Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/347c9a-0197-4762-8523-7bad5bae51e4/1/Tn6iYNPeHQxl2ZWtoaPy04I34dI.roa
File: Tn6iYNPeHQxl2ZWtoaPy04I34dI.roa (raw, json)
Hash identifier: ZdMpXAAL6+KT/14z0P7PPGs5h07OcMR0sTBximGTqkc=
Subject key identifier: 4E:7E:A2:60:D3:DE:1D:0C:65:D9:95:AD:A1:A3:F2:D3:82:37:E1:D2
Certificate issuer: /CN=9de6e4272e2ce387b4cc04b143f73309d713629b
Certificate serial: 018CC72682EFFA95CF6AD857DE8CAB18EA51
Authority key identifier: 9D:E6:E4:27:2E:2C:E3:87:B4:CC:04:B1:43:F7:33:09:D7:13:62:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nebkJy4s44e0zASxQ_czCdcTYps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/347c9a-0197-4762-8523-7bad5bae51e4/1/Tn6iYNPeHQxl2ZWtoaPy04I34dI.roa
Signing time: Mon 01 Jan 2024 22:30:38 +0000
ROA not before: Mon 01 Jan 2024 22:30:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15435
IP address blocks: 213.184.96.0/19 maxlen: 24
62.45.0.0/16 maxlen: 24
83.128.0.0/16 maxlen: 24
2a0f:900::/29 maxlen: 48
2001:4c38::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 04 Jun 2024 06:38:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:82:ef:fa:95:cf:6a:d8:57:de:8c:ab:18:ea:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9de6e4272e2ce387b4cc04b143f73309d713629b
Validity
Not Before: Jan 1 22:30:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e7ea260d3de1d0c65d995ada1a3f2d38237e1d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:94:b0:ad:c5:40:d3:99:fd:12:d5:e7:d1:59:
5e:8a:ef:12:2e:e9:3f:0c:a4:6c:d9:fb:5b:db:74:
c5:a5:e7:2d:10:72:f5:6f:cb:ec:02:e3:9a:ef:38:
1b:65:11:97:aa:22:9e:b0:76:1c:ce:34:fa:f6:73:
13:81:a8:e3:f7:19:ad:ce:2a:c0:80:53:1c:f1:09:
c1:83:cd:2c:db:fd:a9:32:45:36:86:a4:48:f1:eb:
5c:08:32:c2:5d:2f:84:99:ad:3f:3b:39:b2:de:46:
e8:49:89:85:9b:30:19:c5:0f:e6:09:0a:69:59:75:
b7:48:f9:68:ae:b9:3f:67:05:e9:88:d3:cc:6e:36:
67:a1:2d:3c:9f:c8:ec:8a:bd:69:ad:bc:d2:f2:05:
c0:33:65:8c:7e:b0:1e:fd:41:2d:ac:02:62:63:4c:
df:da:04:15:d6:33:af:1b:33:63:ae:ff:17:fb:f8:
ea:7e:f1:72:02:a9:7d:98:97:26:aa:83:9c:4b:b1:
ef:7b:0b:fd:72:c7:49:38:dd:88:15:35:b4:e0:35:
35:57:db:37:bc:58:0f:33:1d:97:f8:b4:dc:c6:f2:
0c:01:ef:26:da:5f:fa:c2:36:1d:cc:54:5b:39:56:
1e:a1:11:be:6f:ce:74:17:14:c8:ce:d1:7c:a5:e7:
b2:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:7E:A2:60:D3:DE:1D:0C:65:D9:95:AD:A1:A3:F2:D3:82:37:E1:D2
X509v3 Authority Key Identifier:
keyid:9D:E6:E4:27:2E:2C:E3:87:B4:CC:04:B1:43:F7:33:09:D7:13:62:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nebkJy4s44e0zASxQ_czCdcTYps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/347c9a-0197-4762-8523-7bad5bae51e4/1/Tn6iYNPeHQxl2ZWtoaPy04I34dI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/347c9a-0197-4762-8523-7bad5bae51e4/1/nebkJy4s44e0zASxQ_czCdcTYps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.45.0.0/16
