Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/8c09b3-f6d8-4c9a-964c-8527c9b3e75f/1/tjBWWwFKGbsyuro6hI71ldECVYg.roa
File: tjBWWwFKGbsyuro6hI71ldECVYg.roa (raw, json)
Hash identifier: hT9YST6/8YDv8GG2suNJIMoUwNPPL0WkG/cwL99O+n4=
Subject key identifier: B6:30:56:5B:01:4A:19:BB:32:BA:BA:3A:84:8E:F5:95:D1:02:55:88
Certificate issuer: /CN=baa23f740ad564c5693b77091c71b3c03136a580
Certificate serial: 01856F9497CC888A322BA565F6AD9100CC92
Authority key identifier: BA:A2:3F:74:0A:D5:64:C5:69:3B:77:09:1C:71:B3:C0:31:36:A5:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqI_dArVZMVpO3cJHHGzwDE2pYA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/8c09b3-f6d8-4c9a-964c-8527c9b3e75f/1/tjBWWwFKGbsyuro6hI71ldECVYg.roa
Signing time: Sun 01 Jan 2023 23:04:47 +0000
ROA not before: Sun 01 Jan 2023 23:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49040
IP address blocks: 185.242.90.0/24 maxlen: 24
185.242.89.0/24 maxlen: 24
185.242.88.0/24 maxlen: 24
185.242.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:97:cc:88:8a:32:2b:a5:65:f6:ad:91:00:cc:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baa23f740ad564c5693b77091c71b3c03136a580
Validity
Not Before: Jan 1 23:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b630565b014a19bb32baba3a848ef595d1025588
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:01:7f:61:3e:01:e0:d4:97:07:63:ac:66:3d:
d5:18:a2:e1:99:39:d8:a5:bc:f4:e4:f6:ec:6b:ac:
ae:cd:c7:7b:92:ae:51:55:a2:85:48:d9:26:68:52:
92:cc:1b:27:da:f0:41:57:3a:62:64:66:1a:ea:c6:
7a:37:81:50:bf:05:fa:13:04:49:97:17:d5:b9:3d:
79:27:96:86:46:46:71:93:ac:6b:c0:44:24:53:56:
e1:b2:4c:a5:5d:d6:b6:a0:24:1a:b0:d5:74:16:3c:
fd:5c:83:04:4b:e9:03:6e:53:bd:7d:93:c8:f9:c5:
f9:8a:f8:12:64:30:13:13:49:51:7c:bb:0c:62:45:
85:c6:02:0b:fa:6c:16:8c:14:f1:d8:5f:25:ec:50:
f9:46:90:19:e9:da:aa:12:0b:59:51:f3:69:1f:0f:
2f:8d:0e:0a:5b:1a:0f:b9:4b:da:da:bf:4b:1d:a3:
23:b8:eb:81:62:b5:2a:39:70:07:0f:bd:f0:5f:d7:
b3:36:03:cb:1c:33:9f:49:70:fe:38:c5:59:f9:d3:
95:69:cf:b3:fe:74:51:9f:c6:5e:f5:14:4f:3c:25:
95:ee:7b:e5:f1:f7:4f:65:7c:70:02:9d:17:ea:e9:
18:3d:99:24:9d:86:46:84:a7:cb:8c:79:b4:f0:c6:
11:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:30:56:5B:01:4A:19:BB:32:BA:BA:3A:84:8E:F5:95:D1:02:55:88
X509v3 Authority Key Identifier:
keyid:BA:A2:3F:74:0A:D5:64:C5:69:3B:77:09:1C:71:B3:C0:31:36:A5:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqI_dArVZMVpO3cJHHGzwDE2pYA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/8c09b3-f6d8-4c9a-964c-8527c9b3e75f/1/tjBWWwFKGbsyuro6hI71ldECVYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/8c09b3-f6d8-4c9a-964c-8527c9b3e75f/1/uqI_dArVZMVpO3cJHHGzwDE2pYA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.88.0/22
