Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/b903e9-6d09-4e20-b926-3692f96e33a9/1/l75SH7-X47SbjT-AGA2qvyvmJ0A.roa
File: l75SH7-X47SbjT-AGA2qvyvmJ0A.roa (raw, json)
Hash identifier: o+RQQHCzuisekJQxHw+yBUq5/WTKdcTtnLBPYQBosZ8=
Subject key identifier: 97:BE:52:1F:BF:97:E3:B4:9B:8D:3F:80:18:0D:AA:BF:2B:E6:27:40
Certificate issuer: /CN=6ba26b56cee97f6020941bb17c6a7c6cea0f814a
Certificate serial: 018CC8DF77ED055F23815B488E53E55FD9E7
Authority key identifier: 6B:A2:6B:56:CE:E9:7F:60:20:94:1B:B1:7C:6A:7C:6C:EA:0F:81:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6JrVs7pf2AglBuxfGp8bOoPgUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/b903e9-6d09-4e20-b926-3692f96e33a9/1/l75SH7-X47SbjT-AGA2qvyvmJ0A.roa
Signing time: Tue 02 Jan 2024 06:32:17 +0000
ROA not before: Tue 02 Jan 2024 06:32:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210779
IP address blocks: 176.105.253.0/24 maxlen: 24
176.105.255.0/24 maxlen: 24
2a0d:c740:3c::/48 maxlen: 48
2a0d:c740:2c::/48 maxlen: 48
2a0d:c740:f::/48 maxlen: 48
2a0d:c740:a::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 02 Feb 2024 15:40:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:77:ed:05:5f:23:81:5b:48:8e:53:e5:5f:d9:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ba26b56cee97f6020941bb17c6a7c6cea0f814a
Validity
Not Before: Jan 2 06:32:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97be521fbf97e3b49b8d3f80180daabf2be62740
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:6c:b3:90:de:e5:d8:c2:ee:2f:32:34:04:55:
a7:0b:87:8f:d9:26:64:4c:fc:19:1a:b1:ae:46:7e:
1c:5a:43:b7:4a:a7:aa:c7:1b:9f:d3:2c:22:91:6b:
3b:d6:39:c2:af:e6:8a:eb:4e:48:e8:2d:d7:44:1e:
48:a7:42:ba:f8:31:3f:97:76:ec:4e:28:f7:e8:76:
44:5a:12:e6:03:11:e5:70:39:c6:60:ec:8e:86:9f:
78:37:8c:59:c6:cf:de:42:1b:63:34:11:c6:be:65:
22:aa:db:eb:e3:76:3c:91:9b:98:df:43:10:ad:69:
2f:1e:91:de:7b:b7:3c:74:85:a5:fb:6e:ee:b3:25:
98:ef:06:a7:2b:6b:03:7b:8d:d5:58:30:cb:d5:a2:
e6:d6:c7:a9:30:37:a7:b1:6b:17:f3:62:26:79:1d:
1b:df:82:fa:75:36:d2:ed:43:0c:c0:f5:25:b3:f1:
38:d4:23:d9:40:97:6d:dc:59:ce:cf:05:57:da:04:
0d:8c:0b:a4:47:e3:be:e9:0e:10:7b:06:d8:52:61:
3b:fb:89:27:a2:80:84:76:1f:be:c3:e1:4c:87:c6:
47:c3:e3:2b:c7:70:5f:54:b6:9b:64:be:eb:bf:3f:
c3:37:b7:00:fe:9d:9c:2c:17:6c:c8:59:94:eb:a0:
de:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:BE:52:1F:BF:97:E3:B4:9B:8D:3F:80:18:0D:AA:BF:2B:E6:27:40
X509v3 Authority Key Identifier:
keyid:6B:A2:6B:56:CE:E9:7F:60:20:94:1B:B1:7C:6A:7C:6C:EA:0F:81:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6JrVs7pf2AglBuxfGp8bOoPgUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b903e9-6d09-4e20-b926-3692f96e33a9/1/l75SH7-X47SbjT-AGA2qvyvmJ0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b903e9-6d09-4e20-b926-3692f96e33a9/1/a6JrVs7pf2AglBuxfGp8bOoPgUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.105.253.0/24
