Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/445a66-b76b-4b48-a02d-bc289a931b4b/1/TA0gHfr0SG2ogGMmoAJWx5Atug8.roa
File: TA0gHfr0SG2ogGMmoAJWx5Atug8.roa (raw, json)
Hash identifier: qN0qh1bUcQkbqlet59rt2JTlwU/4MSvdfHSPL1cqO6s=
Subject key identifier: 4C:0D:20:1D:FA:F4:48:6D:A8:80:63:26:A0:02:56:C7:90:2D:BA:0F
Certificate issuer: /CN=880b0f7acb87d134c3859d72d0d1a61e4751bac0
Certificate serial: 01857169DA1A4039E3D10DF5316A08E49FD6
Authority key identifier: 88:0B:0F:7A:CB:87:D1:34:C3:85:9D:72:D0:D1:A6:1E:47:51:BA:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iAsPesuH0TTDhZ1y0NGmHkdRusA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/445a66-b76b-4b48-a02d-bc289a931b4b/1/TA0gHfr0SG2ogGMmoAJWx5Atug8.roa
Signing time: Mon 02 Jan 2023 07:37:20 +0000
ROA not before: Mon 02 Jan 2023 07:37:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51092
IP address blocks: 185.250.3.0/24 maxlen: 24
185.250.0.0/22 maxlen: 22
2a0c:7bc0::/32 maxlen: 32
2a0c:7bc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 30 Aug 2023 12:42:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:da:1a:40:39:e3:d1:0d:f5:31:6a:08:e4:9f:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=880b0f7acb87d134c3859d72d0d1a61e4751bac0
Validity
Not Before: Jan 2 07:37:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c0d201dfaf4486da8806326a00256c7902dba0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a5:f1:84:ba:8a:4d:56:da:35:83:0a:70:a3:
20:7d:49:d7:d2:3c:d9:84:7e:dc:56:b9:b5:45:14:
ff:94:39:70:1e:30:20:41:27:bc:2a:31:03:b6:52:
6d:e0:a2:00:f7:81:f8:89:c2:1c:fe:23:93:a1:2c:
b7:fb:22:1b:63:76:97:ed:c8:ad:80:56:ce:67:97:
fa:e1:1d:2a:9b:a8:18:64:47:61:e2:3b:1e:76:03:
7d:e4:67:b4:4d:c3:94:85:66:86:e5:33:13:51:4f:
7a:7b:4f:e4:ad:7b:bc:cf:08:9b:b8:3d:54:54:f2:
8b:c7:2f:3e:9a:04:99:8e:30:c4:24:48:66:73:1e:
62:d9:e7:8e:f8:e4:60:77:8f:0c:07:fb:db:b7:8a:
41:65:c7:a2:ca:74:f5:54:ae:df:a3:a8:57:d0:0c:
01:80:da:19:fe:fd:1f:23:8e:b8:07:fc:aa:86:3c:
95:f5:dc:c0:71:3b:bc:5f:85:71:36:a7:26:dc:5f:
29:a4:03:a4:c6:77:df:12:9e:0b:1e:6f:77:3f:c8:
4c:d5:c0:ed:ac:8f:92:4a:3e:bf:d2:92:8c:7c:8f:
b0:9d:8d:eb:b3:fe:08:08:d0:a3:3e:4a:51:79:58:
4d:3a:80:2e:4b:f8:8e:db:a7:d1:2d:54:36:08:1e:
24:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:0D:20:1D:FA:F4:48:6D:A8:80:63:26:A0:02:56:C7:90:2D:BA:0F
X509v3 Authority Key Identifier:
keyid:88:0B:0F:7A:CB:87:D1:34:C3:85:9D:72:D0:D1:A6:1E:47:51:BA:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iAsPesuH0TTDhZ1y0NGmHkdRusA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/445a66-b76b-4b48-a02d-bc289a931b4b/1/TA0gHfr0SG2ogGMmoAJWx5Atug8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/445a66-b76b-4b48-a02d-bc289a931b4b/1/iAsPesuH0TTDhZ1y0NGmHkdRusA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.0.0/22
