Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/6007d2-c8e3-46d7-9836-d4e5c11adaf4/1/tksPU5IDjP95cL0BhK98BDovcE0.roa
File: tksPU5IDjP95cL0BhK98BDovcE0.roa (raw, json)
Hash identifier: Jc+ao5OLp8ZKwYfwoH6dSCPfbDv/sGrbF2vVc/S2bFI=
Subject key identifier: B6:4B:0F:53:92:03:8C:FF:79:70:BD:01:84:AF:7C:04:3A:2F:70:4D
Certificate issuer: /CN=ebf72bcf5b992e2858fb5dcfddf4a94321824acb
Certificate serial: 01856FF04A2040F1E9F41E0B7312C05540BC
Authority key identifier: EB:F7:2B:CF:5B:99:2E:28:58:FB:5D:CF:DD:F4:A9:43:21:82:4A:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6_crz1uZLihY-13P3fSpQyGCSss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/6007d2-c8e3-46d7-9836-d4e5c11adaf4/1/tksPU5IDjP95cL0BhK98BDovcE0.roa
Signing time: Mon 02 Jan 2023 00:44:56 +0000
ROA not before: Mon 02 Jan 2023 00:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207324
IP address blocks: 195.88.181.0/24 maxlen: 24
195.95.128.0/24 maxlen: 24
195.95.130.0/24 maxlen: 24
195.85.248.0/24 maxlen: 24
2a10:6c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:4a:20:40:f1:e9:f4:1e:0b:73:12:c0:55:40:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebf72bcf5b992e2858fb5dcfddf4a94321824acb
Validity
Not Before: Jan 2 00:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b64b0f5392038cff7970bd0184af7c043a2f704d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e2:5d:15:1f:01:d3:fd:e6:15:27:69:35:a1:
89:22:bc:02:3b:57:f1:d2:6e:60:aa:a8:3a:6a:a8:
ec:0d:9b:b7:56:94:d0:f8:6a:a9:46:a5:93:79:b9:
1d:85:8c:ba:a2:03:a4:72:e7:ec:3d:67:b6:d6:cc:
a7:54:6f:32:fe:24:2b:8c:89:7f:d4:b9:cf:5a:fa:
aa:1f:dc:87:83:c8:cc:85:f9:65:14:a8:af:88:33:
16:e0:ba:99:f7:51:1a:94:5d:97:8d:31:0d:03:ec:
af:fc:29:65:23:45:4b:ac:b5:d2:26:85:a3:4f:34:
27:8b:6f:44:1b:ca:fa:21:3a:db:bb:59:c8:3e:ed:
9c:0c:66:16:6d:7f:b7:72:18:14:01:93:6a:54:04:
c3:39:66:ef:f0:9d:d6:3a:09:b7:b9:2b:e1:6e:22:
4d:db:89:05:b9:fc:54:2d:ae:25:48:18:b4:ed:da:
87:86:9a:3b:3c:cb:96:88:fa:ff:04:84:53:aa:81:
a4:7d:8e:68:ce:fe:cb:d6:e8:02:71:7f:6c:75:9c:
3b:dc:34:ba:6a:d4:39:1b:bf:ec:7d:b8:8f:ed:d0:
37:7a:b5:aa:29:ef:82:7b:ce:5e:d7:cc:77:57:99:
5e:d8:1d:f4:aa:eb:cb:ec:17:b4:34:40:0e:ac:45:
a5:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:4B:0F:53:92:03:8C:FF:79:70:BD:01:84:AF:7C:04:3A:2F:70:4D
X509v3 Authority Key Identifier:
keyid:EB:F7:2B:CF:5B:99:2E:28:58:FB:5D:CF:DD:F4:A9:43:21:82:4A:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6_crz1uZLihY-13P3fSpQyGCSss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/6007d2-c8e3-46d7-9836-d4e5c11adaf4/1/tksPU5IDjP95cL0BhK98BDovcE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/6007d2-c8e3-46d7-9836-d4e5c11adaf4/1/6_crz1uZLihY-13P3fSpQyGCSss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.85.248.0/24
