Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/tsCp4w7Etu18OkQPFsYbAMZps88.roa
File: tsCp4w7Etu18OkQPFsYbAMZps88.roa (raw, json)
Hash identifier: FRCImMil/oG0Uccio+UV7w/GIFbArv2fhwrqF5iDLlE=
Subject key identifier: B6:C0:A9:E3:0E:C4:B6:ED:7C:3A:44:0F:16:C6:1B:00:C6:69:B3:CF
Certificate issuer: /CN=2b0be226230d4099ceea0a4a6cf4ed8b90201350
Certificate serial: 018D30425B736CD15936D5FDB94879E210DC
Authority key identifier: 2B:0B:E2:26:23:0D:40:99:CE:EA:0A:4A:6C:F4:ED:8B:90:20:13:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KwviJiMNQJnO6gpKbPTti5AgE1A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/tsCp4w7Etu18OkQPFsYbAMZps88.roa
Signing time: Mon 22 Jan 2024 08:21:11 +0000
ROA not before: Mon 22 Jan 2024 08:21:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28787
IP address blocks: 37.61.0.0/17 maxlen: 17
37.61.56.0/21 maxlen: 21
37.61.77.0/24 maxlen: 24
37.61.78.0/24 maxlen: 24
37.61.79.0/24 maxlen: 24
37.61.112.0/22 maxlen: 22
37.61.116.0/22 maxlen: 22
37.61.120.0/22 maxlen: 22
37.61.124.0/22 maxlen: 22
81.17.80.0/20 maxlen: 20
81.17.82.0/24 maxlen: 24
185.30.88.0/23 maxlen: 23
185.30.90.0/23 maxlen: 23
188.253.128.0/19 maxlen: 19
188.253.208.0/22 maxlen: 22
188.253.212.0/22 maxlen: 22
188.253.216.0/22 maxlen: 22
188.253.220.0/22 maxlen: 22
188.253.224.0/21 maxlen: 21
188.253.232.0/21 maxlen: 21
188.253.254.0/24 maxlen: 24
188.253.255.0/24 maxlen: 24
194.135.152.0/23 maxlen: 23
194.135.154.0/23 maxlen: 23
194.135.166.0/23 maxlen: 23
194.135.168.0/23 maxlen: 23
194.135.170.0/24 maxlen: 24
194.135.171.0/24 maxlen: 24
194.135.172.0/24 maxlen: 24
194.135.173.0/24 maxlen: 24
194.135.174.0/24 maxlen: 24
194.135.176.0/24 maxlen: 24
194.135.177.0/24 maxlen: 24
194.135.178.0/24 maxlen: 24
194.135.179.0/24 maxlen: 24
213.154.0.0/19 maxlen: 19
217.64.16.0/20 maxlen: 20
217.64.16.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Apr 2024 13:20:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:30:42:5b:73:6c:d1:59:36:d5:fd:b9:48:79:e2:10:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b0be226230d4099ceea0a4a6cf4ed8b90201350
Validity
Not Before: Jan 22 08:21:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6c0a9e30ec4b6ed7c3a440f16c61b00c669b3cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f1:a4:7f:3c:fa:46:03:f5:1f:59:17:33:fc:
b4:29:6d:eb:0e:58:83:e9:94:ff:d6:8b:db:a8:58:
50:f2:62:6d:0a:e3:11:bb:65:bb:68:a8:56:b3:0b:
4c:53:42:1d:2d:eb:17:54:d5:db:16:13:c6:50:74:
d6:99:92:16:17:94:da:60:2b:75:ca:92:25:cd:b3:
96:f5:d9:25:48:00:8a:da:a3:ff:4c:1f:4c:91:e8:
3a:d0:3d:23:f7:5f:b0:d8:3b:8f:9b:a9:47:c0:2d:
c9:bc:c2:d0:28:f6:37:d7:a9:42:82:d7:83:40:a6:
c3:6d:11:97:dc:08:58:05:66:40:29:23:f5:1a:44:
48:f1:13:7b:57:fe:37:32:ef:dc:5b:62:52:be:17:
d1:cf:d1:bb:50:67:85:25:0d:b5:b9:1f:67:bb:06:
9f:39:1a:40:6b:53:f3:20:f7:79:6b:dc:bb:9e:3d:
7f:67:e8:4b:4c:1e:b8:31:cf:f2:23:3e:9f:db:af:
b5:30:9e:7d:cb:07:2d:3b:62:a8:14:f3:e7:bf:da:
2a:34:c1:30:2a:7c:cd:15:9a:9d:98:de:26:e8:a0:
39:8d:98:fc:6b:d1:c0:76:90:99:7c:ba:59:54:06:
49:1f:92:b3:cf:aa:d8:a6:46:60:50:eb:54:9e:bb:
5a:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:C0:A9:E3:0E:C4:B6:ED:7C:3A:44:0F:16:C6:1B:00:C6:69:B3:CF
X509v3 Authority Key Identifier:
