Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/308179-be69-4c10-8694-fbd399a4475e/1/tzyBd_Oozcj5iT4vUhHHDgQb-AU.roa
File: tzyBd_Oozcj5iT4vUhHHDgQb-AU.roa (raw, json)
Hash identifier: n/hhnyrX7rYPq7/h8W34BC4cs5/y9/2K8cBCpAxJptA=
Subject key identifier: B7:3C:81:77:F3:A8:CD:C8:F9:89:3E:2F:52:11:C7:0E:04:1B:F8:05
Certificate issuer: /CN=34d519247402bcfbdf0ece9020ad64622e9d3bae
Certificate serial: 018CC2DB410AA27686873937FFD846BB5C5E
Authority key identifier: 34:D5:19:24:74:02:BC:FB:DF:0E:CE:90:20:AD:64:62:2E:9D:3B:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NNUZJHQCvPvfDs6QIK1kYi6dO64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/308179-be69-4c10-8694-fbd399a4475e/1/tzyBd_Oozcj5iT4vUhHHDgQb-AU.roa
Signing time: Mon 01 Jan 2024 02:29:58 +0000
ROA not before: Mon 01 Jan 2024 02:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204144
IP address blocks: 185.236.216.0/23 maxlen: 23
185.236.218.0/23 maxlen: 23
188.114.208.0/20 maxlen: 20
185.113.76.0/22 maxlen: 22
185.113.72.0/22 maxlen: 22
185.111.164.0/22 maxlen: 22
185.112.236.0/22 maxlen: 22
185.41.204.0/23 maxlen: 23
185.163.236.0/22 maxlen: 22
185.108.212.0/22 maxlen: 22
185.107.252.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:41:0a:a2:76:86:87:39:37:ff:d8:46:bb:5c:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34d519247402bcfbdf0ece9020ad64622e9d3bae
Validity
Not Before: Jan 1 02:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b73c8177f3a8cdc8f9893e2f5211c70e041bf805
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:8f:51:7d:9f:33:9d:6a:a1:18:64:94:4d:80:
39:48:56:63:1c:4b:22:05:8d:cd:f9:ec:4e:b9:e8:
82:a2:7c:49:be:08:1e:38:15:d8:d7:66:d3:b6:7f:
f9:f5:cf:72:ea:91:9a:bd:f2:dd:14:a5:ec:68:80:
29:f7:f1:39:91:fc:92:d0:8a:92:e1:16:02:22:ee:
f4:39:be:4a:d7:55:7c:a2:5e:53:8d:3e:22:a6:7a:
32:eb:65:00:71:51:cc:4c:94:15:99:68:56:1c:50:
c3:9a:09:28:9f:9b:3d:3f:33:8e:e9:59:c8:c3:3e:
b7:21:55:19:4c:20:03:e3:95:cc:7e:92:ce:31:7d:
bf:50:62:9c:09:bb:6e:03:a3:30:0a:ea:20:4b:a8:
ff:e6:85:e9:cb:3d:c4:f6:57:8d:6b:b0:d5:a7:25:
4f:05:e4:70:4d:e8:1c:d1:92:96:92:bf:3d:d0:87:
7c:a5:37:dd:91:cc:f3:09:7a:d6:9c:95:91:03:f9:
3d:74:cd:23:91:a4:23:81:b4:8e:ef:dd:55:0e:38:
97:d0:36:30:c3:8a:f8:b3:b7:c7:1a:c9:de:5b:d4:
4b:92:fa:97:1e:10:be:45:39:9c:5e:ec:5c:48:01:
69:c9:aa:60:a6:cf:61:bb:64:3d:e4:e3:4c:e2:a0:
8f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:3C:81:77:F3:A8:CD:C8:F9:89:3E:2F:52:11:C7:0E:04:1B:F8:05
X509v3 Authority Key Identifier:
keyid:34:D5:19:24:74:02:BC:FB:DF:0E:CE:90:20:AD:64:62:2E:9D:3B:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NNUZJHQCvPvfDs6QIK1kYi6dO64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/308179-be69-4c10-8694-fbd399a4475e/1/tzyBd_Oozcj5iT4vUhHHDgQb-AU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/308179-be69-4c10-8694-fbd399a4475e/1/NNUZJHQCvPvfDs6QIK1kYi6dO64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.41.204.0/23
