Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/tGqe6WEJk1iW2rXMu4EgiMj_x2k.roa
File: tGqe6WEJk1iW2rXMu4EgiMj_x2k.roa (raw, json)
Hash identifier: k+Sb5Zz2bqc+0EdLXvtvvz5uAJ9KTYY8Csg0dHNuT9c=
Subject key identifier: B4:6A:9E:E9:61:09:93:58:96:DA:B5:CC:BB:81:20:88:C8:FF:C7:69
Certificate issuer: /CN=5336a106cecdeba92e0b80e5e9a5c789ba74c62b
Certificate serial: 018D315C57113EAD34BDC8941FC95A1439DF
Authority key identifier: 53:36:A1:06:CE:CD:EB:A9:2E:0B:80:E5:E9:A5:C7:89:BA:74:C6:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UzahBs7N66kuC4Dl6aXHibp0xis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/tGqe6WEJk1iW2rXMu4EgiMj_x2k.roa
Signing time: Mon 22 Jan 2024 13:29:11 +0000
ROA not before: Mon 22 Jan 2024 13:29:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29244
IP address blocks: 85.118.192.0/21 maxlen: 21
85.118.192.0/24 maxlen: 24
85.118.196.0/24 maxlen: 24
91.92.8.0/24 maxlen: 24
91.92.9.0/24 maxlen: 24
91.92.10.0/24 maxlen: 24
91.92.11.0/24 maxlen: 24
91.92.12.0/24 maxlen: 24
91.92.13.0/24 maxlen: 24
91.92.14.0/24 maxlen: 24
91.92.15.0/24 maxlen: 24
149.62.192.0/18 maxlen: 18
149.62.204.0/24 maxlen: 24
149.62.205.0/24 maxlen: 24
149.62.206.0/24 maxlen: 24
149.62.207.0/24 maxlen: 24
149.62.208.0/24 maxlen: 24
149.62.209.0/24 maxlen: 24
193.193.171.0/24 maxlen: 24
193.193.182.0/24 maxlen: 24
193.194.147.0/24 maxlen: 24
193.194.155.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 Jan 2024 12:49:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:31:5c:57:11:3e:ad:34:bd:c8:94:1f:c9:5a:14:39:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5336a106cecdeba92e0b80e5e9a5c789ba74c62b
Validity
Not Before: Jan 22 13:29:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b46a9ee96109935896dab5ccbb812088c8ffc769
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:4a:bb:8b:9a:a3:78:d6:58:49:f9:25:3f:f1:
29:dc:a2:10:7b:26:3e:b3:68:32:90:7f:d5:dd:17:
bb:c5:af:e1:50:2c:df:bb:42:58:f2:76:dd:2c:f0:
c4:24:a4:a8:ad:f4:be:e2:c1:fc:dd:5c:1f:73:85:
ec:ea:ab:b0:c7:65:1e:1c:6f:4b:cd:fd:d8:31:6d:
b4:2d:44:03:c8:15:f6:5a:72:be:ff:6b:ae:e8:28:
c2:98:67:6f:50:0c:da:81:ca:6d:97:0c:bf:d3:7d:
54:77:5b:6e:e2:04:26:35:91:b6:3e:cc:26:8a:ea:
36:08:39:12:29:9a:9c:3b:5a:8c:6a:44:83:77:79:
d1:35:1a:35:62:f4:66:04:1f:71:61:75:dd:30:08:
9e:80:83:81:b2:c7:cf:45:26:c0:80:db:a3:59:3f:
12:1a:da:29:08:81:f6:22:dc:89:43:c3:50:1a:09:
43:ee:0f:0e:bb:c6:0c:1f:b7:7b:fd:79:25:1b:8f:
0f:70:94:33:fb:45:36:ab:88:98:eb:40:76:8f:bc:
17:be:eb:ec:0d:eb:c4:06:83:ba:fc:87:3c:bd:4e:
38:58:44:93:6b:87:b0:51:2c:a1:b8:4d:54:2d:6e:
a9:20:71:e1:17:11:6a:ca:fa:84:05:cc:47:72:74:
19:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:6A:9E:E9:61:09:93:58:96:DA:B5:CC:BB:81:20:88:C8:FF:C7:69
X509v3 Authority Key Identifier:
