Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/TQpsf0x3iVtQyTbvONmxzWyOXcA.roa
File: TQpsf0x3iVtQyTbvONmxzWyOXcA.roa (raw, json)
Hash identifier: ZyOh05Oqq20uwKKIKj/hKqPM4hKsK3fdboz3jgx3ej8=
Subject key identifier: 4D:0A:6C:7F:4C:77:89:5B:50:C9:36:EF:38:D9:B1:CD:6C:8E:5D:C0
Certificate issuer: /CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Certificate serial: 018C2634C44369E9A11A7D868FC463AEE7AC
Authority key identifier: 2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/TQpsf0x3iVtQyTbvONmxzWyOXcA.roa
Signing time: Fri 01 Dec 2023 16:27:21 +0000
ROA not before: Fri 01 Dec 2023 16:27:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34465
IP address blocks: 185.188.28.0/24 maxlen: 24
2a12:8fc6:cd02::/48 maxlen: 48
2a12:8fc6:ace2::/48 maxlen: 48
2a12:8fc6:bdee::/48 maxlen: 48
2a12:8fc6:efdf::/48 maxlen: 48
2a12:8fc6:c31a::/48 maxlen: 48
2a12:8fc6:ae44::/48 maxlen: 48
2a12:8fc6:cd04::/48 maxlen: 48
2a12:8fc6:bab0::/48 maxlen: 48
2a12:8fc6:be01::/48 maxlen: 48
2a12:8fc6:ee01::/48 maxlen: 48
2a12:8fc6:ace1::/48 maxlen: 48
2a12:8fc6:cd01::/48 maxlen: 48
2a12:8fc6:cae1::/48 maxlen: 48
2a12:8fc6:ace3::/48 maxlen: 48
2a12:8fc6:c31e::/48 maxlen: 48
2a12:8fc6:dbaa::/48 maxlen: 48
2a12:8fc6:eaca::/48 maxlen: 48
2a12:8fc6::/32 maxlen: 32
2a12:8fc6:dae0::/48 maxlen: 48
2a12:8fc6:cd00::/48 maxlen: 48
2a12:8fc6:ae00::/48 maxlen: 48
2a12:8fc6:ca00::/48 maxlen: 48
2a12:8fc6:daa0::/48 maxlen: 48
2a12:8fc6:fae0::/48 maxlen: 48
2a12:8fc6:cc00::/48 maxlen: 48
2a12:8fc6:aa00::/48 maxlen: 48
2a12:8fc6:faa0::/48 maxlen: 48
2a12:8fc6:ce00::/48 maxlen: 48
2a12:8fc6:caa0::/48 maxlen: 48
2a12:8fc6:db00::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:26:34:c4:43:69:e9:a1:1a:7d:86:8f:c4:63:ae:e7:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Validity
Not Before: Dec 1 16:27:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d0a6c7f4c77895b50c936ef38d9b1cd6c8e5dc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:59:40:05:da:b7:bb:eb:29:58:2a:37:f5:92:
1b:20:46:e6:79:17:56:83:01:4d:1c:3e:e5:1d:3c:
c2:63:ae:e8:48:c4:67:1e:48:95:37:28:bf:fe:e1:
f1:63:32:f7:06:22:6d:ff:8a:2d:b1:c6:ba:0c:e2:
e7:5f:74:91:0d:4a:a3:f0:5c:9f:da:00:00:e9:76:
d6:58:c7:e5:d0:12:32:1d:15:f9:2b:20:6c:ee:c3:
5e:8e:68:65:e1:a6:2e:8a:bd:c9:b7:f0:cc:98:fa:
45:81:29:5e:e1:92:f4:e3:39:56:7b:37:49:f9:dd:
51:df:0c:7f:68:60:c5:4e:d4:e4:0e:2a:bd:1b:f0:
b7:2a:bf:27:64:10:ac:ec:3a:11:56:5e:91:40:94:
cd:00:9b:e1:9b:fa:d2:b7:f2:25:19:ef:8a:85:76:
7a:bc:fc:90:61:43:91:0f:1b:cf:7b:b2:15:4d:0f:
bc:cd:2e:65:61:48:59:a4:9a:bf:ab:f2:d1:7d:56:
92:43:24:cf:a6:b0:8d:ff:90:a8:b9:7d:d0:d7:14:
fa:5e:b1:03:0a:44:be:41:cb:61:bc:41:13:6d:6b:
cf:19:7d:c9:fe:2e:b8:46:d0:d1:4b:ca:72:49:ee:
e4:32:1a:ae:a4:31:fc:17:0d:c4:3c:9f:7b:ba:ac:
