Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/4d77d9-b0a3-48ad-aa2a-1c6ee5bbeb66/1/CTsq0aNRQ4oPMlT8JCvr6j2b1yc.roa
File: CTsq0aNRQ4oPMlT8JCvr6j2b1yc.roa (raw, json)
Hash identifier: xreGsB6bJpa2MhxxPIYBQ5oDUf+/+P9tEemEUfzCPxo=
Subject key identifier: 09:3B:2A:D1:A3:51:43:8A:0F:32:54:FC:24:2B:EB:EA:3D:9B:D7:27
Certificate issuer: /CN=4f908a6d868ab9e9bdb10472fbec31c966e94274
Certificate serial: 018779B9A9EAF0DF40EB9F1AB1CE1659FF88
Authority key identifier: 4F:90:8A:6D:86:8A:B9:E9:BD:B1:04:72:FB:EC:31:C9:66:E9:42:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5CKbYaKuem9sQRy--wxyWbpQnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/4d77d9-b0a3-48ad-aa2a-1c6ee5bbeb66/1/CTsq0aNRQ4oPMlT8JCvr6j2b1yc.roa
Signing time: Thu 13 Apr 2023 08:27:03 +0000
ROA not before: Thu 13 Apr 2023 08:27:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20612
IP address blocks: 194.242.34.0/24 maxlen: 24
185.222.12.0/22 maxlen: 24
2a0c:d000::/29 maxlen: 64
2001:67c:20ac::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:79:b9:a9:ea:f0:df:40:eb:9f:1a:b1:ce:16:59:ff:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f908a6d868ab9e9bdb10472fbec31c966e94274
Validity
Not Before: Apr 13 08:27:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=093b2ad1a351438a0f3254fc242bebea3d9bd727
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:a6:41:a3:ec:77:c5:5f:0d:9b:41:11:03:ad:
0e:b2:5f:af:ba:e0:c7:7d:a4:f5:a6:2e:e1:42:bf:
b6:d0:59:aa:12:5e:f1:da:49:54:5f:4a:4a:c5:ed:
f4:a9:ee:5e:51:46:dc:da:0f:6c:4d:3b:9f:be:da:
0f:f8:6d:20:2d:ac:cd:ad:46:d5:9c:9a:d4:0b:f0:
11:23:39:eb:fe:28:22:d7:75:bd:fc:fc:9c:30:07:
4e:c6:57:f4:61:c0:39:7e:53:84:53:98:a1:5f:97:
be:17:57:3e:d1:5a:37:80:4f:cf:75:4c:ce:92:4e:
ba:b9:d9:18:62:d4:f6:05:48:fb:8c:ce:8f:a7:fe:
f5:9e:7f:2c:be:bd:94:35:20:0c:0c:3a:82:80:70:
ef:1e:a0:ff:c9:97:d6:a8:78:cb:2c:f7:dc:8b:b6:
6f:5d:a4:16:50:30:90:07:74:73:13:90:30:fb:5d:
6f:28:66:04:ee:5d:b9:f8:12:1b:ab:84:8b:49:9b:
3d:6e:18:53:df:87:18:5f:45:60:1f:66:6e:97:01:
b5:14:f0:04:53:f8:ba:37:70:9e:02:32:40:c6:ac:
a3:9e:fe:07:2d:6e:64:d3:75:1c:70:1f:cd:08:9d:
4a:fb:7d:fd:87:84:f1:27:3a:64:40:75:76:be:09:
46:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:3B:2A:D1:A3:51:43:8A:0F:32:54:FC:24:2B:EB:EA:3D:9B:D7:27
X509v3 Authority Key Identifier:
keyid:4F:90:8A:6D:86:8A:B9:E9:BD:B1:04:72:FB:EC:31:C9:66:E9:42:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5CKbYaKuem9sQRy--wxyWbpQnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/4d77d9-b0a3-48ad-aa2a-1c6ee5bbeb66/1/CTsq0aNRQ4oPMlT8JCvr6j2b1yc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/4d77d9-b0a3-48ad-aa2a-1c6ee5bbeb66/1/T5CKbYaKuem9sQRy--wxyWbpQnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.12.0/22
