Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/52fb86-ed78-4850-b406-80a2b68c3832/1/_tDz5ZJqz60qC75PvyY2MZ6x1bw.roa
File: _tDz5ZJqz60qC75PvyY2MZ6x1bw.roa (raw, json)
Hash identifier: OF6sS5nlz6Tv8SpF4gTPrlWSEukWIeONIE8gn2znnf0=
Subject key identifier: FE:D0:F3:E5:92:6A:CF:AD:2A:0B:BE:4F:BF:26:36:31:9E:B1:D5:BC
Certificate issuer: /CN=d5777579cc67784454bcd91a06bd6935aaef73f9
Certificate serial: 01856C1360E16CEFE1C1C313BB52896EF15B
Authority key identifier: D5:77:75:79:CC:67:78:44:54:BC:D9:1A:06:BD:69:35:AA:EF:73:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Xd1ecxneERUvNkaBr1pNarvc_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/52fb86-ed78-4850-b406-80a2b68c3832/1/_tDz5ZJqz60qC75PvyY2MZ6x1bw.roa
Signing time: Sun 01 Jan 2023 06:44:47 +0000
ROA not before: Sun 01 Jan 2023 06:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28978
IP address blocks: 176.32.160.0/20 maxlen: 20
176.32.170.0/24 maxlen: 24
176.32.168.0/24 maxlen: 24
195.39.216.0/23 maxlen: 23
2a00:8a40::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 27 Apr 2023 11:13:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:13:60:e1:6c:ef:e1:c1:c3:13:bb:52:89:6e:f1:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5777579cc67784454bcd91a06bd6935aaef73f9
Validity
Not Before: Jan 1 06:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fed0f3e5926acfad2a0bbe4fbf2636319eb1d5bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:16:ab:72:39:ef:7b:9c:2e:ec:b5:05:40:80:
ba:44:5e:0e:a6:67:c7:e0:f0:07:74:25:e7:e4:14:
b0:7d:f4:c2:31:7e:4c:af:f0:27:ae:34:ab:1b:c1:
d5:2d:51:ac:61:12:4f:3a:2d:3e:f2:ba:93:71:9e:
87:46:bb:bd:49:0b:07:a2:aa:28:79:08:2b:11:e9:
1a:a1:c6:b7:57:5a:b8:9d:b0:d5:52:ce:72:28:8f:
5b:07:7e:e6:e2:d3:4c:98:0e:e5:c4:34:9d:e6:bb:
d6:60:97:de:6c:33:e0:71:57:e0:13:64:8a:31:86:
a3:12:24:e5:61:12:96:fe:82:f2:ab:2e:2b:0c:74:
fb:1f:76:38:55:64:ac:aa:06:4b:99:d9:a8:05:12:
e9:da:62:c6:d6:0d:4d:e0:fe:35:fe:61:e2:f5:57:
b0:11:4c:6d:95:16:79:ec:2d:81:51:07:c3:6f:9b:
eb:a8:16:4c:22:5a:d3:df:88:b6:88:9f:44:f9:50:
f1:ef:9b:e2:f4:df:4a:69:e0:6f:b5:02:f5:18:e0:
42:ed:83:8e:c5:21:50:cb:34:71:d7:61:ae:18:e5:
9d:bd:15:86:74:5e:6e:7c:a4:6c:37:9b:84:99:ee:
4d:ea:e8:3a:41:e8:6f:53:21:c1:ae:c2:f0:e8:c3:
5b:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:D0:F3:E5:92:6A:CF:AD:2A:0B:BE:4F:BF:26:36:31:9E:B1:D5:BC
X509v3 Authority Key Identifier:
keyid:D5:77:75:79:CC:67:78:44:54:BC:D9:1A:06:BD:69:35:AA:EF:73:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Xd1ecxneERUvNkaBr1pNarvc_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/52fb86-ed78-4850-b406-80a2b68c3832/1/_tDz5ZJqz60qC75PvyY2MZ6x1bw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/52fb86-ed78-4850-b406-80a2b68c3832/1/1Xd1ecxneERUvNkaBr1pNarvc_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.160.0/20
