Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/ca698e-e6a8-41f4-869c-961f437135c6/1/TlCt2VtcZstmmnukV3aQjwOjnhY.roa
File: TlCt2VtcZstmmnukV3aQjwOjnhY.roa (raw, json)
Hash identifier: +FakAa4Ih1+i+RQFFM62Lt7izRknlxX+P0OtDgKQVg8=
Subject key identifier: 4E:50:AD:D9:5B:5C:66:CB:66:9A:7B:A4:57:76:90:8F:03:A3:9E:16
Certificate issuer: /CN=7ba77362e314586d0d21884d01a85adb77665b74
Certificate serial: 01856FA6E3EA70432912FCC04B0C744EAF99
Authority key identifier: 7B:A7:73:62:E3:14:58:6D:0D:21:88:4D:01:A8:5A:DB:77:66:5B:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e6dzYuMUWG0NIYhNAaha23dmW3Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/ca698e-e6a8-41f4-869c-961f437135c6/1/TlCt2VtcZstmmnukV3aQjwOjnhY.roa
Signing time: Sun 01 Jan 2023 23:24:46 +0000
ROA not before: Sun 01 Jan 2023 23:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206837
IP address blocks: 176.98.211.0/24 maxlen: 24
176.98.208.0/24 maxlen: 24
176.98.208.0/22 maxlen: 24
176.98.210.0/24 maxlen: 24
176.98.209.0/24 maxlen: 24
185.127.54.0/23 maxlen: 23
185.127.55.0/24 maxlen: 24
185.127.54.0/24 maxlen: 24
185.127.52.0/22 maxlen: 22
185.127.53.0/24 maxlen: 24
185.127.52.0/23 maxlen: 23
185.127.52.0/24 maxlen: 24
157.97.85.0/24 maxlen: 24
157.97.84.0/22 maxlen: 24
157.97.84.0/24 maxlen: 24
157.97.87.0/24 maxlen: 24
157.97.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a6:e3:ea:70:43:29:12:fc:c0:4b:0c:74:4e:af:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ba77362e314586d0d21884d01a85adb77665b74
Validity
Not Before: Jan 1 23:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e50add95b5c66cb669a7ba45776908f03a39e16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:46:bf:3f:dc:55:d9:4c:39:c9:cd:ce:8e:98:
33:e7:b5:c1:c6:55:ad:74:a2:37:70:f0:24:6d:4e:
dd:e1:54:69:19:fc:f7:3e:0f:95:0e:b2:50:ca:2f:
f7:45:ab:18:ed:6d:8d:7c:43:e3:32:47:7f:a2:67:
f8:ba:0f:a4:94:13:63:d8:76:eb:c4:9f:8f:82:a7:
59:63:9d:c5:1b:ca:f3:ed:70:d1:46:19:ee:01:5c:
86:22:f8:eb:03:e2:ce:a2:12:17:f0:9c:85:b4:66:
77:62:19:df:5a:b2:ea:c1:2a:c4:d2:eb:b5:2f:9e:
9c:ea:31:3a:a9:c3:a7:88:83:a6:87:e7:1d:78:97:
4d:56:0f:9e:d6:50:6d:6d:6c:0f:83:df:76:71:9e:
f6:8d:02:47:8f:2e:18:b2:8b:ad:87:04:12:98:8a:
eb:ab:5d:8e:2b:8a:45:08:b0:71:c8:93:a0:85:6e:
af:e4:c6:4b:5d:f0:32:e8:b1:97:d1:6c:92:6c:ec:
98:5c:43:1d:e2:55:b6:4d:dd:a1:ed:63:6c:ae:1a:
de:fd:84:88:7f:3b:4d:09:42:b0:1b:9d:e1:61:b5:
a4:f1:d4:94:d0:c9:9c:73:56:fc:8b:90:64:e6:d4:
55:2c:7e:d5:20:1f:73:a1:8e:9f:de:18:35:60:fe:
28:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:50:AD:D9:5B:5C:66:CB:66:9A:7B:A4:57:76:90:8F:03:A3:9E:16
X509v3 Authority Key Identifier:
