Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/TcItveL5T9LFctsZfLs51GfEO0k.roa
File: TcItveL5T9LFctsZfLs51GfEO0k.roa (raw, json)
Hash identifier: FxBp88HB8rJ2q4bSSQ8adJPCBzY3mm39Fzlum/L5tio=
Subject key identifier: 4D:C2:2D:BD:E2:F9:4F:D2:C5:72:DB:19:7C:BB:39:D4:67:C4:3B:49
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 0185817D79494B78AECF836FDDE83F121511
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/TcItveL5T9LFctsZfLs51GfEO0k.roa
Signing time: Thu 05 Jan 2023 10:32:41 +0000
ROA not before: Thu 05 Jan 2023 10:32:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207783
IP address blocks: 85.122.82.0/24 maxlen: 24
85.122.112.0/23 maxlen: 24
194.102.168.0/22 maxlen: 24
85.120.12.0/23 maxlen: 24
217.156.84.0/24 maxlen: 24
194.102.218.0/24 maxlen: 24
217.156.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Jan 2023 13:42:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:81:7d:79:49:4b:78:ae:cf:83:6f:dd:e8:3f:12:15:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jan 5 10:32:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4dc22dbde2f94fd2c572db197cbb39d467c43b49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:1a:cf:90:5e:5c:64:0d:41:08:f3:50:77:75:
ba:d6:cb:3b:de:96:a5:c1:6c:b5:65:4f:a5:ce:20:
f6:8f:d4:30:6c:17:63:64:5e:80:48:82:09:8f:65:
43:a1:1a:1e:ec:80:0c:4e:c3:26:6d:88:87:30:af:
0d:99:61:53:33:64:46:e3:60:01:c7:fc:21:5d:6b:
33:ad:16:17:33:97:74:a4:6c:2c:e9:8d:0c:0a:d8:
e0:15:1a:64:c8:e8:a5:cf:90:cb:fe:75:a7:a6:5b:
bf:cc:51:04:d0:1d:f7:b1:87:55:1a:d1:80:85:7e:
8d:40:24:97:18:08:be:4e:fd:ed:05:5d:15:d1:a5:
c7:0b:00:2c:aa:3d:b9:04:8b:a1:de:04:d8:4d:6e:
00:b5:9d:3b:fd:16:ab:35:74:be:97:ae:b8:1a:f7:
13:2a:0c:58:bd:ba:03:97:13:7a:d6:c0:69:65:06:
24:29:96:2f:64:b5:16:87:80:62:77:2a:a5:e0:20:
ab:9a:4a:cf:6c:1c:4f:1e:91:ab:27:87:06:63:bc:
d6:fa:18:b7:d2:ee:3f:29:65:2d:82:32:70:cb:26:
75:06:bd:1c:af:e7:2f:d0:ef:ff:09:5f:65:94:e3:
37:ef:68:ec:64:3f:64:af:08:f5:71:25:96:10:d1:
bb:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:C2:2D:BD:E2:F9:4F:D2:C5:72:DB:19:7C:BB:39:D4:67:C4:3B:49
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/TcItveL5T9LFctsZfLs51GfEO0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.120.12.0/23
85.122.82.0/24
85.122.112.0/23
194.102.168.0/22
194.102.218.0/24
217.156.84.0/24
217.156.96.0/24
Signature Algorithm: sha256WithRSAEncryption
78:2f:bb:b5:31:81:57:27:ba:d2:05:a0:a3:18:fb:a8:4e:3b:
43:ed:6d:22:da:03:ac:97:e3:94:6e:d7:ac:8a:1a:1e:f7:14:
b0:bd:8b:08:ee:83:70:9c:11:1e:96:52:e9:f1:71:c4:e0:22:
b9:12:54:32:7d:bb:2e:56:5f:86:98:d4:03:25:3b:0d:a9:5f:
5f:44:b0:18:1b:cf:00:a8:a8:06:d1:99:78:3a:64:af:a4:3b:
a2:4a:a1:04:4f:cf:08:dd:b3:6e:f0:43:e3:d0:46:66:cb:62:
3b:f2:60:3d:a2:3e:ea:2f:dc:13:fa:2f:92:bc:63:3d:a4:68:
25:cc:29:fd:c5:d4:fa:77:98:1b:a9:d3:f4:b3:af:88:f4:a1:
d6:a9:41:a9:22:30:96:65:f3:07:bd:80:c5:82:97:b3:69:7b:
d4:fa:44:06:ce:c0:c1:c1:7d:65:36:32:8d:43:2c:e1:2b:1c:
25:3d:32:1b:d9:ff:00:bc:a3:bd:0c:c1:6c:6e:9a:4d:7a:00:
c2:9e:48:b5:f5:cb:f6:57:9d:6f:0c:b3:0c:2c:e0:a4:37:e2:
f6:34:78:65:ec:24:06:24:5b:de:ef:0d:af:c2:5f:9e:0a:37:
6c:00:aa:72:89:e4:74:78:f2:23:40:5b:34:3c:bd:35:87:89:
19:8f:99:46
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYWBfXlJS3iuz4Nv3eg/EhURMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjMwMTA1MTAzMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGMyMmRiZGUyZjk0ZmQyYzU3MmRiMTk3Y2JiMzlkNDY3YzQzYjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBrPkF5cZA1BCPNQd3W61ss73pal
wWy1ZU+lziD2j9QwbBdjZF6ASIIJj2VDoRoe7IAMTsMmbYiHMK8NmWFTM2RG42AB
x/whXWszrRYXM5d0pGws6Y0MCtjgFRpkyOilz5DL/nWnplu/zFEE0B33sYdVGtGA
hX6NQCSXGAi+Tv3tBV0V0aXHCwAsqj25BIuh3gTYTW4AtZ07/RarNXS+l664GvcT
KgxYvboDlxN61sBpZQYkKZYvZLUWh4Bidyql4CCrmkrPbBxPHpGrJ4cGY7zW+hi3
0u4/KWUtgjJwyyZ1Br0cr+cv0O//CV9llOM372jsZD9krwj1cSWWENG7YQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFE3CLb3i+U/SxXLbGXy7OdRnxDtJMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvVGNJdHZlTDVUOUxGY3RzWmZMczUxR2ZFTzBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBVXgMAwQA
VXpSAwQBVXpwAwQCwmaoAwQAwmbaAwQA2ZxUAwQA2ZxgMA0GCSqGSIb3DQEBCwUA
A4IBAQB4L7u1MYFXJ7rSBaCjGPuoTjtD7W0i2gOsl+OUbtesihoe9xSwvYsI7oNw
nBEellLp8XHE4CK5ElQyfbsuVl+GmNQDJTsNqV9fRLAYG88AqKgG0Zl4OmSvpDui
SqEET88I3bNu8EPj0EZmy2I78mA9oj7qL9wT+i+SvGM9pGglzCn9xdT6d5gbqdP0
s6+I9KHWqUGpIjCWZfMHvYDFgpezaXvU+kQGzsDBwX1lNjKNQyzhKxwlPTIb2f8A
vKO9DMFsbppNegDCnki19cv2V51vDLMMLOCkN+L2NHhl7CQGJFve7w2vwl+eCjds
AKpyieR0ePIjQFs0PL01h4kZj5lG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:22 2024 by rpki-client on console-fra.rpki-client.org