194.242.34.0/24
IPv6:
2001:67c:20ac::/48
2a0c:d000::/29
Signature Algorithm: sha256WithRSAEncryption
5c:37:33:30:3c:a2:93:f4:ae:f6:04:cb:f7:3a:4a:38:3a:30:
d6:d3:a8:0f:ec:19:d4:7b:6d:b7:59:43:72:37:57:84:fe:da:
6b:c7:96:4e:35:03:34:6f:11:ef:a4:b4:3d:b5:cc:60:6e:83:
b3:94:54:aa:80:f3:f4:fe:4c:9b:79:ce:06:95:3c:16:40:13:
d2:44:42:30:55:9c:4d:70:20:11:8d:81:47:0d:7d:9c:6c:76:
d1:a7:62:34:23:52:a1:cb:ba:4e:41:02:d4:bd:7b:c2:27:7e:
42:03:b4:72:d2:05:08:6a:99:41:76:62:9b:d2:52:49:b4:bf:
54:ad:8f:bd:4f:ce:9e:74:55:96:97:ce:33:d2:e2:51:f4:fc:
9f:8d:a3:b7:b1:43:6b:92:7b:82:5a:2f:27:02:bb:ef:4d:c3:
b2:90:41:89:7d:a6:99:85:e0:95:0d:b6:f8:cf:64:cb:d2:95:
99:6b:2a:a8:f0:92:1f:29:da:ed:ab:dc:8b:41:68:33:e3:19:
7d:56:17:1e:3d:81:09:29:35:91:1d:3e:89:ad:b6:d8:7c:b9:
29:d2:15:4f:ab:e0:46:3d:7e:92:51:dc:47:24:f0:0a:bc:1f:
99:36:e5:c2:f6:80:b2:12:dd:3a:8d:24:2f:1d:02:43:7d:26:
95:44:c7:4a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYd5uanq8N9A658asc4WWf+IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTA4YTZkODY4YWI5ZTliZGIxMDQ3MmZiZWMzMWM5NjZl
OTQyNzQwHhcNMjMwNDEzMDgyNzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTNiMmFkMWEzNTE0MzhhMGYzMjU0ZmMyNDJiZWJlYTNkOWJkNzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqZBo+x3xV8Nm0ERA60Osl+vuuDH
faT1pi7hQr+20FmqEl7x2klUX0pKxe30qe5eUUbc2g9sTTufvtoP+G0gLazNrUbV
nJrUC/ARIznr/igi13W9/PycMAdOxlf0YcA5flOEU5ihX5e+F1c+0Vo3gE/PdUzO
kk66udkYYtT2BUj7jM6Pp/71nn8svr2UNSAMDDqCgHDvHqD/yZfWqHjLLPfci7Zv
XaQWUDCQB3RzE5Aw+11vKGYE7l25+BIbq4SLSZs9bhhT34cYX0VgH2ZulwG1FPAE
U/i6N3CeAjJAxqyjnv4HLW5k03UccB/NCJ1K+339h4TxJzpkQHV2vglGPQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAk7KtGjUUOKDzJU/CQr6+o9m9cnMB8GA1UdIwQY
MBaAFE+Qim2GirnpvbEEcvvsMclm6UJ0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVDS2JZYUt1ZW05c1FSeS0td3h5V2JwUW5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC80ZDc3ZDktYjBhMy00OGFkLWFhMmEt
MWM2ZWU1YmJlYjY2LzEvQ1RzcTBhTlJRNG9QTWxUOEpDdnI2ajJiMXljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC80ZDc3ZDktYjBhMy00OGFkLWFhMmEtMWM2ZWU1YmJlYjY2
LzEvVDVDS2JZYUt1ZW05c1FSeS0td3h5V2JwUW5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCud4MAwQA
wvIiMBYEAgACMBADBwAgAQZ8IKwDBQMqDNAAMA0GCSqGSIb3DQEBCwUAA4IBAQBc
NzMwPKKT9K72BMv3Oko4OjDW06gP7BnUe223WUNyN1eE/tprx5ZONQM0bxHvpLQ9
tcxgboOzlFSqgPP0/kybec4GlTwWQBPSREIwVZxNcCARjYFHDX2cbHbRp2I0I1Kh
y7pOQQLUvXvCJ35CA7Ry0gUIaplBdmKb0lJJtL9UrY+9T86edFWWl84z0uJR9Pyf
jaO3sUNrknuCWi8nArvvTcOykEGJfaaZheCVDbb4z2TL0pWZayqo8JIfKdrtq9yL
QWgz4xl9VhcePYEJKTWRHT6JrbbYfLkp0hVPq+BGPX6SUdxHJPAKvB+ZNuXC9oCy
Et06jSQvHQJDfSaVRMdK
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:24 2024 by rpki-client on console-ams.rpki-client.org