Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/d1faa9-b5a3-4d49-868a-7c7bf27175c5/1/v6g_QdWa0EGNxtxA7UWNifymUoA.roa
File: v6g_QdWa0EGNxtxA7UWNifymUoA.roa (raw, json)
Hash identifier: PsewyCiYQAbw9FmPelHeFLwzQ4ks5BeQev7e0xgkKA8=
Subject key identifier: BF:A8:3F:41:D5:9A:D0:41:8D:C6:DC:40:ED:45:8D:89:FC:A6:52:80
Certificate issuer: /CN=ac9e2efcdc213ac5b1b0879d922a178b850f451f
Certificate serial: 018CC8DEA419E868B847F581617CD47D4551
Authority key identifier: AC:9E:2E:FC:DC:21:3A:C5:B1:B0:87:9D:92:2A:17:8B:85:0F:45:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rJ4u_NwhOsWxsIedkioXi4UPRR8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/d1faa9-b5a3-4d49-868a-7c7bf27175c5/1/v6g_QdWa0EGNxtxA7UWNifymUoA.roa
Signing time: Tue 02 Jan 2024 06:31:23 +0000
ROA not before: Tue 02 Jan 2024 06:31:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29104
IP address blocks: 192.54.144.0/24 maxlen: 24
185.116.132.0/22 maxlen: 22
185.116.134.0/24 maxlen: 24
37.35.0.0/21 maxlen: 21
193.56.125.0/24 maxlen: 24
37.35.6.0/24 maxlen: 24
193.56.130.0/23 maxlen: 23
193.56.130.0/24 maxlen: 24
193.56.131.0/24 maxlen: 24
2a00:4f40::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 12 Feb 2024 17:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:a4:19:e8:68:b8:47:f5:81:61:7c:d4:7d:45:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac9e2efcdc213ac5b1b0879d922a178b850f451f
Validity
Not Before: Jan 2 06:31:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bfa83f41d59ad0418dc6dc40ed458d89fca65280
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:bd:75:69:72:4e:23:c9:3a:d7:14:f1:8a:60:
c5:94:b3:28:2c:28:f4:ff:08:41:13:4b:f8:09:62:
10:c4:d4:96:be:48:33:ad:a3:66:31:01:9b:08:85:
ca:c0:43:d3:5f:45:d5:cc:64:e5:6c:8e:af:d8:59:
c7:c3:c8:36:7b:db:dd:33:68:ba:dc:73:51:f4:7a:
23:e8:cd:cc:d4:76:2c:d1:e1:f6:a8:46:49:43:16:
3f:22:6e:4b:94:fc:9b:f6:42:ad:27:6b:e5:f0:ff:
1b:91:a5:ab:0a:db:5f:77:77:1b:f9:c4:47:f2:4b:
f1:34:ac:82:b6:b9:53:3a:23:e3:c5:5a:90:53:8e:
ad:82:b5:da:70:02:7f:02:e5:7f:b4:2d:54:e2:29:
7a:87:11:93:ff:e8:03:70:4f:65:64:8a:9e:df:ad:
fb:8d:bb:35:1f:70:2b:e7:43:50:66:88:08:d9:39:
8a:8c:fb:de:79:64:6a:f7:5f:78:12:96:3c:d1:1b:
99:eb:4d:20:fe:d9:09:57:96:f2:6a:38:12:11:63:
49:63:8f:55:86:84:4e:6e:2e:c2:ca:d9:9b:65:a0:
33:0f:c7:4d:a5:73:54:0c:1c:9e:62:6d:cb:20:20:
38:53:e5:75:d7:40:38:04:ba:3c:d8:13:83:48:32:
0e:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:A8:3F:41:D5:9A:D0:41:8D:C6:DC:40:ED:45:8D:89:FC:A6:52:80
X509v3 Authority Key Identifier:
keyid:AC:9E:2E:FC:DC:21:3A:C5:B1:B0:87:9D:92:2A:17:8B:85:0F:45:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rJ4u_NwhOsWxsIedkioXi4UPRR8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/d1faa9-b5a3-4d49-868a-7c7bf27175c5/1/v6g_QdWa0EGNxtxA7UWNifymUoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/d1faa9-b5a3-4d49-868a-7c7bf27175c5/1/rJ4u_NwhOsWxsIedkioXi4UPRR8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.35.0.0/21
