Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/6kiq3qJxv9sEayhhHvVSDIgtBr8.roa
File: 6kiq3qJxv9sEayhhHvVSDIgtBr8.roa (raw, json)
Hash identifier: lxTkD1Bk42q2ngRkGGrL7Tzn6UDoXqLtczR+W+d2Svo=
Subject key identifier: EA:48:AA:DE:A2:71:BF:DB:04:6B:28:61:1E:F5:52:0C:88:2D:06:BF
Certificate issuer: /CN=a3674d5884a50a84e07dbdf6798ddcbb9cc2032e
Certificate serial: 01856FA7019CDAC48C6D555959C73DDF273E
Authority key identifier: A3:67:4D:58:84:A5:0A:84:E0:7D:BD:F6:79:8D:DC:BB:9C:C2:03:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o2dNWISlCoTgfb32eY3cu5zCAy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/6kiq3qJxv9sEayhhHvVSDIgtBr8.roa
Signing time: Sun 01 Jan 2023 23:24:53 +0000
ROA not before: Sun 01 Jan 2023 23:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48158
IP address blocks: 176.58.41.0/24 maxlen: 24
176.58.40.0/23 maxlen: 24
176.58.39.0/24 maxlen: 24
176.58.38.0/23 maxlen: 24
176.58.43.0/24 maxlen: 24
176.58.42.0/24 maxlen: 24
176.58.48.0/23 maxlen: 23
176.58.47.0/24 maxlen: 24
176.58.46.0/24 maxlen: 24
176.58.45.0/24 maxlen: 24
176.58.50.0/24 maxlen: 24
176.58.55.0/24 maxlen: 24
176.58.54.0/24 maxlen: 24
176.58.53.0/24 maxlen: 24
176.58.52.0/24 maxlen: 24
176.58.57.0/24 maxlen: 24
185.190.190.0/24 maxlen: 24
212.124.96.0/22 maxlen: 24
212.124.100.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a7:01:9c:da:c4:8c:6d:55:59:59:c7:3d:df:27:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3674d5884a50a84e07dbdf6798ddcbb9cc2032e
Validity
Not Before: Jan 1 23:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ea48aadea271bfdb046b28611ef5520c882d06bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:f2:be:ee:4a:d7:56:eb:57:be:58:cb:5b:71:
27:5b:22:c0:79:db:f0:d6:1e:f4:97:34:85:3d:f5:
67:e1:b7:5a:ff:0c:d9:f4:9d:11:6e:a1:7c:16:f0:
5f:f1:5a:86:8c:e0:af:3e:97:53:1b:12:c9:0b:ef:
fa:e8:12:fc:e1:a5:07:f8:31:e6:e9:25:42:d9:36:
a5:ae:46:60:b3:47:66:16:da:49:82:81:e7:19:e7:
e4:de:ab:6e:7e:bc:4a:c4:93:f8:76:03:18:95:67:
a4:a7:dd:a6:d8:b9:2b:12:8e:20:4d:76:88:f2:fb:
4f:14:e6:16:f0:88:d4:5d:a7:b5:16:ff:c5:88:72:
08:4c:25:ea:77:5a:43:62:b4:31:7b:38:cb:f3:67:
46:17:05:c2:8f:de:eb:44:1b:4e:69:4a:2d:d1:df:
2d:26:35:3d:db:5e:6d:fd:cb:e8:e1:f6:42:82:f5:
11:a4:55:bb:7b:22:3c:3b:ad:48:7e:aa:9e:6b:a8:
60:bd:f5:78:9d:fb:0f:f0:68:f6:4e:6e:0f:ed:36:
3e:a7:14:9b:ad:79:65:e0:66:5f:f7:88:80:fa:60:
8d:5a:bd:f2:77:0b:99:b5:2b:84:e2:c9:52:fd:cc:
4e:c1:4e:5c:c3:1a:ec:44:38:66:7c:f0:e6:9d:df:
76:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:48:AA:DE:A2:71:BF:DB:04:6B:28:61:1E:F5:52:0C:88:2D:06:BF
X509v3 Authority Key Identifier:
keyid:A3:67:4D:58:84:A5:0A:84:E0:7D:BD:F6:79:8D:DC:BB:9C:C2:03:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2dNWISlCoTgfb32eY3cu5zCAy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/6kiq3qJxv9sEayhhHvVSDIgtBr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/o2dNWISlCoTgfb32eY3cu5zCAy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.58.38.0-176.58.43.255
