Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/tBzzRYBWHKIBw8eEpDr-hqVLRxo.roa
File: tBzzRYBWHKIBw8eEpDr-hqVLRxo.roa (raw, json)
Hash identifier: /NEOIluQwSLt4LEnaxYvtuf0FQGXpcRgssWztJNQkXs=
Subject key identifier: B4:1C:F3:45:80:56:1C:A2:01:C3:C7:84:A4:3A:FE:86:A5:4B:47:1A
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 0187233FCC64B298786FF83D8208549E072B
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/tBzzRYBWHKIBw8eEpDr-hqVLRxo.roa
Signing time: Mon 27 Mar 2023 13:26:36 +0000
ROA not before: Mon 27 Mar 2023 13:26:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2856
IP address blocks: 85.8.160.0/22 maxlen: 22
147.78.68.0/22 maxlen: 22
5.133.124.0/22 maxlen: 22
193.187.132.0/22 maxlen: 22
83.171.244.0/22 maxlen: 22
193.187.140.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 12 Apr 2023 19:54:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:23:3f:cc:64:b2:98:78:6f:f8:3d:82:08:54:9e:07:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Mar 27 13:26:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b41cf34580561ca201c3c784a43afe86a54b471a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:a4:da:f9:8e:14:fb:97:99:78:c4:94:d3:83:
f9:21:96:f1:e6:c5:ad:23:61:6f:d4:cc:52:fe:f8:
32:05:89:4d:1d:1d:03:32:33:73:bb:79:70:e1:69:
77:2c:e3:46:dc:f1:43:d3:a9:c4:89:c1:a2:5f:9c:
96:02:1b:f4:9a:b6:a7:b4:2c:07:e3:da:f6:8d:85:
e7:b9:3d:c5:d7:08:70:03:5e:5b:11:e2:07:ed:a8:
c9:4a:8d:bb:b6:de:f8:32:25:c1:8f:c7:19:bc:07:
57:27:f4:06:c2:eb:ca:20:08:ce:ba:d6:87:83:5e:
a7:ab:63:90:de:24:7e:a7:4c:51:49:18:12:44:11:
03:f7:aa:b6:04:d2:c5:a8:41:12:77:5f:b9:7a:91:
34:7c:f4:1d:d0:36:fa:13:ca:54:36:6c:1f:e6:82:
b8:b4:7f:ff:83:bf:23:82:8c:1e:32:e0:c8:53:97:
0f:e3:c1:69:52:f3:b2:91:83:81:88:c3:93:15:ff:
69:5c:db:98:13:b7:05:e5:e7:08:5b:cd:c2:37:b9:
33:3c:73:cb:0d:ee:8a:b2:6f:84:99:76:a9:8e:97:
b6:d3:2c:1e:97:69:54:01:c5:4d:83:14:45:b8:6c:
b8:d5:41:49:f8:dd:fe:70:bc:cd:30:d8:89:5b:42:
4c:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:1C:F3:45:80:56:1C:A2:01:C3:C7:84:A4:3A:FE:86:A5:4B:47:1A
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/tBzzRYBWHKIBw8eEpDr-hqVLRxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.124.0/22
83.171.244.0/22
85.8.160.0/22
147.78.68.0/22
193.187.132.0/22
193.187.140.0/22
Signature Algorithm: sha256WithRSAEncryption
64:66:94:21:4c:29:f6:6a:98:7e:92:f3:77:07:03:50:40:72:
ee:ed:4e:4c:e3:e7:e7:08:ad:81:d0:81:5d:94:db:32:8f:c5:
4a:ca:41:d1:3e:86:f8:58:66:b9:71:67:91:3e:78:5e:13:cd:
3e:49:5b:94:16:eb:fe:9f:ea:98:3e:4e:c1:33:f0:0a:76:ac:
f6:e3:4e:78:23:5c:04:11:76:82:f1:d3:33:e1:b7:70:d7:3e:
54:27:3b:47:0d:b4:9e:0d:05:e4:ae:40:70:5e:1c:d9:48:cd:
c5:ee:48:4a:56:bf:8f:7f:59:e0:b4:aa:d4:5f:d9:6c:77:61:
3d:b2:2c:c2:ae:31:8e:28:98:ab:5e:1e:0b:73:51:87:29:aa:
28:4d:60:91:99:29:8e:85:d4:30:eb:0f:0e:e4:ec:89:e8:7b:
03:3d:7e:9b:58:43:0f:e4:1c:18:fa:52:b5:e7:5b:ff:6a:84:
3a:1b:9a:96:a1:e9:97:91:70:95:79:0f:fe:41:29:48:22:96:
c9:12:18:8d:78:49:f8:c3:ba:d2:bc:2d:a4:fb:0f:73:30:9c:
e9:d3:0a:c1:4d:3d:89:b3:76:94:09:c9:1d:a1:02:ea:fe:51:
9f:0e:2f:2a:a9:bc:7b:d6:c9:1b:a7:98:8d:94:d0:3d:01:1b:
57:bb:44:80
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYcjP8xksph4b/g9gghUngcrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMwMzI3MTMyNjM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDFjZjM0NTgwNTYxY2EyMDFjM2M3ODRhNDNhZmU4NmE1NGI0NzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhaTa+Y4U+5eZeMSU04P5IZbx5sWt
I2Fv1MxS/vgyBYlNHR0DMjNzu3lw4Wl3LONG3PFD06nEicGiX5yWAhv0mrantCwH
49r2jYXnuT3F1whwA15bEeIH7ajJSo27tt74MiXBj8cZvAdXJ/QGwuvKIAjOutaH
g16nq2OQ3iR+p0xRSRgSRBED96q2BNLFqEESd1+5epE0fPQd0Db6E8pUNmwf5oK4
tH//g78jgoweMuDIU5cP48FpUvOykYOBiMOTFf9pXNuYE7cF5ecIW83CN7kzPHPL
De6Ksm+EmXapjpe20ywel2lUAcVNgxRFuGy41UFJ+N3+cLzNMNiJW0JM9QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLQc80WAVhyiAcPHhKQ6/oalS0caMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvdEJ6elJZQldIS0lCdzhlRXBEci1ocVZMUnhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCBYV8AwQC
U6v0AwQCVQigAwQCk05EAwQCwbuEAwQCwbuMMA0GCSqGSIb3DQEBCwUAA4IBAQBk
ZpQhTCn2aph+kvN3BwNQQHLu7U5M4+fnCK2B0IFdlNsyj8VKykHRPob4WGa5cWeR
PnheE80+SVuUFuv+n+qYPk7BM/AKdqz24054I1wEEXaC8dMz4bdw1z5UJztHDbSe
DQXkrkBwXhzZSM3F7khKVr+Pf1ngtKrUX9lsd2E9sizCrjGOKJirXh4Lc1GHKaoo
TWCRmSmOhdQw6w8O5OyJ6HsDPX6bWEMP5BwY+lK151v/aoQ6G5qWoemXkXCVeQ/+
QSlIIpbJEhiNeEn4w7rSvC2k+w9zMJzp0wrBTT2Js3aUCckdoQLq/lGfDi8qqbx7
1skbp5iNlNA9ARtXu0SA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:50 2024 by rpki-client on console-fra.rpki-client.org