Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/0bf8fb-1604-4cd1-9da6-1bb27c5d397e/1/1tNWsYZLF-gq0ryZP0biCXB8WpM.roa
File: 1tNWsYZLF-gq0ryZP0biCXB8WpM.roa (raw, json)
Hash identifier: Tgq4H5WwO1kOsjsMvdHNPZnvVigQHY7Bm018skgV8rI=
Subject key identifier: D6:D3:56:B1:86:4B:17:E8:2A:D2:BC:99:3F:46:E2:09:70:7C:5A:93
Certificate issuer: /CN=34e110b59362f673eae33b66ee7aea3c4028294e
Certificate serial: 018BB90D97105DA6F31CA92C37AA943021F3
Authority key identifier: 34:E1:10:B5:93:62:F6:73:EA:E3:3B:66:EE:7A:EA:3C:40:28:29:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NOEQtZNi9nPq4ztm7nrqPEAoKU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/0bf8fb-1604-4cd1-9da6-1bb27c5d397e/1/1tNWsYZLF-gq0ryZP0biCXB8WpM.roa
Signing time: Fri 10 Nov 2023 11:45:57 +0000
ROA not before: Fri 10 Nov 2023 11:45:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29028
IP address blocks: 141.105.120.0/22 maxlen: 24
141.105.120.0/21 maxlen: 24
141.105.126.0/23 maxlen: 24
178.21.112.0/21 maxlen: 24
185.2.44.0/22 maxlen: 24
193.200.132.0/24 maxlen: 24
194.145.200.0/23 maxlen: 24
2a02:2308::/32 maxlen: 32
2a02:2308:30::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b9:0d:97:10:5d:a6:f3:1c:a9:2c:37:aa:94:30:21:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34e110b59362f673eae33b66ee7aea3c4028294e
Validity
Not Before: Nov 10 11:45:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6d356b1864b17e82ad2bc993f46e209707c5a93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:73:ba:4b:be:0e:76:cb:a2:03:b8:da:60:ec:
90:c9:68:b0:f7:85:b3:f3:a5:4c:85:ac:69:62:b3:
ec:07:2c:d9:c2:d1:f9:9b:6b:eb:10:b7:2f:6a:4b:
25:45:81:19:08:3e:5a:65:e5:ba:e9:ad:2b:60:27:
8c:1f:92:74:d1:67:a7:31:66:27:25:66:63:db:f3:
ae:ae:a7:00:93:ea:75:51:a9:9d:48:05:ea:67:c0:
63:f4:04:c0:1e:60:6b:df:a9:0e:90:96:52:15:58:
88:9a:05:91:83:2d:cf:3e:22:a8:5a:81:34:2d:77:
87:a3:2f:21:3b:42:62:13:7a:9c:fc:3b:38:9e:f9:
92:41:66:74:be:9c:76:cc:e6:dc:92:f4:c4:0f:3e:
07:09:29:d5:6e:97:1f:b7:ad:fa:92:1a:00:2a:a3:
c7:90:a5:00:32:95:a6:ed:94:1b:29:d2:2f:18:7e:
58:10:8d:f3:a8:f2:a0:73:83:03:0c:c4:07:b7:75:
c2:17:74:7c:83:3f:92:09:ab:98:21:43:f3:ea:61:
b8:01:fd:79:94:06:1b:8a:50:13:9a:33:b4:0e:4d:
43:98:b8:cc:51:79:fb:70:52:d5:5f:3e:4c:26:e6:
08:b0:79:a8:d1:11:8f:3b:35:0e:db:16:09:dc:84:
36:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:D3:56:B1:86:4B:17:E8:2A:D2:BC:99:3F:46:E2:09:70:7C:5A:93
X509v3 Authority Key Identifier:
keyid:34:E1:10:B5:93:62:F6:73:EA:E3:3B:66:EE:7A:EA:3C:40:28:29:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NOEQtZNi9nPq4ztm7nrqPEAoKU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/0bf8fb-1604-4cd1-9da6-1bb27c5d397e/1/1tNWsYZLF-gq0ryZP0biCXB8WpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/0bf8fb-1604-4cd1-9da6-1bb27c5d397e/1/NOEQtZNi9nPq4ztm7nrqPEAoKU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.105.120.0/21
