Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/066509-7a91-45f9-9e18-a9e7b343bc66/1/asn6cePYzfxw8P7PGENkkEsrQwg.roa
File: asn6cePYzfxw8P7PGENkkEsrQwg.roa (raw, json)
Hash identifier: EBWdQUpQDB8peTA6z1UK5NJKFzoQAJlFnD/TAg9pG+4=
Subject key identifier: 6A:C9:FA:71:E3:D8:CD:FC:70:F0:FE:CF:18:43:64:90:4B:2B:43:08
Certificate issuer: /CN=a585e5e15aa34287cae4368cb58e7227fd87ecba
Certificate serial: 01903AF68BCA1AAEBEE074AB4ACD003F6AE6
Authority key identifier: A5:85:E5:E1:5A:A3:42:87:CA:E4:36:8C:B5:8E:72:27:FD:87:EC:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pYXl4VqjQofK5DaMtY5yJ_2H7Lo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/066509-7a91-45f9-9e18-a9e7b343bc66/1/asn6cePYzfxw8P7PGENkkEsrQwg.roa
Signing time: Fri 21 Jun 2024 13:22:34 +0000
ROA not before: Fri 21 Jun 2024 13:22:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41966
IP address blocks: 109.206.192.0/19 maxlen: 24
185.20.172.0/22 maxlen: 24
194.11.24.0/24 maxlen: 24
194.153.119.0/24 maxlen: 24
2a00:54c0::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:3a:f6:8b:ca:1a:ae:be:e0:74:ab:4a:cd:00:3f:6a:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a585e5e15aa34287cae4368cb58e7227fd87ecba
Validity
Not Before: Jun 21 13:22:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ac9fa71e3d8cdfc70f0fecf184364904b2b4308
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b8:9d:38:bb:fc:36:f8:62:bb:6e:44:a5:2c:
68:51:e6:92:56:f6:0a:cf:03:ed:08:ac:ac:4d:32:
27:95:2e:f1:1f:e4:bb:ef:43:91:eb:fc:f8:9b:3c:
47:af:4f:54:6c:b9:3f:ec:1b:54:a4:5b:d2:0c:06:
65:26:a3:8f:1e:9a:fb:13:f8:e0:0e:14:01:4f:09:
28:30:20:9f:66:e6:50:2f:8b:6c:9a:43:15:98:93:
a4:96:69:06:c1:1d:e0:fd:81:99:a3:f3:f2:6a:ce:
74:07:a7:5e:9e:8c:7d:34:0d:66:fa:de:0a:3c:e3:
41:8e:95:69:38:43:58:8d:ff:c4:ef:7e:3b:d4:c6:
fd:a5:32:be:65:12:e5:53:58:14:36:96:d4:d7:94:
3e:32:c3:3b:97:82:8f:85:f6:62:65:80:c0:3b:32:
9a:ab:91:cc:65:3c:46:13:e5:5f:da:8e:87:97:4d:
df:19:56:19:9c:ae:bd:b1:9d:59:2d:0c:32:bf:42:
ee:27:7e:c5:f9:1b:fc:7c:e1:a7:6e:99:98:34:87:
cd:7c:d0:4b:b5:4c:b9:47:76:83:47:f6:d3:9a:c0:
32:f8:98:02:2b:e8:c7:28:14:a6:08:2d:d9:22:93:
3e:8a:8e:a8:54:78:0f:e0:87:19:f2:fe:ca:bb:6f:
f8:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:C9:FA:71:E3:D8:CD:FC:70:F0:FE:CF:18:43:64:90:4B:2B:43:08
X509v3 Authority Key Identifier:
keyid:A5:85:E5:E1:5A:A3:42:87:CA:E4:36:8C:B5:8E:72:27:FD:87:EC:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pYXl4VqjQofK5DaMtY5yJ_2H7Lo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/066509-7a91-45f9-9e18-a9e7b343bc66/1/asn6cePYzfxw8P7PGENkkEsrQwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/066509-7a91-45f9-9e18-a9e7b343bc66/1/pYXl4VqjQofK5DaMtY5yJ_2H7Lo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.206.192.0/19
