Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/6b9c7a-9dc7-4040-b29a-fc7a0ea6b0e2/1/1hLmRXBbHVo1LiSlX8cgt1B_wkg.roa
File: 1hLmRXBbHVo1LiSlX8cgt1B_wkg.roa (raw, json)
Hash identifier: D9ktosiH+l5gaPgkC9CF3IbQSiZsQtlmWMSNLC9K6Yc=
Subject key identifier: D6:12:E6:45:70:5B:1D:5A:35:2E:24:A5:5F:C7:20:B7:50:7F:C2:48
Certificate issuer: /CN=34a63dc86120e87f4cff8c59af3261e6e1292fd9
Certificate serial: 01856C136DBE86F33F379D6EEF180F4012F2
Authority key identifier: 34:A6:3D:C8:61:20:E8:7F:4C:FF:8C:59:AF:32:61:E6:E1:29:2F:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NKY9yGEg6H9M_4xZrzJh5uEpL9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/6b9c7a-9dc7-4040-b29a-fc7a0ea6b0e2/1/1hLmRXBbHVo1LiSlX8cgt1B_wkg.roa
Signing time: Sun 01 Jan 2023 06:44:50 +0000
ROA not before: Sun 01 Jan 2023 06:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210966
IP address blocks: 185.25.106.0/24 maxlen: 24
2a11:540::/30 maxlen: 30
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:13:6d:be:86:f3:3f:37:9d:6e:ef:18:0f:40:12:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34a63dc86120e87f4cff8c59af3261e6e1292fd9
Validity
Not Before: Jan 1 06:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d612e645705b1d5a352e24a55fc720b7507fc248
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:62:b1:60:11:0f:ce:92:d9:34:6b:56:6c:5d:
f9:1c:e9:8a:f8:91:cb:f0:74:b0:b3:bb:d1:36:f2:
97:23:3d:5f:4c:bc:2d:f3:ed:a2:40:e5:6e:58:1a:
27:35:f0:80:df:03:a1:d2:fa:5e:15:25:30:fb:c6:
1f:a3:64:d9:d9:d1:fb:ba:68:52:13:72:e0:15:e4:
46:cc:ab:34:f2:c2:15:d4:98:2f:ed:81:e2:4a:94:
70:86:df:0b:eb:3a:7c:68:46:3d:9a:48:59:ed:ed:
77:2a:81:8e:31:d1:8b:2e:4c:41:71:47:05:6a:75:
3b:84:53:98:76:fa:69:d4:39:ec:39:cc:31:f2:44:
ff:9a:16:15:a1:52:66:d2:c0:ce:73:63:d0:d4:19:
66:43:d8:a0:16:1a:36:ab:ea:09:eb:bf:f1:8f:c2:
94:64:45:84:68:9e:6c:6f:5a:22:0a:8c:3c:46:07:
b2:e7:eb:ee:2d:e2:7e:2f:b0:9e:65:c1:69:73:80:
0a:28:31:a5:53:05:83:ff:f9:76:85:c5:af:6a:2d:
fe:a7:66:48:3b:27:31:05:1f:ab:51:e1:17:b2:3a:
92:db:54:bc:bd:75:a8:9b:f8:bd:a3:93:23:d1:3a:
73:a9:3b:ac:f9:4b:8d:ae:37:b9:90:a1:cd:40:c9:
81:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:12:E6:45:70:5B:1D:5A:35:2E:24:A5:5F:C7:20:B7:50:7F:C2:48
X509v3 Authority Key Identifier:
keyid:34:A6:3D:C8:61:20:E8:7F:4C:FF:8C:59:AF:32:61:E6:E1:29:2F:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NKY9yGEg6H9M_4xZrzJh5uEpL9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/6b9c7a-9dc7-4040-b29a-fc7a0ea6b0e2/1/1hLmRXBbHVo1LiSlX8cgt1B_wkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/6b9c7a-9dc7-4040-b29a-fc7a0ea6b0e2/1/NKY9yGEg6H9M_4xZrzJh5uEpL9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.106.0/24
