Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/tBGjz-lFDVnhYvBNmo8NwMS7J5o.roa
File: tBGjz-lFDVnhYvBNmo8NwMS7J5o.roa (raw, json)
Hash identifier: NYDCuIFsLIKpPilljggn+yyA24S8VeqjkY9RxxonWsQ=
Subject key identifier: B4:11:A3:CF:E9:45:0D:59:E1:62:F0:4D:9A:8F:0D:C0:C4:BB:27:9A
Certificate issuer: /CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Certificate serial: 018CC7273565253BDFBFE674AD7828FDB548
Authority key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/tBGjz-lFDVnhYvBNmo8NwMS7J5o.roa
Signing time: Mon 01 Jan 2024 22:31:24 +0000
ROA not before: Mon 01 Jan 2024 22:31:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 185.45.94.0/24 maxlen: 24
171.22.60.0/23 maxlen: 23
5.183.240.0/23 maxlen: 23
92.119.24.0/23 maxlen: 23
171.22.62.0/23 maxlen: 23
5.183.242.0/23 maxlen: 23
92.119.26.0/23 maxlen: 23
45.14.80.0/24 maxlen: 24
45.86.24.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 08 Feb 2024 22:02:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:35:65:25:3b:df:bf:e6:74:ad:78:28:fd:b5:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Validity
Not Before: Jan 1 22:31:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b411a3cfe9450d59e162f04d9a8f0dc0c4bb279a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d5:62:0e:f0:35:b2:36:cc:1e:95:e7:0b:fa:
12:8b:bd:17:cd:a1:bf:cb:bd:ca:62:27:07:10:e5:
00:a5:af:85:2a:a4:b1:53:a6:50:2f:55:22:41:38:
75:3e:0d:89:59:5c:c8:83:43:a8:24:09:9f:8f:2b:
ea:da:27:ec:8e:42:75:cc:ae:b1:5d:b5:86:c5:f4:
a9:3d:03:69:f3:b6:0e:c1:c6:28:9b:4e:10:8a:8f:
56:b3:5c:77:ad:a2:98:ce:80:78:73:15:20:d6:59:
5e:da:d0:ab:a3:34:d5:cc:3d:c3:f8:f8:d7:5d:e8:
9c:59:d9:3e:9a:70:ec:73:ff:ae:79:7e:80:ba:b8:
11:5d:3c:b6:50:2a:e1:36:3d:cc:97:d4:9b:4d:62:
5b:2b:c6:79:54:b5:ee:1b:2d:81:4f:27:27:62:92:
8f:40:20:a4:80:e8:2c:ed:7c:30:a4:82:23:10:5e:
dc:ff:70:6f:55:89:74:ee:23:16:2c:b9:9a:45:13:
19:10:43:91:a6:96:7e:b6:7c:f5:96:28:87:98:02:
fb:24:93:15:18:dc:9f:fe:5e:81:98:91:d0:d5:b3:
bb:62:7d:1b:9c:34:d5:6b:9a:55:19:03:1d:8c:75:
80:81:f5:03:b4:7b:10:43:d9:40:50:90:e1:f6:82:
6f:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:11:A3:CF:E9:45:0D:59:E1:62:F0:4D:9A:8F:0D:C0:C4:BB:27:9A
X509v3 Authority Key Identifier:
keyid:85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/tBGjz-lFDVnhYvBNmo8NwMS7J5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.240.0/22
45.14.80.0/24
45.86.24.0/22
92.119.24.0/22
171.22.60.0/22
