Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ef61d6-05d1-4fb2-a6ea-425232fd5643/1/tsZkDxXiGYX23KqfZW7NozPNsLM.roa
File: tsZkDxXiGYX23KqfZW7NozPNsLM.roa (raw, json)
Hash identifier: 953mbDgb2doG5MmgA0GS6Yz3e5OCKSDxQDEmYzLUpIA=
Subject key identifier: B6:C6:64:0F:15:E2:19:85:F6:DC:AA:9F:65:6E:CD:A3:33:CD:B0:B3
Certificate issuer: /CN=cb0ca348ac891c336d8c7945a5bd5b3325eb5f0b
Certificate serial: 018F15C835A87252DEEEFC09FD1DFB71BFB7
Authority key identifier: CB:0C:A3:48:AC:89:1C:33:6D:8C:79:45:A5:BD:5B:33:25:EB:5F:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ywyjSKyJHDNtjHlFpb1bMyXrXws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/ef61d6-05d1-4fb2-a6ea-425232fd5643/1/tsZkDxXiGYX23KqfZW7NozPNsLM.roa
Signing time: Thu 25 Apr 2024 15:03:13 +0000
ROA not before: Thu 25 Apr 2024 15:03:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43646
IP address blocks: 91.197.164.0/22 maxlen: 22
94.247.232.0/21 maxlen: 21
185.215.136.0/22 maxlen: 22
185.241.96.0/22 maxlen: 22
213.205.96.0/19 maxlen: 19
217.71.208.0/21 maxlen: 21
Validation: Failed, certificate revoked on Thu 06 Jun 2024 14:19:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:15:c8:35:a8:72:52:de:ee:fc:09:fd:1d:fb:71:bf:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb0ca348ac891c336d8c7945a5bd5b3325eb5f0b
Validity
Not Before: Apr 25 15:03:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6c6640f15e21985f6dcaa9f656ecda333cdb0b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:5a:8d:2e:1a:cb:7c:22:f4:15:b8:a0:0d:64:
32:43:05:5f:ae:62:3e:45:5c:b6:9b:d2:37:95:fe:
3f:6b:dd:97:be:82:06:a4:46:d7:ae:ab:9e:39:e0:
da:1b:e2:a2:b4:a6:ca:d1:cd:76:15:99:5c:70:57:
5f:a7:14:3d:11:8f:83:8f:89:42:db:e6:8d:de:19:
99:56:5b:38:21:e7:ba:e7:01:9d:ea:7b:c4:59:66:
0a:67:bb:c0:4c:4f:e9:9e:f6:66:8b:4d:c5:1d:0c:
26:b5:94:74:f2:b0:66:0e:ce:42:a9:af:a2:e7:a1:
ed:99:6c:3d:98:75:42:b9:fa:1c:a8:cd:f1:4d:43:
11:96:a6:99:97:aa:c0:10:07:29:9d:81:e3:68:b5:
8c:e3:92:bb:e1:d7:21:52:ba:ee:07:07:5d:b8:cc:
3c:58:6f:4e:4c:31:bf:4d:c9:ab:37:60:83:32:e5:
c6:89:48:92:3f:ff:b6:4d:01:e0:eb:07:f1:fd:42:
69:6a:77:91:68:f0:6f:b2:8d:c2:3f:a8:cb:2e:21:
13:de:2c:73:9a:01:54:24:94:84:14:53:5e:44:21:
21:c5:ce:2b:67:09:1f:92:35:22:ae:5e:6e:d4:5a:
b5:e4:82:2b:3c:0c:de:ee:ec:0e:66:11:88:88:e8:
02:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:C6:64:0F:15:E2:19:85:F6:DC:AA:9F:65:6E:CD:A3:33:CD:B0:B3
X509v3 Authority Key Identifier:
keyid:CB:0C:A3:48:AC:89:1C:33:6D:8C:79:45:A5:BD:5B:33:25:EB:5F:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ywyjSKyJHDNtjHlFpb1bMyXrXws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ef61d6-05d1-4fb2-a6ea-425232fd5643/1/tsZkDxXiGYX23KqfZW7NozPNsLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ef61d6-05d1-4fb2-a6ea-425232fd5643/1/ywyjSKyJHDNtjHlFpb1bMyXrXws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.164.0/22