IPv6:
2a11:540::/30
Signature Algorithm: sha256WithRSAEncryption
8c:4f:3e:d0:fb:70:5d:64:1a:48:bb:cb:4f:93:a8:97:4f:d6:
80:f3:16:ae:2e:10:88:6b:5f:ba:c1:d1:e4:ad:a4:57:d0:df:
f8:a1:16:6e:24:54:a4:b1:d5:da:0d:a1:46:4a:11:bd:e9:44:
4a:c1:1b:7d:96:5f:e0:41:f3:7f:b5:81:15:0e:b0:6f:18:8e:
3f:70:b7:4e:ec:66:13:a0:39:03:44:8b:b9:74:0e:0e:a7:6d:
d9:ff:b9:47:53:91:cf:ff:e0:58:d3:51:fe:34:cc:27:86:1b:
aa:cb:50:b7:49:db:82:f1:a8:ab:2e:f2:f2:35:40:17:02:fe:
a2:77:0d:3f:c1:dd:fa:d4:42:dd:59:b6:b5:c3:e1:49:e6:eb:
28:5b:bd:43:54:ee:b1:bd:11:dc:3b:b5:77:90:57:1f:15:2a:
e5:6d:01:3a:72:a6:15:a2:42:83:a7:ae:27:f8:fa:c5:b1:d9:
ef:0e:07:76:d0:2a:9d:be:e9:ac:51:10:c2:bf:19:46:d9:70:
e5:a1:04:6b:9a:58:2b:a7:9f:ec:8b:1c:f9:42:91:86:27:1b:
47:d6:c3:e0:ca:c4:44:ef:9e:8c:71:9a:1f:d1:cb:8e:9f:17:
cb:ed:4d:c9:fe:c6:69:02:df:ba:7b:70:b1:88:8f:49:20:5e:
b6:d9:8a:66
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsE22+hvM/N51u7xgPQBLyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YTYzZGM4NjEyMGU4N2Y0Y2ZmOGM1OWFmMzI2MWU2ZTEy
OTJmZDkwHhcNMjMwMTAxMDY0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjEyZTY0NTcwNWIxZDVhMzUyZTI0YTU1ZmM3MjBiNzUwN2ZjMjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2KxYBEPzpLZNGtWbF35HOmK+JHL
8HSws7vRNvKXIz1fTLwt8+2iQOVuWBonNfCA3wOh0vpeFSUw+8Yfo2TZ2dH7umhS
E3LgFeRGzKs08sIV1Jgv7YHiSpRwht8L6zp8aEY9mkhZ7e13KoGOMdGLLkxBcUcF
anU7hFOYdvpp1DnsOcwx8kT/mhYVoVJm0sDOc2PQ1BlmQ9igFho2q+oJ67/xj8KU
ZEWEaJ5sb1oiCow8Rgey5+vuLeJ+L7CeZcFpc4AKKDGlUwWD//l2hcWvai3+p2ZI
OycxBR+rUeEXsjqS21S8vXWom/i9o5Mj0TpzqTus+UuNrje5kKHNQMmBswIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNYS5kVwWx1aNS4kpV/HILdQf8JIMB8GA1UdIwQY
MBaAFDSmPchhIOh/TP+MWa8yYebhKS/ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTktZOXlHRWc2SDlNXzR4WnJ6Smg1dUVwTDlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy82YjljN2EtOWRjNy00MDQwLWIyOWEt
ZmM3YTBlYTZiMGUyLzEvMWhMbVJYQmJIVm8xTGlTbFg4Y2d0MUJfd2tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy82YjljN2EtOWRjNy00MDQwLWIyOWEtZmM3YTBlYTZiMGUy
LzEvTktZOXlHRWc2SDlNXzR4WnJ6Smg1dUVwTDlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuRlqMA0E
AgACMAcDBQIqEQVAMA0GCSqGSIb3DQEBCwUAA4IBAQCMTz7Q+3BdZBpIu8tPk6iX
T9aA8xauLhCIa1+6wdHkraRX0N/4oRZuJFSksdXaDaFGShG96URKwRt9ll/gQfN/
tYEVDrBvGI4/cLdO7GYToDkDRIu5dA4Op23Z/7lHU5HP/+BY01H+NMwnhhuqy1C3
SduC8airLvLyNUAXAv6idw0/wd361ELdWba1w+FJ5usoW71DVO6xvRHcO7V3kFcf
FSrlbQE6cqYVokKDp64n+PrFsdnvDgd20CqdvumsURDCvxlG2XDloQRrmlgrp5/s
ixz5QpGGJxtH1sPgysRE756McZof0cuOnxfL7U3J/sZpAt+6e3CxiI9JIF622Ypm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:30 2024 by rpki-client on console-fra.rpki-client.org