Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/tg8V_IzBWZeSuo8sRnrWCgVk6mM.roa
File: tg8V_IzBWZeSuo8sRnrWCgVk6mM.roa (raw, json)
Hash identifier: O6nltXvTT+fL83ARQZLLKosLJNs0AQJ763Hufg8Wh6E=
Subject key identifier: B6:0F:15:FC:8C:C1:59:97:92:BA:8F:2C:46:7A:D6:0A:05:64:EA:63
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 01870F79174EA39A8D4D342747EB95DFF2CD
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/tg8V_IzBWZeSuo8sRnrWCgVk6mM.roa
Signing time: Thu 23 Mar 2023 17:16:46 +0000
ROA not before: Thu 23 Mar 2023 17:16:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209372
IP address blocks: 5.104.74.0/24 maxlen: 24
5.104.72.0/24 maxlen: 24
5.104.75.0/24 maxlen: 24
194.124.41.0/24 maxlen: 24
88.218.239.0/24 maxlen: 24
91.245.239.0/24 maxlen: 24
95.214.92.0/24 maxlen: 24
95.214.95.0/24 maxlen: 24
212.69.135.0/24 maxlen: 24
95.214.93.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0f:79:17:4e:a3:9a:8d:4d:34:27:47:eb:95:df:f2:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Mar 23 17:16:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b60f15fc8cc1599792ba8f2c467ad60a0564ea63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b6:84:5f:20:99:54:9b:60:be:e3:85:a2:37:
1d:f5:fa:42:48:c7:40:7b:1b:ff:13:0a:76:50:0d:
a8:09:4e:42:35:ee:19:f6:ea:88:d8:af:c2:72:1d:
fa:71:d9:35:04:b4:5f:fe:1f:31:a0:cc:a7:dd:ed:
9c:55:57:47:21:99:1c:b4:cb:23:db:63:ea:d5:22:
9f:75:4a:6a:af:51:4c:7b:a1:b3:c4:2c:a6:8e:87:
c9:c8:38:b0:59:ca:b1:36:06:98:8a:cf:26:1f:3e:
d2:fa:7c:68:8d:68:d1:0a:08:98:cb:07:ec:3d:ef:
f4:c1:e1:f1:8a:4c:49:a9:83:b8:84:8b:ba:f5:fa:
a8:19:65:6c:16:38:b7:be:28:46:11:e1:80:f8:2a:
47:a9:d2:e0:2d:72:b1:c3:a3:60:75:a9:c1:a8:5f:
b5:cb:a6:0b:4a:d9:77:ab:c4:95:4f:d1:2c:f7:5a:
a2:a3:e6:36:19:cc:6b:ea:80:aa:d6:67:73:70:72:
46:f3:c6:18:c3:65:26:81:29:a6:17:d2:df:89:66:
0a:00:81:ad:20:40:d1:ad:93:0c:ff:02:ba:e2:6c:
e8:97:35:45:ef:13:5c:0b:d2:10:4f:f7:6c:b0:0d:
5b:cd:9b:9e:29:3b:3a:88:fb:35:ae:fc:5f:3b:3b:
30:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:0F:15:FC:8C:C1:59:97:92:BA:8F:2C:46:7A:D6:0A:05:64:EA:63
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/tg8V_IzBWZeSuo8sRnrWCgVk6mM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.72.0/24
5.104.74.0/23
88.218.239.0/24
91.245.239.0/24
95.214.92.0/23
95.214.95.0/24
194.124.41.0/24
212.69.135.0/24
Signature Algorithm: sha256WithRSAEncryption
55:fd:32:3f:ce:44:15:6b:dc:0a:41:0b:f0:38:8c:2a:0c:b0:
f6:14:a7:1f:be:66:df:9a:81:bc:fe:b6:c0:69:7f:31:72:7b:
b2:4d:e3:f2:4f:09:3f:c5:60:da:e4:f2:d9:92:e0:8d:91:a0:
f7:70:b0:63:5c:77:9b:e5:d1:e8:fe:09:b1:22:d9:7b:cc:db:
06:4e:1b:5d:dc:33:14:aa:12:18:4a:ac:89:dd:6c:a0:68:53:
24:96:89:46:ce:f7:72:91:65:88:0d:84:34:1b:a4:30:59:87:
e0:ba:70:36:66:1a:c8:ee:aa:29:de:03:a5:c3:65:b7:c2:bf:
77:d8:85:fe:3b:de:d1:95:11:ff:ce:e2:a9:f4:b2:2d:d6:82:
8f:f2:d8:70:07:7f:e8:82:15:10:8f:9c:4e:64:8b:39:6e:44:
f3:1b:99:1e:57:7b:59:d7:ce:34:6b:d3:ef:a6:0f:95:88:f4:
29:b4:4b:c5:ef:0a:96:49:51:dd:42:8e:4f:71:77:6a:8c:89:
97:7c:54:0f:33:b4:12:21:f0:0b:0b:b7:04:e5:bb:80:5f:c1:
31:8d:a8:c9:4e:91:37:42:f9:ee:b3:4f:6c:35:6d:80:3e:ca:
a6:45:ca:40:98:16:ae:03:23:d1:05:d4:65:0e:10:9f:48:c7:
63:b1:c7:91
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYcPeRdOo5qNTTQnR+uV3/LNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwMzIzMTcxNjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjBmMTVmYzhjYzE1OTk3OTJiYThmMmM0NjdhZDYwYTA1NjRlYTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLaEXyCZVJtgvuOFojcd9fpCSMdA
exv/Ewp2UA2oCU5CNe4Z9uqI2K/Cch36cdk1BLRf/h8xoMyn3e2cVVdHIZkctMsj
22Pq1SKfdUpqr1FMe6GzxCymjofJyDiwWcqxNgaYis8mHz7S+nxojWjRCgiYywfs
Pe/0weHxikxJqYO4hIu69fqoGWVsFji3vihGEeGA+CpHqdLgLXKxw6NgdanBqF+1
y6YLStl3q8SVT9Es91qio+Y2Gcxr6oCq1mdzcHJG88YYw2UmgSmmF9LfiWYKAIGt
IEDRrZMM/wK64mzolzVF7xNcC9IQT/dssA1bzZueKTs6iPs1rvxfOzsw7wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFLYPFfyMwVmXkrqPLEZ61goFZOpjMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvdGc4Vl9JekJXWmVTdW84c1JucldDZ1ZrNm1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQABWhIAwQB
BWhKAwQAWNrvAwQAW/XvAwQBX9ZcAwQAX9ZfAwQAwnwpAwQA1EWHMA0GCSqGSIb3
DQEBCwUAA4IBAQBV/TI/zkQVa9wKQQvwOIwqDLD2FKcfvmbfmoG8/rbAaX8xcnuy
TePyTwk/xWDa5PLZkuCNkaD3cLBjXHeb5dHo/gmxItl7zNsGThtd3DMUqhIYSqyJ
3WygaFMklolGzvdykWWIDYQ0G6QwWYfgunA2ZhrI7qop3gOlw2W3wr932IX+O97R
lRH/zuKp9LIt1oKP8thwB3/oghUQj5xOZIs5bkTzG5keV3tZ1840a9Pvpg+ViPQp
tEvF7wqWSVHdQo5PcXdqjImXfFQPM7QSIfALC7cE5buAX8ExjajJTpE3Qvnus09s
NW2APsqmRcpAmBauAyPRBdRlDhCfSMdjsceR
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:40 2023 by rpki-client on console-fra.rpki-client.org