Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/d-tNBAMJ8RgDe_D5hNA-0LSfWa0.roa
File: d-tNBAMJ8RgDe_D5hNA-0LSfWa0.roa (raw, json)
Hash identifier: pyC0CPlpjZdzup9RF+aS8FI8x5MKzwtvBk+BuvetqSA=
Subject key identifier: 77:EB:4D:04:03:09:F1:18:03:7B:F0:F9:84:D0:3E:D0:B4:9F:59:AD
Certificate issuer: /CN=3433ae1c60672c7591a8f97d68f79fb2a5ee8da7
Certificate serial: 018B1E249451166EF84F2CFFB23FC445AE16
Authority key identifier: 34:33:AE:1C:60:67:2C:75:91:A8:F9:7D:68:F7:9F:B2:A5:EE:8D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NDOuHGBnLHWRqPl9aPefsqXujac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/d-tNBAMJ8RgDe_D5hNA-0LSfWa0.roa
Signing time: Wed 11 Oct 2023 09:49:55 +0000
ROA not before: Wed 11 Oct 2023 09:49:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16125
IP address blocks: 46.166.160.0/20 maxlen: 32
185.8.104.0/22 maxlen: 32
5.199.160.0/20 maxlen: 32
93.115.24.0/21 maxlen: 32
185.150.116.0/22 maxlen: 32
188.214.128.0/21 maxlen: 32
2a02:ae00::/36 maxlen: 36
Validation: Failed, certificate revoked on Thu 16 Nov 2023 09:25:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1e:24:94:51:16:6e:f8:4f:2c:ff:b2:3f:c4:45:ae:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3433ae1c60672c7591a8f97d68f79fb2a5ee8da7
Validity
Not Before: Oct 11 09:49:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77eb4d040309f118037bf0f984d03ed0b49f59ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:fa:0a:79:d0:d6:8e:90:f0:6a:c1:71:71:b7:
c7:eb:ed:01:2c:02:37:d6:65:27:32:da:38:a5:1c:
d3:77:28:1a:23:02:7c:44:3b:68:86:92:88:9f:e9:
98:7a:26:7d:be:be:76:15:68:be:82:05:2e:c4:cf:
70:51:0d:cb:a9:3f:c2:fb:0b:8f:64:7a:80:85:c0:
86:85:f1:1c:cd:2d:6e:49:37:27:c0:8e:7a:36:9d:
5e:a3:7b:de:3c:de:cc:35:ee:a1:ff:a8:75:75:2c:
6f:50:15:1b:32:94:42:72:e2:21:85:7c:27:00:ba:
8c:33:53:70:1e:36:b5:a3:74:6d:f7:60:b9:6f:e7:
58:88:fd:38:f6:c5:2d:5d:c2:64:da:d4:da:66:9a:
48:3a:7a:b5:7b:db:5c:35:04:98:64:05:e3:c4:fb:
c6:30:cb:9f:fd:c8:b0:7d:05:a0:89:68:24:dd:67:
a9:32:17:6b:12:76:3f:8a:a7:c3:a3:3e:f8:b8:0a:
69:35:ae:ee:92:f1:85:1c:6d:a9:65:f2:d2:aa:c3:
07:bf:a5:b5:18:88:4f:ec:28:8c:64:f4:27:44:54:
21:99:8d:67:08:13:9f:7f:e2:d3:aa:71:fa:50:7c:
4a:06:00:12:30:b5:34:c9:2c:59:dd:2e:46:f1:39:
d8:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:EB:4D:04:03:09:F1:18:03:7B:F0:F9:84:D0:3E:D0:B4:9F:59:AD
X509v3 Authority Key Identifier:
keyid:34:33:AE:1C:60:67:2C:75:91:A8:F9:7D:68:F7:9F:B2:A5:EE:8D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NDOuHGBnLHWRqPl9aPefsqXujac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/d-tNBAMJ8RgDe_D5hNA-0LSfWa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/NDOuHGBnLHWRqPl9aPefsqXujac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.199.160.0/20
