Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/tEsENGLuOT6SivCX1zXT6LFnzR0.roa
File: tEsENGLuOT6SivCX1zXT6LFnzR0.roa (raw, json)
Hash identifier: DmxBJ4aGGAm9ZESRXcZxQvcC7yJnoc2A2nk3nMvxVI8=
Subject key identifier: B4:4B:04:34:62:EE:39:3E:92:8A:F0:97:D7:35:D3:E8:B1:67:CD:1D
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 01856C53D7522623430A0D5F64E25598BC44
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/tEsENGLuOT6SivCX1zXT6LFnzR0.roa
Signing time: Sun 01 Jan 2023 07:55:11 +0000
ROA not before: Sun 01 Jan 2023 07:55:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211585
IP address blocks: 109.236.51.0/24 maxlen: 24
193.160.141.0/24 maxlen: 24
193.160.143.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:d7:52:26:23:43:0a:0d:5f:64:e2:55:98:bc:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jan 1 07:55:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b44b043462ee393e928af097d735d3e8b167cd1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:9b:cd:6a:cf:2d:4a:8b:e7:de:49:fe:68:1b:
cd:03:a5:d7:7f:1b:db:91:bf:d7:6a:f3:ff:4a:02:
4a:a6:d6:33:bc:a2:05:a4:2c:7d:95:0f:75:da:fd:
ad:c4:5e:67:6e:13:f9:60:18:50:4e:2f:ed:de:90:
d8:71:51:25:8f:db:c7:1b:a6:88:d0:6e:8a:cb:27:
65:bd:56:21:40:48:3b:6a:f8:d2:b2:03:83:a6:f0:
e1:71:69:5d:3d:6c:ea:35:51:c2:87:0b:1b:41:4e:
a1:de:57:03:de:1b:21:4a:cf:12:12:27:9f:bb:9c:
bf:c9:16:e6:d2:13:f4:e3:6c:1f:c5:03:13:84:bb:
1e:ab:d5:bf:04:c7:91:a8:f7:fc:45:7e:2c:fb:ec:
29:ba:0b:1f:b3:11:69:e5:c7:98:af:99:aa:03:a9:
c4:e8:f0:27:22:59:cb:2c:3f:1a:e1:16:83:01:b1:
74:39:c1:64:91:4d:b4:4f:f0:24:b4:d9:bf:a8:49:
02:97:c7:3b:76:df:16:5a:b6:c5:c1:f0:4c:a4:0d:
07:9a:d0:b3:a9:0a:d1:92:b1:f9:cb:e6:78:6e:46:
31:c0:9f:9e:df:38:c7:69:2f:1c:1d:43:6f:83:f1:
ce:04:43:89:96:06:06:78:51:5e:1d:e1:b2:25:4f:
18:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:4B:04:34:62:EE:39:3E:92:8A:F0:97:D7:35:D3:E8:B1:67:CD:1D
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/tEsENGLuOT6SivCX1zXT6LFnzR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.51.0/24
193.160.141.0/24
193.160.143.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:f9:13:8a:f3:71:b2:d9:3f:1f:c4:4a:64:e3:e6:c5:a1:9e:
5c:af:43:0f:86:15:9d:d9:11:c4:2a:89:b9:77:bd:80:b2:26:
21:2e:87:ec:31:b8:7a:b1:ff:95:57:6e:46:ef:1c:f8:d4:91:
cd:69:3c:be:23:81:b3:b6:14:78:3b:44:07:03:ac:bf:a5:c4:
79:d1:2c:41:c2:b1:f8:fc:44:e6:22:ba:15:98:df:d4:bf:87:
eb:20:07:0e:54:91:32:6c:49:86:89:42:fc:5b:88:60:c5:e2:
13:0e:ae:9e:33:b0:0d:10:4a:6f:6e:d3:ef:10:e5:28:6f:e4:
90:7a:08:a1:4e:cd:18:54:ca:bc:fb:bd:81:01:aa:6f:f5:41:
c7:c0:da:4f:1e:d5:71:2c:18:69:fb:38:a0:0f:a2:22:d7:b6:
45:b6:90:c4:f4:44:ee:49:67:74:a9:6c:54:58:35:06:90:25:
e9:41:09:9f:2a:5f:b4:3b:f1:ea:52:48:32:a3:55:fb:cd:b4:
4b:3b:e9:f7:fb:37:25:78:b9:a7:4f:a1:c0:4c:bc:92:86:5d:
63:69:ae:c5:c9:fe:53:cb:f6:c7:b5:43:cd:5b:41:96:8f:4e:
a3:ac:05:46:87:ae:21:fc:b8:39:80:02:a2:a4:b3:31:bc:10:
ea:84:f9:c9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsU9dSJiNDCg1fZOJVmLxEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjMwMTAxMDc1NTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDRiMDQzNDYyZWUzOTNlOTI4YWYwOTdkNzM1ZDNlOGIxNjdjZDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAypvNas8tSovn3kn+aBvNA6XXfxvb
kb/XavP/SgJKptYzvKIFpCx9lQ912v2txF5nbhP5YBhQTi/t3pDYcVElj9vHG6aI
0G6KyydlvVYhQEg7avjSsgODpvDhcWldPWzqNVHChwsbQU6h3lcD3hshSs8SEief
u5y/yRbm0hP042wfxQMThLseq9W/BMeRqPf8RX4s++wpugsfsxFp5ceYr5mqA6nE
6PAnIlnLLD8a4RaDAbF0OcFkkU20T/AktNm/qEkCl8c7dt8WWrbFwfBMpA0HmtCz
qQrRkrH5y+Z4bkYxwJ+e3zjHaS8cHUNvg/HOBEOJlgYGeFFeHeGyJU8YJQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLRLBDRi7jk+korwl9c10+ixZ80dMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvdEVzRU5HTHVPVDZTaXZDWDF6WFQ2TEZuelIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbewzAwQA
waCNAwQAwaCPMA0GCSqGSIb3DQEBCwUAA4IBAQAq+ROK83Gy2T8fxEpk4+bFoZ5c
r0MPhhWd2RHEKom5d72AsiYhLofsMbh6sf+VV25G7xz41JHNaTy+I4GzthR4O0QH
A6y/pcR50SxBwrH4/ETmIroVmN/Uv4frIAcOVJEybEmGiUL8W4hgxeITDq6eM7AN
EEpvbtPvEOUob+SQegihTs0YVMq8+72BAapv9UHHwNpPHtVxLBhp+zigD6Ii17ZF
tpDE9ETuSWd0qWxUWDUGkCXpQQmfKl+0O/HqUkgyo1X7zbRLO+n3+zcleLmnT6HA
TLyShl1jaa7Fyf5Ty/bHtUPNW0GWj06jrAVGh64h/Lg5gAKipLMxvBDqhPnJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:49 2024 by rpki-client on console-fra.rpki-client.org