Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/84c76e-a15c-454f-a686-000922a5cf19/1/1-tw88J4-H6qxEuj4mesDhwFKDD8.roa
File: 1-tw88J4-H6qxEuj4mesDhwFKDD8.roa (raw, json)
Hash identifier: wTquH+nq/KivNrl2b63vX+jJ3FfuxwKO8MwpT5RwdSo=
Subject key identifier: FA:DC:3C:F0:9E:3E:1F:AA:B1:12:E8:F8:99:EB:03:87:01:4A:0C:3F
Certificate issuer: /CN=fcde8ca3e2ce52bbcce53c4a2926d3c9c410c04b
Certificate serial: 018F71AFDDA82B2294939D8713273C0240CC
Authority key identifier: FC:DE:8C:A3:E2:CE:52:BB:CC:E5:3C:4A:29:26:D3:C9:C4:10:C0:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_N6Mo-LOUrvM5TxKKSbTycQQwEs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/84c76e-a15c-454f-a686-000922a5cf19/1/1-tw88J4-H6qxEuj4mesDhwFKDD8.roa
Signing time: Mon 13 May 2024 11:21:41 +0000
ROA not before: Mon 13 May 2024 11:21:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206782
IP address blocks: 185.176.148.0/22 maxlen: 22
185.176.148.0/24 maxlen: 24
185.176.149.0/24 maxlen: 24
185.176.150.0/24 maxlen: 24
185.176.151.0/24 maxlen: 24
2a0a:1980::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 24 May 2024 15:21:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:71:af:dd:a8:2b:22:94:93:9d:87:13:27:3c:02:40:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fcde8ca3e2ce52bbcce53c4a2926d3c9c410c04b
Validity
Not Before: May 13 11:21:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fadc3cf09e3e1faab112e8f899eb0387014a0c3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6e:f4:bb:1d:e9:76:53:fd:15:a1:f7:03:fe:
c4:78:03:7d:8d:96:d6:f1:89:09:39:84:b6:cd:8f:
1e:17:a8:71:cb:1c:ce:18:4d:3b:e5:15:fd:6a:ff:
41:0d:09:8c:bb:c5:61:57:57:b5:0f:1e:6b:13:84:
22:ea:3e:4c:16:51:d7:83:b6:a3:44:00:46:d7:65:
63:37:4a:95:2a:08:a2:93:12:10:e1:97:75:57:b7:
c6:c7:24:c7:af:36:17:5b:d5:db:3e:1c:93:b4:9e:
46:e3:e8:52:c6:fa:03:4a:31:9b:19:00:31:f0:41:
21:f0:82:41:9c:17:04:46:91:cc:cd:fe:2f:ab:50:
a1:39:4a:87:9e:16:5d:12:45:a3:04:9c:c9:3d:db:
07:be:a1:11:5d:d6:40:ee:2c:62:ca:b0:14:45:ce:
4f:86:96:3e:90:33:96:85:32:4d:5d:8e:84:41:20:
58:4b:c7:cf:34:28:d8:3e:ac:4e:c5:6c:44:e7:2e:
36:2c:28:36:cd:14:36:74:e0:17:b6:61:52:b6:07:
3a:0c:2e:de:9d:36:d8:85:13:4d:a1:04:06:72:64:
a5:95:3c:d7:c6:87:5f:3e:61:4a:ea:c8:9c:d9:b9:
a7:4d:4f:8f:7c:46:d9:9b:fd:70:7e:36:fc:7b:74:
98:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:DC:3C:F0:9E:3E:1F:AA:B1:12:E8:F8:99:EB:03:87:01:4A:0C:3F
X509v3 Authority Key Identifier:
keyid:FC:DE:8C:A3:E2:CE:52:BB:CC:E5:3C:4A:29:26:D3:C9:C4:10:C0:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_N6Mo-LOUrvM5TxKKSbTycQQwEs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/84c76e-a15c-454f-a686-000922a5cf19/1/1-tw88J4-H6qxEuj4mesDhwFKDD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/84c76e-a15c-454f-a686-000922a5cf19/1/_N6Mo-LOUrvM5TxKKSbTycQQwEs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.176.148.0/22
