Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tcd5_uVuHzbrNzGHLAq5lHYmZrU.roa
File: tcd5_uVuHzbrNzGHLAq5lHYmZrU.roa (raw, json)
Hash identifier: zt7HE1KFUtqGs9EyKlqugD76zOa0qPIPwsNGYN+4Em8=
Subject key identifier: B5:C7:79:FE:E5:6E:1F:36:EB:37:31:87:2C:0A:B9:94:76:26:66:B5
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018C257DAA8F618482D75C2DB77F85BFE818
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tcd5_uVuHzbrNzGHLAq5lHYmZrU.roa
Signing time: Fri 01 Dec 2023 13:07:21 +0000
ROA not before: Fri 01 Dec 2023 13:07:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216156
IP address blocks: 178.215.237.0/24 maxlen: 24
141.98.6.0/24 maxlen: 24
80.76.51.0/24 maxlen: 24
87.121.84.0/23 maxlen: 24
185.252.176.0/24 maxlen: 24
94.156.102.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:25:7d:aa:8f:61:84:82:d7:5c:2d:b7:7f:85:bf:e8:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 1 13:07:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5c779fee56e1f36eb3731872c0ab994762666b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:a9:09:8f:af:4c:cc:47:53:5c:49:21:d9:9c:
d0:0a:16:0d:a0:57:ea:fd:27:68:6d:b8:95:9f:34:
fb:3b:9f:69:65:dc:16:60:4b:a1:60:f0:ea:db:b2:
37:30:b5:30:b0:4b:3b:d0:bc:20:43:95:8c:ff:ea:
db:56:1d:21:41:92:70:d0:b3:b3:35:f7:4c:7b:18:
c4:7f:96:a1:01:2d:59:84:10:43:56:46:96:46:62:
89:20:a3:f2:b0:40:4f:98:32:2e:7a:0d:6d:e8:06:
a1:63:41:59:ef:5a:71:a3:ae:97:bd:58:15:10:cb:
c8:c2:df:2e:b9:be:4a:65:f8:fc:89:1b:37:c4:ef:
1f:49:72:e6:fa:0c:76:89:ec:1a:d8:d4:e7:82:6d:
15:8e:f1:c4:fb:be:8d:48:57:6f:c7:7c:51:df:bf:
78:f0:ed:d9:78:89:38:f2:5a:a9:00:20:c8:00:f7:
2d:9b:24:0c:1f:ba:ca:15:ab:ff:92:76:c8:a4:8d:
47:37:94:06:86:7b:16:1f:28:a6:d5:f4:2b:5b:a1:
61:e1:db:81:70:9b:42:46:78:85:47:5a:aa:5e:a0:
b8:85:9d:49:02:f8:06:c3:6b:7b:96:e8:7a:f4:c3:
65:36:00:4d:bc:69:d0:0f:8b:c0:f6:55:51:ca:12:
66:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:C7:79:FE:E5:6E:1F:36:EB:37:31:87:2C:0A:B9:94:76:26:66:B5
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tcd5_uVuHzbrNzGHLAq5lHYmZrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.76.51.0/24
87.121.84.0/23
94.156.102.0/24
141.98.6.0/24
178.215.237.0/24
185.252.176.0/24
Signature Algorithm: sha256WithRSAEncryption
79:ce:93:78:50:4f:bd:2f:f4:95:d8:2a:43:c0:8f:eb:af:9f:
37:e6:59:a0:2b:37:8f:f3:38:3b:ad:dd:43:f6:29:93:9c:a9:
c7:34:3c:a5:d8:c0:77:9a:fd:75:bf:83:19:94:67:8e:37:fb:
c2:7f:d6:69:c4:e0:64:b2:41:98:05:e4:e6:6d:2a:45:ec:e2:
f8:13:57:0b:c3:31:ac:01:e8:c8:ae:f3:32:5d:32:11:f8:43:
13:02:09:98:de:8a:62:49:cc:45:9e:b4:82:1a:c6:17:02:06:
49:a0:6e:07:33:2c:75:3d:bf:e3:f9:15:ae:16:87:53:96:e3:
c0:24:71:c3:6c:70:16:75:73:3c:0a:35:16:3c:41:8a:c6:a1:
1e:cf:c6:90:b3:0f:15:6c:3b:72:15:80:db:f6:b3:cf:be:f7:
09:d8:2f:d6:f4:f3:6c:5d:19:c3:e5:ff:d5:f2:a4:d2:f1:0c:
7f:b4:2a:e7:1c:29:57:c0:d5:2f:be:26:93:76:01:01:d3:92:
21:05:cf:b8:30:b9:3e:9b:27:66:e2:df:8d:b9:87:21:fa:49:
4a:d6:81:ec:ee:0d:df:db:27:b0:3d:5d:49:b9:21:d6:e0:11:
b9:e2:a3:64:54:71:c8:7a:49:75:21:5c:6e:7a:97:ed:ff:19:
3c:01:81:5d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYwlfaqPYYSC11wtt3+Fv+gYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjAxMTMwNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWM3NzlmZWU1NmUxZjM2ZWIzNzMxODcyYzBhYjk5NDc2MjY2NmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3KkJj69MzEdTXEkh2ZzQChYNoFfq
/SdobbiVnzT7O59pZdwWYEuhYPDq27I3MLUwsEs70LwgQ5WM/+rbVh0hQZJw0LOz
NfdMexjEf5ahAS1ZhBBDVkaWRmKJIKPysEBPmDIueg1t6AahY0FZ71pxo66XvVgV
EMvIwt8uub5KZfj8iRs3xO8fSXLm+gx2iewa2NTngm0VjvHE+76NSFdvx3xR3794
8O3ZeIk48lqpACDIAPctmyQMH7rKFav/knbIpI1HN5QGhnsWHyim1fQrW6Fh4duB
cJtCRniFR1qqXqC4hZ1JAvgGw2t7luh69MNlNgBNvGnQD4vA9lVRyhJmXQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLXHef7lbh826zcxhywKuZR2Jma1MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdGNkNV91VnVIemJyTnpHSExBcTVsSFltWnJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUEwzAwQB
V3lUAwQAXpxmAwQAjWIGAwQAstftAwQAufywMA0GCSqGSIb3DQEBCwUAA4IBAQB5
zpN4UE+9L/SV2CpDwI/rr5835lmgKzeP8zg7rd1D9imTnKnHNDyl2MB3mv11v4MZ
lGeON/vCf9ZpxOBkskGYBeTmbSpF7OL4E1cLwzGsAejIrvMyXTIR+EMTAgmY3opi
ScxFnrSCGsYXAgZJoG4HMyx1Pb/j+RWuFodTluPAJHHDbHAWdXM8CjUWPEGKxqEe
z8aQsw8VbDtyFYDb9rPPvvcJ2C/W9PNsXRnD5f/V8qTS8Qx/tCrnHClXwNUvviaT
dgEB05IhBc+4MLk+mydm4t+NuYch+klK1oHs7g3f2yewPV1JuSHW4BG54qNkVHHI
ekl1IVxuepft/xk8AYFd
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:14 2024 by rpki-client on console-ams.rpki-client.org