Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/deeTQH3gkINjn800tfMAvo7w6d0.roa
File: deeTQH3gkINjn800tfMAvo7w6d0.roa (raw, json)
Hash identifier: N4f0fpROOR7YnDhzBjyfRU2jxZsWFikoljF/YDjm5Ck=
Subject key identifier: 75:E7:93:40:7D:E0:90:83:63:9F:CD:34:B5:F3:00:BE:8E:F0:E9:DD
Certificate issuer: /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial: 0185734CBA1DA27BB4831FDA6CA02A1E4357
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/deeTQH3gkINjn800tfMAvo7w6d0.roa
Signing time: Mon 02 Jan 2023 16:24:46 +0000
ROA not before: Mon 02 Jan 2023 16:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206484
IP address blocks: 217.111.138.0/24 maxlen: 24
62.192.11.0/24 maxlen: 24
213.173.161.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:4c:ba:1d:a2:7b:b4:83:1f:da:6c:a0:2a:1e:43:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Validity
Not Before: Jan 2 16:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75e793407de09083639fcd34b5f300be8ef0e9dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:24:aa:fc:4c:fa:68:c0:18:54:60:1f:21:e7:
73:bb:7c:2d:be:21:ad:38:55:4a:2a:b6:65:8b:c9:
09:dc:5c:5b:f3:45:3b:82:d6:a9:b9:b8:20:dd:38:
30:2c:0c:2f:e1:6a:9f:9c:5b:52:68:f4:d7:e0:a8:
fa:07:66:52:b0:08:08:bc:48:81:fc:c8:aa:ee:12:
b8:94:96:79:6c:a1:b3:e8:3c:20:f1:ab:66:f1:71:
b5:bd:c1:98:d6:a3:17:12:4a:54:ee:ba:e0:25:42:
98:41:29:be:99:b4:b8:b8:21:ee:b2:85:27:e6:d7:
7e:0a:f7:6a:bd:54:1c:ee:c1:3e:db:e6:85:dd:e7:
90:5c:82:e0:e5:cf:45:23:27:ea:ef:b7:19:2b:9c:
d4:8b:3c:07:9d:07:91:25:d6:21:2b:15:8c:7d:65:
a3:19:eb:d2:f8:46:c4:30:8f:a0:be:31:83:b9:45:
d7:2c:d6:02:83:0d:d1:4d:32:c1:b0:5f:11:06:e7:
4a:d4:54:01:c9:58:f6:50:e7:c3:7f:a9:02:6f:b2:
4d:7a:f4:0b:53:1a:45:61:0a:90:2d:40:a8:81:7e:
e8:b8:bd:37:fd:7e:16:1d:43:fd:9c:c8:14:35:48:
44:76:f8:e7:9e:57:c9:cf:5e:d2:92:62:63:b9:d5:
72:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:E7:93:40:7D:E0:90:83:63:9F:CD:34:B5:F3:00:BE:8E:F0:E9:DD
X509v3 Authority Key Identifier:
keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/deeTQH3gkINjn800tfMAvo7w6d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.192.11.0/24
213.173.161.0/24
217.111.138.0/24
Signature Algorithm: sha256WithRSAEncryption
69:07:0d:0d:2d:20:c2:ba:4a:f2:77:87:69:e6:5f:84:91:58:
04:7f:57:13:4a:a1:76:c2:ff:4c:2b:b0:a0:0b:f4:2a:3e:e7:
ed:2a:66:62:09:f1:88:8b:76:64:57:a9:ff:80:7a:c1:58:d2:
f5:61:f4:aa:ab:7c:69:2b:64:ff:24:9e:56:cd:e2:07:53:9b:
e3:a1:93:85:4c:f0:d5:24:c5:79:94:0e:5a:2f:c9:26:50:16:
e6:2f:a6:0b:cb:9f:a6:d7:1b:60:49:81:d7:0f:39:b5:91:0d:
6c:cf:bd:a0:06:30:e0:44:2e:c9:91:07:ab:9f:d6:90:8a:e8:
a6:2a:5b:34:2d:dc:4b:b5:aa:c8:d0:d6:89:0a:06:7c:8a:24:
5f:2d:f8:c7:73:0c:7a:68:a6:de:b4:4a:38:a0:7a:6c:dc:53:
df:e6:67:9b:95:2b:b2:5c:bc:a0:48:7b:9e:fb:ea:be:ca:d3:
92:e0:3f:f7:47:59:77:59:8b:d0:a5:77:d1:c7:7a:d4:ff:15:
48:1c:6e:c7:27:03:78:43:4b:ae:18:11:59:d8:08:ed:d7:6f:
a1:ae:10:be:b0:60:a1:25:ba:96:a7:f2:e7:3d:94:11:64:18:
ba:f5:1e:07:1c:fc:ea:be:a8:6c:da:a5:8c:0b:a2:ff:4d:5d:
70:e6:73:a5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVzTLodonu0gx/abKAqHkNXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZjhmZmMwODg1OTFlNGYyNDNiYWFmYTIxYjQyOThiZmIz
NjYwMjYwHhcNMjMwMTAyMTYyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWU3OTM0MDdkZTA5MDgzNjM5ZmNkMzRiNWYzMDBiZThlZjBlOWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhiSq/Ez6aMAYVGAfIedzu3wtviGt
OFVKKrZli8kJ3Fxb80U7gtapubgg3TgwLAwv4WqfnFtSaPTX4Kj6B2ZSsAgIvEiB
/Miq7hK4lJZ5bKGz6Dwg8atm8XG1vcGY1qMXEkpU7rrgJUKYQSm+mbS4uCHusoUn
5td+CvdqvVQc7sE+2+aF3eeQXILg5c9FIyfq77cZK5zUizwHnQeRJdYhKxWMfWWj
GevS+EbEMI+gvjGDuUXXLNYCgw3RTTLBsF8RBudK1FQByVj2UOfDf6kCb7JNevQL
UxpFYQqQLUCogX7ouL03/X4WHUP9nMgUNUhEdvjnnlfJz17SkmJjudVyAQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHXnk0B94JCDY5/NNLXzAL6O8OndMB8GA1UdIwQY
MBaAFEz4/8CIWR5PJDuq+iG0KYv7NmAmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMt
YjNiNzhiMGI2NmVhLzEvZGVlVFFIM2drSU5qbjgwMHRmTUF2bzd3NmQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMtYjNiNzhiMGI2NmVh
LzEvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAPsALAwQA
1a2hAwQA2W+KMA0GCSqGSIb3DQEBCwUAA4IBAQBpBw0NLSDCukryd4dp5l+EkVgE
f1cTSqF2wv9MK7CgC/QqPuftKmZiCfGIi3ZkV6n/gHrBWNL1YfSqq3xpK2T/JJ5W
zeIHU5vjoZOFTPDVJMV5lA5aL8kmUBbmL6YLy5+m1xtgSYHXDzm1kQ1sz72gBjDg
RC7JkQern9aQiuimKls0LdxLtarI0NaJCgZ8iiRfLfjHcwx6aKbetEo4oHps3FPf
5meblSuyXLygSHue++q+ytOS4D/3R1l3WYvQpXfRx3rU/xVIHG7HJwN4Q0uuGBFZ
2Ajt12+hrhC+sGChJbqWp/LnPZQRZBi69R4HHPzqvqhs2qWMC6L/TV1w5nOl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:42 2024 by rpki-client on console-fra.rpki-client.org