keyid:53:36:A1:06:CE:CD:EB:A9:2E:0B:80:E5:E9:A5:C7:89:BA:74:C6:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UzahBs7N66kuC4Dl6aXHibp0xis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/tGqe6WEJk1iW2rXMu4EgiMj_x2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/UzahBs7N66kuC4Dl6aXHibp0xis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.118.192.0/21
91.92.8.0/21
149.62.192.0/18
193.193.171.0/24
193.193.182.0/24
193.194.147.0/24
193.194.155.0/24
Signature Algorithm: sha256WithRSAEncryption
63:d8:4b:88:d1:09:6a:19:49:e7:18:eb:a7:3b:c2:8e:95:ed:
88:db:e1:85:fd:b8:c2:e4:a7:63:3f:e0:f6:d9:a3:17:07:0e:
6c:1a:77:a0:a5:87:0e:42:cf:bd:c3:9a:2d:47:fd:49:d1:50:
bc:d9:ce:42:6d:65:73:8a:da:2f:f2:c2:53:9b:33:5e:a8:23:
50:0a:93:55:0a:9d:17:57:59:0a:7e:ff:9b:e2:ea:87:09:40:
df:9b:60:c3:f4:3e:d4:3e:25:5d:19:e0:56:2e:8a:0f:6e:d3:
94:ea:4d:9f:40:ed:6b:19:20:24:c8:05:79:51:d5:29:e3:bd:
7e:45:f7:91:de:01:99:fb:2f:3c:6e:0d:b2:b7:19:33:6d:a1:
f1:b4:a3:7b:b9:9e:75:13:5e:aa:3b:86:54:fc:d5:b9:92:6b:
2a:4f:5b:d7:77:25:a7:6b:58:44:9c:9e:4e:60:40:c0:31:7f:
d2:16:2f:95:b1:cf:a9:d1:d1:4d:69:92:01:90:5b:9a:72:3a:
71:b9:1b:9c:f8:92:30:e2:12:20:77:14:da:78:15:95:ca:d8:
75:5a:18:0a:33:7c:9b:82:90:1e:4b:59:12:d1:71:6a:c8:ec:
9f:7e:6b:db:18:5f:0a:0c:69:31:0f:49:61:15:4b:30:82:79:
06:73:69:af
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY0xXFcRPq00vciUH8laFDnfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMzZhMTA2Y2VjZGViYTkyZTBiODBlNWU5YTVjNzg5YmE3
NGM2MmIwHhcNMjQwMTIyMTMyOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDZhOWVlOTYxMDk5MzU4OTZkYWI1Y2NiYjgxMjA4OGM4ZmZjNzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkq7i5qjeNZYSfklP/Ep3KIQeyY+
s2gykH/V3Re7xa/hUCzfu0JY8nbdLPDEJKSorfS+4sH83Vwfc4Xs6quwx2UeHG9L
zf3YMW20LUQDyBX2WnK+/2uu6CjCmGdvUAzagcptlwy/031Ud1tu4gQmNZG2Pswm
iuo2CDkSKZqcO1qMakSDd3nRNRo1YvRmBB9xYXXdMAiegIOBssfPRSbAgNujWT8S
GtopCIH2ItyJQ8NQGglD7g8Ou8YMH7d7/XklG48PcJQz+0U2q4iY60B2j7wXvuvs
DevEBoO6/Ic8vU44WESTa4ewUSyhuE1ULW6pIHHhFxFqyvqEBcxHcnQZ0QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFLRqnulhCZNYltq1zLuBIIjI/8dpMB8GA1UdIwQY
MBaAFFM2oQbOzeupLguA5emlx4m6dMYrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXphaEJzN042Nmt1QzREbDZhWEhpYnAweGlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yNjY5ZWUtNGJhNy00MTEwLTgzNzAt
ZGQ4MDNjNWI4NWRiLzEvdEdxZTZXRUprMWlXMnJYTXU0RWdpTWpfeDJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8yNjY5ZWUtNGJhNy00MTEwLTgzNzAtZGQ4MDNjNWI4NWRi
LzEvVXphaEJzN042Nmt1QzREbDZhWEhpYnAweGlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDVXbAAwQD
W1wIAwQGlT7AAwQAwcGrAwQAwcG2AwQAwcKTAwQAwcKbMA0GCSqGSIb3DQEBCwUA
A4IBAQBj2EuI0QlqGUnnGOunO8KOle2I2+GF/bjC5KdjP+D22aMXBw5sGnegpYcO
Qs+9w5otR/1J0VC82c5CbWVzitov8sJTmzNeqCNQCpNVCp0XV1kKfv+b4uqHCUDf
m2DD9D7UPiVdGeBWLooPbtOU6k2fQO1rGSAkyAV5UdUp471+RfeR3gGZ+y88bg2y
txkzbaHxtKN7uZ51E16qO4ZU/NW5kmsqT1vXdyWna1hEnJ5OYEDAMX/SFi+Vsc+p
0dFNaZIBkFuacjpxuRuc+JIw4hIgdxTaeBWVyth1WhgKM3ybgpAeS1kS0XFqyOyf
fmvbGF8KDGkxD0lhFUswgnkGc2mv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:38 2024 by rpki-client on console-ams.rpki-client.org