Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/235fec-afc9-4d2f-8b59-a99ea91cb5b9/1/TRhxbTB7k6ImgSN-k8MivQWFsvw.roa
File: TRhxbTB7k6ImgSN-k8MivQWFsvw.roa (raw, json)
Hash identifier: q0Yt3KiQNYv/ujnsnP+2EinRnlVay0dHCkFE1LS90xw=
Subject key identifier: 4D:18:71:6D:30:7B:93:A2:26:81:23:7E:93:C3:22:BD:05:85:B2:FC
Certificate issuer: /CN=76a372b754e49208d646aa7859e348b475e526d2
Certificate serial: 018AD63531431EA8BF93B34A462AE56F3526
Authority key identifier: 76:A3:72:B7:54:E4:92:08:D6:46:AA:78:59:E3:48:B4:75:E5:26:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqNyt1TkkgjWRqp4WeNItHXlJtI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/235fec-afc9-4d2f-8b59-a99ea91cb5b9/1/TRhxbTB7k6ImgSN-k8MivQWFsvw.roa
Signing time: Wed 27 Sep 2023 10:35:24 +0000
ROA not before: Wed 27 Sep 2023 10:35:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31549
IP address blocks: 185.211.84.0/24 maxlen: 24
185.211.86.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d6:35:31:43:1e:a8:bf:93:b3:4a:46:2a:e5:6f:35:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a372b754e49208d646aa7859e348b475e526d2
Validity
Not Before: Sep 27 10:35:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d18716d307b93a22681237e93c322bd0585b2fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:12:0c:56:27:df:5a:d7:a8:52:54:ea:71:63:
bf:13:e9:1e:64:9c:fc:ca:9a:78:a9:45:50:dc:90:
2d:7d:87:e8:43:89:59:48:84:32:b0:96:ab:7d:13:
dc:e1:b1:c0:88:9e:c3:89:7f:44:ef:f5:9b:f8:d7:
f9:60:c6:08:dd:fd:66:0a:b6:d3:7c:ca:7d:4c:25:
8b:57:8b:eb:d1:a5:0d:12:29:03:7e:29:3b:21:9b:
a6:59:ff:90:6c:74:67:81:6b:86:f5:27:77:cc:3f:
c2:f9:e5:6b:fd:f9:68:47:dc:7d:70:61:3c:50:b6:
93:4a:1c:85:35:dc:a9:63:40:65:52:80:b1:dc:05:
a1:46:ea:87:85:f6:81:70:0d:68:b2:54:52:58:6a:
3e:70:a6:4e:39:58:37:48:99:61:95:d9:8e:3d:be:
e9:de:17:04:b0:ad:d8:49:df:f2:0e:99:d9:f2:19:
33:31:45:ea:28:72:00:4d:7c:fb:2b:eb:41:fd:cf:
32:8b:7d:be:e9:2e:40:7d:3d:0a:cc:8a:6c:69:44:
f8:a9:a2:e2:d5:39:68:c7:77:61:04:d2:d6:96:e5:
81:21:15:c2:46:28:21:25:2d:3b:59:4c:1c:bf:f0:
da:6a:57:85:14:f0:46:9b:f7:80:0c:e5:0b:e5:fa:
6b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:18:71:6D:30:7B:93:A2:26:81:23:7E:93:C3:22:BD:05:85:B2:FC
X509v3 Authority Key Identifier:
keyid:76:A3:72:B7:54:E4:92:08:D6:46:AA:78:59:E3:48:B4:75:E5:26:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqNyt1TkkgjWRqp4WeNItHXlJtI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/235fec-afc9-4d2f-8b59-a99ea91cb5b9/1/TRhxbTB7k6ImgSN-k8MivQWFsvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/235fec-afc9-4d2f-8b59-a99ea91cb5b9/1/dqNyt1TkkgjWRqp4WeNItHXlJtI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.84.0/24
