Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/Th-XDIcE2FCMWPIx3tJ6V4DTZJg.roa
File: Th-XDIcE2FCMWPIx3tJ6V4DTZJg.roa (raw, json)
Hash identifier: CHvStFm4voinEChnO6Hkx6l227anSmwYV8l/cB6bqGU=
Subject key identifier: 4E:1F:97:0C:87:04:D8:50:8C:58:F2:31:DE:D2:7A:57:80:D3:64:98
Certificate issuer: /CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Certificate serial: 018AAB78BC2F893E0D8356E2067834655C66
Authority key identifier: 0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/Th-XDIcE2FCMWPIx3tJ6V4DTZJg.roa
Signing time: Tue 19 Sep 2023 03:25:30 +0000
ROA not before: Tue 19 Sep 2023 03:25:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58289
IP address blocks: 194.31.133.0/24 maxlen: 24
185.162.234.0/24 maxlen: 24
193.43.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Dec 2023 04:47:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ab:78:bc:2f:89:3e:0d:83:56:e2:06:78:34:65:5c:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Validity
Not Before: Sep 19 03:25:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e1f970c8704d8508c58f231ded27a5780d36498
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:1c:01:d4:12:f2:d4:b0:05:80:9e:f1:ea:ff:
c2:78:05:d3:db:9f:aa:2e:ab:60:92:8f:14:24:d0:
1a:cb:33:77:cd:07:17:7e:c2:e3:e3:4c:ba:95:5f:
be:2f:ba:25:09:12:7d:28:5f:a7:eb:a8:fc:9d:aa:
0f:99:56:38:9f:c8:b7:a4:e7:f0:89:b7:cc:3e:1f:
a8:c8:7f:01:47:6a:67:6b:d9:6f:b5:91:3a:2b:0a:
58:9e:0d:05:92:9a:0b:9d:b5:f6:67:ba:31:74:4c:
ed:4a:85:e2:c4:df:95:a7:59:df:24:c4:f7:6b:9c:
4c:a1:f0:b6:52:1c:8e:1e:18:22:d7:8f:c5:f0:61:
16:85:0b:50:e2:f1:e9:39:b6:6e:e7:1f:b2:0b:f0:
28:05:a5:df:3f:c8:87:e1:4e:3b:44:8e:22:a2:db:
b5:51:31:14:52:e8:30:91:83:7e:b6:a5:b1:4c:7a:
83:34:f6:88:b9:89:24:cc:af:b0:f7:aa:d2:f3:bc:
3d:04:ee:e6:dc:43:3c:14:c1:bf:93:e7:cb:41:1c:
e4:57:a6:45:6e:16:fa:e8:38:95:21:f3:62:88:1e:
4f:58:77:d5:c5:61:67:99:a8:2c:55:71:b0:ea:78:
20:a0:c9:2e:30:c4:c6:c2:7c:68:f6:7d:60:72:f1:
d2:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:1F:97:0C:87:04:D8:50:8C:58:F2:31:DE:D2:7A:57:80:D3:64:98
X509v3 Authority Key Identifier:
keyid:0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/Th-XDIcE2FCMWPIx3tJ6V4DTZJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.162.234.0/24
193.43.251.0/24
194.31.133.0/24
Signature Algorithm: sha256WithRSAEncryption
30:44:db:69:1f:30:b0:c8:39:e9:21:a3:fd:40:ae:39:ef:4c:
3e:b3:37:21:e0:63:d8:0c:5a:0f:f9:ce:a3:74:d7:f2:5a:39:
4d:66:e1:0c:9f:b4:7b:0f:df:66:a7:9b:bd:8d:92:0f:23:ef:
2d:b6:0a:41:8a:8c:84:41:5e:a8:65:81:61:74:2d:92:ff:4c:
27:44:4a:b6:4b:1a:15:7b:24:f7:7d:37:5f:a5:f9:2e:c0:7d:
a2:0c:d9:5c:f4:4f:22:2d:1b:81:39:54:98:8b:82:c7:63:b5:
47:3c:ae:1b:86:db:2b:5f:e5:e8:b0:61:cd:e7:33:59:67:b1:
f9:dc:8b:67:e0:10:f2:59:6d:1f:5c:f4:23:c7:62:25:29:2b:
2f:99:96:9b:e5:c6:f1:d1:df:ac:88:01:8d:67:aa:90:1d:5c:
16:dd:3c:a3:44:7a:12:a8:a0:25:5d:2b:23:06:aa:b4:72:7a:
3d:5b:77:65:96:e2:dc:ff:26:ca:ca:d0:7d:76:5f:a0:05:c0:
bb:89:63:dc:14:b5:9b:05:95:1a:8e:5d:5b:36:c9:83:a2:8e:
8c:f7:16:25:86:b3:f8:5c:75:3a:06:54:29:b6:df:26:10:4b:
68:fc:82:aa:c5:cb:18:47:0f:72:f5:fe:b0:c5:0a:b1:28:bd:
f6:37:5b:e4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYqreLwviT4Ng1biBng0ZVxmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNzMyNzgwNWRmMjBmYjVjMWQ2ZjRlODkwNzQ3NDNjYWVi
MjRhZjcwHhcNMjMwOTE5MDMyNTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTFmOTcwYzg3MDRkODUwOGM1OGYyMzFkZWQyN2E1NzgwZDM2NDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9BwB1BLy1LAFgJ7x6v/CeAXT25+q
Lqtgko8UJNAayzN3zQcXfsLj40y6lV++L7olCRJ9KF+n66j8naoPmVY4n8i3pOfw
ibfMPh+oyH8BR2pna9lvtZE6KwpYng0FkpoLnbX2Z7oxdEztSoXixN+Vp1nfJMT3
a5xMofC2UhyOHhgi14/F8GEWhQtQ4vHpObZu5x+yC/AoBaXfP8iH4U47RI4iotu1
UTEUUugwkYN+tqWxTHqDNPaIuYkkzK+w96rS87w9BO7m3EM8FMG/k+fLQRzkV6ZF
bhb66DiVIfNiiB5PWHfVxWFnmagsVXGw6nggoMkuMMTGwnxo9n1gcvHSuQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE4flwyHBNhQjFjyMd7SeleA02SYMB8GA1UdIwQY
MBaAFApzJ4Bd8g+1wdb06JB0dDyuskr3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEt
MTBiYjQ1NzlkNTI4LzEvVGgtWERJY0UyRkNNV1BJeDN0SjZWNERUWkpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEtMTBiYjQ1NzlkNTI4
LzEvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuaLqAwQA
wSv7AwQAwh+FMA0GCSqGSIb3DQEBCwUAA4IBAQAwRNtpHzCwyDnpIaP9QK4570w+
szch4GPYDFoP+c6jdNfyWjlNZuEMn7R7D99mp5u9jZIPI+8ttgpBioyEQV6oZYFh
dC2S/0wnREq2SxoVeyT3fTdfpfkuwH2iDNlc9E8iLRuBOVSYi4LHY7VHPK4bhtsr
X+XosGHN5zNZZ7H53Itn4BDyWW0fXPQjx2IlKSsvmZab5cbx0d+siAGNZ6qQHVwW
3TyjRHoSqKAlXSsjBqq0cno9W3dlluLc/ybKytB9dl+gBcC7iWPcFLWbBZUajl1b
NsmDoo6M9xYlhrP4XHU6BlQptt8mEEto/IKqxcsYRw9y9f6wxQqxKL32N1vk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:15 2024 by rpki-client on console-fra.rpki-client.org