Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/tUm33xDL-DOWSbTY25z1vIK0JxY.roa
File: tUm33xDL-DOWSbTY25z1vIK0JxY.roa (raw, json)
Hash identifier: pW2l4LeLL+x/D7bNY+Qb2BoTgtJDajNW54PL3D9thCo=
Subject key identifier: B5:49:B7:DF:10:CB:F8:33:96:49:B4:D8:DB:9C:F5:BC:82:B4:27:16
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 018570029C7F958DAB1B96BD0BF74E0D0FE4
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/tUm33xDL-DOWSbTY25z1vIK0JxY.roa
Signing time: Mon 02 Jan 2023 01:04:57 +0000
ROA not before: Mon 02 Jan 2023 01:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211711
IP address blocks: 188.132.159.0/24 maxlen: 24
78.135.70.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:9c:7f:95:8d:ab:1b:96:bd:0b:f7:4e:0d:0f:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 2 01:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b549b7df10cbf8339649b4d8db9cf5bc82b42716
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:3a:a2:59:d6:f4:c1:43:0c:b3:e5:c1:11:59:
af:25:c8:2c:bb:31:37:0f:e0:74:e8:e5:c1:c0:9e:
e4:af:1a:64:61:2d:ff:07:5e:37:a7:4d:f8:68:68:
b9:ae:4b:c6:2c:35:8c:64:47:89:33:e3:e3:ca:bb:
a2:8a:09:31:51:31:27:88:8d:af:68:46:a3:79:bc:
13:36:b3:96:e8:06:41:aa:df:cf:82:63:2d:70:02:
da:35:b3:c5:3a:43:9f:65:da:b2:63:77:0c:e8:de:
fc:55:55:69:65:72:18:bb:82:0d:e0:15:9e:6a:67:
8a:a3:9e:7e:c5:3e:42:08:fd:83:d6:6a:60:f3:2e:
70:58:0b:d8:aa:84:fc:a2:1d:51:05:7f:b8:a6:a7:
05:b3:b0:4a:14:fc:d5:f9:a3:d1:ed:87:b0:01:75:
16:55:c6:e3:9c:26:37:9f:da:0b:9a:85:cb:d4:e8:
a6:9d:65:a2:32:32:77:da:8a:b8:38:51:69:f1:1c:
d3:29:10:56:d7:7a:28:37:5f:ef:11:40:3e:c0:a8:
41:8f:38:6f:93:c8:de:e2:b2:d5:43:73:b0:4b:d2:
6f:0f:c6:f4:cf:45:f6:b1:d1:3b:80:5e:c9:9e:f1:
a3:49:1a:9a:2c:1e:e9:57:ca:6c:b5:50:5a:1a:59:
7d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:49:B7:DF:10:CB:F8:33:96:49:B4:D8:DB:9C:F5:BC:82:B4:27:16
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/tUm33xDL-DOWSbTY25z1vIK0JxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.135.70.0/24
188.132.159.0/24
Signature Algorithm: sha256WithRSAEncryption
30:d3:a5:e2:08:d4:57:07:74:a4:81:54:bf:d0:ed:93:9e:41:
f6:1d:48:b4:cb:83:d1:1c:7a:d6:60:30:26:0c:46:81:20:37:
73:c0:ae:85:66:83:8d:2f:7f:aa:15:ad:27:1d:c9:cd:e7:05:
d1:a8:c1:af:2a:dc:f3:28:e5:f2:d2:1b:c6:75:2f:24:09:54:
39:e2:21:5e:70:8e:55:1f:95:14:28:61:dc:7f:3e:7e:7a:9a:
b8:1f:a2:4f:69:99:ec:f2:3b:be:35:1f:30:ef:63:90:c2:13:
e7:65:3d:d4:b8:e8:d5:af:6b:d5:67:49:3b:a9:76:0a:65:9a:
ac:82:ea:35:8b:53:f2:55:b0:44:22:c4:40:c9:14:b9:27:86:
20:8f:e2:7b:7d:59:e3:8e:9c:58:c7:02:db:fb:8a:88:25:18:
63:60:d8:52:05:a2:7d:03:99:75:23:1e:3b:6e:63:69:f3:ed:
46:3a:e1:df:ad:ab:0a:83:da:4a:36:5e:7c:95:5c:d4:12:32:
eb:9f:c6:41:3d:c1:29:ae:f7:94:07:7d:83:b8:26:6d:0a:29:
84:16:15:29:80:41:e1:9b:a4:f5:32:b9:75:8d:c3:59:8b:ba:
61:4c:ba:e9:78:18:98:97:80:9a:95:de:ef:80:42:d1:0c:95:
28:02:e5:b9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwApx/lY2rG5a9C/dODQ/kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjMwMTAyMDEwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTQ5YjdkZjEwY2JmODMzOTY0OWI0ZDhkYjljZjViYzgyYjQyNzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzqiWdb0wUMMs+XBEVmvJcgsuzE3
D+B06OXBwJ7krxpkYS3/B143p034aGi5rkvGLDWMZEeJM+PjyruiigkxUTEniI2v
aEajebwTNrOW6AZBqt/PgmMtcALaNbPFOkOfZdqyY3cM6N78VVVpZXIYu4IN4BWe
ameKo55+xT5CCP2D1mpg8y5wWAvYqoT8oh1RBX+4pqcFs7BKFPzV+aPR7YewAXUW
VcbjnCY3n9oLmoXL1OimnWWiMjJ32oq4OFFp8RzTKRBW13ooN1/vEUA+wKhBjzhv
k8je4rLVQ3OwS9JvD8b0z0X2sdE7gF7JnvGjSRqaLB7pV8pstVBaGll9wwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLVJt98Qy/gzlkm02Nuc9byCtCcWMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvdFVtMzN4REwtRE9XU2JUWTI1ejF2SUswSnhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATodGAwQA
vISfMA0GCSqGSIb3DQEBCwUAA4IBAQAw06XiCNRXB3SkgVS/0O2TnkH2HUi0y4PR
HHrWYDAmDEaBIDdzwK6FZoONL3+qFa0nHcnN5wXRqMGvKtzzKOXy0hvGdS8kCVQ5
4iFecI5VH5UUKGHcfz5+epq4H6JPaZns8ju+NR8w72OQwhPnZT3UuOjVr2vVZ0k7
qXYKZZqsguo1i1PyVbBEIsRAyRS5J4Ygj+J7fVnjjpxYxwLb+4qIJRhjYNhSBaJ9
A5l1Ix47bmNp8+1GOuHfrasKg9pKNl58lVzUEjLrn8ZBPcEprveUB32DuCZtCimE
FhUpgEHhm6T1Mrl1jcNZi7phTLrpeBiYl4Cald7vgELRDJUoAuW5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:44 2024 by rpki-client on console-fra.rpki-client.org