Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/cf4946-f5c2-45aa-9a41-f44299865a28/1/tVnSh2Lmtq3jxqeWPSLH_at6UwQ.roa
File: tVnSh2Lmtq3jxqeWPSLH_at6UwQ.roa (raw, json)
Hash identifier: KlXPrPs8Dp8qEiuUjK41482vedvWoAUbpdrGTC8/APw=
Subject key identifier: B5:59:D2:87:62:E6:B6:AD:E3:C6:A7:96:3D:22:C7:FD:AB:7A:53:04
Certificate issuer: /CN=9280fdc9e7a86430c8e28f5e349e317fbb8a1ca9
Certificate serial: 0187EBB79EC5D3466D428DE95BB25B41DC55
Authority key identifier: 92:80:FD:C9:E7:A8:64:30:C8:E2:8F:5E:34:9E:31:7F:BB:8A:1C:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/koD9yeeoZDDI4o9eNJ4xf7uKHKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/cf4946-f5c2-45aa-9a41-f44299865a28/1/tVnSh2Lmtq3jxqeWPSLH_at6UwQ.roa
Signing time: Fri 05 May 2023 11:41:32 +0000
ROA not before: Fri 05 May 2023 11:41:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206993
IP address blocks: 185.169.172.0/24 maxlen: 24
185.169.174.0/24 maxlen: 24
185.169.175.0/24 maxlen: 24
185.169.173.0/24 maxlen: 24
193.160.37.0/24 maxlen: 24
193.160.34.0/24 maxlen: 24
193.160.38.0/24 maxlen: 24
193.160.35.0/24 maxlen: 24
193.160.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:eb:b7:9e:c5:d3:46:6d:42:8d:e9:5b:b2:5b:41:dc:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9280fdc9e7a86430c8e28f5e349e317fbb8a1ca9
Validity
Not Before: May 5 11:41:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b559d28762e6b6ade3c6a7963d22c7fdab7a5304
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:92:0a:29:ac:6e:bc:98:34:60:a3:d4:e5:99:
e2:52:98:1f:cf:b7:1a:b6:b8:46:3e:b7:7b:3a:7f:
71:b1:e0:b3:2e:46:f5:a0:24:2f:19:42:95:0f:a3:
46:5d:aa:07:24:6a:75:84:f2:fc:cf:d4:d7:a4:99:
b4:db:46:2b:68:e5:07:2d:9d:f7:e6:3a:9e:10:41:
bf:04:93:87:e5:75:f1:ce:ce:f6:b0:f7:15:a8:74:
66:12:e9:74:8b:5c:74:dd:1b:51:33:7a:3e:d9:56:
ba:bb:98:be:59:21:19:b3:25:71:21:14:33:ab:f6:
04:15:20:24:cf:90:9a:cf:53:42:eb:7f:ee:c8:57:
8f:3d:1b:c9:cd:05:35:5a:a7:4b:65:26:5c:80:7d:
86:d4:91:83:e5:18:af:1a:69:68:b3:93:64:3c:d8:
d3:83:97:37:13:26:2c:9a:dc:42:5d:16:0e:cb:eb:
b2:65:c4:fd:38:7b:bf:a2:53:7e:38:dc:da:a0:2f:
0b:9d:ce:7e:b7:79:e6:31:b2:9a:a2:2f:c4:78:26:
75:4a:41:54:6b:c6:b5:8f:55:4d:cd:64:44:0d:0b:
ff:8e:9b:ca:28:a3:37:2a:f5:f2:63:32:19:24:c6:
5c:16:2d:4c:ac:09:91:2e:17:23:3d:5f:02:a6:e2:
0b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:59:D2:87:62:E6:B6:AD:E3:C6:A7:96:3D:22:C7:FD:AB:7A:53:04
X509v3 Authority Key Identifier:
keyid:92:80:FD:C9:E7:A8:64:30:C8:E2:8F:5E:34:9E:31:7F:BB:8A:1C:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/koD9yeeoZDDI4o9eNJ4xf7uKHKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/cf4946-f5c2-45aa-9a41-f44299865a28/1/tVnSh2Lmtq3jxqeWPSLH_at6UwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/cf4946-f5c2-45aa-9a41-f44299865a28/1/koD9yeeoZDDI4o9eNJ4xf7uKHKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.169.172.0/22
