Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/tiZWpq6wcStNWfpQVMbc_2xaKpk.roa
File: tiZWpq6wcStNWfpQVMbc_2xaKpk.roa (raw, json)
Hash identifier: onHPBzNL8J9H4TTJeAvslLGg3fbq1599x6Wt2amWDhs=
Subject key identifier: B6:26:56:A6:AE:B0:71:2B:4D:59:FA:50:54:C6:DC:FF:6C:5A:2A:99
Certificate issuer: /CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Certificate serial: 018CC500F0A7A3E0E7DB783B6F80A0FAF999
Authority key identifier: EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/tiZWpq6wcStNWfpQVMbc_2xaKpk.roa
Signing time: Mon 01 Jan 2024 12:30:22 +0000
ROA not before: Mon 01 Jan 2024 12:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42846
IP address blocks: 104.247.162.0/24 maxlen: 24
104.247.161.0/24 maxlen: 24
104.247.160.0/24 maxlen: 24
104.247.165.0/24 maxlen: 24
104.247.164.0/24 maxlen: 24
104.247.163.0/24 maxlen: 24
104.247.166.0/24 maxlen: 24
104.247.169.0/24 maxlen: 24
104.247.168.0/24 maxlen: 24
104.247.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Apr 2024 09:53:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:f0:a7:a3:e0:e7:db:78:3b:6f:80:a0:fa:f9:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Validity
Not Before: Jan 1 12:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b62656a6aeb0712b4d59fa5054c6dcff6c5a2a99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:7c:05:4f:74:5b:d7:21:d4:ae:b8:80:02:8c:
a0:9f:ab:74:be:7b:8a:57:5a:01:81:78:68:49:9e:
0d:a5:4c:d8:a3:b5:d1:66:fa:ec:c2:42:f8:d3:7c:
79:72:8e:19:3e:f7:17:1d:1a:7b:ce:f4:2a:b2:96:
24:bd:8e:36:4e:bd:69:55:08:5c:3c:9e:0d:8a:46:
7e:30:f1:66:88:e8:07:48:18:73:0a:b0:5b:50:d0:
54:ee:f3:69:8f:67:0b:e4:52:3c:e1:19:e8:7e:9a:
3d:55:d2:d6:6e:f8:d3:5f:1f:b1:17:df:6f:37:13:
85:c8:e2:cb:17:d6:6c:71:9d:f2:5e:ef:7b:7c:64:
c2:75:b0:5d:a9:56:32:6f:a9:b5:47:9c:36:12:8f:
6a:f4:5c:65:e6:dc:f7:ba:84:ef:e8:f2:98:2d:14:
40:9f:39:ae:60:5f:24:2b:69:c1:36:a1:af:fc:a2:
89:b7:0e:4f:d5:3d:17:a5:3f:f2:db:94:cc:5b:6e:
58:ed:3f:73:2b:f3:cd:5f:32:79:59:92:9f:05:e7:
df:6f:bb:b0:20:8f:0c:55:cf:34:c7:64:66:c5:e8:
bb:ed:49:9e:e0:ef:99:58:a4:a1:99:78:b0:d0:23:
e3:01:4b:1a:7b:cb:ab:eb:f6:b1:1b:53:1f:7a:e3:
3f:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:26:56:A6:AE:B0:71:2B:4D:59:FA:50:54:C6:DC:FF:6C:5A:2A:99
X509v3 Authority Key Identifier:
keyid:EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/tiZWpq6wcStNWfpQVMbc_2xaKpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/7qArGX269963Tgon2dTs0_rh6O0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.247.160.0-104.247.169.255
