKz+wEKtuVzMGEi
uFrvuGd4brq7rBsS1YNhBEZusksvIN4s2orBg3bycUyXL5n/3OKffA1WnaBz2zkT
CPQmbdBdFgexEK2vy29X1qGywt94NXnFx3X8/3RegKgeTJsy7cPpdAmsjQmKjJXL
oiA/cAd24tusHLDI2OPOG3fU/LSTTgUtk46rqtMkxnV4WiKPRZJi63sLep+aU+Ud
DhgJ5l7Atv8dtBJL1SR8Mv6x9Tu/rOmddu3pVfIIgeCfukRUBABLHMw1blng/mNa
LwU56+SaSE0jhZo3RoHstNeFEX/EDuQdJVcqD8lwvnlBiBDmUSkLy3yEqwIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFLbUurDCkC6y2oXn2oAXAmCVxnPmMB8GA1UdIwQY
MBaAFJKVsfHc2Ppqwe94gnjEieFerK5wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BXeDhkelktbXJCNzNpQ2VNU0o0VjZzcm5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wZmJjMmUtZmQ4OC00ZGYyLWFhZTMt
OWViNDBjYzVmNjhiLzEvdHRTNnNNS1FMckxhaGVmYWdCY0NZSlhHYy1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wZmJjMmUtZmQ4OC00ZGYyLWFhZTMtOWViNDBjYzVmNjhi
LzEva3BXeDhkelktbXJCNzNpQ2VNU0o0VjZzcm5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHowYgQCAAEwXAMEBAX6sAME
Ay4QSAMEA06JYAMEAlGtcAMDAFKlAwQCVbj4AwMAV2oDBAOdYWgDBAK5MHQDBADC
fs4DBAXDFOADAwDU4wMEBdWlQAMEANX0wAMEBNlIwAMDANmgMBQEAgACMA4DBQAg
AQjYAwUDKgIkeDANBgkqhkiG9w0BAQsFAAOCAQEAL1S3V8KGfOGXr1XVbdebtjOZ
4GKwQAWSZLWOuWGleGI0Pa6NycdM8VqGXbsOcI7G0V6B7A0vdFT50pV/KsNjNtNM
9xk8gYewYT2hH8W8pmXZdTaof2GI14x3GhfSDzJhtzlhruvToYLi3fWBfk8jSKoM
ktHcnfrBpPfF7WpPdqnKxqYDL7tnogLwSbL9K5NQFUBAzLCHVcAcifTrm5OB8niB
z6hbHsWXPt3ta7GsX63oCANmVO5oQqaj6Wg3g25ud5eucsRgmyINVVX4wdXV+Bfo
QeVheVP0ba37tPfwwnkSCIoxstg+zJpsJsu4BqZwfUrONpcxtjd/DA+HLI16Uw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:13 2024 by rpki-client on console-ams.rpki-client.org