Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/L_tMICnSg7RRDzsU6VzVt8F_jKM.roa
File: L_tMICnSg7RRDzsU6VzVt8F_jKM.roa (raw, json)
Hash identifier: 42L9xye+9ot1yuXbJrOwmufOPiUHCwhH0XMTH7Ll7ZU=
Subject key identifier: 2F:FB:4C:20:29:D2:83:B4:51:0F:3B:14:E9:5C:D5:B7:C1:7F:8C:A3
Certificate issuer: /CN=4d5f0cb06a5a47b4ddac7f4d6dfd44aba4d31f2e
Certificate serial: 0188244772F953FB164ED6154B486D4A5350
Authority key identifier: 4D:5F:0C:B0:6A:5A:47:B4:DD:AC:7F:4D:6D:FD:44:AB:A4:D3:1F:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/L_tMICnSg7RRDzsU6VzVt8F_jKM.roa
Signing time: Tue 16 May 2023 11:17:22 +0000
ROA not before: Tue 16 May 2023 11:17:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51175
IP address blocks: 194.29.180.0/22 maxlen: 22
185.101.190.0/24 maxlen: 24
185.101.188.0/22 maxlen: 22
195.110.50.0/23 maxlen: 23
213.5.0.0/21 maxlen: 22
185.11.108.0/22 maxlen: 24
46.148.80.0/20 maxlen: 20
178.219.128.0/20 maxlen: 24
178.219.129.0/24 maxlen: 24
2a00:c020::/32 maxlen: 32
2a03:22c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 06 Jun 2023 16:57:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:24:47:72:f9:53:fb:16:4e:d6:15:4b:48:6d:4a:53:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d5f0cb06a5a47b4ddac7f4d6dfd44aba4d31f2e
Validity
Not Before: May 16 11:17:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ffb4c2029d283b4510f3b14e95cd5b7c17f8ca3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:b6:b2:4b:d8:a5:32:3a:83:13:4a:82:ea:f7:
4e:f0:ac:d3:0a:55:83:da:e1:f4:23:76:49:6c:3a:
d2:97:fc:fb:aa:35:f8:24:b7:37:75:94:53:3e:99:
ab:56:36:34:94:22:03:48:5c:62:89:02:69:5e:dd:
62:c2:e1:e8:10:5a:21:81:e8:e2:1c:68:35:a7:70:
4f:d3:69:4d:62:69:f2:c8:28:40:15:1e:bd:1d:c1:
61:5d:eb:7b:cf:79:1e:7b:2d:a2:0d:ca:73:f7:2a:
1c:11:0d:d1:b9:21:41:66:ff:20:2b:92:48:b6:ac:
00:bd:31:26:60:94:ec:25:3e:33:87:de:d7:2a:a9:
de:45:51:f3:9c:a2:2e:6d:03:5c:92:56:a7:91:02:
8d:7f:58:fd:24:2d:f4:c8:5d:c7:41:57:82:99:3a:
5d:cb:21:3f:45:02:8f:70:c6:30:76:ea:fb:d1:50:
64:61:c3:3c:b9:47:13:08:2d:76:35:19:5f:6e:5b:
cd:70:40:6c:43:e2:ab:c4:4c:d1:1f:ab:67:a8:2a:
f3:cc:8b:1d:8a:88:05:6b:c0:d5:a9:aa:93:43:31:
51:1f:4a:19:a1:25:48:bb:4d:cf:38:04:c9:49:94:
c1:b7:43:29:af:93:3d:0c:e6:0f:d2:9e:c3:3c:4f:
48:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:FB:4C:20:29:D2:83:B4:51:0F:3B:14:E9:5C:D5:B7:C1:7F:8C:A3
X509v3 Authority Key Identifier:
keyid:4D:5F:0C:B0:6A:5A:47:B4:DD:AC:7F:4D:6D:FD:44:AB:A4:D3:1F:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/L_tMICnSg7RRDzsU6VzVt8F_jKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.148.80.0/20
178.219.128.0/20
185.11.108.0/22
185.101.188.0/22
194.29.180.0/22
195.110.50.0/23
213.5.0.0/21