IPv6:
2a0a:1980::/29
Signature Algorithm: sha256WithRSAEncryption
6c:4f:ec:2a:68:e5:d7:65:fb:c5:1b:47:9c:c4:ea:75:53:2f:
3e:24:d0:25:bb:53:ac:14:a9:3d:64:2b:ee:1d:b3:0d:61:51:
ab:e6:81:32:0d:fb:45:a9:15:cd:b0:09:5d:12:71:5d:9a:42:
a5:53:4e:b3:48:f1:16:56:16:ae:82:ff:ac:52:49:2e:4c:be:
1a:8b:21:ed:b7:75:49:21:f0:4c:07:3e:ba:2a:8c:29:7e:4d:
36:a4:0c:a0:c7:f5:f2:98:45:07:6d:54:45:21:e3:3c:90:f8:
6e:59:2a:86:9b:33:9f:82:78:96:cc:50:87:4c:a8:45:fa:8d:
b3:41:66:15:89:9f:ca:c1:be:97:27:aa:63:0c:3a:bd:e1:38:
58:d7:6e:ab:be:74:54:97:18:08:d5:1c:b4:45:92:14:3e:da:
ea:55:5f:49:70:ea:55:74:5d:83:cb:dd:f0:57:ee:f1:8a:97:
3a:91:d9:eb:b8:9e:cb:93:a1:d4:d0:ea:a2:9e:5b:d2:85:5e:
63:1d:96:4e:77:c1:35:4c:42:ab:bd:2b:35:cc:77:eb:3f:05:
b9:64:ba:da:a2:2f:d5:0d:f7:82:25:4c:24:ea:10:eb:c5:1c:
6e:8a:81:98:7b:65:24:28:30:73:b6:7e:c5:00:c8:45:01:22:
bf:3e:3b:33
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAY9xr92oKyKUk52HEyc8AkDMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjZGU4Y2EzZTJjZTUyYmJjY2U1M2M0YTI5MjZkM2M5YzQx
MGMwNGIwHhcNMjQwNTEzMTEyMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWRjM2NmMDllM2UxZmFhYjExMmU4Zjg5OWViMDM4NzAxNGEwYzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuG70ux3pdlP9FaH3A/7EeAN9jZbW
8YkJOYS2zY8eF6hxyxzOGE075RX9av9BDQmMu8VhV1e1Dx5rE4Qi6j5MFlHXg7aj
RABG12VjN0qVKgiikxIQ4Zd1V7fGxyTHrzYXW9XbPhyTtJ5G4+hSxvoDSjGbGQAx
8EEh8IJBnBcERpHMzf4vq1ChOUqHnhZdEkWjBJzJPdsHvqERXdZA7ixiyrAURc5P
hpY+kDOWhTJNXY6EQSBYS8fPNCjYPqxOxWxE5y42LCg2zRQ2dOAXtmFStgc6DC7e
nTbYhRNNoQQGcmSllTzXxodfPmFK6sic2bmnTU+PfEbZm/1wfjb8e3SYmwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPrcPPCePh+qsRLo+JnrA4cBSgw/MB8GA1UdIwQY
MBaAFPzejKPizlK7zOU8Sikm08nEEMBLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX042TW8tTE9VcnZNNVR4S0tTYlR5Y1FRd0VzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC84NGM3NmUtYTE1Yy00NTRmLWE2ODYt
MDAwOTIyYTVjZjE5LzEvMS10dzg4SjQtSDZxeEV1ajRtZXNEaHdGS0REOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTQvODRjNzZlLWExNWMtNDU0Zi1hNjg2LTAwMDkyMmE1Y2Yx
OS8xL19ONk1vLUxPVXJ2TTVUeEtLU2JUeWNRUXdFcy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmwlDAN
BAIAAjAHAwUDKgoZgDANBgkqhkiG9w0BAQsFAAOCAQEAbE/sKmjl12X7xRtHnMTq
dVMvPiTQJbtTrBSpPWQr7h2zDWFRq+aBMg37RakVzbAJXRJxXZpCpVNOs0jxFlYW
roL/rFJJLky+Gosh7bd1SSHwTAc+uiqMKX5NNqQMoMf18phFB21URSHjPJD4blkq
hpszn4J4lsxQh0yoRfqNs0FmFYmfysG+lyeqYww6veE4WNduq750VJcYCNUctEWS
FD7a6lVfSXDqVXRdg8vd8Ffu8YqXOpHZ67iey5Oh1NDqop5b0oVeYx2WTnfBNUxC
q70rNcx36z8FuWS62qIv1Q33giVMJOoQ68UcboqBmHtlJCgwc7Z+xQDIRQEivz47
Mw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:02 2024 by rpki-client on console-fra.rpki-client.org