Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d3df26-3db5-4539-8030-f2ce77e3191e/1/Ty9kFcLxYUB7GbToF8zIRt_pOuY.roa
File: Ty9kFcLxYUB7GbToF8zIRt_pOuY.roa (raw, json)
Hash identifier: N4QcIKNENWgllHgQ7O6gFvw5IuaiN9Zvp5NcsU1qd/E=
Subject key identifier: 4F:2F:64:15:C2:F1:61:40:7B:19:B4:E8:17:CC:C8:46:DF:E9:3A:E6
Certificate issuer: /CN=4e2a299f182a1fd51d4b0362997af7aaae0d6be9
Certificate serial: 01856BEECEA416AC4960106E5C369FE60311
Authority key identifier: 4E:2A:29:9F:18:2A:1F:D5:1D:4B:03:62:99:7A:F7:AA:AE:0D:6B:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TiopnxgqH9UdSwNimXr3qq4Na-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d3df26-3db5-4539-8030-f2ce77e3191e/1/Ty9kFcLxYUB7GbToF8zIRt_pOuY.roa
Signing time: Sun 01 Jan 2023 06:04:50 +0000
ROA not before: Sun 01 Jan 2023 06:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199255
IP address blocks: 185.4.249.0/24 maxlen: 24
185.4.248.0/24 maxlen: 24
185.4.251.0/24 maxlen: 24
2a02:6840::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ee:ce:a4:16:ac:49:60:10:6e:5c:36:9f:e6:03:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e2a299f182a1fd51d4b0362997af7aaae0d6be9
Validity
Not Before: Jan 1 06:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f2f6415c2f161407b19b4e817ccc846dfe93ae6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a3:b8:3c:b9:53:aa:50:b6:84:c9:33:d4:2b:
38:2d:78:fc:b0:ea:7b:b6:65:9a:79:3c:f3:b4:c8:
2c:b2:5a:68:41:b4:37:5f:50:8e:08:32:44:78:d2:
5f:bc:0c:5f:d5:6e:4c:a3:5c:e0:32:01:7a:48:cd:
ef:de:6e:9e:15:ff:40:93:81:84:00:3d:f4:a7:01:
db:9c:47:95:d7:84:e4:27:33:24:e8:9d:1a:b1:66:
f1:82:5e:7e:3b:28:cd:01:54:21:8c:22:ed:fe:58:
73:08:c3:b1:f7:d2:69:28:32:52:bc:bd:5b:2b:3b:
87:03:8e:da:a0:f3:3b:5c:2c:95:b3:7f:cd:6f:cf:
74:44:4b:72:fa:85:bf:66:44:73:8d:7d:6d:39:85:
9e:7f:f3:44:c3:b5:e8:a0:91:30:d7:57:87:1b:3f:
a9:cd:72:d6:6d:00:1d:66:bc:9c:da:de:00:53:85:
00:95:d7:0a:a4:ce:65:25:d1:9b:80:6c:a0:72:4d:
18:cf:88:b5:a4:c2:b1:29:0a:7b:90:e5:d0:16:e5:
74:3e:d9:03:f4:7a:28:e0:fe:33:6e:9b:de:2b:40:
78:e0:62:9a:e4:a4:ca:9e:1c:c2:72:40:1e:8e:e2:
17:cc:d2:9f:b5:4f:33:90:d6:62:80:f5:37:14:b2:
2e:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:2F:64:15:C2:F1:61:40:7B:19:B4:E8:17:CC:C8:46:DF:E9:3A:E6
X509v3 Authority Key Identifier:
keyid:4E:2A:29:9F:18:2A:1F:D5:1D:4B:03:62:99:7A:F7:AA:AE:0D:6B:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TiopnxgqH9UdSwNimXr3qq4Na-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d3df26-3db5-4539-8030-f2ce77e3191e/1/Ty9kFcLxYUB7GbToF8zIRt_pOuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d3df26-3db5-4539-8030-f2ce77e3191e/1/TiopnxgqH9UdSwNimXr3qq4Na-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.248.0/23
