Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/tOettwXOEIhaI19P_1hhR8KOOrU.roa
File: tOettwXOEIhaI19P_1hhR8KOOrU.roa (raw, json)
Hash identifier: PkRS3FSErpahrMJl8EmjWjtu32P8UV4VfuUq2hDwtYA=
Subject key identifier: B4:E7:AD:B7:05:CE:10:88:5A:23:5F:4F:FF:58:61:47:C2:8E:3A:B5
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 018B6AF95176ADC6C9E7830C4A1FBEDDC9F7
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/tOettwXOEIhaI19P_1hhR8KOOrU.roa
Signing time: Thu 26 Oct 2023 07:53:26 +0000
ROA not before: Thu 26 Oct 2023 07:53:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207783
IP address blocks: 85.121.148.0/23 maxlen: 24
194.102.170.0/24 maxlen: 24
85.120.144.0/24 maxlen: 24
217.156.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 Nov 2023 07:17:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6a:f9:51:76:ad:c6:c9:e7:83:0c:4a:1f:be:dd:c9:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Oct 26 07:53:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4e7adb705ce10885a235f4fff586147c28e3ab5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:aa:bd:3a:b7:69:10:e2:c7:b9:9f:6c:98:d4:
9f:dd:6e:57:c1:50:fd:d9:ec:0b:fc:cc:f2:f5:e3:
9a:65:66:61:6f:c3:72:88:e0:e7:06:c8:21:c4:04:
20:01:8f:3f:a1:ce:97:48:d7:76:34:8d:11:e5:12:
d5:4f:b8:8a:d9:40:12:1e:93:13:4f:15:c2:8b:ed:
51:f1:f1:a5:a7:37:5b:1e:89:88:01:24:7b:b2:8c:
33:b0:bd:a4:34:d3:c6:1a:ae:f3:d2:52:3b:84:39:
ff:2a:01:7d:e7:e6:08:fc:b9:89:31:bf:a7:fe:06:
43:e9:ed:22:5c:d3:02:f9:74:67:14:88:0b:ba:19:
64:d3:9e:ac:5a:b9:d8:4d:bb:69:5c:17:2b:2b:4f:
b0:e3:1a:18:e0:a2:ac:49:6c:37:e4:7e:27:d4:ae:
0c:1e:ed:f4:cf:d3:80:47:d1:d8:da:59:06:6e:4a:
1c:65:b4:9c:fe:ea:1f:72:28:bc:dd:f7:f9:29:3d:
db:ba:7f:aa:05:fa:2f:ca:30:dc:09:aa:24:a2:0e:
7d:44:ec:74:83:97:9f:8e:ad:64:fc:1c:6f:17:d5:
6d:e3:f6:29:42:5c:f8:59:47:ef:1a:f5:56:e9:0f:
f4:14:f4:ab:34:d7:2a:3a:cd:65:b9:c5:b3:b1:f7:
62:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:E7:AD:B7:05:CE:10:88:5A:23:5F:4F:FF:58:61:47:C2:8E:3A:B5
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/tOettwXOEIhaI19P_1hhR8KOOrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.120.144.0/24
85.121.148.0/23
194.102.170.0/24
217.156.96.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:6f:ca:f6:60:8a:60:fe:e1:99:ee:6d:8d:e3:26:71:78:8e:
c8:6f:20:80:43:63:05:f0:e0:09:9a:94:46:a6:2b:b9:c8:a5:
93:ea:36:47:5b:4d:dd:80:22:25:39:9a:c3:09:49:43:0b:5d:
77:2a:26:5b:00:97:74:90:ba:dd:d3:1e:1d:ed:90:dd:0e:51:
63:c3:b9:2f:6b:c4:ba:ef:27:d8:a1:04:22:b7:04:ff:b0:9d:
b8:ec:fc:3b:af:0f:6a:64:60:58:1e:16:4a:33:4d:a6:4a:18:
09:99:07:1b:f9:27:1a:3f:4b:cf:87:de:d8:61:e7:cc:ae:46:
c8:a4:db:ce:77:a0:4d:2a:d0:f5:f8:62:cb:03:2d:80:a6:aa:
3c:d0:ca:6e:6a:fb:64:ea:ea:3e:2d:94:41:b8:12:97:02:f6:
d3:cc:f9:0b:66:2a:66:48:b4:d9:0d:9a:b7:22:f0:d2:b1:a5:
f7:69:0c:13:6c:da:66:a0:d5:eb:22:70:a7:9c:2c:10:6f:10:
4f:b5:0b:6f:65:c6:07:37:dc:28:27:d2:7b:22:c4:0e:b9:7c:
75:cc:62:1c:e3:93:cd:b1:8b:12:cc:40:97:72:81:e1:46:8c:
95:63:b7:63:f9:ce:56:54:6c:c2:e0:a9:a0:d8:db:b2:d4:cb:
6a:14:da:c4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYtq+VF2rcbJ54MMSh++3cn3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjMxMDI2MDc1MzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGU3YWRiNzA1Y2UxMDg4NWEyMzVmNGZmZjU4NjE0N2MyOGUzYWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKq9OrdpEOLHuZ9smNSf3W5XwVD9
2ewL/Mzy9eOaZWZhb8NyiODnBsghxAQgAY8/oc6XSNd2NI0R5RLVT7iK2UASHpMT
TxXCi+1R8fGlpzdbHomIASR7sowzsL2kNNPGGq7z0lI7hDn/KgF95+YI/LmJMb+n
/gZD6e0iXNMC+XRnFIgLuhlk056sWrnYTbtpXBcrK0+w4xoY4KKsSWw35H4n1K4M
Hu30z9OAR9HY2lkGbkocZbSc/uofcii83ff5KT3bun+qBfovyjDcCaokog59ROx0
g5efjq1k/BxvF9Vt4/YpQlz4WUfvGvVW6Q/0FPSrNNcqOs1lucWzsfdixQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLTnrbcFzhCIWiNfT/9YYUfCjjq1MB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvdE9ldHR3WE9FSWhhSTE5UF8xaGhSOEtPT3JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVXiQAwQB
VXmUAwQAwmaqAwQA2ZxgMA0GCSqGSIb3DQEBCwUAA4IBAQCpb8r2YIpg/uGZ7m2N
4yZxeI7IbyCAQ2MF8OAJmpRGpiu5yKWT6jZHW03dgCIlOZrDCUlDC113KiZbAJd0
kLrd0x4d7ZDdDlFjw7kva8S67yfYoQQitwT/sJ247Pw7rw9qZGBYHhZKM02mShgJ
mQcb+ScaP0vPh97YYefMrkbIpNvOd6BNKtD1+GLLAy2Apqo80Mpuavtk6uo+LZRB
uBKXAvbTzPkLZipmSLTZDZq3IvDSsaX3aQwTbNpmoNXrInCnnCwQbxBPtQtvZcYH
N9woJ9J7IsQOuXx1zGIc45PNsYsSzECXcoHhRoyVY7dj+c5WVGzC4Kmg2Nuy1Mtq
FNrE
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:06 2024 by rpki-client on console-ams.rpki-client.org