Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/1TNEby3tV3SmpbkzGpB1Iyvg544.roa
File: 1TNEby3tV3SmpbkzGpB1Iyvg544.roa (raw, json)
Hash identifier: DCvm1Ay/j2cmwtY2CDvGwsL7xeWA3bPZjllv07wxXr0=
Subject key identifier: D5:33:44:6F:2D:ED:57:74:A6:A5:B9:33:1A:90:75:23:2B:E0:E7:8E
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01856BDCA6171003081BF174B81081EF3A08
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/1TNEby3tV3SmpbkzGpB1Iyvg544.roa
Signing time: Sun 01 Jan 2023 05:45:00 +0000
ROA not before: Sun 01 Jan 2023 05:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6282
IP address blocks: 77.36.24.0/22 maxlen: 22
176.116.36.0/22 maxlen: 22
176.116.32.0/22 maxlen: 22
64.43.100.0/22 maxlen: 22
64.43.104.0/22 maxlen: 22
64.43.108.0/22 maxlen: 22
64.43.116.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 09 May 2023 12:25:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:a6:17:10:03:08:1b:f1:74:b8:10:81:ef:3a:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 1 05:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d533446f2ded5774a6a5b9331a9075232be0e78e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:41:c5:2e:8e:e2:ad:02:ab:27:ea:70:14:7e:
3f:0d:da:d7:48:31:20:4e:40:75:a7:86:68:1b:69:
51:9f:36:fc:14:b3:ab:b0:67:94:55:43:8c:78:14:
4a:53:6c:37:30:80:e1:0d:f0:dd:7e:6c:4e:16:46:
ce:69:79:ab:e7:fe:bd:dd:f8:67:27:0d:8a:39:bf:
34:26:34:de:1e:b8:57:cb:38:56:c9:fd:62:cb:f1:
98:2e:81:d6:0e:6f:76:63:d9:23:09:16:26:8a:69:
57:ce:38:16:18:a8:8a:38:f7:27:90:fd:63:20:18:
36:0d:96:2d:0b:65:ce:02:d4:ed:66:2d:28:aa:3b:
e3:7d:fe:4f:11:ba:03:a0:e8:0c:9c:51:db:39:8b:
fb:2b:b2:8a:2a:ea:57:ad:00:ec:f5:2b:32:70:7a:
33:6f:26:76:f6:94:6f:04:9b:d6:5a:d0:4a:31:08:
e5:d1:f0:91:f4:56:23:65:70:82:06:f3:4c:29:a6:
a6:8c:b5:d8:6b:8b:3d:02:d3:da:a9:86:d4:49:63:
35:18:3a:94:85:11:fe:01:76:17:4b:56:d7:d9:36:
4a:60:0f:d4:35:14:98:3a:29:24:8a:51:23:01:f0:
a3:07:39:8a:66:bd:d3:66:89:bc:b4:5a:23:ad:4b:
5b:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:33:44:6F:2D:ED:57:74:A6:A5:B9:33:1A:90:75:23:2B:E0:E7:8E
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/1TNEby3tV3SmpbkzGpB1Iyvg544.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.43.100.0-64.43.111.255
64.43.116.0/22
77.36.24.0/22
176.116.32.0/21
Signature Algorithm: sha256WithRSAEncryption
22:68:49:4a:dd:4d:00:08:66:7f:50:fd:90:a9:ba:e5:44:8b:
62:d2:4f:25:93:12:a6:74:69:b8:82:2a:da:43:f4:00:a9:8a:
48:ba:0f:ac:35:e8:8e:02:2b:0e:35:0e:c8:7d:a8:19:13:00:
2e:5f:67:53:55:91:49:cd:a6:a1:0e:34:a9:54:7e:87:09:11:
2c:00:9a:d0:93:39:c0:cf:3e:08:a0:7a:8c:f1:1a:18:16:dc:
bf:f7:90:e3:b5:09:5a:4d:a2:8f:43:05:b8:b3:58:c4:1c:5a:
1e:11:9a:04:05:f3:85:c7:ad:a5:b7:0b:d0:ba:73:3f:95:f4:
49:21:58:12:ee:fb:0f:54:89:fd:77:a4:a8:cf:e6:2c:6d:01:
28:b7:ed:78:b1:29:85:7a:07:9d:b3:0a:04:ef:30:e4:63:7d:
f5:da:7c:0e:25:77:c7:8e:55:8a:f2:8f:10:48:fe:3c:d0:02:
b7:ea:79:f8:b5:9c:bd:4d:51:a0:de:17:d6:75:b9:6d:a1:0a:
0a:50:fe:c9:ab:ce:d9:13:7e:5b:1b:2f:b7:db:0e:ef:61:39:
3c:3f:8f:bb:61:06:99:5f:7c:18:16:95:86:41:7f:50:57:b0:
65:51:56:41:ca:1b:ea:80:7b:ef:94:b2:0f:20:ae:96:f1:01:
20:be:5b:fc
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVr3KYXEAMIG/F0uBCB7zoIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwMTAxMDU0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTMzNDQ2ZjJkZWQ1Nzc0YTZhNWI5MzMxYTkwNzUyMzJiZTBlNzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0EHFLo7irQKrJ+pwFH4/DdrXSDEg
TkB1p4ZoG2lRnzb8FLOrsGeUVUOMeBRKU2w3MIDhDfDdfmxOFkbOaXmr5/693fhn
Jw2KOb80JjTeHrhXyzhWyf1iy/GYLoHWDm92Y9kjCRYmimlXzjgWGKiKOPcnkP1j
IBg2DZYtC2XOAtTtZi0oqjvjff5PEboDoOgMnFHbOYv7K7KKKupXrQDs9SsycHoz
byZ29pRvBJvWWtBKMQjl0fCR9FYjZXCCBvNMKaamjLXYa4s9AtPaqYbUSWM1GDqU
hRH+AXYXS1bX2TZKYA/UNRSYOikkilEjAfCjBzmKZr3TZom8tFojrUtbtQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNUzRG8t7Vd0pqW5MxqQdSMr4OeOMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvMVRORWJ5M3RWM1NtcGJrekdwQjFJeXZnNTQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAJAK2QD
BARAK2ADBAJAK3QDBAJNJBgDBAOwdCAwDQYJKoZIhvcNAQELBQADggEBACJoSUrd
TQAIZn9Q/ZCpuuVEi2LSTyWTEqZ0abiCKtpD9ACpiki6D6w16I4CKw41Dsh9qBkT
AC5fZ1NVkUnNpqEONKlUfocJESwAmtCTOcDPPgigeozxGhgW3L/3kOO1CVpNoo9D
BbizWMQcWh4RmgQF84XHraW3C9C6cz+V9EkhWBLu+w9Uif13pKjP5ixtASi37Xix
KYV6B52zCgTvMORjffXafA4ld8eOVYryjxBI/jzQArfqefi1nL1NUaDeF9Z1uW2h
CgpQ/smrztkTflsbL7fbDu9hOTw/j7thBplffBgWlYZBf1BXsGVRVkHKG+qAe++U
sg8grpbxASC+W/w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:47 2024 by rpki-client on console-ams.rpki-client.org