Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/tm5FFuVEU9NNtaN4ZdB-N68XyaE.roa
File: tm5FFuVEU9NNtaN4ZdB-N68XyaE.roa (raw, json)
Hash identifier: F0CKrX7rihUrM1tF9Ga9BEFnrWldpk5+KpVpQufe03w=
Subject key identifier: B6:6E:45:16:E5:44:53:D3:4D:B5:A3:78:65:D0:7E:37:AF:17:C9:A1
Certificate issuer: /CN=5324defbaade93e998e13a942029dd593b8b2ea3
Certificate serial: 01874E582DD2465DD68D91C1D591F0942459
Authority key identifier: 53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/tm5FFuVEU9NNtaN4ZdB-N68XyaE.roa
Signing time: Tue 04 Apr 2023 22:16:54 +0000
ROA not before: Tue 04 Apr 2023 22:16:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7029
IP address blocks: 167.160.4.0/24 maxlen: 24
185.192.215.0/24 maxlen: 24
185.192.214.0/24 maxlen: 24
167.160.2.0/24 maxlen: 24
167.160.11.0/24 maxlen: 24
167.160.12.0/24 maxlen: 24
167.160.16.0/24 maxlen: 24
167.160.19.0/24 maxlen: 24
185.165.47.0/24 maxlen: 24
185.4.225.0/24 maxlen: 24
185.4.224.0/24 maxlen: 24
185.192.213.0/24 maxlen: 24
185.192.212.0/22 maxlen: 24
185.192.212.0/24 maxlen: 24
185.212.172.0/24 maxlen: 24
185.212.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 09 Sep 2023 08:41:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4e:58:2d:d2:46:5d:d6:8d:91:c1:d5:91:f0:94:24:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5324defbaade93e998e13a942029dd593b8b2ea3
Validity
Not Before: Apr 4 22:16:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b66e4516e54453d34db5a37865d07e37af17c9a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:fc:f5:24:76:d4:2b:d5:21:65:f6:b0:d4:a0:
ff:2c:36:08:81:dd:07:bd:fc:66:6b:7f:18:2f:67:
30:8f:d9:71:b9:98:35:ec:0b:2e:c8:61:1c:1d:12:
96:cd:72:dc:b2:a2:cc:9e:96:37:9b:29:81:d5:0b:
49:87:3d:75:f3:8d:1c:93:8f:02:02:d5:72:46:39:
4e:e2:ce:42:18:16:19:ee:5b:51:a2:67:62:94:de:
37:e2:6d:aa:f9:4d:b5:8d:0a:1b:c3:af:2c:cb:e3:
09:fd:a6:2d:81:27:4c:4d:63:83:60:5a:45:dc:46:
d8:dc:6d:85:72:92:75:6d:bc:fd:14:ba:7d:af:e9:
b7:e3:98:46:07:db:09:b2:e1:86:31:1e:36:8d:fd:
cd:53:ac:11:83:4a:54:ea:7e:dc:b8:1a:bb:cd:30:
d7:d0:d2:a1:9b:8a:5b:c3:7b:67:dd:a3:ee:06:25:
a4:9e:19:fb:ed:4a:ff:37:56:73:d6:c7:60:70:e3:
7b:43:ad:5e:3f:84:88:8e:47:6a:09:c2:98:5a:62:
42:1e:27:8d:e0:16:b9:53:87:b5:a7:27:60:86:94:
07:35:1b:1d:c0:4b:4b:e0:d0:91:6f:11:b8:ea:d0:
6b:3d:1c:eb:b4:c2:25:e0:3d:09:4f:5c:09:9b:85:
5c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:6E:45:16:E5:44:53:D3:4D:B5:A3:78:65:D0:7E:37:AF:17:C9:A1
X509v3 Authority Key Identifier:
keyid:53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/tm5FFuVEU9NNtaN4ZdB-N68XyaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/UyTe-6rek-mY4TqUICndWTuLLqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.160.2.0/24
