Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/TIbjVZSNVRJDN7QQEYzvtewQy1w.roa
File: TIbjVZSNVRJDN7QQEYzvtewQy1w.roa (raw, json)
Hash identifier: VOoFKD1Q5eovoig+sSA+uEpZA5Yysm5D09r9vHuSa94=
Subject key identifier: 4C:86:E3:55:94:8D:55:12:43:37:B4:10:11:8C:EF:B5:EC:10:CB:5C
Certificate issuer: /CN=6c5e4ef5516799ffe0bb1b839317dbd355bb7a9b
Certificate serial: 018CC64B56714D001C621F8ED7474016EA36
Authority key identifier: 6C:5E:4E:F5:51:67:99:FF:E0:BB:1B:83:93:17:DB:D3:55:BB:7A:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bF5O9VFnmf_guxuDkxfb01W7eps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/TIbjVZSNVRJDN7QQEYzvtewQy1w.roa
Signing time: Mon 01 Jan 2024 18:31:15 +0000
ROA not before: Mon 01 Jan 2024 18:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196724
IP address blocks: 195.182.36.0/24 maxlen: 24
185.208.214.0/24 maxlen: 24
178.23.176.0/21 maxlen: 21
2a00:1cf0::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 09 Mar 2024 23:27:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:56:71:4d:00:1c:62:1f:8e:d7:47:40:16:ea:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c5e4ef5516799ffe0bb1b839317dbd355bb7a9b
Validity
Not Before: Jan 1 18:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c86e355948d55124337b410118cefb5ec10cb5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:60:b2:9a:de:54:78:ea:d1:82:08:c0:3f:a3:
c2:3a:04:ba:4b:86:8b:af:e5:6b:e9:76:1d:fa:d3:
da:60:23:c4:20:25:ba:d7:ca:25:1b:ef:0b:47:b4:
a9:fe:b4:f1:f1:55:0d:56:bb:70:2c:e0:b0:28:f5:
a3:ad:63:6f:c6:6a:75:75:28:1e:82:b9:c2:bb:1c:
6d:db:84:e6:47:34:25:fd:a9:79:d0:bf:fc:9d:25:
8e:21:b1:47:90:8e:53:b8:8b:a9:01:6a:30:6d:cd:
68:ca:35:7a:8b:bd:dc:6c:fc:e7:a8:62:b0:cd:60:
89:47:20:11:67:3d:0d:db:d2:47:e9:35:5b:36:e5:
e4:e4:30:c9:54:8a:89:4e:ad:70:bd:7f:11:73:fa:
ca:42:6b:5c:37:9f:60:24:c8:2f:eb:d2:10:1c:1c:
80:9f:a8:6c:cd:3d:41:c4:8f:53:ba:7f:6e:70:6f:
29:ee:ab:5e:be:ad:36:78:fd:cc:8b:05:6f:a4:42:
ae:d2:ad:38:f7:ee:1b:a8:ee:e2:84:a4:b7:07:48:
77:4f:a7:e3:06:a4:66:14:2d:aa:a4:c8:88:a9:8e:
6d:08:d8:f7:9e:d9:d9:f3:85:5f:fe:44:28:b1:ca:
84:e5:76:d4:f2:23:f1:ca:27:ae:05:10:37:e6:63:
65:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:86:E3:55:94:8D:55:12:43:37:B4:10:11:8C:EF:B5:EC:10:CB:5C
X509v3 Authority Key Identifier:
keyid:6C:5E:4E:F5:51:67:99:FF:E0:BB:1B:83:93:17:DB:D3:55:BB:7A:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bF5O9VFnmf_guxuDkxfb01W7eps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/TIbjVZSNVRJDN7QQEYzvtewQy1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/bF5O9VFnmf_guxuDkxfb01W7eps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.23.176.0/21