176.58.45.0-176.58.50.255
176.58.52.0/22
176.58.57.0/24
185.190.190.0/24
212.124.96.0/21
Signature Algorithm: sha256WithRSAEncryption
3d:be:c2:b3:c8:44:58:89:b9:b0:16:a8:92:4c:38:fb:d9:1b:
62:a2:c1:ee:38:ba:08:b6:ed:bc:69:40:8c:4a:f5:87:2e:84:
41:54:91:a8:f7:f0:00:57:3c:c6:42:e9:6c:c1:cf:f6:d0:1b:
18:de:a3:d2:22:81:ad:c3:cf:d3:21:9a:37:90:f1:33:8a:c3:
55:41:22:39:de:30:7f:83:50:ea:2c:9d:99:14:d4:26:9f:84:
30:c8:05:9b:20:c9:40:83:fc:4c:4d:d6:7c:81:c2:03:83:8e:
1d:c7:96:b9:6e:61:a8:4e:5d:1f:a2:c6:45:5e:c8:76:9d:a1:
ac:9a:b6:4d:b4:45:be:b7:c7:f3:c1:2e:77:af:b1:c2:ad:da:
e7:47:18:ea:e8:a1:c9:2b:f7:e3:a5:b4:76:e5:ca:e5:44:d3:
f1:45:bb:f2:51:b2:c0:88:6a:24:b7:ee:68:d2:1c:9b:6a:c1:
27:ac:75:1c:83:ff:9b:af:a7:70:3f:ed:85:93:9f:e4:d9:4b:
1c:87:18:d1:b6:30:99:41:71:8c:e7:cf:87:40:27:c0:c4:67:
24:e7:77:b3:f8:c4:27:36:95:6d:e6:20:f5:61:6b:40:e5:6c:
af:fd:aa:e3:e3:e8:7a:88:e9:d8:00:44:da:68:56:28:56:b6:
84:73:0b:e0
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYVvpwGc2sSMbVVZWcc93yc+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNjc0ZDU4ODRhNTBhODRlMDdkYmRmNjc5OGRkY2JiOWNj
MjAzMmUwHhcNMjMwMTAxMjMyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTQ4YWFkZWEyNzFiZmRiMDQ2YjI4NjExZWY1NTIwYzg4MmQwNmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/K+7krXVutXvljLW3EnWyLAedvw
1h70lzSFPfVn4bda/wzZ9J0RbqF8FvBf8VqGjOCvPpdTGxLJC+/66BL84aUH+DHm
6SVC2TalrkZgs0dmFtpJgoHnGefk3qtufrxKxJP4dgMYlWekp92m2LkrEo4gTXaI
8vtPFOYW8IjUXae1Fv/FiHIITCXqd1pDYrQxezjL82dGFwXCj97rRBtOaUot0d8t
JjU9215t/cvo4fZCgvURpFW7eyI8O61Ifqqea6hgvfV4nfsP8Gj2Tm4P7TY+pxSb
rXll4GZf94iA+mCNWr3ydwuZtSuE4slS/cxOwU5cwxrsRDhmfPDmnd92lQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFOpIqt6icb/bBGsoYR71UgyILQa/MB8GA1UdIwQY
MBaAFKNnTViEpQqE4H299nmN3LucwgMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzJkTldJU2xDb1RnZmIzMmVZM2N1NXpDQXk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84MDY1MzItNTRlOS00YjQ5LWI4YTct
OWUyMjBmMDRhOTAxLzEvNmtpcTNxSnh2OXNFYXloaEh2VlNESWd0QnI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84MDY1MzItNTRlOS00YjQ5LWI4YTctOWUyMjBmMDRhOTAx
LzEvbzJkTldJU2xDb1RnZmIzMmVZM2N1NXpDQXk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0MAwDBAGwOiYD
BAKwOigwDAMEALA6LQMEALA6MgMEArA6NAMEALA6OQMEALm+vgMEA9R8YDANBgkq
hkiG9w0BAQsFAAOCAQEAPb7Cs8hEWIm5sBaokkw4+9kbYqLB7ji6CLbtvGlAjEr1
hy6EQVSRqPfwAFc8xkLpbMHP9tAbGN6j0iKBrcPP0yGaN5DxM4rDVUEiOd4wf4NQ
6iydmRTUJp+EMMgFmyDJQIP8TE3WfIHCA4OOHceWuW5hqE5dH6LGRV7Idp2hrJq2
TbRFvrfH88Eud6+xwq3a50cY6uihySv346W0duXK5UTT8UW78lGywIhqJLfuaNIc
m2rBJ6x1HIP/m6+ncD/thZOf5NlLHIcY0bYwmUFxjOfPh0AnwMRnJOd3s/jEJzaV
beYg9WFrQOVsr/2q4+Poeojp2ABE2mhWKFa2hHML4A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:22 2023 by rpki-client on console-fra.rpki-client.org