46.166.160.0/20
93.115.24.0/21
185.8.104.0/22
185.150.116.0/22
188.214.128.0/21
IPv6:
2a02:ae00::/36
Signature Algorithm: sha256WithRSAEncryption
19:30:85:56:42:9e:a1:b1:1e:e2:75:29:45:c1:5d:9c:b4:e6:
53:5f:4e:dd:6b:c1:e1:43:56:13:75:82:6b:7c:c3:6f:66:80:
8a:ce:48:27:6c:1a:af:f1:5f:c3:35:83:6e:57:dd:ff:41:7f:
a4:88:8a:c4:38:ff:ed:7b:71:19:5b:77:b5:2f:c7:50:28:3b:
72:a3:b3:69:ec:7f:a3:5d:43:27:1d:c2:d1:81:7e:ac:08:f2:
9f:34:c6:c0:d3:4d:c8:e8:ab:6f:52:53:3d:dc:00:ab:cc:b3:
79:77:8c:d1:bf:17:33:e8:3c:94:eb:6b:d8:d6:4a:ef:2b:d5:
04:27:79:45:1e:98:ae:0d:5c:86:54:a3:b4:1a:21:24:44:2e:
23:98:6f:36:2b:8b:b4:80:bc:4b:ed:97:c4:b8:4c:c4:33:e3:
88:d5:50:e5:9a:59:8b:04:63:1a:df:91:5c:5b:40:e2:40:86:
5a:a7:a0:ca:5e:ae:a8:04:92:ac:a3:ac:3b:65:21:57:f9:cf:
6b:40:3d:c8:6e:94:18:b4:ab:28:d2:2c:78:38:28:61:2e:9e:
41:e7:2e:bc:a2:1c:24:16:74:3d:99:b6:04:a4:91:06:b9:e4:
96:72:a7:0d:2e:37:53:8c:bb:d3:18:c8:f2:36:a9:fa:08:8a:
f1:af:05:dd
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYseJJRRFm74Tyz/sj/ERa4WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MzNhZTFjNjA2NzJjNzU5MWE4Zjk3ZDY4Zjc5ZmIyYTVl
ZThkYTcwHhcNMjMxMDExMDk0OTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2ViNGQwNDAzMDlmMTE4MDM3YmYwZjk4NGQwM2VkMGI0OWY1OWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/oKedDWjpDwasFxcbfH6+0BLAI3
1mUnMto4pRzTdygaIwJ8RDtohpKIn+mYeiZ9vr52FWi+ggUuxM9wUQ3LqT/C+wuP
ZHqAhcCGhfEczS1uSTcnwI56Np1eo3vePN7MNe6h/6h1dSxvUBUbMpRCcuIhhXwn
ALqMM1NwHja1o3Rt92C5b+dYiP049sUtXcJk2tTaZppIOnq1e9tcNQSYZAXjxPvG
MMuf/ciwfQWgiWgk3WepMhdrEnY/iqfDoz74uAppNa7ukvGFHG2pZfLSqsMHv6W1
GIhP7CiMZPQnRFQhmY1nCBOff+LTqnH6UHxKBgASMLU0ySxZ3S5G8TnYFQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFHfrTQQDCfEYA3vw+YTQPtC0n1mtMB8GA1UdIwQY
MBaAFDQzrhxgZyx1kaj5fWj3n7Kl7o2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkRPdUhHQm5MSFdScVBsOWFQZWZzcVh1amFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85Y2E0NDYtZmM1Yy00NzQ2LWIyNmYt
MzBjZTgzNzAxYjM5LzEvZC10TkJBTUo4UmdEZV9ENWhOQS0wTFNmV2EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85Y2E0NDYtZmM1Yy00NzQ2LWIyNmYtMzBjZTgzNzAxYjM5
LzEvTkRPdUhHQm5MSFdScVBsOWFQZWZzcVh1amFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAqBAIAATAkAwQEBcegAwQE
LqagAwQDXXMYAwQCuQhoAwQCuZZ0AwQDvNaAMA4EAgACMAgDBgQqAq4AADANBgkq
hkiG9w0BAQsFAAOCAQEAGTCFVkKeobEe4nUpRcFdnLTmU19O3WvB4UNWE3WCa3zD
b2aAis5IJ2war/FfwzWDblfd/0F/pIiKxDj/7XtxGVt3tS/HUCg7cqOzaex/o11D
Jx3C0YF+rAjynzTGwNNNyOirb1JTPdwAq8yzeXeM0b8XM+g8lOtr2NZK7yvVBCd5
RR6Yrg1chlSjtBohJEQuI5hvNiuLtIC8S+2XxLhMxDPjiNVQ5ZpZiwRjGt+RXFtA
4kCGWqegyl6uqASSrKOsO2UhV/nPa0A9yG6UGLSrKNIseDgoYS6eQecuvKIcJBZ0
PZm2BKSRBrnklnKnDS43U4y70xjI8jap+giK8a8F3Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:13 2024 by rpki-client on console-fra.rpki-client.org