185.211.86.0/23
Signature Algorithm: sha256WithRSAEncryption
38:9e:c9:35:8e:fb:94:62:df:3c:c6:12:a2:5a:da:76:45:54:
eb:ae:9a:52:e2:a7:32:91:f7:86:3e:b5:72:86:da:e9:ed:90:
ce:d4:e8:9e:61:4c:a3:3e:94:4c:bc:c3:e1:da:6e:d0:f4:8a:
c8:23:d0:05:f4:92:23:0a:5e:fc:c6:fd:ff:64:b2:a2:83:29:
c3:bf:31:4a:f1:50:fb:3c:5b:b8:dd:dd:3a:5e:73:7a:b3:b1:
b0:54:c9:e5:f8:bf:8b:cf:c6:ba:9b:06:1f:07:31:35:62:a0:
33:ee:d9:9b:d5:6b:bc:d2:b4:75:f5:80:9c:24:79:64:00:7d:
8e:e9:45:12:ba:6a:8a:2e:7d:7c:a2:f4:8f:a8:53:2d:42:ff:
6a:2c:8f:3c:3f:d3:06:7a:5e:e4:66:21:a1:7f:38:54:5c:39:
19:3f:21:3f:7c:48:0f:0b:77:1a:4b:a5:b8:db:c9:a6:e2:c5:
71:c7:97:44:26:a3:34:f2:01:67:95:86:68:0e:41:1a:c4:e8:
74:80:64:66:61:33:aa:68:e8:6a:fd:a7:df:6e:1c:09:cb:58:
dc:1c:b4:0b:c3:e0:ba:fd:d5:af:89:67:38:12:68:53:14:d0:
11:e0:b7:70:f9:33:00:e1:0e:54:0f:3c:05:36:8e:22:4b:95:
80:d0:3d:67
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYrWNTFDHqi/k7NKRirlbzUmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTM3MmI3NTRlNDkyMDhkNjQ2YWE3ODU5ZTM0OGI0NzVl
NTI2ZDIwHhcNMjMwOTI3MTAzNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDE4NzE2ZDMwN2I5M2EyMjY4MTIzN2U5M2MzMjJiZDA1ODViMmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBIMViffWteoUlTqcWO/E+keZJz8
ypp4qUVQ3JAtfYfoQ4lZSIQysJarfRPc4bHAiJ7DiX9E7/Wb+Nf5YMYI3f1mCrbT
fMp9TCWLV4vr0aUNEikDfik7IZumWf+QbHRngWuG9Sd3zD/C+eVr/floR9x9cGE8
ULaTShyFNdypY0BlUoCx3AWhRuqHhfaBcA1oslRSWGo+cKZOOVg3SJlhldmOPb7p
3hcEsK3YSd/yDpnZ8hkzMUXqKHIATXz7K+tB/c8yi32+6S5AfT0KzIpsaUT4qaLi
1Tlox3dhBNLWluWBIRXCRighJS07WUwcv/DaaleFFPBGm/eADOUL5fprfwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE0YcW0we5OiJoEjfpPDIr0FhbL8MB8GA1UdIwQY
MBaAFHajcrdU5JII1kaqeFnjSLR15SbSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFOeXQxVGtrZ2pXUnFwNFdlTkl0SFhsSnRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8yMzVmZWMtYWZjOS00ZDJmLThiNTkt
YTk5ZWE5MWNiNWI5LzEvVFJoeGJUQjdrNkltZ1NOLWs4TWl2UVdGc3Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8yMzVmZWMtYWZjOS00ZDJmLThiNTktYTk5ZWE5MWNiNWI5
LzEvZHFOeXQxVGtrZ2pXUnFwNFdlTkl0SFhsSnRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAudNUAwQB
udNWMA0GCSqGSIb3DQEBCwUAA4IBAQA4nsk1jvuUYt88xhKiWtp2RVTrrppS4qcy
kfeGPrVyhtrp7ZDO1OieYUyjPpRMvMPh2m7Q9IrII9AF9JIjCl78xv3/ZLKigynD
vzFK8VD7PFu43d06XnN6s7GwVMnl+L+Lz8a6mwYfBzE1YqAz7tmb1Wu80rR19YCc
JHlkAH2O6UUSumqKLn18ovSPqFMtQv9qLI88P9MGel7kZiGhfzhUXDkZPyE/fEgP
C3caS6W428mm4sVxx5dEJqM08gFnlYZoDkEaxOh0gGRmYTOqaOhq/affbhwJy1jc
HLQLw+C6/dWviWc4EmhTFNAR4Ldw+TMA4Q5UDzwFNo4iS5WA0D1n
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:12 2024 by rpki-client on console-fra.rpki-client.org