Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/6f4940-5abc-49b4-9747-e08be0edaf76/1/tnY3s-VVUii-evKpD9yReVxrLgc.roa
File: tnY3s-VVUii-evKpD9yReVxrLgc.roa (raw, json)
Hash identifier: yJxI8CmZCrCtc0JusNJ7rotQawoYjwo2Y47e5Uwpk7E=
Subject key identifier: B6:76:37:B3:E5:55:52:28:BE:7A:F2:A9:0F:DC:91:79:5C:6B:2E:07
Certificate issuer: /CN=9b340699c8ed970a8c9ed8c162088f2067c33250
Certificate serial: 01856ECB5B1061386509AC639942B83C6604
Authority key identifier: 9B:34:06:99:C8:ED:97:0A:8C:9E:D8:C1:62:08:8F:20:67:C3:32:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mzQGmcjtlwqMntjBYgiPIGfDMlA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/6f4940-5abc-49b4-9747-e08be0edaf76/1/tnY3s-VVUii-evKpD9yReVxrLgc.roa
Signing time: Sun 01 Jan 2023 19:24:58 +0000
ROA not before: Sun 01 Jan 2023 19:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43905
IP address blocks: 93.91.96.0/21 maxlen: 21
185.85.130.0/23 maxlen: 23
213.234.64.0/18 maxlen: 18
Validation: Failed, certificate revoked on Wed 23 Aug 2023 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:5b:10:61:38:65:09:ac:63:99:42:b8:3c:66:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b340699c8ed970a8c9ed8c162088f2067c33250
Validity
Not Before: Jan 1 19:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b67637b3e5555228be7af2a90fdc91795c6b2e07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f9:70:c8:64:05:f4:7a:54:84:da:fa:9d:ad:
d0:b3:69:64:4e:ad:b0:f4:e6:f2:bd:29:d2:7f:41:
e8:99:d0:e9:74:b6:b0:2b:48:d3:e0:bb:5d:65:51:
dc:75:a9:c1:a4:78:f8:2b:70:0f:d4:a0:1b:ee:33:
ea:85:e8:3c:f4:f7:06:39:e3:0e:5a:c6:31:9e:98:
ef:57:c8:19:40:2c:a4:55:77:ef:63:3f:4b:08:2f:
b7:f5:bd:d9:4c:f8:ae:65:9b:a0:d4:ea:97:e1:71:
b0:88:e6:9f:18:e1:b4:cb:fd:f5:70:0e:83:0a:07:
18:12:30:eb:6a:e1:15:e2:87:e1:15:9c:17:ef:ac:
3d:43:7e:35:81:a6:f6:0e:61:2b:77:e1:d7:53:91:
45:34:7f:04:8e:93:31:4e:43:26:b6:8e:23:0e:12:
7a:fd:69:11:a8:d5:6f:54:4f:9c:5c:dc:c1:63:c7:
a6:e0:56:a2:3b:3d:e6:9e:1f:e6:50:99:cb:9a:3a:
36:97:f5:d6:ed:7a:d7:e8:66:05:8e:a0:de:0d:55:
85:aa:87:da:3a:a4:b2:4a:ac:76:31:45:97:15:9e:
23:08:9a:cf:ff:13:be:cb:41:ca:21:2e:ff:ee:6a:
23:94:ce:b9:e0:b7:79:6a:c3:ee:c5:0d:24:b9:48:
5f:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:76:37:B3:E5:55:52:28:BE:7A:F2:A9:0F:DC:91:79:5C:6B:2E:07
X509v3 Authority Key Identifier:
keyid:9B:34:06:99:C8:ED:97:0A:8C:9E:D8:C1:62:08:8F:20:67:C3:32:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mzQGmcjtlwqMntjBYgiPIGfDMlA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/6f4940-5abc-49b4-9747-e08be0edaf76/1/tnY3s-VVUii-evKpD9yReVxrLgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/6f4940-5abc-49b4-9747-e08be0edaf76/1/mzQGmcjtlwqMntjBYgiPIGfDMlA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.91.96.0/21