Signature Algorithm: sha256WithRSAEncryption
85:1b:ef:f5:8d:27:9d:50:09:ce:4f:8b:5d:f6:b1:a3:37:33:
9f:0a:3c:bb:9e:fd:68:3b:4f:97:b8:e2:11:a7:75:c3:32:ca:
d9:dd:e1:cd:b8:2f:12:28:61:56:36:89:89:da:4e:4d:e9:7c:
92:b3:fe:c7:6a:e6:c3:3d:b5:2c:d3:ea:93:74:22:75:8e:20:
b6:4b:db:a2:43:4e:84:bd:13:ed:10:a9:3e:fb:45:27:49:ff:
a6:cb:37:64:db:5c:0c:1c:c3:1b:7a:60:bf:0a:38:39:cb:ed:
cb:07:13:f2:8d:82:ce:49:ca:35:65:13:7d:11:89:66:f9:45:
99:6f:b1:39:6a:46:8b:3b:1f:a8:ac:b2:89:7f:9d:bc:5e:1f:
c2:82:e3:92:9d:70:a3:df:33:1a:63:1d:03:34:e6:e4:ef:6d:
0f:fd:50:bd:45:a0:b1:fe:b6:a0:48:61:54:c2:3e:6b:0a:34:
63:e6:e1:be:cc:f2:8a:27:ac:fe:6d:8e:35:fc:68:75:2f:22:
66:e3:d6:c7:88:bf:f7:af:b0:64:58:7d:fc:ac:1f:f0:33:05:
bf:da:58:39:93:c3:86:49:9b:4a:03:ca:77:0d:03:c0:13:ec:
51:12:31:2f:d8:04:67:26:5c:dc:84:75:18:3e:50:ad:04:c6:
cc:61:df:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvlJfMiIoyK6Vl9q2RAMySMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTIzZjc0MGFkNTY0YzU2OTNiNzcwOTFjNzFiM2MwMzEz
NmE1ODAwHhcNMjMwMTAxMjMwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjMwNTY1YjAxNGExOWJiMzJiYWJhM2E4NDhlZjU5NWQxMDI1NTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAF/YT4B4NSXB2OsZj3VGKLhmTnY
pbz05Pbsa6yuzcd7kq5RVaKFSNkmaFKSzBsn2vBBVzpiZGYa6sZ6N4FQvwX6EwRJ
lxfVuT15J5aGRkZxk6xrwEQkU1bhskylXda2oCQasNV0Fjz9XIMES+kDblO9fZPI
+cX5ivgSZDATE0lRfLsMYkWFxgIL+mwWjBTx2F8l7FD5RpAZ6dqqEgtZUfNpHw8v
jQ4KWxoPuUva2r9LHaMjuOuBYrUqOXAHD73wX9ezNgPLHDOfSXD+OMVZ+dOVac+z
/nRRn8Ze9RRPPCWV7nvl8fdPZXxwAp0X6ukYPZkknYZGhKfLjHm08MYREQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLYwVlsBShm7Mrq6OoSO9ZXRAlWIMB8GA1UdIwQY
MBaAFLqiP3QK1WTFaTt3CRxxs8AxNqWAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFJX2RBclZaTVZwTzNjSkhIR3p3REUycFlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi84YzA5YjMtZjZkOC00YzlhLTk2NGMt
ODUyN2M5YjNlNzVmLzEvdGpCV1d3RktHYnN5dXJvNmhJNzFsZEVDVllnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi84YzA5YjMtZjZkOC00YzlhLTk2NGMtODUyN2M5YjNlNzVm
LzEvdXFJX2RBclZaTVZwTzNjSkhIR3p3REUycFlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufJYMA0G
CSqGSIb3DQEBCwUAA4IBAQCFG+/1jSedUAnOT4td9rGjNzOfCjy7nv1oO0+XuOIR
p3XDMsrZ3eHNuC8SKGFWNomJ2k5N6XySs/7HaubDPbUs0+qTdCJ1jiC2S9uiQ06E
vRPtEKk++0UnSf+myzdk21wMHMMbemC/Cjg5y+3LBxPyjYLOSco1ZRN9EYlm+UWZ
b7E5akaLOx+orLKJf528Xh/CguOSnXCj3zMaYx0DNObk720P/VC9RaCx/ragSGFU
wj5rCjRj5uG+zPKKJ6z+bY41/Gh1LyJm49bHiL/3r7BkWH38rB/wMwW/2lg5k8OG
SZtKA8p3DQPAE+xREjEv2ARnJlzchHUYPlCtBMbMYd8F
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:13 2024 by rpki-client on console-fra.rpki-client.org