185.4.251.0/24
IPv6:
2a02:6840::/32
Signature Algorithm: sha256WithRSAEncryption
b6:56:0e:da:b3:09:cb:6b:70:7e:37:98:41:14:1f:7a:de:d6:
80:49:20:ad:0b:5b:24:6c:63:ef:f1:37:e7:27:40:70:ee:a0:
9f:bf:be:6f:6d:11:86:10:f5:12:1b:a5:1d:e4:2d:86:85:6f:
18:2d:f7:20:2d:44:da:77:15:b2:28:b6:8a:0f:ec:24:df:4c:
90:f0:f8:7a:74:12:4f:71:c7:aa:c9:19:74:cf:11:eb:86:33:
d1:06:a2:f8:30:87:7c:77:89:44:d0:fb:cd:55:81:3d:f6:1f:
d9:6c:98:7d:b3:b5:5f:b8:b7:13:c0:b6:6c:45:1b:46:7b:66:
a4:76:fd:a8:86:19:b6:56:f3:fa:39:f9:98:67:ac:5c:65:47:
9c:d8:cf:74:60:37:7d:8b:1a:b4:9c:bf:fb:04:fe:1e:14:7b:
6d:58:aa:dd:bc:77:ff:c6:aa:62:9f:4d:44:27:ed:88:2b:7a:
59:9a:70:03:42:1f:08:f3:46:b6:b0:59:f5:93:95:8d:82:02:
a3:7e:4a:8e:8a:07:9d:1f:61:a5:14:6f:39:64:28:38:3d:ea:
b4:7c:da:58:8c:0d:93:9d:f5:22:31:41:d2:7a:55:a2:2c:19:
c8:ef:c8:2d:5a:a2:24:05:d3:7e:54:65:eb:1e:01:a7:f2:8f:
6b:db:63:13
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVr7s6kFqxJYBBuXDaf5gMRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMmEyOTlmMTgyYTFmZDUxZDRiMDM2Mjk5N2FmN2FhYWUw
ZDZiZTkwHhcNMjMwMTAxMDYwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjJmNjQxNWMyZjE2MTQwN2IxOWI0ZTgxN2NjYzg0NmRmZTkzYWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKO4PLlTqlC2hMkz1Cs4LXj8sOp7
tmWaeTzztMgsslpoQbQ3X1COCDJEeNJfvAxf1W5Mo1zgMgF6SM3v3m6eFf9Ak4GE
AD30pwHbnEeV14TkJzMk6J0asWbxgl5+OyjNAVQhjCLt/lhzCMOx99JpKDJSvL1b
KzuHA47aoPM7XCyVs3/Nb890REty+oW/ZkRzjX1tOYWef/NEw7XooJEw11eHGz+p
zXLWbQAdZryc2t4AU4UAldcKpM5lJdGbgGygck0Yz4i1pMKxKQp7kOXQFuV0PtkD
9Hoo4P4zbpveK0B44GKa5KTKnhzCckAejuIXzNKftU8zkNZigPU3FLIuaQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFE8vZBXC8WFAexm06BfMyEbf6TrmMB8GA1UdIwQY
MBaAFE4qKZ8YKh/VHUsDYpl696quDWvpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGlvcG54Z3FIOVVkU3dOaW1YcjNxcTROYS1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kM2RmMjYtM2RiNS00NTM5LTgwMzAt
ZjJjZTc3ZTMxOTFlLzEvVHk5a0ZjTHhZVUI3R2JUb0Y4eklSdF9wT3VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kM2RmMjYtM2RiNS00NTM5LTgwMzAtZjJjZTc3ZTMxOTFl
LzEvVGlvcG54Z3FIOVVkU3dOaW1YcjNxcTROYS1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBuQT4AwQA
uQT7MA0EAgACMAcDBQAqAmhAMA0GCSqGSIb3DQEBCwUAA4IBAQC2Vg7aswnLa3B+
N5hBFB963taASSCtC1skbGPv8TfnJ0Bw7qCfv75vbRGGEPUSG6Ud5C2GhW8YLfcg
LUTadxWyKLaKD+wk30yQ8Ph6dBJPcceqyRl0zxHrhjPRBqL4MId8d4lE0PvNVYE9
9h/ZbJh9s7VfuLcTwLZsRRtGe2akdv2ohhm2VvP6OfmYZ6xcZUec2M90YDd9ixq0
nL/7BP4eFHttWKrdvHf/xqpin01EJ+2IK3pZmnADQh8I80a2sFn1k5WNggKjfkqO
igedH2GlFG85ZCg4Peq0fNpYjA2TnfUiMUHSelWiLBnI78gtWqIkBdN+VGXrHgGn
8o9r22MT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:02 2024 by rpki-client on console-fra.rpki-client.org