193.160.34.0-193.160.38.255
Signature Algorithm: sha256WithRSAEncryption
71:9c:da:b4:94:47:f6:3b:4e:29:8a:6b:54:48:93:72:fe:c3:
e3:4a:b9:6c:f4:db:40:d1:a5:2b:4d:20:57:b9:3d:3c:de:53:
39:36:1b:b1:6a:9f:a2:42:23:f0:b3:38:05:a6:9f:ad:04:e0:
b2:de:85:1e:5a:3f:42:fb:85:04:0a:6d:39:be:b4:58:c5:f8:
11:4f:f6:46:4a:d0:50:86:64:02:89:61:61:8f:a6:23:b9:f8:
a7:3a:25:81:6a:38:50:76:18:22:9f:3c:ab:f2:f1:94:cc:d6:
ca:38:6f:37:9e:af:ea:1a:ba:45:f8:94:63:e2:06:b6:bf:6e:
ad:ad:20:38:ca:0a:6f:4f:d7:0d:00:50:64:bf:0a:b5:8f:b9:
ed:3f:0f:47:50:92:52:9d:d9:e3:15:7d:a5:36:2e:e7:ad:69:
85:2e:dd:1a:7d:01:e5:89:52:fd:aa:a3:93:45:33:4b:83:09:
ec:67:67:ba:d1:e0:96:b9:7b:89:ad:83:8f:0c:f6:b6:87:04:
9b:57:14:5e:57:17:f4:c4:eb:4a:88:66:78:0e:26:e0:81:eb:
4d:3a:ec:61:1d:d5:77:b7:36:35:b3:8b:f3:d0:9e:89:51:84:
ec:23:10:40:dc:e6:ec:51:7c:80:ea:e7:ee:8b:b3:bf:62:f9:
c2:18:28:d9
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYfrt57F00ZtQo3pW7JbQdxVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyODBmZGM5ZTdhODY0MzBjOGUyOGY1ZTM0OWUzMTdmYmI4
YTFjYTkwHhcNMjMwNTA1MTE0MTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTU5ZDI4NzYyZTZiNmFkZTNjNmE3OTYzZDIyYzdmZGFiN2E1MzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJIKKaxuvJg0YKPU5ZniUpgfz7ca
trhGPrd7On9xseCzLkb1oCQvGUKVD6NGXaoHJGp1hPL8z9TXpJm020YraOUHLZ33
5jqeEEG/BJOH5XXxzs72sPcVqHRmEul0i1x03RtRM3o+2Va6u5i+WSEZsyVxIRQz
q/YEFSAkz5Caz1NC63/uyFePPRvJzQU1WqdLZSZcgH2G1JGD5RivGmlos5NkPNjT
g5c3EyYsmtxCXRYOy+uyZcT9OHu/olN+ONzaoC8Lnc5+t3nmMbKaoi/EeCZ1SkFU
a8a1j1VNzWREDQv/jpvKKKM3KvXyYzIZJMZcFi1MrAmRLhcjPV8CpuILvQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLVZ0odi5rat48anlj0ix/2relMEMB8GA1UdIwQY
MBaAFJKA/cnnqGQwyOKPXjSeMX+7ihypMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva29EOXllZW9aRERJNG85ZU5KNHhmN3VLSEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9jZjQ5NDYtZjVjMi00NWFhLTlhNDEt
ZjQ0Mjk5ODY1YTI4LzEvdFZuU2gyTG10cTNqeHFlV1BTTEhfYXQ2VXdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9jZjQ5NDYtZjVjMi00NWFhLTlhNDEtZjQ0Mjk5ODY1YTI4
LzEva29EOXllZW9aRERJNG85ZU5KNHhmN3VLSEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCuamsMAwD
BAHBoCIDBADBoCYwDQYJKoZIhvcNAQELBQADggEBAHGc2rSUR/Y7TimKa1RIk3L+
w+NKuWz020DRpStNIFe5PTzeUzk2G7Fqn6JCI/CzOAWmn60E4LLehR5aP0L7hQQK
bTm+tFjF+BFP9kZK0FCGZAKJYWGPpiO5+Kc6JYFqOFB2GCKfPKvy8ZTM1so4bzee
r+oaukX4lGPiBra/bq2tIDjKCm9P1w0AUGS/CrWPue0/D0dQklKd2eMVfaU2Luet
aYUu3Rp9AeWJUv2qo5NFM0uDCexnZ7rR4Ja5e4mtg48M9raHBJtXFF5XF/TE60qI
ZngOJuCB60067GEd1Xe3NjWzi/PQnolRhOwjEEDc5uxRfIDq5+6Ls79i+cIYKNk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:44 2024 by rpki-client on console-fra.rpki-client.org