Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Tf0FhPpwG9On95wO4WYZIvjqdDs.roa
File: Tf0FhPpwG9On95wO4WYZIvjqdDs.roa (raw, json)
Hash identifier: bORtHfmm+f5JUpWInirgJQPywhwmvVQmMsmnrB4GdXI=
Subject key identifier: 4D:FD:05:84:FA:70:1B:D3:A7:F7:9C:0E:E1:66:19:22:F8:EA:74:3B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0186D62EC0EDB88BD494695D14A8BF6FB3C0
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Tf0FhPpwG9On95wO4WYZIvjqdDs.roa
Signing time: Sun 12 Mar 2023 14:17:13 +0000
ROA not before: Sun 12 Mar 2023 14:17:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138687
IP address blocks: 194.87.255.0/24 maxlen: 24
194.87.180.0/24 maxlen: 24
194.58.61.0/24 maxlen: 24
212.193.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 Mar 2023 08:17:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:d6:2e:c0:ed:b8:8b:d4:94:69:5d:14:a8:bf:6f:b3:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 12 14:17:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4dfd0584fa701bd3a7f79c0ee1661922f8ea743b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:5e:da:13:f7:54:f7:41:f1:f4:6e:d1:5e:0a:
41:d3:0d:45:30:bc:82:01:23:c0:38:7b:4f:56:2b:
0e:a9:9d:a4:13:c3:3e:b1:1a:f9:4f:24:d7:92:22:
c1:13:64:f6:d8:99:45:3e:c2:bc:01:62:60:2a:02:
cb:c4:04:3f:5d:22:e7:2e:e6:d6:dd:b4:76:e4:c0:
8a:02:d9:fa:55:39:fd:29:b2:7d:36:13:b1:1a:12:
65:5b:9c:4d:5f:f7:98:17:6c:df:fc:d5:cd:be:71:
b6:bb:e6:e6:8f:c9:05:29:dc:f5:04:8b:4d:0e:35:
ed:55:e7:d9:74:02:5f:1d:4b:b3:10:42:73:3a:aa:
18:b3:28:58:4c:33:c8:4e:22:da:4c:ee:90:2e:96:
a6:cf:4c:62:63:35:e1:b3:32:6e:01:f0:ff:7e:cf:
59:4f:4b:40:34:fd:b4:05:82:aa:0a:c1:41:10:a4:
d4:bb:05:bd:08:cf:ca:b3:31:b2:f5:31:e8:7f:78:
fb:b4:a1:f0:0c:98:9b:f0:ca:d8:6f:bc:75:b6:76:
ef:7a:75:80:94:f8:f0:7e:da:03:92:f4:74:86:30:
35:a9:7b:e4:33:69:2d:d4:af:8c:29:32:5e:9d:68:
01:4c:88:98:ed:e0:70:be:6c:a9:14:5c:14:98:04:
bd:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:FD:05:84:FA:70:1B:D3:A7:F7:9C:0E:E1:66:19:22:F8:EA:74:3B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Tf0FhPpwG9On95wO4WYZIvjqdDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.61.0/24
194.87.180.0/24
194.87.255.0/24
212.193.5.0/24
Signature Algorithm: sha256WithRSAEncryption
70:39:6f:55:18:2e:b6:68:82:50:32:db:96:93:1e:62:83:77:
66:58:b1:19:64:b8:a0:53:86:3a:5a:52:57:f0:b7:ab:60:d9:
3f:38:87:80:e1:85:58:41:9e:bf:c3:da:84:cf:4b:27:b7:35:
53:84:5f:1c:39:04:26:19:ea:e0:3d:91:78:9e:b1:fb:a1:b9:
55:a2:25:82:e2:5e:c1:2e:13:e7:f9:64:9e:ad:4e:36:3e:17:
10:b3:19:20:93:72:37:53:c6:e2:21:6a:98:b4:ee:4e:e4:94:
fc:9a:f9:87:29:3d:c5:f7:c9:84:b6:5b:28:71:db:4a:b2:37:
ac:8f:a3:f1:08:77:a0:a7:eb:f6:b0:4c:fd:06:41:58:ae:ba:
f4:ff:e1:00:ae:5e:47:fd:e9:de:8b:b5:bf:c0:17:cc:28:52:
0b:af:ae:16:8e:05:ba:5e:38:09:d9:c3:2c:79:c1:be:8f:6e:
d3:a6:8b:b4:3e:f9:bc:d5:b5:f7:be:33:86:2f:8d:b9:2a:ff:
7a:fc:df:fc:bb:09:93:8d:f3:b4:13:39:7b:ea:2c:d9:2c:15:
95:52:0c:b0:66:5a:37:5b:04:18:d0:84:bd:be:e8:a8:d9:d4:
74:8e:6c:5f:d8:42:9e:fa:8e:fa:24:50:f9:c3:5b:40:a9:2d:
43:12:a8:43
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYbWLsDtuIvUlGldFKi/b7PAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzEyMTQxNzEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGZkMDU4NGZhNzAxYmQzYTdmNzljMGVlMTY2MTkyMmY4ZWE3NDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl17aE/dU90Hx9G7RXgpB0w1FMLyC
ASPAOHtPVisOqZ2kE8M+sRr5TyTXkiLBE2T22JlFPsK8AWJgKgLLxAQ/XSLnLubW
3bR25MCKAtn6VTn9KbJ9NhOxGhJlW5xNX/eYF2zf/NXNvnG2u+bmj8kFKdz1BItN
DjXtVefZdAJfHUuzEEJzOqoYsyhYTDPITiLaTO6QLpamz0xiYzXhszJuAfD/fs9Z
T0tANP20BYKqCsFBEKTUuwW9CM/KszGy9THof3j7tKHwDJib8MrYb7x1tnbvenWA
lPjwftoDkvR0hjA1qXvkM2kt1K+MKTJenWgBTIiY7eBwvmypFFwUmAS9mwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFE39BYT6cBvTp/ecDuFmGSL46nQ7MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVGYwRmhQcHdHOU9uOTV3TzRXWVpJdmpxZERzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwjo9AwQA
wle0AwQAwlf/AwQA1MEFMA0GCSqGSIb3DQEBCwUAA4IBAQBwOW9VGC62aIJQMtuW
kx5ig3dmWLEZZLigU4Y6WlJX8LerYNk/OIeA4YVYQZ6/w9qEz0sntzVThF8cOQQm
GergPZF4nrH7oblVoiWC4l7BLhPn+WSerU42PhcQsxkgk3I3U8biIWqYtO5O5JT8
mvmHKT3F98mEtlsocdtKsjesj6PxCHegp+v2sEz9BkFYrrr0/+EArl5H/enei7W/
wBfMKFILr64WjgW6XjgJ2cMsecG+j27Tpou0Pvm81bX3vjOGL425Kv96/N/8uwmT
jfO0Ezl76izZLBWVUgywZlo3WwQY0IS9vuio2dR0jmxf2EKe+o76JFD5w1tAqS1D
EqhD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:17 2024 by rpki-client on console-fra.rpki-client.org