IPv6:
2a0c:7bc0::/29
Signature Algorithm: sha256WithRSAEncryption
0a:f8:43:84:ce:1d:30:31:27:28:22:29:b1:5d:ca:4e:75:04:
9a:59:7f:c2:09:a2:38:f8:cc:34:99:f4:ba:9c:15:99:ab:eb:
bf:a3:25:0c:a2:81:cc:9b:5d:f4:ae:a6:7a:9c:47:7f:94:15:
eb:9d:05:5f:bf:a5:31:13:de:6e:10:e7:f9:62:54:62:3d:d2:
b1:d4:98:b9:ef:f7:88:8e:54:67:7c:42:cd:4f:82:c3:f6:62:
08:63:c4:25:ae:ab:fb:e9:61:89:04:07:52:22:7a:c0:4f:2a:
19:c5:4f:54:24:46:e1:2f:82:5d:0e:c3:2e:ea:a0:eb:73:48:
e4:7a:ee:3e:87:cb:0d:2b:4d:86:ff:08:e8:1a:21:9a:c2:58:
cd:22:2e:10:a2:5a:ec:c1:62:4b:7f:34:ec:68:d1:bf:03:d8:
41:43:d4:49:8f:03:58:d7:7d:6d:7f:08:37:c7:8e:f7:9a:79:
ce:d5:bf:fe:ea:c0:91:c6:69:c7:67:b0:30:c9:5d:3d:ee:66:
2f:48:65:71:b0:02:d0:d6:42:96:3d:57:4b:e8:e6:2a:42:6d:
75:8b:c3:93:c7:18:00:43:da:f1:8e:93:74:a4:d1:b3:11:7e:
a3:76:ab:23:28:62:a8:78:93:08:3f:3f:c3:30:21:b3:21:77:
5b:5a:4d:e5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxadoaQDnj0Q31MWoI5J/WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MGIwZjdhY2I4N2QxMzRjMzg1OWQ3MmQwZDFhNjFlNDc1
MWJhYzAwHhcNMjMwMTAyMDczNzIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzBkMjAxZGZhZjQ0ODZkYTg4MDYzMjZhMDAyNTZjNzkwMmRiYTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6XxhLqKTVbaNYMKcKMgfUnX0jzZ
hH7cVrm1RRT/lDlwHjAgQSe8KjEDtlJt4KIA94H4icIc/iOToSy3+yIbY3aX7cit
gFbOZ5f64R0qm6gYZEdh4jsedgN95Ge0TcOUhWaG5TMTUU96e0/krXu8zwibuD1U
VPKLxy8+mgSZjjDEJEhmcx5i2eeO+ORgd48MB/vbt4pBZceiynT1VK7fo6hX0AwB
gNoZ/v0fI464B/yqhjyV9dzAcTu8X4VxNqcm3F8ppAOkxnffEp4LHm93P8hM1cDt
rI+SSj6/0pKMfI+wnY3rs/4ICNCjPkpReVhNOoAuS/iO26fRLVQ2CB4kFwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEwNIB369EhtqIBjJqACVseQLboPMB8GA1UdIwQY
MBaAFIgLD3rLh9E0w4WdctDRph5HUbrAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUFzUGVzdUgwVFREaFoxeTBOR21Ia2RSdXNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi80NDVhNjYtYjc2Yi00YjQ4LWEwMmQt
YmMyODlhOTMxYjRiLzEvVEEwZ0hmcjBTRzJvZ0dNbW9BSld4NUF0dWc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi80NDVhNjYtYjc2Yi00YjQ4LWEwMmQtYmMyODlhOTMxYjRi
LzEvaUFzUGVzdUgwVFREaFoxeTBOR21Ia2RSdXNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufoAMA0E
AgACMAcDBQMqDHvAMA0GCSqGSIb3DQEBCwUAA4IBAQAK+EOEzh0wMScoIimxXcpO
dQSaWX/CCaI4+Mw0mfS6nBWZq+u/oyUMooHMm130rqZ6nEd/lBXrnQVfv6UxE95u
EOf5YlRiPdKx1Ji57/eIjlRnfELNT4LD9mIIY8Qlrqv76WGJBAdSInrATyoZxU9U
JEbhL4JdDsMu6qDrc0jkeu4+h8sNK02G/wjoGiGawljNIi4QolrswWJLfzTsaNG/
A9hBQ9RJjwNY131tfwg3x473mnnO1b/+6sCRxmnHZ7AwyV097mYvSGVxsALQ1kKW
PVdL6OYqQm11i8OTxxgAQ9rxjpN0pNGzEX6jdqsjKGKoeJMIPz/DMCGzIXdbWk3l
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:16 2024 by rpki-client on console-ams.rpki-client.org