185.208.214.0/24
195.182.36.0/24
IPv6:
2a00:1cf0::/32
Signature Algorithm: sha256WithRSAEncryption
48:c9:87:f1:7f:bb:e7:6a:20:bb:1f:29:cb:54:de:da:57:b5:
c9:28:f7:b6:ad:79:0f:9f:b7:6d:4d:88:54:dd:2e:69:3c:35:
ef:78:ef:cf:72:79:97:1b:af:76:53:a5:4d:08:8a:28:56:bc:
bc:81:2f:0a:8d:d0:b8:c9:00:f1:7d:3e:53:9c:e6:a8:bb:29:
10:bd:2b:bd:10:7c:4c:26:c1:2e:f6:ec:8c:5d:8c:4b:04:de:
4f:d0:0b:bf:2f:81:5d:1b:f4:6c:5c:41:48:a3:05:b5:82:db:
bd:fa:39:78:03:d3:52:1c:ea:2c:5d:2f:83:e0:4a:39:c2:8a:
9a:47:b1:54:18:19:64:19:51:0e:43:5b:89:6d:ec:be:16:80:
58:05:10:c3:90:18:b8:e0:30:bc:69:03:37:49:65:0d:84:be:
16:29:35:a7:0c:e9:0c:1f:8e:26:9e:0e:12:14:5f:fc:aa:8c:
69:83:49:4e:71:44:a8:42:bd:9c:e9:b4:7d:86:af:42:61:fa:
17:d8:4a:b5:ee:a7:3b:dc:f8:2b:41:58:80:c1:fb:42:8e:51:
d6:f0:73:87:9b:c7:aa:73:ac:02:ee:b0:69:be:a6:b3:b6:fa:
14:e2:53:5f:ec:c2:39:a1:ec:f4:c7:61:11:dd:4e:e9:3f:0c:
08:ad:fc:e2
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzGS1ZxTQAcYh+O10dAFuo2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNWU0ZWY1NTE2Nzk5ZmZlMGJiMWI4MzkzMTdkYmQzNTVi
YjdhOWIwHhcNMjQwMTAxMTgzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yzg2ZTM1NTk0OGQ1NTEyNDMzN2I0MTAxMThjZWZiNWVjMTBjYjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWCymt5UeOrRggjAP6PCOgS6S4aL
r+Vr6XYd+tPaYCPEICW618olG+8LR7Sp/rTx8VUNVrtwLOCwKPWjrWNvxmp1dSge
grnCuxxt24TmRzQl/al50L/8nSWOIbFHkI5TuIupAWowbc1oyjV6i73cbPznqGKw
zWCJRyARZz0N29JH6TVbNuXk5DDJVIqJTq1wvX8Rc/rKQmtcN59gJMgv69IQHByA
n6hszT1BxI9Tun9ucG8p7qtevq02eP3MiwVvpEKu0q049+4bqO7ihKS3B0h3T6fj
BqRmFC2qpMiIqY5tCNj3ntnZ84Vf/kQoscqE5XbU8iPxyieuBRA35mNlCwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEyG41WUjVUSQze0EBGM77XsEMtcMB8GA1UdIwQY
MBaAFGxeTvVRZ5n/4Lsbg5MX29NVu3qbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkY1TzlWRm5tZl9ndXh1RGt4ZmIwMVc3ZXBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS85ZDk2ODAtZmZiZi00M2QxLTljMDUt
MWJlNzUzZmFkMWJmLzEvVElialZaU05WUkpETjdRUUVZenZ0ZXdReTF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS85ZDk2ODAtZmZiZi00M2QxLTljMDUtMWJlNzUzZmFkMWJm
LzEvYkY1TzlWRm5tZl9ndXh1RGt4ZmIwMVc3ZXBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDshewAwQA
udDWAwQAw7YkMA0EAgACMAcDBQAqABzwMA0GCSqGSIb3DQEBCwUAA4IBAQBIyYfx
f7vnaiC7HynLVN7aV7XJKPe2rXkPn7dtTYhU3S5pPDXveO/PcnmXG692U6VNCIoo
Vry8gS8KjdC4yQDxfT5TnOaouykQvSu9EHxMJsEu9uyMXYxLBN5P0Au/L4FdG/Rs
XEFIowW1gtu9+jl4A9NSHOosXS+D4Eo5woqaR7FUGBlkGVEOQ1uJbey+FoBYBRDD
kBi44DC8aQM3SWUNhL4WKTWnDOkMH44mng4SFF/8qoxpg0lOcUSoQr2c6bR9hq9C
YfoX2Eq17qc73PgrQViAwftCjlHW8HOHm8eqc6wC7rBpvqaztvoU4lNf7MI5oez0
x2ER3U7pPwwIrfzi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:15 2024 by rpki-client on console-ams.rpki-client.org