Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tJ-Imi2aK38JYqemwFhH6Fwsr04.roa
File: tJ-Imi2aK38JYqemwFhH6Fwsr04.roa (raw, json)
Hash identifier: SCRjvoz4zGH3EQVDuwLMBa6ek5eJZJ0pRzs+b54OSCc=
Subject key identifier: B4:9F:88:9A:2D:9A:2B:7F:09:62:A7:A6:C0:58:47:E8:5C:2C:AF:4E
Certificate issuer: /CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac
Certificate serial: 01857246F7EAE791C2E2B89C6EFAE94E2557
Authority key identifier: B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tJ-Imi2aK38JYqemwFhH6Fwsr04.roa
Signing time: Mon 02 Jan 2023 11:38:51 +0000
ROA not before: Mon 02 Jan 2023 11:38:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42775
IP address blocks: 178.236.136.0/23 maxlen: 23
185.39.192.0/22 maxlen: 22
2a02:1710:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:f7:ea:e7:91:c2:e2:b8:9c:6e:fa:e9:4e:25:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac
Validity
Not Before: Jan 2 11:38:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b49f889a2d9a2b7f0962a7a6c05847e85c2caf4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e9:c5:10:8c:ca:8e:22:a7:5d:05:30:c6:07:
67:ce:70:ab:05:26:87:10:e4:1c:40:5d:83:c4:3e:
aa:df:58:59:00:0d:80:81:e7:d3:db:94:45:13:76:
39:2a:9c:0e:b5:f6:2f:b7:05:2d:84:55:9c:b4:26:
a4:24:39:ea:c6:f0:e0:c2:bc:a3:80:63:1a:d0:c6:
5c:f6:d3:8c:91:69:b6:8b:ef:a0:ea:16:03:a5:34:
43:ef:ef:b4:1a:b1:8d:e6:41:ec:b4:ac:65:8d:f5:
85:db:7d:c2:02:65:91:c1:2b:43:a3:b5:4d:a0:32:
94:30:92:13:a4:5f:d7:01:e8:c8:af:4b:ef:2b:9e:
d8:b5:f1:3e:eb:41:8e:73:ac:3c:d4:48:73:b3:d7:
6c:cc:52:ae:cf:5b:65:3a:90:b9:82:5b:42:9a:09:
ea:b9:b7:83:19:09:05:e0:b1:5b:fd:a5:ac:4d:e9:
77:6a:61:c9:35:f1:8b:7c:cf:e9:4b:2c:fc:af:05:
13:c5:bd:eb:07:a4:ca:01:33:d2:23:57:62:8f:b8:
2a:9d:d3:9a:f9:93:9d:68:3b:4b:de:25:ad:4b:8c:
e0:7f:b1:e5:2f:74:2a:74:37:c3:c2:96:1f:e1:32:
de:a2:76:0b:20:18:54:45:f6:3a:28:76:26:2f:0a:
bc:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:9F:88:9A:2D:9A:2B:7F:09:62:A7:A6:C0:58:47:E8:5C:2C:AF:4E
X509v3 Authority Key Identifier:
keyid:B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tJ-Imi2aK38JYqemwFhH6Fwsr04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.136.0/23
185.39.192.0/22
IPv6:
2a02:1710:2::/48
Signature Algorithm: sha256WithRSAEncryption
09:c7:99:0c:cf:1c:fb:5b:11:24:37:ba:7c:9b:af:60:c3:20:
64:c4:a3:44:12:96:01:94:3e:2f:32:c3:40:d9:ed:71:02:d3:
d4:2f:1d:e6:d8:a5:dd:58:2b:81:38:ea:4a:ad:63:7e:ae:31:
10:c4:e4:62:d0:9c:28:4e:98:2c:33:b8:a8:89:dd:f7:6e:5c:
17:96:dd:1d:46:14:3e:25:c0:5b:fb:12:76:31:c4:5d:9c:21:
e1:02:91:d6:f5:b1:e4:c8:00:3e:5f:f6:e1:c8:2a:6f:0f:eb:
0f:06:ad:a4:19:11:e6:6f:79:77:f5:e6:d7:46:eb:b4:6e:00:
52:0a:09:e5:b0:7a:2d:9e:c6:ea:22:a9:c5:d3:e3:5b:62:25:
aa:55:b2:66:b2:c4:d5:e4:d8:d6:c5:cb:c8:15:25:0e:40:6f:
bd:be:40:99:ab:65:bb:91:48:d1:b1:17:9c:3a:bf:09:85:15:
d0:2e:c9:76:aa:fe:be:4a:7e:1a:fc:e4:18:df:e9:1d:84:f8:
e4:9a:04:75:26:fc:6d:39:ca:be:b0:70:72:e7:bc:66:e9:1a:
74:14:f3:5e:6c:d0:94:9e:63:0a:7d:3f:dd:7a:36:b4:c6:bd:
eb:2b:c2:4d:0b:0b:e4:83:4f:68:af:0e:3e:96:8d:08:7a:7b:
58:e7:70:75
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVyRvfq55HC4ricbvrpTiVXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3MjU4OGMwMGVlZjcxNTgwOWViNWZkZDZkNjcxN2NjMjhj
MGRmYWMwHhcNMjMwMTAyMTEzODUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDlmODg5YTJkOWEyYjdmMDk2MmE3YTZjMDU4NDdlODVjMmNhZjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmunFEIzKjiKnXQUwxgdnznCrBSaH
EOQcQF2DxD6q31hZAA2AgefT25RFE3Y5KpwOtfYvtwUthFWctCakJDnqxvDgwryj
gGMa0MZc9tOMkWm2i++g6hYDpTRD7++0GrGN5kHstKxljfWF233CAmWRwStDo7VN
oDKUMJITpF/XAejIr0vvK57YtfE+60GOc6w81Ehzs9dszFKuz1tlOpC5gltCmgnq
ubeDGQkF4LFb/aWsTel3amHJNfGLfM/pSyz8rwUTxb3rB6TKATPSI1dij7gqndOa
+ZOdaDtL3iWtS4zgf7HlL3QqdDfDwpYf4TLeonYLIBhURfY6KHYmLwq8ewIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFLSfiJotmit/CWKnpsBYR+hcLK9OMB8GA1UdIwQY
MBaAFLcliMAO73FYCetf3W1nF8wowN+sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUt
N2E0MTI1NGVhYWNhLzEvdEotSW1pMmFLMzhKWXFlbXdGaEg2RndzcjA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUtN2E0MTI1NGVhYWNh
LzEvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBsuyIAwQC
uSfAMA8EAgACMAkDBwAqAhcQAAIwDQYJKoZIhvcNAQELBQADggEBAAnHmQzPHPtb
ESQ3unybr2DDIGTEo0QSlgGUPi8yw0DZ7XEC09QvHebYpd1YK4E46kqtY36uMRDE
5GLQnChOmCwzuKiJ3fduXBeW3R1GFD4lwFv7EnYxxF2cIeECkdb1seTIAD5f9uHI
Km8P6w8GraQZEeZveXf15tdG67RuAFIKCeWwei2exuoiqcXT41tiJapVsmayxNXk
2NbFy8gVJQ5Ab72+QJmrZbuRSNGxF5w6vwmFFdAuyXaq/r5Kfhr85Bjf6R2E+OSa
BHUm/G05yr6wcHLnvGbpGnQU815s0JSeYwp9P916NrTGvesrwk0LC+SDT2ivDj6W
jQh6e1jncHU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:35 2024 by rpki-client on console-ams.rpki-client.org