176.105.255.0/24
IPv6:
2a0d:c740:a::/48
2a0d:c740:f::/48
2a0d:c740:2c::/48
2a0d:c740:3c::/48
Signature Algorithm: sha256WithRSAEncryption
40:9b:2e:ab:23:b9:c9:bd:85:63:83:11:08:55:d9:17:c7:65:
df:c3:b1:54:9a:3e:a0:e9:56:a5:7d:93:0b:9a:86:42:3b:2b:
f9:f4:a9:9d:da:d7:2d:5d:26:84:c5:50:13:68:68:2c:91:75:
8b:a0:62:a2:d7:47:f9:f5:bd:91:a9:ed:cc:76:64:99:f5:25:
e2:80:ce:c6:65:8b:60:9d:44:e9:99:5e:37:ea:89:f3:42:f6:
5b:73:13:87:ff:d2:96:41:cb:92:59:3d:e5:e3:62:59:c9:2a:
15:2f:e0:cf:6c:0c:db:7f:ac:93:2e:58:63:bb:88:3f:0d:4f:
b8:41:8f:40:f5:19:e8:f2:12:05:b6:79:98:80:8f:1f:74:7f:
47:fb:c6:89:c4:3d:4e:fa:80:d8:92:5c:89:87:6c:d6:9e:38:
c8:a8:c3:26:f5:ed:fc:ac:64:62:35:cf:eb:a6:44:cf:c9:58:
95:1f:47:a8:ef:6e:31:29:66:76:e9:1e:d6:9d:26:8b:e5:15:
28:cc:f9:a4:31:2f:ca:43:bd:83:4a:8b:bc:14:a1:e0:57:de:
b6:7c:f9:67:92:e3:bd:d3:a1:e7:44:5b:b1:71:59:03:80:b0:
c3:15:cf:80:75:f8:0b:b5:66:b1:4a:7f:b1:65:03:bb:ec:c4:
d6:8e:85:65
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYzI33ftBV8jgVtIjlPlX9nnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYTI2YjU2Y2VlOTdmNjAyMDk0MWJiMTdjNmE3YzZjZWEw
ZjgxNGEwHhcNMjQwMTAyMDYzMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2JlNTIxZmJmOTdlM2I0OWI4ZDNmODAxODBkYWFiZjJiZTYyNzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWyzkN7l2MLuLzI0BFWnC4eP2SZk
TPwZGrGuRn4cWkO3Sqeqxxuf0ywikWs71jnCr+aK605I6C3XRB5Ip0K6+DE/l3bs
Tij36HZEWhLmAxHlcDnGYOyOhp94N4xZxs/eQhtjNBHGvmUiqtvr43Y8kZuY30MQ
rWkvHpHee7c8dIWl+27usyWY7wanK2sDe43VWDDL1aLm1sepMDensWsX82ImeR0b
34L6dTbS7UMMwPUls/E41CPZQJdt3FnOzwVX2gQNjAukR+O+6Q4QewbYUmE7+4kn
ooCEdh++w+FMh8ZHw+Mrx3BfVLabZL7rvz/DN7cA/p2cLBdsyFmU66DeRwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFJe+Uh+/l+O0m40/gBgNqr8r5idAMB8GA1UdIwQY
MBaAFGuia1bO6X9gIJQbsXxqfGzqD4FKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTZKclZzN3BmMkFnbEJ1eGZHcDhiT29QZ1VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iOTAzZTktNmQwOS00ZTIwLWI5MjYt
MzY5MmY5NmUzM2E5LzEvbDc1U0g3LVg0N1NialQtQUdBMnF2eXZtSjBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9iOTAzZTktNmQwOS00ZTIwLWI5MjYtMzY5MmY5NmUzM2E5
LzEvYTZKclZzN3BmMkFnbEJ1eGZHcDhiT29QZ1VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDASBAIAATAMAwQAsGn9AwQA
sGn/MCoEAgACMCQDBwAqDcdAAAoDBwAqDcdAAA8DBwAqDcdAACwDBwAqDcdAADww
DQYJKoZIhvcNAQELBQADggEBAECbLqsjucm9hWODEQhV2RfHZd/DsVSaPqDpVqV9
kwuahkI7K/n0qZ3a1y1dJoTFUBNoaCyRdYugYqLXR/n1vZGp7cx2ZJn1JeKAzsZl
i2CdROmZXjfqifNC9ltzE4f/0pZBy5JZPeXjYlnJKhUv4M9sDNt/rJMuWGO7iD8N
T7hBj0D1GejyEgW2eZiAjx90f0f7xonEPU76gNiSXImHbNaeOMiowyb17fysZGI1
z+umRM/JWJUfR6jvbjEpZnbpHtadJovlFSjM+aQxL8pDvYNKi7wUoeBX3rZ8+WeS
473ToedEW7FxWQOAsMMVz4B1+Au1ZrFKf7FlA7vsxNaOhWU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:07 2024 by rpki-client on console-fra.rpki-client.org