185.85.130.0/23
213.234.64.0/18
Signature Algorithm: sha256WithRSAEncryption
22:c5:2c:50:cf:4e:df:2c:3d:14:8e:b7:81:d3:d1:e5:23:40:
41:0d:41:22:12:48:87:f5:50:4a:24:99:39:62:1b:e5:3d:ed:
fb:74:15:8a:ae:a5:6d:f0:7c:e0:d1:24:ca:1c:c4:dd:e2:5e:
6c:dd:7b:1d:97:cb:f5:be:2c:75:1d:d9:44:5a:8d:0d:83:8a:
44:0d:1d:41:a9:6a:30:23:4a:24:40:16:8a:84:e1:ba:b4:be:
4f:4e:08:9f:c1:e8:f7:90:2f:d1:b5:7a:d0:c7:b3:ec:5e:9c:
66:1b:4f:c8:1c:19:b9:1c:d2:64:18:19:5c:03:ce:f4:8e:10:
cd:01:52:22:4b:88:0d:4b:0e:3d:97:53:41:1a:9a:6b:3d:83:
8f:9f:db:e9:5e:90:08:bd:15:2b:ef:77:0f:68:cb:32:f4:c5:
7f:ad:6c:ce:a1:f1:21:92:41:ef:36:4a:4c:0e:0c:bd:b3:8a:
f3:42:36:d6:5c:56:14:bc:3c:fb:c6:8f:6b:96:f1:ad:97:51:
5d:e4:da:e3:65:e2:bd:a2:b9:04:cb:c5:74:dd:cb:1a:7c:28:
fb:c3:c5:1f:9b:05:6c:f4:b8:71:11:25:5d:20:e2:d6:3b:ed:
33:b5:74:49:45:7e:37:1d:2a:50:d2:85:ad:ef:9b:da:9b:1e:
e6:8f:e1:24
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVuy1sQYThlCaxjmUK4PGYEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMzQwNjk5YzhlZDk3MGE4YzllZDhjMTYyMDg4ZjIwNjdj
MzMyNTAwHhcNMjMwMTAxMTkyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjc2MzdiM2U1NTU1MjI4YmU3YWYyYTkwZmRjOTE3OTVjNmIyZTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoflwyGQF9HpUhNr6na3Qs2lkTq2w
9ObyvSnSf0HomdDpdLawK0jT4LtdZVHcdanBpHj4K3AP1KAb7jPqheg89PcGOeMO
WsYxnpjvV8gZQCykVXfvYz9LCC+39b3ZTPiuZZug1OqX4XGwiOafGOG0y/31cA6D
CgcYEjDrauEV4ofhFZwX76w9Q341gab2DmErd+HXU5FFNH8EjpMxTkMmto4jDhJ6
/WkRqNVvVE+cXNzBY8em4FaiOz3mnh/mUJnLmjo2l/XW7XrX6GYFjqDeDVWFqofa
OqSySqx2MUWXFZ4jCJrP/xO+y0HKIS7/7mojlM654Ld5asPuxQ0kuUhfeQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLZ2N7PlVVIovnryqQ/ckXlcay4HMB8GA1UdIwQY
MBaAFJs0BpnI7ZcKjJ7YwWIIjyBnwzJQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXpRR21janRsd3FNbnRqQllnaVBJR2ZETWxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi82ZjQ5NDAtNWFiYy00OWI0LTk3NDct
ZTA4YmUwZWRhZjc2LzEvdG5ZM3MtVlZVaWktZXZLcEQ5eVJlVnhyTGdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi82ZjQ5NDAtNWFiYy00OWI0LTk3NDctZTA4YmUwZWRhZjc2
LzEvbXpRR21janRsd3FNbnRqQllnaVBJR2ZETWxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDXVtgAwQB
uVWCAwQG1epAMA0GCSqGSIb3DQEBCwUAA4IBAQAixSxQz07fLD0UjreB09HlI0BB
DUEiEkiH9VBKJJk5YhvlPe37dBWKrqVt8Hzg0STKHMTd4l5s3Xsdl8v1vix1HdlE
Wo0Ng4pEDR1BqWowI0okQBaKhOG6tL5PTgifwej3kC/RtXrQx7PsXpxmG0/IHBm5
HNJkGBlcA870jhDNAVIiS4gNSw49l1NBGpprPYOPn9vpXpAIvRUr73cPaMsy9MV/
rWzOofEhkkHvNkpMDgy9s4rzQjbWXFYUvDz7xo9rlvGtl1Fd5NrjZeK9orkEy8V0
3csafCj7w8UfmwVs9LhxESVdIOLWO+0ztXRJRX43HSpQ0oWt75vamx7mj+Ek
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:00 2024 by rpki-client on console-ams.rpki-client.org