Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/TVyOuowic4eSBXtvFIRieJ7dJu4.roa
File: TVyOuowic4eSBXtvFIRieJ7dJu4.roa (raw, json)
Hash identifier: +w4XgQUNTgWuZZMwHn98v3VvLHk5V32Y0fx01cytDfw=
Subject key identifier: 4D:5C:8E:BA:8C:22:73:87:92:05:7B:6F:14:84:62:78:9E:DD:26:EE
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0190DF84C724FC11028B3EFEA0C6AB6932A3
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/TVyOuowic4eSBXtvFIRieJ7dJu4.roa
Signing time: Tue 23 Jul 2024 12:15:39 +0000
ROA not before: Tue 23 Jul 2024 12:15:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 5.181.84.0/24 maxlen: 24
5.181.85.0/24 maxlen: 24
45.94.170.0/24 maxlen: 24
91.223.110.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 24 Aug 2024 10:08:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:df:84:c7:24:fc:11:02:8b:3e:fe:a0:c6:ab:69:32:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jul 23 12:15:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d5c8eba8c22738792057b6f148462789edd26ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:68:36:6a:95:c2:09:a7:0e:ff:5f:9b:6e:c0:
d5:00:4b:e3:9d:04:bc:7a:f1:e6:0b:65:7e:5f:38:
71:00:d8:5b:fa:95:91:0b:7e:29:eb:e5:c2:06:0e:
4a:4a:c3:85:75:e6:f0:02:d6:bd:05:ac:2a:77:69:
04:50:a4:f9:93:54:e0:f0:d7:ce:27:f1:b9:a2:73:
b6:86:c9:38:f0:33:ab:a2:2e:51:cd:fa:4d:35:79:
a9:3c:e0:1f:ed:4e:e8:71:68:f8:fc:ac:b8:b0:d6:
d9:0b:0b:0b:6b:24:36:06:2d:4e:4c:d4:ba:41:e4:
b6:e1:0e:05:fa:26:0d:3f:86:1f:8a:19:ac:0d:1e:
9e:7a:6e:5d:55:48:44:4f:73:9f:1b:69:14:09:0a:
ca:de:22:87:04:db:13:dc:47:a7:af:e4:92:03:c1:
66:48:b6:c0:8c:28:50:45:4a:27:bc:82:98:11:3a:
c9:46:9d:6c:72:3b:d2:64:f3:01:3a:b1:a3:d8:34:
cc:b9:d2:19:f3:d3:83:3e:7e:c2:4b:fb:5b:b4:f5:
5b:29:70:30:1a:e0:d8:42:42:98:8f:be:0c:8e:20:
31:b5:dd:c5:4f:c3:8a:0a:8e:c0:04:8a:6d:3a:07:
9e:47:3b:41:72:18:50:25:1a:dd:e9:b0:5f:e8:f8:
d9:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:5C:8E:BA:8C:22:73:87:92:05:7B:6F:14:84:62:78:9E:DD:26:EE
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/TVyOuowic4eSBXtvFIRieJ7dJu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.84.0/23
45.94.170.0/24
91.223.110.0/24
195.177.95.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:e1:ee:93:9a:f1:4b:d8:bd:a2:43:4f:93:5f:f9:52:57:91:
28:36:63:d4:46:a4:9d:4f:d6:e0:f9:3e:96:bf:f5:2a:9e:0e:
c6:84:b4:02:b9:79:79:64:ca:c5:37:80:61:0a:67:89:eb:44:
88:0b:b3:98:6c:e4:30:de:32:10:b7:1a:56:53:66:73:22:c5:
a1:a8:33:32:ad:fa:e6:b2:09:64:70:83:48:9b:6f:f7:43:f7:
dd:f1:78:ed:6c:4d:19:e1:88:e0:7f:2e:8c:fa:58:57:ba:d8:
25:be:34:47:57:c3:ea:e8:19:18:a7:a7:71:5b:53:f9:1c:75:
64:f5:b4:d3:2e:78:08:aa:a2:0a:42:21:d7:34:8c:c5:b6:61:
b2:2f:53:d9:5f:89:ce:73:a3:d5:89:23:8d:3f:95:44:02:f1:
0f:33:24:52:58:19:46:d0:03:4d:9f:95:1b:a5:0c:4a:ec:1e:
b2:ac:b7:e2:f0:da:a3:cb:03:9c:3d:82:01:3f:fa:bd:5e:6a:
33:2e:3c:3a:10:56:71:d1:2f:9a:92:61:ba:8b:a0:fa:15:38:
05:72:ab:d3:b9:f1:4e:0d:8c:03:00:2e:0c:53:6c:66:54:38:
bc:60:5b:2a:b4:66:d4:a3:03:a4:e1:99:05:21:75:55:d8:d6:
4e:61:c0:c3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZDfhMck/BECiz7+oMaraTKjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwNzIzMTIxNTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDVjOGViYThjMjI3Mzg3OTIwNTdiNmYxNDg0NjI3ODllZGQyNmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2g2apXCCacO/1+bbsDVAEvjnQS8
evHmC2V+XzhxANhb+pWRC34p6+XCBg5KSsOFdebwAta9Bawqd2kEUKT5k1Tg8NfO
J/G5onO2hsk48DOroi5RzfpNNXmpPOAf7U7ocWj4/Ky4sNbZCwsLayQ2Bi1OTNS6
QeS24Q4F+iYNP4YfihmsDR6eem5dVUhET3OfG2kUCQrK3iKHBNsT3Eenr+SSA8Fm
SLbAjChQRUonvIKYETrJRp1scjvSZPMBOrGj2DTMudIZ89ODPn7CS/tbtPVbKXAw
GuDYQkKYj74MjiAxtd3FT8OKCo7ABIptOgeeRztBchhQJRrd6bBf6PjZNQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFE1cjrqMInOHkgV7bxSEYnie3SbuMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvVFZ5T3Vvd2ljNGVTQlh0dkZJUmllSjdkSnU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBBbVUAwQA
LV6qAwQAW99uAwQAw7FfMA0GCSqGSIb3DQEBCwUAA4IBAQAP4e6TmvFL2L2iQ0+T
X/lSV5EoNmPURqSdT9bg+T6Wv/Uqng7GhLQCuXl5ZMrFN4BhCmeJ60SIC7OYbOQw
3jIQtxpWU2ZzIsWhqDMyrfrmsglkcINIm2/3Q/fd8XjtbE0Z4Yjgfy6M+lhXutgl
vjRHV8Pq6BkYp6dxW1P5HHVk9bTTLngIqqIKQiHXNIzFtmGyL1PZX4nOc6PViSON
P5VEAvEPMyRSWBlG0ANNn5UbpQxK7B6yrLfi8NqjywOcPYIBP/q9XmozLjw6EFZx
0S+akmG6i6D6FTgFcqvTufFODYwDAC4MU2xmVDi8YFsqtGbUowOk4ZkFIXVV2NZO
YcDD
-----END CERTIFICATE-----
Generated at Sat Aug 24 13:38:18 2024 by rpki-client on console-ams.rpki-client.org