keyid:2B:0B:E2:26:23:0D:40:99:CE:EA:0A:4A:6C:F4:ED:8B:90:20:13:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KwviJiMNQJnO6gpKbPTti5AgE1A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/tsCp4w7Etu18OkQPFsYbAMZps88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/KwviJiMNQJnO6gpKbPTti5AgE1A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.61.0.0/17
81.17.80.0/20
185.30.88.0/22
188.253.128.0/19
188.253.208.0-188.253.239.255
188.253.254.0/23
194.135.152.0/22
194.135.166.0-194.135.174.255
194.135.176.0/22
213.154.0.0/19
217.64.16.0/20
Signature Algorithm: sha256WithRSAEncryption
81:79:3a:d6:c3:ee:88:c9:a2:6d:af:7d:23:76:c9:bd:dd:db:
49:01:8c:49:d6:fd:c9:00:a7:f6:4a:49:f1:d9:57:13:03:b1:
06:e4:dc:90:c2:8d:9b:71:70:9a:8d:da:29:95:31:74:c4:f7:
5e:43:ad:a6:07:e5:a6:29:6e:9f:f2:6e:a4:3c:52:cb:4d:f3:
43:e3:22:96:54:07:25:b3:18:ca:14:73:37:98:98:52:26:58:
92:36:11:74:4d:db:00:2b:c7:04:61:f1:08:a8:9f:76:08:8e:
67:84:38:3d:84:fe:fb:78:54:96:12:cc:ac:a2:e4:8e:a9:e7:
67:35:c0:e5:a4:d0:b3:8d:00:a6:01:bb:48:0c:4b:c4:d8:60:
ad:9a:10:84:18:f0:ef:45:5e:5f:03:31:c7:6b:4b:ac:92:9a:
32:00:53:8e:c3:08:2e:27:17:34:68:18:b0:dc:11:83:d1:da:
13:5c:ee:63:4f:b6:f5:54:6b:2e:3a:01:26:96:a4:a6:6e:22:
be:85:c8:01:9b:70:36:cc:5d:3f:4d:c2:b3:06:ac:f1:14:d1:
22:e8:72:ae:af:81:49:a3:b7:eb:a3:09:3b:c9:01:45:6c:fa:
3d:00:5b:c0:57:f1:bd:49:24:db:18:6d:c6:a7:3b:bc:42:40:
a9:c4:87:61
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAY0wQltzbNFZNtX9uUh54hDcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMGJlMjI2MjMwZDQwOTljZWVhMGE0YTZjZjRlZDhiOTAy
MDEzNTAwHhcNMjQwMTIyMDgyMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmMwYTllMzBlYzRiNmVkN2MzYTQ0MGYxNmM2MWIwMGM2NjliM2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/Gkfzz6RgP1H1kXM/y0KW3rDliD
6ZT/1ovbqFhQ8mJtCuMRu2W7aKhWswtMU0IdLesXVNXbFhPGUHTWmZIWF5TaYCt1
ypIlzbOW9dklSACK2qP/TB9Mkeg60D0j91+w2DuPm6lHwC3JvMLQKPY316lCgteD
QKbDbRGX3AhYBWZAKSP1GkRI8RN7V/43Mu/cW2JSvhfRz9G7UGeFJQ21uR9nuwaf
ORpAa1PzIPd5a9y7nj1/Z+hLTB64Mc/yIz6f26+1MJ59ywctO2KoFPPnv9oqNMEw
KnzNFZqdmN4m6KA5jZj8a9HAdpCZfLpZVAZJH5Kzz6rYpkZgUOtUnrta5QIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFLbAqeMOxLbtfDpEDxbGGwDGabPPMB8GA1UdIwQY
MBaAFCsL4iYjDUCZzuoKSmz07YuQIBNQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3d2aUppTU5RSm5PNmdwS2JQVHRpNUFnRTFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9mY2U2NzUtYmY1My00Nzg3LTkzZTct
ODFmNTY2MTg1YjA2LzEvdHNDcDR3N0V0dTE4T2tRUEZzWWJBTVpwczg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9mY2U2NzUtYmY1My00Nzg3LTkzZTctODFmNTY2MTg1YjA2
LzEvS3d2aUppTU5RSm5PNmdwS2JQVHRpNUFnRTFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQHJT0AAwQE
URFQAwQCuR5YAwQFvP2AMAwDBAS8/dADBAS8/eADBAG8/f4DBALCh5gwDAMEAcKH
pgMEAMKHrgMEAsKHsAMEBdWaAAMEBNlAEDANBgkqhkiG9w0BAQsFAAOCAQEAgXk6
1sPuiMmiba99I3bJvd3bSQGMSdb9yQCn9kpJ8dlXEwOxBuTckMKNm3Fwmo3aKZUx
dMT3XkOtpgflpilun/JupDxSy03zQ+MillQHJbMYyhRzN5iYUiZYkjYRdE3bACvH
BGHxCKifdgiOZ4Q4PYT++3hUlhLMrKLkjqnnZzXA5aTQs40ApgG7SAxLxNhgrZoQ
hBjw70VeXwMxx2tLrJKaMgBTjsMILicXNGgYsNwRg9HaE1zuY0+29VRrLjoBJpak
pm4ivoXIAZtwNsxdP03Cswas8RTRIuhyrq+BSaO366MJO8kBRWz6PQBbwFfxvUkk
2xhtxqc7vEJAqcSHYQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:12 2024 by rpki-client on console-ams.rpki-client.org