167.160.4.0/24
167.160.11.0-167.160.12.255
167.160.16.0/24
167.160.19.0/24
185.4.224.0/23
185.165.47.0/24
185.192.212.0/22
185.212.172.0/23
Signature Algorithm: sha256WithRSAEncryption
59:46:f9:1f:f5:3d:af:98:66:bb:5c:cc:34:ad:53:68:2f:1a:
46:37:19:82:bb:f8:f3:c8:5c:46:74:d8:25:04:4f:e8:b3:e3:
15:e4:a2:fa:a3:35:f0:1b:86:ff:ec:8a:ae:fd:a9:57:36:e4:
4f:3c:42:ed:50:54:f8:58:02:1f:cb:d8:f5:27:fb:3c:37:4a:
d9:1b:42:b6:c3:45:e3:92:71:80:6e:55:a1:1e:1c:21:f0:6c:
dd:a2:44:cb:a8:62:c6:0d:72:a3:f7:ad:31:72:8f:89:6a:76:
99:d1:c1:c6:e6:10:11:d1:fb:93:24:35:94:53:a1:30:81:3d:
2d:fd:f3:b9:96:3d:77:20:65:b3:fc:f2:36:c5:b6:32:fd:53:
d2:39:67:fa:d1:e7:fe:d5:09:b6:d1:2e:89:6e:1c:b5:81:74:
b0:5d:44:0a:87:c2:71:6b:10:04:d5:17:6a:80:80:61:f6:05:
1b:17:4a:a1:32:21:48:b3:56:18:a1:b4:97:cd:2f:e6:91:97:
07:db:91:ce:86:dc:59:29:7a:0f:b2:1c:33:3d:4e:53:16:f3:
df:51:d4:6f:64:5c:e3:ed:25:f8:b5:d7:7e:77:29:53:46:f6:
17:6a:bd:87:0b:d7:8e:8a:e5:ee:fc:c1:a8:b6:37:71:0a:c4:
f3:30:99:53
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYdOWC3SRl3WjZHB1ZHwlCRZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMjRkZWZiYWFkZTkzZTk5OGUxM2E5NDIwMjlkZDU5M2I4
YjJlYTMwHhcNMjMwNDA0MjIxNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjZlNDUxNmU1NDQ1M2QzNGRiNWEzNzg2NWQwN2UzN2FmMTdjOWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/z1JHbUK9UhZfaw1KD/LDYIgd0H
vfxma38YL2cwj9lxuZg17AsuyGEcHRKWzXLcsqLMnpY3mymB1QtJhz11840ck48C
AtVyRjlO4s5CGBYZ7ltRomdilN434m2q+U21jQobw68sy+MJ/aYtgSdMTWODYFpF
3EbY3G2FcpJ1bbz9FLp9r+m345hGB9sJsuGGMR42jf3NU6wRg0pU6n7cuBq7zTDX
0NKhm4pbw3tn3aPuBiWknhn77Ur/N1Zz1sdgcON7Q61eP4SIjkdqCcKYWmJCHieN
4Ba5U4e1pydghpQHNRsdwEtL4NCRbxG46tBrPRzrtMIl4D0JT1wJm4VcqwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFLZuRRblRFPTTbWjeGXQfjevF8mhMB8GA1UdIwQY
MBaAFFMk3vuq3pPpmOE6lCAp3Vk7iy6jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2Qt
MzNiNzQ1OTk3NWUwLzEvdG01RkZ1VkVVOU5OdGFONFpkQi1ONjhYeWFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2QtMzNiNzQ1OTk3NWUw
LzEvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAp6ACAwQA
p6AEMAwDBACnoAsDBACnoAwDBACnoBADBACnoBMDBAG5BOADBAC5pS8DBAK5wNQD
BAG51KwwDQYJKoZIhvcNAQELBQADggEBAFlG+R/1Pa+YZrtczDStU2gvGkY3GYK7
+PPIXEZ02CUET+iz4xXkovqjNfAbhv/siq79qVc25E88Qu1QVPhYAh/L2PUn+zw3
StkbQrbDReOScYBuVaEeHCHwbN2iRMuoYsYNcqP3rTFyj4lqdpnRwcbmEBHR+5Mk
NZRToTCBPS3987mWPXcgZbP88jbFtjL9U9I5Z/rR5/7VCbbRLoluHLWBdLBdRAqH
wnFrEATVF2qAgGH2BRsXSqEyIUizVhihtJfNL+aRlwfbkc6G3Fkpeg+yHDM9TlMW
899R1G9kXOPtJfi11353KVNG9hdqvYcL146K5e78wai2N3EKxPMwmVM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:19 2024 by rpki-client on console-fra.rpki-client.org