Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/TC4atOprfa7T2mvMtCt82xeb6iI.roa
File: TC4atOprfa7T2mvMtCt82xeb6iI.roa (raw, json)
Hash identifier: +0Yg2GDasNBix9kXHKjCb0kCJji6zArrbEgDIScPyKQ=
Subject key identifier: 4C:2E:1A:B4:EA:6B:7D:AE:D3:DA:6B:CC:B4:2B:7C:DB:17:9B:EA:22
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 01888C382F08D5267B7C7DE692A6CF02F1DD
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/TC4atOprfa7T2mvMtCt82xeb6iI.roa
Signing time: Mon 05 Jun 2023 15:41:12 +0000
ROA not before: Mon 05 Jun 2023 15:41:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207795
IP address blocks: 194.28.156.0/24 maxlen: 24
194.28.158.0/24 maxlen: 24
194.104.4.0/24 maxlen: 24
194.104.5.0/24 maxlen: 24
194.104.6.0/24 maxlen: 24
212.69.132.0/24 maxlen: 24
212.69.133.0/24 maxlen: 24
212.69.134.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8c:38:2f:08:d5:26:7b:7c:7d:e6:92:a6:cf:02:f1:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Jun 5 15:41:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c2e1ab4ea6b7daed3da6bccb42b7cdb179bea22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:74:9c:b0:06:55:8e:4e:dc:1e:ad:f1:55:f6:
27:df:2e:b0:c9:87:f1:73:63:cf:51:df:5b:6b:52:
6f:23:7a:2d:7b:49:a5:b0:17:1d:87:0f:2d:d2:75:
32:19:2e:fc:4c:f9:ca:58:be:5b:f8:41:8e:09:f4:
2e:1c:f1:0e:58:ad:17:88:fe:29:c4:97:5a:59:9d:
5d:a4:38:7e:1c:e0:d6:57:e2:68:06:97:3f:5b:bb:
04:65:3e:00:c1:30:28:7d:3c:55:61:9c:fd:4f:24:
d5:83:6f:43:56:0e:ad:fb:a0:b4:1d:3f:6e:3b:a9:
05:79:d8:73:af:38:e8:fa:1e:e2:20:fc:dc:32:6e:
be:8b:f1:7e:b2:c9:9e:a8:3b:18:57:12:4e:f2:e5:
4f:b3:31:3c:7e:a3:e8:4b:76:1b:1e:39:bc:48:80:
ef:51:5a:97:c2:ff:b0:e9:ac:07:b5:f5:11:2f:b7:
f6:39:67:6b:7e:50:9c:4b:c7:a6:9a:ee:9a:82:01:
16:3a:1c:5e:9c:5e:64:13:ed:55:a5:28:6e:5f:66:
39:ad:61:db:19:dd:d3:a0:2d:2e:85:a9:77:d9:c9:
78:64:3b:ab:41:37:c4:e0:34:ea:da:a2:0f:ec:98:
67:96:14:d8:f3:e2:8a:2d:b5:44:eb:45:91:15:aa:
bf:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:2E:1A:B4:EA:6B:7D:AE:D3:DA:6B:CC:B4:2B:7C:DB:17:9B:EA:22
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/TC4atOprfa7T2mvMtCt82xeb6iI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.28.156.0/24
194.28.158.0/24
194.104.4.0-194.104.6.255
212.69.132.0-212.69.134.255
Signature Algorithm: sha256WithRSAEncryption
07:c7:81:77:31:fc:4d:02:5c:0e:16:94:6b:71:9c:e6:15:bc:
6d:d0:a5:95:97:d3:bb:11:4e:eb:36:b2:9b:a5:ce:ec:ea:c1:
27:29:86:3c:72:33:b6:3d:fe:54:c3:2d:5a:ba:93:50:d1:b1:
39:4b:e5:99:11:aa:84:79:c4:c0:ff:98:d6:7e:fc:70:cf:93:
83:11:ef:f6:dc:37:30:ae:25:7c:ae:7a:1f:6b:6d:d8:72:91:
3c:e5:1a:22:f1:96:77:30:a6:81:b8:03:b0:fe:c6:54:66:93:
58:56:d5:3a:b3:6b:fc:e5:43:ba:9f:38:55:f8:17:a7:92:b9:
92:51:22:8a:b3:be:88:7c:19:a3:e3:e4:12:f9:22:d5:de:6b:
fa:03:6c:f8:9f:6d:72:06:42:4d:55:5d:01:b1:4f:58:af:74:
0d:35:af:1e:1e:8d:90:29:cc:3f:26:46:76:04:5b:c9:76:49:
b0:76:9f:5f:f6:c8:f5:58:0c:31:c0:55:fc:ca:62:e3:bf:32:
f1:e3:2e:fb:94:08:66:e8:31:06:0a:6d:41:b4:c9:6e:cc:ea:
b8:6a:85:cb:0e:61:17:20:a9:c6:e9:c9:f2:95:c3:98:60:48:
db:ef:60:b8:79:44:1c:ce:74:89:07:be:e4:76:06:54:a7:19:
8f:3e:4a:a3
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYiMOC8I1SZ7fH3mkqbPAvHdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwNjA1MTU0MTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzJlMWFiNGVhNmI3ZGFlZDNkYTZiY2NiNDJiN2NkYjE3OWJlYTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA33ScsAZVjk7cHq3xVfYn3y6wyYfx
c2PPUd9ba1JvI3ote0mlsBcdhw8t0nUyGS78TPnKWL5b+EGOCfQuHPEOWK0XiP4p
xJdaWZ1dpDh+HODWV+JoBpc/W7sEZT4AwTAofTxVYZz9TyTVg29DVg6t+6C0HT9u
O6kFedhzrzjo+h7iIPzcMm6+i/F+ssmeqDsYVxJO8uVPszE8fqPoS3YbHjm8SIDv
UVqXwv+w6awHtfURL7f2OWdrflCcS8emmu6aggEWOhxenF5kE+1VpShuX2Y5rWHb
Gd3ToC0uhal32cl4ZDurQTfE4DTq2qIP7JhnlhTY8+KKLbVE60WRFaq/VQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFEwuGrTqa32u09przLQrfNsXm+oiMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvVEM0YXRPcHJmYTdUMm12TXRDdDgyeGViNmlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQAwhycAwQA
whyeMAwDBALCaAQDBADCaAYwDAMEAtRFhAMEANRFhjANBgkqhkiG9w0BAQsFAAOC
AQEAB8eBdzH8TQJcDhaUa3Gc5hW8bdCllZfTuxFO6zaym6XO7OrBJymGPHIztj3+
VMMtWrqTUNGxOUvlmRGqhHnEwP+Y1n78cM+TgxHv9tw3MK4lfK56H2tt2HKRPOUa
IvGWdzCmgbgDsP7GVGaTWFbVOrNr/OVDup84VfgXp5K5klEiirO+iHwZo+PkEvki
1d5r+gNs+J9tcgZCTVVdAbFPWK90DTWvHh6NkCnMPyZGdgRbyXZJsHafX/bI9VgM
McBV/Mpi478y8eMu+5QIZugxBgptQbTJbszquGqFyw5hFyCpxunJ8pXDmGBI2+9g
uHlEHM50iQe+5HYGVKcZjz5Kow==
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:24 2024 by rpki-client on console-fra.rpki-client.org