185.107.252.0/22
185.108.212.0/22
185.111.164.0/22
185.112.236.0/22
185.113.72.0/21
185.163.236.0/22
185.236.216.0/22
188.114.208.0/20
Signature Algorithm: sha256WithRSAEncryption
64:bc:fa:d0:db:55:84:31:7b:cf:4d:c4:6a:d0:25:b0:48:5e:
91:33:d1:c7:bf:e5:38:3e:8b:ea:03:46:94:77:81:3a:03:a3:
89:f6:37:f9:d0:57:76:fa:26:b5:73:4e:eb:05:f1:4f:64:38:
d8:ec:75:de:e7:09:85:2a:33:7e:37:60:f7:c3:d2:96:63:d0:
4f:f1:18:0b:5c:21:78:87:0e:de:29:d1:1e:69:cc:bb:4e:8c:
1f:8c:90:58:4a:12:f6:2b:ee:de:52:83:c4:50:1f:21:b4:40:
7c:ba:d6:a5:b7:22:db:18:85:48:70:6e:b4:e5:18:4f:b8:3e:
11:6a:95:11:fc:04:b4:d4:f0:30:e1:05:48:8b:2b:67:33:8e:
6b:b8:7e:f5:bc:6f:a6:8c:0a:79:34:e8:e9:4b:fd:09:45:ab:
66:b9:ac:10:b0:0e:dc:7a:84:2b:e7:55:d3:68:ea:0e:4e:49:
ec:12:a1:53:20:41:16:b3:75:eb:91:c7:af:88:62:13:89:44:
f6:7b:50:25:a7:24:47:44:39:0b:7f:80:c1:eb:74:36:8c:ea:
7d:ec:aa:72:10:53:80:0e:62:da:c3:06:3a:2f:ef:6c:34:26:
3d:52:2f:4c:85:59:78:ae:16:21:0f:57:eb:ca:b6:7e:e3:4c:
0f:8c:a7:d6
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYzC20EKonaGhzk3/9hGu1xeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZDUxOTI0NzQwMmJjZmJkZjBlY2U5MDIwYWQ2NDYyMmU5
ZDNiYWUwHhcNMjQwMTAxMDIyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzNjODE3N2YzYThjZGM4Zjk4OTNlMmY1MjExYzcwZTA0MWJmODA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw49RfZ8znWqhGGSUTYA5SFZjHEsi
BY3N+exOueiConxJvggeOBXY12bTtn/59c9y6pGavfLdFKXsaIAp9/E5kfyS0IqS
4RYCIu70Ob5K11V8ol5TjT4ipnoy62UAcVHMTJQVmWhWHFDDmgkon5s9PzOO6VnI
wz63IVUZTCAD45XMfpLOMX2/UGKcCbtuA6MwCuogS6j/5oXpyz3E9leNa7DVpyVP
BeRwTegc0ZKWkr890Id8pTfdkczzCXrWnJWRA/k9dM0jkaQjgbSO791VDjiX0DYw
w4r4s7fHGsneW9RLkvqXHhC+RTmcXuxcSAFpyapgps9hu2Q95ONM4qCPIQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFLc8gXfzqM3I+Yk+L1IRxw4EG/gFMB8GA1UdIwQY
MBaAFDTVGSR0Arz73w7OkCCtZGIunTuuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk5VWkpIUUN2UHZmRHM2UUlLMWtZaTZkTzY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8zMDgxNzktYmU2OS00YzEwLTg2OTQt
ZmJkMzk5YTQ0NzVlLzEvdHp5QmRfT296Y2o1aVQ0dlVoSEhEZ1FiLUFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8zMDgxNzktYmU2OS00YzEwLTg2OTQtZmJkMzk5YTQ0NzVl
LzEvTk5VWkpIUUN2UHZmRHM2UUlLMWtZaTZkTzY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBuSnMAwQC
uWv8AwQCuWzUAwQCuW+kAwQCuXDsAwQDuXFIAwQCuaPsAwQCuezYAwQEvHLQMA0G
CSqGSIb3DQEBCwUAA4IBAQBkvPrQ21WEMXvPTcRq0CWwSF6RM9HHv+U4PovqA0aU
d4E6A6OJ9jf50Fd2+ia1c07rBfFPZDjY7HXe5wmFKjN+N2D3w9KWY9BP8RgLXCF4
hw7eKdEeacy7TowfjJBYShL2K+7eUoPEUB8htEB8utaltyLbGIVIcG605RhPuD4R
apUR/AS01PAw4QVIiytnM45ruH71vG+mjAp5NOjpS/0JRatmuawQsA7ceoQr51XT
aOoOTknsEqFTIEEWs3XrkceviGITiUT2e1AlpyRHRDkLf4DB63Q2jOp97KpyEFOA
DmLawwY6L+9sNCY9Ui9MhVl4rhYhD1fryrZ+40wPjKfW
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:49:01 2025 by rpki-client