Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tTC_OtVSifjjWUkHWQeD9sV-1FA.roa
File: tTC_OtVSifjjWUkHWQeD9sV-1FA.roa (raw, json)
Hash identifier: RLbVnMMFOPiHJKLpbZ1BUHVEDzJL90KSeJt+bgQUUP4=
Subject key identifier: B5:30:BF:3A:D5:52:89:F8:E3:59:49:07:59:07:83:F6:C5:7E:D4:50
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018C7D45F93F4F4D7CFA16064F874616FC0A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tTC_OtVSifjjWUkHWQeD9sV-1FA.roa
Signing time: Mon 18 Dec 2023 14:13:06 +0000
ROA not before: Mon 18 Dec 2023 14:13:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 84.21.173.0/24 maxlen: 24
87.120.64.0/23 maxlen: 24
94.103.126.0/24 maxlen: 24
87.121.57.0/24 maxlen: 24
87.121.56.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
87.120.220.0/23 maxlen: 24
94.156.78.0/24 maxlen: 24
87.121.100.0/24 maxlen: 24
87.121.101.0/24 maxlen: 24
194.59.30.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Dec 2023 07:18:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7d:45:f9:3f:4f:4d:7c:fa:16:06:4f:87:46:16:fc:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 18 14:13:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b530bf3ad55289f8e3594907590783f6c57ed450
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ea:43:aa:11:86:7b:de:f2:e8:22:91:cd:8a:
78:29:6f:8e:2e:83:56:86:94:4c:60:40:b9:48:dd:
38:b6:29:f6:aa:58:9b:1d:12:09:ee:07:84:a8:d4:
ca:a7:62:e3:9f:69:b6:5a:7d:57:17:73:47:04:85:
6e:c3:bd:57:15:0e:18:93:5b:6d:c3:dc:df:1e:c6:
6d:0c:2b:89:f1:79:2f:e9:f8:9d:37:3f:82:bd:36:
3f:8f:e4:da:52:9b:07:41:29:46:95:91:80:60:a2:
fc:87:e1:a2:4f:cd:9b:54:3f:24:0c:81:a3:6a:fb:
c0:31:37:6f:b6:b3:d2:35:3c:9e:7e:6b:90:a8:c2:
18:a2:0e:7c:47:aa:bd:a5:01:9f:d2:93:32:ee:0e:
35:18:a3:cd:14:4c:1b:7a:70:25:58:75:9f:40:d7:
48:35:8a:91:16:89:ea:82:24:bc:84:29:55:22:b2:
a0:e1:e9:6a:2d:d0:59:af:1c:80:53:23:66:8c:2e:
50:8b:70:cb:86:92:03:c3:bf:e6:60:96:98:23:fc:
d2:1f:f8:ef:d9:cc:ee:2a:95:b0:b3:2d:46:44:86:
c8:ea:ed:0a:cf:68:b7:a5:44:78:95:1a:7d:91:85:
bc:e8:b1:55:bb:08:5c:93:b9:46:0f:1a:7b:7d:82:
bb:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:30:BF:3A:D5:52:89:F8:E3:59:49:07:59:07:83:F6:C5:7E:D4:50
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tTC_OtVSifjjWUkHWQeD9sV-1FA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.21.173.0/24
87.120.64.0/23
87.120.220.0/23
87.121.56.0/23
87.121.100.0/23
94.103.126.0/24
94.156.78.0/24
194.59.30.0/24
194.169.174.0/24
Signature Algorithm: sha256WithRSAEncryption
af:d4:b4:0c:14:47:4e:f4:00:30:69:76:f8:fa:84:e4:8e:87:
f7:ef:fc:be:c6:c5:dc:56:a1:c2:0a:4a:19:3f:a1:b8:d4:f2:
2f:73:d7:46:9b:ef:6c:bc:2a:58:c1:8a:20:df:9d:c5:9a:75:
58:5c:50:8f:c1:ca:a7:9d:22:99:b7:c0:b5:03:57:aa:68:44:
62:0e:24:a4:ee:25:47:ae:37:91:d8:e1:44:48:a2:b4:64:dc:
bb:3a:ec:32:16:ee:4a:f2:29:42:5a:14:74:55:4a:b2:75:f9:
9d:39:44:70:b6:97:bd:d1:16:02:e4:2e:75:13:a0:34:3b:13:
40:cf:03:69:17:fc:9a:d0:53:5c:15:18:ed:ae:9a:3f:e7:91:
c3:86:9d:cf:3c:d0:10:94:42:76:c6:9a:a5:fe:8e:d6:fe:59:
25:2c:0c:10:72:42:cb:ef:a6:aa:5d:8b:94:d0:b7:dc:b5:b3:
2d:05:9d:91:68:81:10:74:03:06:8f:b1:d0:5e:d3:27:35:66:
17:4c:a5:8e:9e:7f:67:60:a3:ae:c6:4c:4b:8f:1d:67:6d:a2:
29:8d:8d:f2:55:5a:cf:6c:e7:57:b5:02:20:11:5e:5b:36:cb:
27:1c:56:69:cd:d0:d6:24:49:6a:58:bc:b4:2c:64:32:6d:c6:
ac:b0:2b:e0
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYx9Rfk/T018+hYGT4dGFvwKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjE4MTQxMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTMwYmYzYWQ1NTI4OWY4ZTM1OTQ5MDc1OTA3ODNmNmM1N2VkNDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+pDqhGGe97y6CKRzYp4KW+OLoNW
hpRMYEC5SN04tin2qlibHRIJ7geEqNTKp2Ljn2m2Wn1XF3NHBIVuw71XFQ4Yk1tt
w9zfHsZtDCuJ8Xkv6fidNz+CvTY/j+TaUpsHQSlGlZGAYKL8h+GiT82bVD8kDIGj
avvAMTdvtrPSNTyefmuQqMIYog58R6q9pQGf0pMy7g41GKPNFEwbenAlWHWfQNdI
NYqRFonqgiS8hClVIrKg4elqLdBZrxyAUyNmjC5Qi3DLhpIDw7/mYJaYI/zSH/jv
2czuKpWwsy1GRIbI6u0Kz2i3pUR4lRp9kYW86LFVuwhck7lGDxp7fYK7zQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFLUwvzrVUon441lJB1kHg/bFftRQMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdFRDX090VlNpZmpqV1VrSFdRZUQ5c1YtMUZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAVBWtAwQB
V3hAAwQBV3jcAwQBV3k4AwQBV3lkAwQAXmd+AwQAXpxOAwQAwjseAwQAwqmuMA0G
CSqGSIb3DQEBCwUAA4IBAQCv1LQMFEdO9AAwaXb4+oTkjof37/y+xsXcVqHCCkoZ
P6G41PIvc9dGm+9svCpYwYog353FmnVYXFCPwcqnnSKZt8C1A1eqaERiDiSk7iVH
rjeR2OFESKK0ZNy7OuwyFu5K8ilCWhR0VUqydfmdOURwtpe90RYC5C51E6A0OxNA
zwNpF/ya0FNcFRjtrpo/55HDhp3PPNAQlEJ2xpql/o7W/lklLAwQckLL76aqXYuU
0LfctbMtBZ2RaIEQdAMGj7HQXtMnNWYXTKWOnn9nYKOuxkxLjx1nbaIpjY3yVVrP
bOdXtQIgEV5bNssnHFZpzdDWJElqWLy0LGQybcassCvg
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:45 2024 by rpki-client on console-ams.rpki-client.org