185.20.172.0/22
194.11.24.0/24
194.153.119.0/24
IPv6:
2a00:54c0::/32
Signature Algorithm: sha256WithRSAEncryption
89:4c:38:a2:2c:50:fd:4f:14:a3:30:94:b4:db:f8:3e:2c:05:
2d:1a:d6:0b:cd:2d:91:2c:30:3a:4b:5f:5d:63:96:ab:90:c0:
e7:ad:6d:9f:5e:58:9d:26:bf:ae:12:93:54:cd:54:cf:14:af:
20:0b:b7:9b:7d:6a:d4:60:d4:2d:24:b2:3a:77:15:5e:eb:63:
41:14:61:22:0f:ed:de:bc:83:26:a1:3f:2c:8d:da:1e:54:2e:
16:ac:b6:15:a2:a7:d9:37:e7:d6:b5:98:a0:ff:37:3a:b2:f1:
b3:d8:8b:9b:52:fd:65:70:72:2f:ab:62:73:43:62:3b:db:28:
16:6d:06:49:e2:0f:f6:e2:12:30:e2:43:a5:68:64:71:f4:25:
61:73:20:4b:1e:82:36:a3:56:4e:e7:a9:42:15:24:c5:85:d0:
17:ce:55:d8:bc:a3:fd:be:ef:ca:db:53:8b:e4:f0:04:76:9e:
b6:ff:d4:af:ff:50:81:42:49:68:74:f0:bc:58:c7:7c:f6:51:
98:d3:ed:96:36:97:d1:9e:c3:05:a6:3a:8d:e6:18:b9:a5:93:
ab:63:85:c3:dd:51:51:41:3c:db:e3:84:d8:82:62:cd:c0:77:
0d:e0:ab:e3:3b:4a:74:fc:fc:b3:bd:03:82:0a:82:37:ff:c7:
61:b3:28:9d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZA69ovKGq6+4HSrSs0AP2rmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1ODVlNWUxNWFhMzQyODdjYWU0MzY4Y2I1OGU3MjI3ZmQ4
N2VjYmEwHhcNMjQwNjIxMTMyMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWM5ZmE3MWUzZDhjZGZjNzBmMGZlY2YxODQzNjQ5MDRiMmI0MzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7idOLv8Nvhiu25EpSxoUeaSVvYK
zwPtCKysTTInlS7xH+S770OR6/z4mzxHr09UbLk/7BtUpFvSDAZlJqOPHpr7E/jg
DhQBTwkoMCCfZuZQL4tsmkMVmJOklmkGwR3g/YGZo/Pyas50B6denox9NA1m+t4K
PONBjpVpOENYjf/E73471Mb9pTK+ZRLlU1gUNpbU15Q+MsM7l4KPhfZiZYDAOzKa
q5HMZTxGE+Vf2o6Hl03fGVYZnK69sZ1ZLQwyv0LuJ37F+Rv8fOGnbpmYNIfNfNBL
tUy5R3aDR/bTmsAy+JgCK+jHKBSmCC3ZIpM+io6oVHgP4IcZ8v7Ku2/4uwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGrJ+nHj2M38cPD+zxhDZJBLK0MIMB8GA1UdIwQY
MBaAFKWF5eFao0KHyuQ2jLWOcif9h+y6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFlYbDRWcWpRb2ZLNURhTXRZNXlKXzJIN0xvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8wNjY1MDktN2E5MS00NWY5LTllMTgt
YTllN2IzNDNiYzY2LzEvYXNuNmNlUFl6Znh3OFA3UEdFTmtrRXNyUXdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy8wNjY1MDktN2E5MS00NWY5LTllMTgtYTllN2IzNDNiYzY2
LzEvcFlYbDRWcWpRb2ZLNURhTXRZNXlKXzJIN0xvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFbc7AAwQC
uRSsAwQAwgsYAwQAwpl3MA0EAgACMAcDBQAqAFTAMA0GCSqGSIb3DQEBCwUAA4IB
AQCJTDiiLFD9TxSjMJS02/g+LAUtGtYLzS2RLDA6S19dY5arkMDnrW2fXlidJr+u
EpNUzVTPFK8gC7ebfWrUYNQtJLI6dxVe62NBFGEiD+3evIMmoT8sjdoeVC4WrLYV
oqfZN+fWtZig/zc6svGz2IubUv1lcHIvq2JzQ2I72ygWbQZJ4g/24hIw4kOlaGRx
9CVhcyBLHoI2o1ZO56lCFSTFhdAXzlXYvKP9vu/K21OL5PAEdp62/9Sv/1CBQklo
dPC8WMd89lGY0+2WNpfRnsMFpjqN5hi5pZOrY4XD3VFRQTzb44TYgmLNwHcN4Kvj
O0p0/PyzvQOCCoI3/8dhsyid
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:49 2025 by rpki-client