83.128.0.0/16
213.184.96.0/19
IPv6:
2001:4c38::/29
2a0f:900::/29
Signature Algorithm: sha256WithRSAEncryption
6c:fb:cb:06:6a:69:1b:1a:0b:7e:25:a0:0e:9c:73:24:5c:86:
2a:ec:22:44:89:a0:6b:09:3c:02:1e:c7:56:9e:b1:55:d8:69:
8f:cb:cc:1a:86:fa:3b:8b:31:66:44:9c:30:f8:f6:f3:13:9d:
a4:c1:3c:e5:d0:38:f1:19:41:c2:fc:31:8b:85:98:e5:76:57:
f1:1a:2a:ce:47:c0:77:3c:a0:4b:9e:f3:c8:d9:7f:56:39:96:
46:87:15:c1:9a:e9:a6:4f:1f:ab:83:d7:08:46:b5:a5:6b:79:
d6:32:f4:73:b8:68:7b:13:e8:47:57:13:45:ed:82:14:42:21:
f5:2c:cf:c7:70:9d:7a:c2:81:3b:80:92:30:45:63:ae:65:e1:
41:ff:f9:0b:b4:19:74:3b:6f:0c:21:ae:e6:2b:10:85:d8:33:
ff:93:57:fe:23:57:70:c4:0d:54:2d:24:13:a0:a5:d8:1a:3a:
60:2b:25:1d:63:13:0b:9c:2a:43:07:99:05:e6:1f:02:d6:0d:
7f:e2:45:06:e8:1f:9f:5f:04:de:e6:d4:00:96:86:43:ca:90:
dc:b9:30:f8:22:6f:14:e9:63:0c:05:d1:1a:d0:72:98:cb:a5:
6e:cb:87:13:df:73:f5:60:4b:21:b0:ed:e7:24:38:67:35:e0:
8d:32:5f:20
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzHJoLv+pXPathX3oyrGOpRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkZTZlNDI3MmUyY2UzODdiNGNjMDRiMTQzZjczMzA5ZDcx
MzYyOWIwHhcNMjQwMTAxMjIzMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTdlYTI2MGQzZGUxZDBjNjVkOTk1YWRhMWEzZjJkMzgyMzdlMWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZSwrcVA05n9EtXn0Vleiu8SLuk/
DKRs2ftb23TFpectEHL1b8vsAuOa7zgbZRGXqiKesHYczjT69nMTgajj9xmtzirA
gFMc8QnBg80s2/2pMkU2hqRI8etcCDLCXS+Ema0/Ozmy3kboSYmFmzAZxQ/mCQpp
WXW3SPlorrk/ZwXpiNPMbjZnoS08n8jsir1prbzS8gXAM2WMfrAe/UEtrAJiY0zf
2gQV1jOvGzNjrv8X+/jqfvFyAql9mJcmqoOcS7Hvewv9csdJON2IFTW04DU1V9s3
vFgPMx2X+LTcxvIMAe8m2l/6wjYdzFRbOVYeoRG+b850FxTIztF8peeyLQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFE5+omDT3h0MZdmVraGj8tOCN+HSMB8GA1UdIwQY
MBaAFJ3m5CcuLOOHtMwEsUP3MwnXE2KbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmVia0p5NHM0NGUwekFTeFFfY3pDZGNUWXBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8zNDdjOWEtMDE5Ny00NzYyLTg1MjMt
N2JhZDViYWU1MWU0LzEvVG42aVlOUGVIUXhsMlpXdG9hUHkwNEkzNGRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8zNDdjOWEtMDE5Ny00NzYyLTg1MjMtN2JhZDViYWU1MWU0
LzEvbmVia0p5NHM0NGUwekFTeFFfY3pDZGNUWXBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAWBAIAATAQAwMAPi0DAwBT
gAMEBdW4YDAUBAIAAjAOAwUDIAFMOAMFAyoPCQAwDQYJKoZIhvcNAQELBQADggEB
AGz7ywZqaRsaC34loA6ccyRchirsIkSJoGsJPAIex1aesVXYaY/LzBqG+juLMWZE
nDD49vMTnaTBPOXQOPEZQcL8MYuFmOV2V/EaKs5HwHc8oEue88jZf1Y5lkaHFcGa
6aZPH6uD1whGtaVredYy9HO4aHsT6EdXE0XtghRCIfUsz8dwnXrCgTuAkjBFY65l
4UH/+Qu0GXQ7bwwhruYrEIXYM/+TV/4jV3DEDVQtJBOgpdgaOmArJR1jEwucKkMH
mQXmHwLWDX/iRQboH59fBN7m1ACWhkPKkNy5MPgibxTpYwwF0RrQcpjLpW7LhxPf
c/VgSyGw7eckOGc14I0yXyA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:30 2024 by rpki-client on console-fra.rpki-client.org