195.88.181.0/24
195.95.128.0/24
195.95.130.0/24
IPv6:
2a10:6c0::/29
Signature Algorithm: sha256WithRSAEncryption
89:6e:ee:d4:26:49:b9:bd:a0:1f:4a:5b:88:3d:73:1f:07:cf:
6c:96:2f:2b:47:d1:13:35:a8:0d:0c:39:f3:45:6b:d7:4f:42:
54:43:45:c3:2d:34:bc:10:e6:ec:88:1b:9a:62:ca:f9:08:ea:
f9:b4:f6:94:26:4c:55:dc:70:f6:bb:48:58:c7:83:4c:bd:eb:
fa:83:d8:ae:f5:44:ea:29:0e:97:1f:31:c5:13:7a:ec:9f:1d:
e1:ce:94:af:6e:25:b9:b4:15:0f:74:85:04:8e:30:55:08:94:
03:2d:ec:4e:fc:3c:55:5f:05:c4:bd:d5:ae:63:ae:8c:25:63:
07:49:eb:17:f1:e0:91:02:26:4f:3e:a2:8d:3e:2e:a3:fb:eb:
4c:5b:32:94:fe:d8:d6:65:49:d7:88:c2:a9:ea:5a:e7:23:1f:
f4:8a:7f:b6:33:61:a3:5c:d3:0f:c9:4d:33:cd:fe:eb:15:cb:
e5:d2:d0:a7:57:89:07:da:a2:ed:39:a1:e7:05:0a:df:53:ea:
a9:ec:5d:82:3d:94:a6:24:da:a1:62:03:94:fe:57:af:22:31:
cf:81:5d:37:e6:90:73:0f:0e:3e:fb:0c:0e:20:72:67:04:d2:
c6:dd:e3:ff:b9:89:a3:76:d1:d9:3a:66:7f:f9:71:9e:5c:29:
cd:0c:47:9a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVv8EogQPHp9B4LcxLAVUC8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZjcyYmNmNWI5OTJlMjg1OGZiNWRjZmRkZjRhOTQzMjE4
MjRhY2IwHhcNMjMwMTAyMDA0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjRiMGY1MzkyMDM4Y2ZmNzk3MGJkMDE4NGFmN2MwNDNhMmY3MDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOJdFR8B0/3mFSdpNaGJIrwCO1fx
0m5gqqg6aqjsDZu3VpTQ+GqpRqWTebkdhYy6ogOkcufsPWe21synVG8y/iQrjIl/
1LnPWvqqH9yHg8jMhfllFKiviDMW4LqZ91EalF2XjTENA+yv/CllI0VLrLXSJoWj
TzQni29EG8r6ITrbu1nIPu2cDGYWbX+3chgUAZNqVATDOWbv8J3WOgm3uSvhbiJN
24kFufxULa4lSBi07dqHhpo7PMuWiPr/BIRTqoGkfY5ozv7L1ugCcX9sdZw73DS6
atQ5G7/sfbiP7dA3erWqKe+Ce85e18x3V5le2B30quvL7Be0NEAOrEWlbwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLZLD1OSA4z/eXC9AYSvfAQ6L3BNMB8GA1UdIwQY
MBaAFOv3K89bmS4oWPtdz930qUMhgkrLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNl9jcnoxdVpMaWhZLTEzUDNmU3BReUdDU3NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC82MDA3ZDItYzhlMy00NmQ3LTk4MzYt
ZDRlNWMxMWFkYWY0LzEvdGtzUFU1SURqUDk1Y0wwQmhLOThCRG92Y0UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC82MDA3ZDItYzhlMy00NmQ3LTk4MzYtZDRlNWMxMWFkYWY0
LzEvNl9jcnoxdVpMaWhZLTEzUDNmU3BReUdDU3NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAw1X4AwQA
w1i1AwQAw1+AAwQAw1+CMA0EAgACMAcDBQMqEAbAMA0GCSqGSIb3DQEBCwUAA4IB
AQCJbu7UJkm5vaAfSluIPXMfB89sli8rR9ETNagNDDnzRWvXT0JUQ0XDLTS8EObs
iBuaYsr5COr5tPaUJkxV3HD2u0hYx4NMvev6g9iu9UTqKQ6XHzHFE3rsnx3hzpSv
biW5tBUPdIUEjjBVCJQDLexO/DxVXwXEvdWuY66MJWMHSesX8eCRAiZPPqKNPi6j
++tMWzKU/tjWZUnXiMKp6lrnIx/0in+2M2GjXNMPyU0zzf7rFcvl0tCnV4kH2qLt
OaHnBQrfU+qp7F2CPZSmJNqhYgOU/levIjHPgV035pBzDw4++wwOIHJnBNLG3eP/
uYmjdtHZOmZ/+XGeXCnNDEea
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:14 2024 by rpki-client on console-fra.rpki-client.org