195.39.216.0/23
IPv6:
2a00:8a40::/32
Signature Algorithm: sha256WithRSAEncryption
77:ac:91:df:a7:c4:5f:71:d0:09:7a:1e:fb:47:54:5a:14:49:
23:e9:62:bc:59:3a:99:f9:0e:ca:05:2a:f9:9c:0c:4c:d9:88:
f8:f5:c6:8b:7d:b1:45:4e:a9:50:e0:bf:23:bf:45:cf:2f:cd:
42:68:a8:17:2d:ea:44:d7:9b:3a:b3:6e:fa:ac:88:77:7d:0b:
f5:9c:ce:99:50:0e:a1:c3:fd:09:be:6d:eb:6c:32:e3:e1:3d:
a4:9b:58:cc:e4:4f:50:5f:4c:d5:3f:c0:bb:1d:f0:e8:27:2d:
82:a3:bc:b1:c3:b2:1f:10:1c:e3:d4:11:5c:1c:95:bd:23:0f:
6e:68:b0:31:3e:9a:a8:2f:e2:e3:ca:34:9d:2b:b6:08:49:ee:
c7:4b:a6:b4:0b:2a:0b:e1:b3:14:00:0e:13:b8:d0:79:9f:b5:
4a:de:79:ba:0d:80:49:3c:2e:70:9c:d0:78:ce:bf:d8:72:5c:
42:3f:83:89:23:94:42:9c:de:86:d2:23:e6:77:d5:f7:03:0e:
36:34:b8:f7:64:70:c9:27:77:b7:2c:8f:ad:6f:3c:5e:03:91:
ce:ba:85:78:16:0a:15:a2:bc:5f:b6:eb:ef:39:73:43:14:89:
c9:f7:e1:3d:00:8d:f4:2d:7c:f2:a1:0b:3b:70:cb:c5:0c:14:
58:6c:16:c4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsE2DhbO/hwcMTu1KJbvFbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1Nzc3NTc5Y2M2Nzc4NDQ1NGJjZDkxYTA2YmQ2OTM1YWFl
ZjczZjkwHhcNMjMwMTAxMDY0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWQwZjNlNTkyNmFjZmFkMmEwYmJlNGZiZjI2MzYzMTllYjFkNWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjharcjnve5wu7LUFQIC6RF4OpmfH
4PAHdCXn5BSwffTCMX5Mr/AnrjSrG8HVLVGsYRJPOi0+8rqTcZ6HRru9SQsHoqoo
eQgrEekaoca3V1q4nbDVUs5yKI9bB37m4tNMmA7lxDSd5rvWYJfebDPgcVfgE2SK
MYajEiTlYRKW/oLyqy4rDHT7H3Y4VWSsqgZLmdmoBRLp2mLG1g1N4P41/mHi9Vew
EUxtlRZ57C2BUQfDb5vrqBZMIlrT34i2iJ9E+VDx75vi9N9KaeBvtQL1GOBC7YOO
xSFQyzRx12GuGOWdvRWGdF5ufKRsN5uEme5N6ug6QehvUyHBrsLw6MNb1QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFP7Q8+WSas+tKgu+T78mNjGesdW8MB8GA1UdIwQY
MBaAFNV3dXnMZ3hEVLzZGga9aTWq73P5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVhkMWVjeG5lRVJVdk5rYUJyMXBOYXJ2Y19rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi81MmZiODYtZWQ3OC00ODUwLWI0MDYt
ODBhMmI2OGMzODMyLzEvX3REejVaSnF6NjBxQzc1UHZ5WTJNWjZ4MWJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi81MmZiODYtZWQ3OC00ODUwLWI0MDYtODBhMmI2OGMzODMy
LzEvMVhkMWVjeG5lRVJVdk5rYUJyMXBOYXJ2Y19rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEsCCgAwQB
wyfYMA0EAgACMAcDBQAqAIpAMA0GCSqGSIb3DQEBCwUAA4IBAQB3rJHfp8RfcdAJ
eh77R1RaFEkj6WK8WTqZ+Q7KBSr5nAxM2Yj49caLfbFFTqlQ4L8jv0XPL81CaKgX
LepE15s6s276rIh3fQv1nM6ZUA6hw/0Jvm3rbDLj4T2km1jM5E9QX0zVP8C7HfDo
Jy2Co7yxw7IfEBzj1BFcHJW9Iw9uaLAxPpqoL+LjyjSdK7YISe7HS6a0CyoL4bMU
AA4TuNB5n7VK3nm6DYBJPC5wnNB4zr/YclxCP4OJI5RCnN6G0iPmd9X3Aw42NLj3
ZHDJJ3e3LI+tbzxeA5HOuoV4FgoVorxftuvvOXNDFInJ9+E9AI30LXzyoQs7cMvF
DBRYbBbE
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:15 2024 by rpki-client on console-ams.rpki-client.org