Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TeTlBAEtGDTrKkE0hX7awQ6bG1M.roa
File: TeTlBAEtGDTrKkE0hX7awQ6bG1M.roa (raw, json)
Hash identifier: OJloQxHH3MChpduUot4Ys0rLsDhgoIcVMaZP9vLxThI=
Subject key identifier: 4D:E4:E5:04:01:2D:18:34:EB:2A:41:34:85:7E:DA:C1:0E:9B:1B:53
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185BA02C70F3061ACEC5B917584919CF326
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TeTlBAEtGDTrKkE0hX7awQ6bG1M.roa
Signing time: Mon 16 Jan 2023 09:57:01 +0000
ROA not before: Mon 16 Jan 2023 09:57:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204843
IP address blocks: 193.124.16.0/24 maxlen: 24
62.76.232.0/24 maxlen: 24
62.76.235.0/24 maxlen: 24
194.87.37.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
212.192.211.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
193.124.93.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 29 Jan 2023 09:38:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ba:02:c7:0f:30:61:ac:ec:5b:91:75:84:91:9c:f3:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 16 09:57:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4de4e504012d1834eb2a4134857edac10e9b1b53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:e5:c4:c1:de:af:60:e6:d5:5d:e3:25:85:8b:
28:81:60:f1:48:ac:8c:6c:cc:70:cd:2e:6e:2e:20:
0a:88:f4:54:a7:32:aa:6e:c5:d7:13:5d:0d:d8:fe:
55:c1:fc:37:de:0e:72:25:ee:c9:98:ed:d3:ec:01:
51:b6:cf:46:f4:0a:ba:1d:99:7b:5f:1f:e9:5c:ba:
86:2b:3f:ef:51:e1:68:00:ba:59:a1:25:c0:d2:58:
5d:f9:19:a3:f0:89:dd:9e:9c:3a:0f:d8:17:e3:41:
03:08:ad:15:a2:65:bc:58:b2:4f:b5:7c:f2:05:ef:
4d:8b:7c:c5:aa:51:fb:12:cf:9d:92:35:73:b4:6d:
52:ab:11:10:08:96:a3:41:1d:ea:00:33:1c:77:df:
14:cd:50:30:e6:47:54:b4:0f:84:62:29:fe:82:97:
51:1e:42:22:f4:27:7d:b3:2d:57:37:c9:d7:db:ef:
6b:d2:9b:47:bf:18:36:6b:c1:c0:31:38:c3:02:7f:
2c:4a:b5:33:81:2f:bf:7c:71:66:4f:5f:fe:fe:90:
26:5d:32:1c:49:3f:63:b4:e9:74:4d:47:8e:f5:1a:
a3:00:86:77:90:66:3e:e4:ec:de:08:c5:da:40:87:
19:f0:08:b2:91:69:1a:57:d7:4a:f6:91:83:44:e2:
7b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:E4:E5:04:01:2D:18:34:EB:2A:41:34:85:7E:DA:C1:0E:9B:1B:53
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TeTlBAEtGDTrKkE0hX7awQ6bG1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.232.0/24
62.76.235.0/24
193.124.16.0/24
193.124.93.0/24
194.87.36.0/23
194.87.177.0/24
195.58.54.0/24
212.192.211.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:a4:c7:09:f2:b8:7e:9e:51:d5:71:87:0f:4a:a0:e9:03:f2:
89:46:da:42:ce:32:cf:4e:bb:40:2e:91:88:78:2e:9e:b4:5f:
ba:43:f9:61:08:14:fc:a9:74:8d:2c:22:1a:03:f8:64:db:9d:
34:34:69:d8:82:bf:e8:67:d0:6b:dc:00:79:a2:64:7b:da:61:
b7:42:02:e4:4b:cd:d0:53:70:ac:cf:df:fc:67:78:e7:af:cf:
42:e5:a0:c1:c2:37:5b:f3:61:80:f2:07:91:75:0c:7d:f2:43:
b2:bc:2e:b5:ee:da:61:a3:e8:f4:fc:b8:04:71:bb:ee:11:dd:
cf:27:7f:d1:bd:f5:f5:4c:b5:72:38:c9:8d:5c:e2:bc:03:61:
6e:24:5f:f0:7b:4f:cf:41:1e:b5:2d:d2:e7:fc:32:44:77:72:
b6:d0:db:68:1b:0f:ad:27:b5:8e:12:cd:f2:6c:6f:2b:01:7c:
f3:a1:39:cc:de:19:f0:16:0d:9e:ec:4a:13:f4:e9:49:92:87:
08:18:1c:b2:ac:56:87:40:05:04:65:fd:95:8a:5c:6a:9e:a1:
62:20:e2:d6:36:82:b3:a4:d1:7e:87:e1:a5:82:17:66:dc:d9:
6e:68:0d:8c:52:c1:3a:55:09:3d:14:2f:c6:6e:a6:d1:4c:ba:
a0:d0:95:f8
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYW6AscPMGGs7FuRdYSRnPMmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTE2MDk1NzAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGU0ZTUwNDAxMmQxODM0ZWIyYTQxMzQ4NTdlZGFjMTBlOWIxYjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOXEwd6vYObVXeMlhYsogWDxSKyM
bMxwzS5uLiAKiPRUpzKqbsXXE10N2P5Vwfw33g5yJe7JmO3T7AFRts9G9Aq6HZl7
Xx/pXLqGKz/vUeFoALpZoSXA0lhd+Rmj8Indnpw6D9gX40EDCK0VomW8WLJPtXzy
Be9Ni3zFqlH7Es+dkjVztG1SqxEQCJajQR3qADMcd98UzVAw5kdUtA+EYin+gpdR
HkIi9Cd9sy1XN8nX2+9r0ptHvxg2a8HAMTjDAn8sSrUzgS+/fHFmT1/+/pAmXTIc
ST9jtOl0TUeO9RqjAIZ3kGY+5OzeCMXaQIcZ8AiykWkaV9dK9pGDROJ7DwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFE3k5QQBLRg06ypBNIV+2sEOmxtTMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVGVUbEJBRXRHRFRyS2tFMGhYN2F3UTZiRzFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAPkzoAwQA
PkzrAwQAwXwQAwQAwXxdAwQBwlckAwQAwlexAwQAwzo2AwQA1MDTMA0GCSqGSIb3
DQEBCwUAA4IBAQALpMcJ8rh+nlHVcYcPSqDpA/KJRtpCzjLPTrtALpGIeC6etF+6
Q/lhCBT8qXSNLCIaA/hk2500NGnYgr/oZ9Br3AB5omR72mG3QgLkS83QU3Csz9/8
Z3jnr89C5aDBwjdb82GA8geRdQx98kOyvC617tpho+j0/LgEcbvuEd3PJ3/RvfX1
TLVyOMmNXOK8A2FuJF/we0/PQR61LdLn/DJEd3K20NtoGw+tJ7WOEs3ybG8rAXzz
oTnM3hnwFg2e7EoT9OlJkocIGByyrFaHQAUEZf2VilxqnqFiIOLWNoKzpNF+h+Gl
ghdm3NluaA2MUsE6VQk9FC/GbqbRTLqg0JX4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:17 2024 by rpki-client on console-fra.rpki-client.org