94.247.232.0/21
185.215.136.0/22
185.241.96.0/22
213.205.96.0/19
217.71.208.0/21
Signature Algorithm: sha256WithRSAEncryption
19:e5:6a:16:b9:5a:8c:83:95:a9:a6:2d:28:23:e7:5a:b5:f1:
26:ad:5e:cd:b8:1b:d6:92:2e:5b:75:a8:ae:1d:ed:c4:0f:b2:
c8:62:61:68:c2:c6:23:c7:86:cb:16:06:a0:93:dd:52:bc:45:
66:78:2b:10:59:c2:ba:cf:bc:c2:47:53:db:90:15:c6:1b:af:
6d:93:1f:5f:64:f6:ca:a5:ca:d0:1c:60:d1:7e:4a:b4:f0:93:
d3:b0:06:9f:f9:e8:3e:f8:7d:6a:ab:0d:c2:81:76:c1:11:a7:
f2:42:70:4f:d8:e4:94:24:c0:66:54:a4:79:01:c1:fe:be:f6:
86:1b:08:3f:a4:87:35:2d:6f:8a:90:d0:7e:b7:df:34:cb:3e:
8f:ac:78:9a:b1:cd:67:ff:71:06:c3:c7:bd:00:ab:46:88:18:
e5:c2:b4:36:2e:98:a8:4e:cc:fd:08:45:4c:46:f2:d1:88:b2:
c9:03:06:ce:e9:78:7d:bc:38:fb:fe:b9:8f:bc:74:5f:03:df:
69:2b:9f:e5:48:1a:49:f9:9e:99:44:e1:d3:a4:88:10:00:13:
57:43:a1:53:85:3a:24:63:53:b3:a9:e5:5f:5d:5b:25:f8:de:
2e:87:06:bf:22:fb:95:76:46:b2:c9:17:e8:28:fd:ab:86:ee:
42:f4:7e:f5
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY8VyDWoclLe7vwJ/R37cb+3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMGNhMzQ4YWM4OTFjMzM2ZDhjNzk0NWE1YmQ1YjMzMjVl
YjVmMGIwHhcNMjQwNDI1MTUwMzEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmM2NjQwZjE1ZTIxOTg1ZjZkY2FhOWY2NTZlY2RhMzMzY2RiMGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1qNLhrLfCL0FbigDWQyQwVfrmI+
RVy2m9I3lf4/a92XvoIGpEbXrqueOeDaG+KitKbK0c12FZlccFdfpxQ9EY+Dj4lC
2+aN3hmZVls4Iee65wGd6nvEWWYKZ7vATE/pnvZmi03FHQwmtZR08rBmDs5Cqa+i
56HtmWw9mHVCufocqM3xTUMRlqaZl6rAEAcpnYHjaLWM45K74dchUrruBwdduMw8
WG9OTDG/TcmrN2CDMuXGiUiSP/+2TQHg6wfx/UJpaneRaPBvso3CP6jLLiET3ixz
mgFUJJSEFFNeRCEhxc4rZwkfkjUirl5u1Fq15IIrPAze7uwOZhGIiOgCWQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLbGZA8V4hmF9tyqn2VuzaMzzbCzMB8GA1UdIwQY
MBaAFMsMo0isiRwzbYx5RaW9WzMl618LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXd5alNLeUpIRE50akhsRnBiMWJNeVhyWHdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9lZjYxZDYtMDVkMS00ZmIyLWE2ZWEt
NDI1MjMyZmQ1NjQzLzEvdHNaa0R4WGlHWVgyM0txZlpXN05velBOc0xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9lZjYxZDYtMDVkMS00ZmIyLWE2ZWEtNDI1MjMyZmQ1NjQz
LzEveXd5alNLeUpIRE50akhsRnBiMWJNeVhyWHdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCW8WkAwQD
XvfoAwQCudeIAwQCufFgAwQF1c1gAwQD2UfQMA0GCSqGSIb3DQEBCwUAA4IBAQAZ
5WoWuVqMg5Wppi0oI+datfEmrV7NuBvWki5bdaiuHe3ED7LIYmFowsYjx4bLFgag
k91SvEVmeCsQWcK6z7zCR1PbkBXGG69tkx9fZPbKpcrQHGDRfkq08JPTsAaf+eg+
+H1qqw3CgXbBEafyQnBP2OSUJMBmVKR5AcH+vvaGGwg/pIc1LW+KkNB+t980yz6P
rHiasc1n/3EGw8e9AKtGiBjlwrQ2LpioTsz9CEVMRvLRiLLJAwbO6Xh9vDj7/rmP
vHRfA99pK5/lSBpJ+Z6ZROHTpIgQABNXQ6FThTokY1OzqeVfXVsl+N4uhwa/IvuV
dkayyRfoKP2rhu5C9H71
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:13 2025 by rpki-client