178.21.112.0/21
185.2.44.0/22
193.200.132.0/24
194.145.200.0/23
IPv6:
2a02:2308::/32
Signature Algorithm: sha256WithRSAEncryption
8a:81:f4:ed:b7:2e:97:0a:24:22:77:02:34:39:28:cd:20:7d:
34:aa:38:05:1b:b1:3d:f6:2d:58:00:22:9e:04:b3:f8:cd:cb:
41:da:00:34:7a:c9:53:b3:b8:5b:07:f2:39:c0:34:59:9a:ed:
b3:0e:69:90:0a:bb:8c:44:3e:17:cb:1b:31:37:c0:11:80:e3:
3f:d0:ba:48:2a:39:c5:0c:3e:b9:33:c0:f5:10:5d:f4:d5:f9:
d4:98:d5:56:df:1c:f7:f6:98:4a:b3:55:21:d1:5c:61:f1:58:
da:a5:06:1d:a1:ee:5f:ca:27:47:dc:9c:38:f8:6e:f7:cf:65:
48:61:08:fc:b3:f2:1b:74:f7:cd:55:75:b5:22:20:f5:1a:df:
76:4f:10:e8:ee:7b:a8:e4:a5:2d:70:e9:00:e3:76:b6:48:54:
92:84:87:fe:61:77:15:97:99:24:91:ad:3d:50:03:f3:60:7e:
2d:e3:00:ff:9a:67:af:de:f0:6d:ae:10:50:8e:85:84:4e:ac:
b1:e7:19:25:d6:e6:76:92:76:94:8f:a5:84:25:fb:af:e4:63:
9f:45:b5:fc:3a:f5:84:ef:bb:83:ad:d0:cf:1c:fe:8e:65:02:
ce:0e:c1:42:ab:5c:33:d0:68:fe:5b:5c:81:6c:f3:12:a1:48:
70:e7:de:c4
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYu5DZcQXabzHKksN6qUMCHzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZTExMGI1OTM2MmY2NzNlYWUzM2I2NmVlN2FlYTNjNDAy
ODI5NGUwHhcNMjMxMTEwMTE0NTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmQzNTZiMTg2NGIxN2U4MmFkMmJjOTkzZjQ2ZTIwOTcwN2M1YTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnO6S74OdsuiA7jaYOyQyWiw94Wz
86VMhaxpYrPsByzZwtH5m2vrELcvakslRYEZCD5aZeW66a0rYCeMH5J00WenMWYn
JWZj2/OurqcAk+p1UamdSAXqZ8Bj9ATAHmBr36kOkJZSFViImgWRgy3PPiKoWoE0
LXeHoy8hO0JiE3qc/Ds4nvmSQWZ0vpx2zObckvTEDz4HCSnVbpcft636khoAKqPH
kKUAMpWm7ZQbKdIvGH5YEI3zqPKgc4MDDMQHt3XCF3R8gz+SCauYIUPz6mG4Af15
lAYbilATmjO0Dk1DmLjMUXn7cFLVXz5MJuYIsHmo0RGPOzUO2xYJ3IQ2tQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNbTVrGGSxfoKtK8mT9G4glwfFqTMB8GA1UdIwQY
MBaAFDThELWTYvZz6uM7Zu566jxAKClOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk9FUXRaTmk5blBxNHp0bTducnFQRUFvS1U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8wYmY4ZmItMTYwNC00Y2QxLTlkYTYt
MWJiMjdjNWQzOTdlLzEvMXROV3NZWkxGLWdxMHJ5WlAwYmlDWEI4V3BNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8wYmY4ZmItMTYwNC00Y2QxLTlkYTYtMWJiMjdjNWQzOTdl
LzEvTk9FUXRaTmk5blBxNHp0bTducnFQRUFvS1U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDjWl4AwQD
shVwAwQCuQIsAwQAwciEAwQBwpHIMA0EAgACMAcDBQAqAiMIMA0GCSqGSIb3DQEB
CwUAA4IBAQCKgfTtty6XCiQidwI0OSjNIH00qjgFG7E99i1YACKeBLP4zctB2gA0
eslTs7hbB/I5wDRZmu2zDmmQCruMRD4XyxsxN8ARgOM/0LpIKjnFDD65M8D1EF30
1fnUmNVW3xz39phKs1Uh0Vxh8VjapQYdoe5fyidH3Jw4+G73z2VIYQj8s/IbdPfN
VXW1IiD1Gt92TxDo7nuo5KUtcOkA43a2SFSShIf+YXcVl5kkka09UAPzYH4t4wD/
mmev3vBtrhBQjoWETqyx5xkl1uZ2knaUj6WEJfuv5GOfRbX8OvWE77uDrdDPHP6O
ZQLODsFCq1wz0Gj+W1yBbPMSoUhw597E
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:35 2024 by rpki-client on console-fra.rpki-client.org