Signature Algorithm: sha256WithRSAEncryption
7c:28:c3:1b:2a:7f:05:13:1f:85:70:26:0d:32:6e:7c:81:9c:
dc:d8:e4:2d:77:44:e2:60:25:70:12:68:e5:af:eb:d5:0e:4c:
73:ba:5a:59:40:d5:67:2c:1a:5f:d0:2b:f7:b6:79:2a:ac:b4:
33:eb:23:e0:57:24:9d:9c:29:8f:7e:cc:e6:12:49:71:1e:91:
1f:80:5f:27:05:1b:99:be:c9:a4:d1:29:33:2b:bc:c1:96:a5:
7a:e1:76:21:d9:2d:1b:97:e1:43:fa:11:9c:01:20:5e:72:0c:
36:96:81:b9:7f:2f:9d:27:c5:05:c4:c8:95:6c:d9:8d:ac:f4:
38:79:59:e0:22:b1:9e:a9:3b:05:31:df:1e:d6:3a:1b:8d:d0:
ab:07:99:f5:e3:df:2e:fc:c0:37:f0:7c:b0:21:0a:99:02:84:
50:c8:a4:2e:73:6a:ef:7a:13:00:e7:9c:a2:83:3b:b7:52:96:
5f:ec:0e:11:3e:cc:22:04:ee:a8:9c:f9:58:45:3d:22:e5:db:
f9:64:bc:8c:5c:48:b3:ac:80:db:d9:5e:17:14:f4:15:db:4b:
14:36:ec:0e:7c:fc:06:dd:84:47:2a:6c:0d:ed:0b:8e:fe:44:
56:1e:8f:94:2d:52:3f:ed:b0:8b:a5:60:ad:a0:2e:e9:1f:b6:
cf:90:54:31
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzFAPCno+Dn23g7b4Cg+vmZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYTAyYjE5N2RiYWY3ZGViNzRlMGEyN2Q5ZDRlY2QzZmFl
MWU4ZWQwHhcNMjQwMTAxMTIzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjI2NTZhNmFlYjA3MTJiNGQ1OWZhNTA1NGM2ZGNmZjZjNWEyYTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinwFT3Rb1yHUrriAAoygn6t0vnuK
V1oBgXhoSZ4NpUzYo7XRZvrswkL403x5co4ZPvcXHRp7zvQqspYkvY42Tr1pVQhc
PJ4NikZ+MPFmiOgHSBhzCrBbUNBU7vNpj2cL5FI84Rnofpo9VdLWbvjTXx+xF99v
NxOFyOLLF9ZscZ3yXu97fGTCdbBdqVYyb6m1R5w2Eo9q9Fxl5tz3uoTv6PKYLRRA
nzmuYF8kK2nBNqGv/KKJtw5P1T0XpT/y25TMW25Y7T9zK/PNXzJ5WZKfBeffb7uw
II8MVc80x2Rmxei77Ume4O+ZWKShmXiw0CPjAUsae8ur6/axG1MfeuM/aQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLYmVqausHErTVn6UFTG3P9sWiqZMB8GA1UdIwQY
MBaAFO6gKxl9uvfet04KJ9nU7NP64ejtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMt
YmJjY2FiOTEzYjVkLzEvdGlaV3BxNndjU3ROV2ZwUVZNYmNfMnhhS3BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMtYmJjY2FiOTEzYjVk
LzEvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAVo96AD
BAFo96gwDQYJKoZIhvcNAQELBQADggEBAHwowxsqfwUTH4VwJg0ybnyBnNzY5C13
ROJgJXASaOWv69UOTHO6WllA1WcsGl/QK/e2eSqstDPrI+BXJJ2cKY9+zOYSSXEe
kR+AXycFG5m+yaTRKTMrvMGWpXrhdiHZLRuX4UP6EZwBIF5yDDaWgbl/L50nxQXE
yJVs2Y2s9Dh5WeAisZ6pOwUx3x7WOhuN0KsHmfXj3y78wDfwfLAhCpkChFDIpC5z
au96EwDnnKKDO7dSll/sDhE+zCIE7qic+VhFPSLl2/lkvIxcSLOsgNvZXhcU9BXb
SxQ27A58/AbdhEcqbA3tC47+RFYej5QtUj/tsIulYK2gLukfts+QVDE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:09 2024 by rpki-client on console-fra.rpki-client.org