185.116.132.0/22
192.54.144.0/24
193.56.125.0/24
193.56.130.0/23
IPv6:
2a00:4f40::/32
Signature Algorithm: sha256WithRSAEncryption
47:e6:cb:33:f8:15:cc:5d:3e:52:e5:c2:24:2c:30:aa:36:75:
05:6b:ef:46:78:6e:e2:68:13:db:a4:8a:9c:51:d3:a2:6f:b9:
92:fd:ea:88:a7:83:b8:ca:03:41:8d:81:a0:3b:21:f3:7e:42:
e0:85:b0:b4:9d:77:8e:86:f3:0f:76:d1:87:90:dd:53:62:fe:
aa:8f:c0:aa:fa:7b:4f:e4:b5:7b:f3:ae:3f:24:02:e8:99:66:
6f:fd:20:32:a5:61:19:04:e6:c5:60:49:d8:0b:46:c9:5d:d0:
29:0f:50:2b:0a:41:83:1b:6d:aa:a2:6b:e3:b6:c3:22:d9:d6:
b3:b8:3c:1d:70:d7:70:cc:50:71:53:44:07:e1:b7:f0:fb:ce:
60:92:95:13:7e:c0:9c:f6:9c:7b:2f:ef:5d:f2:fe:1a:f1:af:
49:c5:1d:00:18:d7:f4:ca:2e:6f:9a:f8:31:2f:63:e6:b2:bb:
5b:74:07:ca:03:11:d8:fd:34:7b:2c:3b:6a:76:1b:05:9a:dc:
42:4a:79:80:7b:a5:eb:2f:7c:d1:9e:13:eb:8e:d5:2e:f4:1d:
35:6b:a8:2f:bb:c1:9c:0c:9a:25:d2:26:3d:61:68:1a:c0:c8:
00:29:52:30:12:03:cb:43:dd:ad:a4:63:9d:8d:29:d8:c0:f4:
80:91:cc:f3
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzI3qQZ6Gi4R/WBYXzUfUVRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOWUyZWZjZGMyMTNhYzViMWIwODc5ZDkyMmExNzhiODUw
ZjQ1MWYwHhcNMjQwMTAyMDYzMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmE4M2Y0MWQ1OWFkMDQxOGRjNmRjNDBlZDQ1OGQ4OWZjYTY1MjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnb11aXJOI8k61xTximDFlLMoLCj0
/whBE0v4CWIQxNSWvkgzraNmMQGbCIXKwEPTX0XVzGTlbI6v2FnHw8g2e9vdM2i6
3HNR9Hoj6M3M1HYs0eH2qEZJQxY/Im5LlPyb9kKtJ2vl8P8bkaWrCttfd3cb+cRH
8kvxNKyCtrlTOiPjxVqQU46tgrXacAJ/AuV/tC1U4il6hxGT/+gDcE9lZIqe3637
jbs1H3Ar50NQZogI2TmKjPveeWRq9194EpY80RuZ600g/tkJV5byajgSEWNJY49V
hoRObi7CytmbZaAzD8dNpXNUDByeYm3LICA4U+V110A4BLo82BODSDIOEQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFL+oP0HVmtBBjcbcQO1FjYn8plKAMB8GA1UdIwQY
MBaAFKyeLvzcITrFsbCHnZIqF4uFD0UfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcko0dV9Od2hPc1d4c0llZGtpb1hpNFVQUlI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9kMWZhYTktYjVhMy00ZDQ5LTg2OGEt
N2M3YmYyNzE3NWM1LzEvdjZnX1FkV2EwRUdOeHR4QTdVV05pZnltVW9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9kMWZhYTktYjVhMy00ZDQ5LTg2OGEtN2M3YmYyNzE3NWM1
LzEvcko0dV9Od2hPc1d4c0llZGtpb1hpNFVQUlI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDJSMAAwQC
uXSEAwQAwDaQAwQAwTh9AwQBwTiCMA0EAgACMAcDBQAqAE9AMA0GCSqGSIb3DQEB
CwUAA4IBAQBH5ssz+BXMXT5S5cIkLDCqNnUFa+9GeG7iaBPbpIqcUdOib7mS/eqI
p4O4ygNBjYGgOyHzfkLghbC0nXeOhvMPdtGHkN1TYv6qj8Cq+ntP5LV7864/JALo
mWZv/SAypWEZBObFYEnYC0bJXdApD1ArCkGDG22qomvjtsMi2dazuDwdcNdwzFBx
U0QH4bfw+85gkpUTfsCc9px7L+9d8v4a8a9JxR0AGNf0yi5vmvgxL2PmsrtbdAfK
AxHY/TR7LDtqdhsFmtxCSnmAe6XrL3zRnhPrjtUu9B01a6gvu8GcDJol0iY9YWga
wMgAKVIwEgPLQ92tpGOdjSnYwPSAkczz
-----END CERTIFICATE-----
Generated at Tue Feb 27 01:01:11 2024 by rpki-client on console.sobornost.net