IPv6:
2a00:c020::/32
2a03:22c0::/32
Signature Algorithm: sha256WithRSAEncryption
82:f9:83:71:17:1f:18:fa:d5:3a:c4:64:a4:1a:28:0c:ea:75:
6f:82:7b:5e:a2:f9:e0:64:0b:5c:f6:49:11:91:1b:c9:15:ba:
e7:21:88:8d:c5:4c:68:79:69:11:77:e2:a2:5d:ac:ae:ff:46:
7b:cc:0b:7f:cf:67:ae:0a:58:a1:29:60:64:23:22:e1:26:d9:
68:dd:54:1f:58:dd:c3:17:e3:91:3d:e1:64:b1:03:2d:f8:46:
89:c9:ca:0e:0b:cf:a3:7f:91:d7:3d:23:34:f9:f3:eb:01:87:
95:e1:0c:d7:72:59:8d:f8:80:b4:2a:fa:5d:6a:43:67:51:54:
f7:28:76:c3:3d:54:f5:95:4b:63:23:2f:5c:71:2f:63:51:5f:
75:6e:42:5b:74:1e:aa:54:82:60:9b:cb:16:80:ff:25:27:9c:
d5:15:e5:b4:42:d1:f0:b6:83:70:c3:3e:8d:be:4f:06:6f:a5:
87:91:62:04:45:b0:c7:f2:24:b6:cf:36:2a:93:f4:a2:56:08:
af:d8:ae:92:1a:a7:02:47:80:fa:a0:3f:33:c4:ec:00:56:77:
52:23:30:7c:68:89:92:ff:d2:c8:20:b9:d0:c1:f9:c2:b8:cc:
77:96:bd:d8:b3:c9:05:62:bb:02:e3:99:95:7d:99:64:87:b7:
f6:17:74:a1
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYgkR3L5U/sWTtYVS0htSlNQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNWYwY2IwNmE1YTQ3YjRkZGFjN2Y0ZDZkZmQ0NGFiYTRk
MzFmMmUwHhcNMjMwNTE2MTExNzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmZiNGMyMDI5ZDI4M2I0NTEwZjNiMTRlOTVjZDViN2MxN2Y4Y2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbayS9ilMjqDE0qC6vdO8KzTClWD
2uH0I3ZJbDrSl/z7qjX4JLc3dZRTPpmrVjY0lCIDSFxiiQJpXt1iwuHoEFohgeji
HGg1p3BP02lNYmnyyChAFR69HcFhXet7z3keey2iDcpz9yocEQ3RuSFBZv8gK5JI
tqwAvTEmYJTsJT4zh97XKqneRVHznKIubQNcklankQKNf1j9JC30yF3HQVeCmTpd
yyE/RQKPcMYwdur70VBkYcM8uUcTCC12NRlfblvNcEBsQ+KrxEzRH6tnqCrzzIsd
iogFa8DVqaqTQzFRH0oZoSVIu03POATJSZTBt0Mpr5M9DOYP0p7DPE9IdQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFC/7TCAp0oO0UQ87FOlc1bfBf4yjMB8GA1UdIwQY
MBaAFE1fDLBqWke03ax/TW39RKuk0x8uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFY4TXNHcGFSN1Rkckg5TmJmMUVxNlRUSHk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9jYjgzMzktY2VlMy00MDM3LWJhY2Mt
ZGM4YjUyZTNlYTBhLzEvTF90TUlDblNnN1JSRHpzVTZWelZ0OEZfaktNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9jYjgzMzktY2VlMy00MDM3LWJhY2MtZGM4YjUyZTNlYTBh
LzEvVFY4TXNHcGFSN1Rkckg5TmJmMUVxNlRUSHk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQELpRQAwQE
stuAAwQCuQtsAwQCuWW8AwQCwh20AwQBw24yAwQD1QUAMBQEAgACMA4DBQAqAMAg
AwUAKgMiwDANBgkqhkiG9w0BAQsFAAOCAQEAgvmDcRcfGPrVOsRkpBooDOp1b4J7
XqL54GQLXPZJEZEbyRW65yGIjcVMaHlpEXfiol2srv9Ge8wLf89nrgpYoSlgZCMi
4SbZaN1UH1jdwxfjkT3hZLEDLfhGicnKDgvPo3+R1z0jNPnz6wGHleEM13JZjfiA
tCr6XWpDZ1FU9yh2wz1U9ZVLYyMvXHEvY1FfdW5CW3QeqlSCYJvLFoD/JSec1RXl
tELR8LaDcMM+jb5PBm+lh5FiBEWwx/Ikts82KpP0olYIr9iukhqnAkeA+qA/M8Ts
AFZ3UiMwfGiJkv/SyCC50MH5wrjMd5a92LPJBWK7AuOZlX2ZZIe39hd0oQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:59 2024 by rpki-client on console-ams.rpki-client.org