1e:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:0A:6C:7F:4C:77:89:5B:50:C9:36:EF:38:D9:B1:CD:6C:8E:5D:C0
X509v3 Authority Key Identifier:
keyid:2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/TQpsf0x3iVtQyTbvONmxzWyOXcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.188.28.0/24
IPv6:
2a12:8fc6::/32
Signature Algorithm: sha256WithRSAEncryption
28:73:05:86:55:ac:1d:0b:66:b5:d9:5d:81:82:83:c6:bd:09:
19:9e:2c:6e:55:e3:ee:e4:5f:b8:58:f5:27:87:22:dc:a0:93:
f5:56:95:49:58:ec:ea:5b:3f:75:e4:5f:4f:43:97:ad:7e:2b:
e7:b3:30:b1:bc:0d:40:28:fb:5e:42:f9:c2:68:94:17:57:a6:
b2:09:4f:2e:f6:b0:a4:71:10:e0:dc:f4:1b:85:f4:23:11:4b:
9d:4a:11:57:b0:d9:a5:1a:16:17:be:68:80:8d:af:60:b1:65:
38:87:7e:44:ab:28:95:a1:70:46:08:4c:06:ee:22:b3:65:fc:
e4:02:ff:b4:3a:94:36:bc:74:98:21:4d:b8:78:47:15:5a:3e:
88:d9:06:e2:8e:52:d6:f0:81:fe:ec:f8:de:28:97:10:e7:2b:
b0:d7:e1:55:0d:80:69:7f:9e:ed:3d:84:3e:96:52:04:2f:fe:
38:ce:66:82:44:df:e9:69:71:f5:cb:50:37:08:b3:3b:bd:a4:
8c:94:2f:8f:e0:c3:0f:b7:bd:c7:dc:77:60:bd:fd:4f:3f:50:
e3:5a:5c:1f:bb:cf:4c:9a:8b:39:52:76:43:65:9f:34:9d:de:
4d:22:ba:43:14:b7:e1:c2:4f:3e:97:a1:29:11:35:74:75:a3:
11:d1:88:60
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYwmNMRDaemhGn2Gj8RjruesMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTY3ZTc3MmNjNzI5ODMwNWExMWZmYTY1ZGQxODVmNmE1
ODkxMGIwHhcNMjMxMjAxMTYyNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDBhNmM3ZjRjNzc4OTViNTBjOTM2ZWYzOGQ5YjFjZDZjOGU1ZGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1lABdq3u+spWCo39ZIbIEbmeRdW
gwFNHD7lHTzCY67oSMRnHkiVNyi//uHxYzL3BiJt/4otsca6DOLnX3SRDUqj8Fyf
2gAA6XbWWMfl0BIyHRX5KyBs7sNejmhl4aYuir3Jt/DMmPpFgSle4ZL04zlWezdJ
+d1R3wx/aGDFTtTkDiq9G/C3Kr8nZBCs7DoRVl6RQJTNAJvhm/rSt/IlGe+KhXZ6
vPyQYUORDxvPe7IVTQ+8zS5lYUhZpJq/q/LRfVaSQyTPprCN/5CouX3Q1xT6XrED
CkS+QcthvEETbWvPGX3J/i64RtDRS8pySe7kMhqupDH8Fw3EPJ97uqweawIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE0KbH9Md4lbUMk27zjZsc1sjl3AMB8GA1UdIwQY
MBaAFCuWfncsxymDBaEf+mXdGF9qWJELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEt
NThjOTZkNjZmMGExLzEvVFFwc2YweDNpVnRReVRidk9ObXh6V3lPWGNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEtNThjOTZkNjZmMGEx
LzEvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAubwcMA0E
AgACMAcDBQAqEo/GMA0GCSqGSIb3DQEBCwUAA4IBAQAocwWGVawdC2a12V2BgoPG
vQkZnixuVePu5F+4WPUnhyLcoJP1VpVJWOzqWz915F9PQ5etfivnszCxvA1AKPte
QvnCaJQXV6ayCU8u9rCkcRDg3PQbhfQjEUudShFXsNmlGhYXvmiAja9gsWU4h35E
qyiVoXBGCEwG7iKzZfzkAv+0OpQ2vHSYIU24eEcVWj6I2QbijlLW8IH+7PjeKJcQ
5yuw1+FVDYBpf57tPYQ+llIEL/44zmaCRN/paXH1y1A3CLM7vaSMlC+P4MMPt73H
3Hdgvf1PP1DjWlwfu89Mmos5UnZDZZ80nd5NIrpDFLfhwk8+l6EpETV0daMR0Yhg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:13 2024 by rpki-client on console-fra.rpki-client.org