keyid:7B:A7:73:62:E3:14:58:6D:0D:21:88:4D:01:A8:5A:DB:77:66:5B:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6dzYuMUWG0NIYhNAaha23dmW3Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/ca698e-e6a8-41f4-869c-961f437135c6/1/TlCt2VtcZstmmnukV3aQjwOjnhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/ca698e-e6a8-41f4-869c-961f437135c6/1/e6dzYuMUWG0NIYhNAaha23dmW3Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.97.84.0/22
176.98.208.0/22
185.127.52.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:88:2d:f1:db:ae:f9:99:06:12:9e:18:d5:1c:c6:d6:bc:69:
5c:84:b9:f4:91:56:19:4d:c5:82:cf:8a:37:cc:a7:cf:ab:6e:
d9:28:45:fc:12:ae:97:b2:39:8d:e2:99:a9:6a:a1:84:63:2f:
84:cd:e7:8a:2b:48:4b:b8:0c:b3:ed:47:d0:df:75:fe:36:e2:
14:13:b9:72:0e:a1:60:9c:1e:48:76:fe:47:47:36:66:45:17:
ae:56:46:76:87:fa:50:14:70:ef:ee:3d:ff:f4:a1:e5:e9:3e:
7e:ac:1c:0c:89:6f:b0:1c:5b:3f:03:52:72:81:cb:30:71:4d:
56:39:d6:80:07:7b:02:3f:35:a4:3c:75:a7:01:6d:bc:a7:1a:
ef:a7:20:bf:e1:81:10:d4:ff:59:a9:86:2c:5b:c9:0f:cf:f4:
72:51:0b:ab:25:c5:39:04:6e:0a:5f:a8:7f:18:8a:6d:0b:f6:
75:ef:76:81:2c:60:fa:3c:55:1f:74:c4:e0:ac:8a:32:50:3b:
d1:3e:45:89:41:d8:20:88:04:27:b2:9e:40:7b:a4:ef:d1:70:
fc:63:1c:f7:60:8b:a8:0d:d9:73:c7:f3:b9:60:db:c3:92:b9:
ee:43:ea:10:70:87:39:d1:d5:09:8c:9b:66:82:59:d8:69:eb:
f6:03:99:f9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvpuPqcEMpEvzASwx0Tq+ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYTc3MzYyZTMxNDU4NmQwZDIxODg0ZDAxYTg1YWRiNzc2
NjViNzQwHhcNMjMwMTAxMjMyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTUwYWRkOTViNWM2NmNiNjY5YTdiYTQ1Nzc2OTA4ZjAzYTM5ZTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEa/P9xV2Uw5yc3Ojpgz57XBxlWt
dKI3cPAkbU7d4VRpGfz3Pg+VDrJQyi/3RasY7W2NfEPjMkd/omf4ug+klBNj2Hbr
xJ+PgqdZY53FG8rz7XDRRhnuAVyGIvjrA+LOohIX8JyFtGZ3YhnfWrLqwSrE0uu1
L56c6jE6qcOniIOmh+cdeJdNVg+e1lBtbWwPg992cZ72jQJHjy4YsouthwQSmIrr
q12OK4pFCLBxyJOghW6v5MZLXfAy6LGX0WySbOyYXEMd4lW2Td2h7WNsrhre/YSI
fztNCUKwG53hYbWk8dSU0Mmcc1b8i5Bk5tRVLH7VIB9zoY6f3hg1YP4odQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE5QrdlbXGbLZpp7pFd2kI8Do54WMB8GA1UdIwQY
MBaAFHunc2LjFFhtDSGITQGoWtt3Zlt0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTZkell1TVVXRzBOSVloTkFhaGEyM2RtVzNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jYTY5OGUtZTZhOC00MWY0LTg2OWMt
OTYxZjQzNzEzNWM2LzEvVGxDdDJWdGNac3RtbW51a1YzYVFqd09qbmhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9jYTY5OGUtZTZhOC00MWY0LTg2OWMtOTYxZjQzNzEzNWM2
LzEvZTZkell1TVVXRzBOSVloTkFhaGEyM2RtVzNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCnWFUAwQC
sGLQAwQCuX80MA0GCSqGSIb3DQEBCwUAA4IBAQAriC3x2675mQYSnhjVHMbWvGlc
hLn0kVYZTcWCz4o3zKfPq27ZKEX8Eq6XsjmN4pmpaqGEYy+EzeeKK0hLuAyz7UfQ
33X+NuIUE7lyDqFgnB5Idv5HRzZmRReuVkZ2h/pQFHDv7j3/9KHl6T5+rBwMiW+w
HFs/A1JygcswcU1WOdaAB3sCPzWkPHWnAW28pxrvpyC/4YEQ1P9ZqYYsW8kPz/Ry
UQurJcU5BG4KX6h/GIptC/Z173aBLGD6PFUfdMTgrIoyUDvRPkWJQdggiAQnsp5A
e6Tv0XD8Yxz3YIuoDdlzx/O5YNvDkrnuQ+oQcIc50dUJjJtmglnYaev2A5n5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:44 2024 by rpki-client on console-fra.rpki-client.org