185.45.94.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:8e:3f:6b:88:15:9c:c1:13:ff:d4:08:6b:cf:30:2b:be:cd:
a4:b0:0e:c9:1f:a0:21:d0:b4:7c:a5:d6:45:ed:4d:7f:04:9a:
45:91:02:46:b0:44:7c:35:1c:c3:9a:ce:21:6b:dd:19:d6:db:
19:79:fd:1f:3f:07:ec:08:64:17:89:63:3f:e4:9a:a4:43:fa:
a5:ab:87:9a:ff:e4:10:6a:72:57:54:ac:82:ab:78:0b:1e:17:
69:e7:45:6b:44:0a:5e:89:7b:7e:80:f2:98:75:8d:aa:b8:be:
5a:7e:c9:0a:3f:a1:da:0e:24:59:6e:bc:61:19:6f:ab:6d:03:
e0:62:51:57:79:96:ae:af:a1:ae:91:e7:ae:fa:eb:97:14:e2:
6e:bd:01:f7:3b:52:dd:af:d2:a1:03:4a:d1:3a:49:7f:cb:4b:
f2:3f:19:7e:ce:f8:b2:25:10:33:22:19:b2:2e:c1:55:e8:c2:
08:21:0f:b8:0a:8e:5e:b7:3f:72:a6:39:28:9b:14:4b:44:eb:
0c:ae:90:da:ff:15:7e:76:b4:6b:d9:c8:15:ba:6b:eb:0b:a7:
86:41:31:ca:63:74:9f:2c:b0:e0:01:d8:35:7a:c6:9d:fb:53:
ed:2e:32:13:c0:a2:11:a9:4b:2f:71:b0:70:e0:f7:24:a1:ee:
38:71:89:d3
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzHJzVlJTvfv+Z0rXgo/bVIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzNlZjQ2MTE2ZmQ5ZDIxYmZiNTMzZTQ0YmRlNTE3ODkw
YzI0ZGMwHhcNMjQwMTAxMjIzMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDExYTNjZmU5NDUwZDU5ZTE2MmYwNGQ5YThmMGRjMGM0YmIyNzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndViDvA1sjbMHpXnC/oSi70XzaG/
y73KYicHEOUApa+FKqSxU6ZQL1UiQTh1Pg2JWVzIg0OoJAmfjyvq2ifsjkJ1zK6x
XbWGxfSpPQNp87YOwcYom04Qio9Ws1x3raKYzoB4cxUg1lle2tCrozTVzD3D+PjX
XeicWdk+mnDsc/+ueX6AurgRXTy2UCrhNj3Ml9SbTWJbK8Z5VLXuGy2BTycnYpKP
QCCkgOgs7XwwpIIjEF7c/3BvVYl07iMWLLmaRRMZEEORppZ+tnz1liiHmAL7JJMV
GNyf/l6BmJHQ1bO7Yn0bnDTVa5pVGQMdjHWAgfUDtHsQQ9lAUJDh9oJviwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLQRo8/pRQ1Z4WLwTZqPDcDEuyeaMB8GA1UdIwQY
MBaAFIUz70YRb9nSG/tTPkS95ReJDCTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAt
NzM5MjNkYWVmMTE0LzEvdEJHanotbEZEVm5oWXZCTm1vOE53TVM3SjVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAtNzM5MjNkYWVmMTE0
LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCBbfwAwQA
LQ5QAwQCLVYYAwQCXHcYAwQCqxY8AwQAuS1eMA0GCSqGSIb3DQEBCwUAA4IBAQCq
jj9riBWcwRP/1AhrzzArvs2ksA7JH6Ah0LR8pdZF7U1/BJpFkQJGsER8NRzDms4h
a90Z1tsZef0fPwfsCGQXiWM/5JqkQ/qlq4ea/+QQanJXVKyCq3gLHhdp50VrRApe
iXt+gPKYdY2quL5afskKP6HaDiRZbrxhGW+rbQPgYlFXeZaur6Gukeeu+uuXFOJu
vQH3O1Ldr9KhA0rROkl/y0vyPxl+zviyJRAzIhmyLsFV6MIIIQ+4Co5etz9ypjko
mxRLROsMrpDa/xV+drRr2cgVumvrC6eGQTHKY3SfLLDgAdg1esad+1PtLjITwKIR
qUsvcbBw4Pckoe44cYnT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:24 2024 by rpki-client on console-fra.rpki-client.org