Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/9eb002-d26a-46d6-9d87-84093061e9ff/1/TDQq_RgZVF8xKUgTEwMsSTfOiL4.roa
File: TDQq_RgZVF8xKUgTEwMsSTfOiL4.roa (raw, json)
Hash identifier: YWYb/fDSiCh24HE6ut+FVyWJYQM6onDRQkKtLcLxNtU=
Subject key identifier: 4C:34:2A:FD:18:19:54:5F:31:29:48:13:13:03:2C:49:37:CE:88:BE
Certificate issuer: /CN=8a3ec0537242f44ce7d5933e9b32204b3f85e99f
Certificate serial: 018571FA21E99183FF0016AEFA58320F3BEC
Authority key identifier: 8A:3E:C0:53:72:42:F4:4C:E7:D5:93:3E:9B:32:20:4B:3F:85:E9:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ij7AU3JC9Ezn1ZM-mzIgSz-F6Z8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/9eb002-d26a-46d6-9d87-84093061e9ff/1/TDQq_RgZVF8xKUgTEwMsSTfOiL4.roa
Signing time: Mon 02 Jan 2023 10:14:56 +0000
ROA not before: Mon 02 Jan 2023 10:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21212
IP address blocks: 185.110.96.0/24 maxlen: 24
185.110.97.0/24 maxlen: 24
185.110.98.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:21:e9:91:83:ff:00:16:ae:fa:58:32:0f:3b:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a3ec0537242f44ce7d5933e9b32204b3f85e99f
Validity
Not Before: Jan 2 10:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c342afd1819545f3129481313032c4937ce88be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:04:6e:cd:1e:57:4c:62:2d:44:ab:b9:c0:63:
06:bf:5f:d7:b2:dd:fa:17:38:64:e9:9c:9c:22:f7:
55:9c:d5:6e:d6:19:a9:9f:27:7a:e7:0b:6a:3d:c5:
14:3b:9f:c5:69:00:4e:4e:ad:ba:b2:af:c9:e1:bb:
45:fb:7e:7d:59:65:4d:ba:95:12:cc:5f:8e:f5:a4:
16:a3:77:99:f5:77:d5:be:fe:fe:6c:5d:42:ac:be:
dc:b2:45:cc:14:1d:08:e0:2b:b0:ba:f3:08:28:43:
fe:f9:ea:92:27:69:f5:e8:fc:9f:8c:b5:7d:53:33:
24:6f:22:64:6a:a3:7b:63:f0:d0:64:44:4e:0f:4f:
17:0e:e7:cf:58:86:ec:53:e0:e9:f1:00:7d:8d:25:
13:f6:3f:ac:76:c6:f0:c8:d6:fe:cb:1d:ee:52:f2:
f3:f8:88:89:90:b7:f9:e5:fa:c1:29:25:a9:7d:03:
46:5d:8a:68:69:d9:27:49:43:51:35:8e:29:c3:1a:
a2:90:11:96:d7:7d:54:db:7a:73:6b:fb:b3:b7:47:
37:7e:ef:bd:2e:9a:a3:e0:82:98:69:94:f9:08:ef:
a7:ee:ac:43:54:67:06:76:54:55:fb:e5:f2:0b:d0:
9d:a5:85:7a:37:c9:24:38:40:01:73:5b:8e:02:3f:
f4:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:34:2A:FD:18:19:54:5F:31:29:48:13:13:03:2C:49:37:CE:88:BE
X509v3 Authority Key Identifier:
keyid:8A:3E:C0:53:72:42:F4:4C:E7:D5:93:3E:9B:32:20:4B:3F:85:E9:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ij7AU3JC9Ezn1ZM-mzIgSz-F6Z8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/9eb002-d26a-46d6-9d87-84093061e9ff/1/TDQq_RgZVF8xKUgTEwMsSTfOiL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/9eb002-d26a-46d6-9d87-84093061e9ff/1/ij7AU3JC9Ezn1ZM-mzIgSz-F6Z8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.96.0-185.110.98.255
Signature Algorithm: sha256WithRSAEncryption
03:ed:d6:20:5a:1f:af:14:e2:8d:ff:f9:86:cb:51:78:b0:ca:
79:8d:be:f9:23:b0:79:b6:3a:57:c7:42:82:d3:dd:7a:72:79:
af:a7:ae:c2:dc:ff:bc:dc:32:a6:7b:03:ca:f5:47:69:8e:ac:
d3:d1:b3:ee:cb:67:ca:4c:32:d8:0f:a4:45:39:ce:9d:c7:b1:
18:8a:1c:2b:11:5f:7f:53:07:89:2a:8c:78:15:f8:ac:14:2b:
a3:88:0a:69:8f:ac:aa:47:48:90:b9:e0:77:53:96:f9:d6:f4:
2a:90:66:f3:fb:fc:25:aa:7b:99:fe:13:01:f7:10:e5:da:9d:
1d:6b:f4:66:7a:7b:4e:97:70:f7:8e:22:e6:14:5e:fe:c4:af:
cd:63:5a:c2:a3:b0:da:90:37:fe:52:ae:aa:45:df:4a:0e:88:
07:f2:f0:c4:fa:29:80:fd:dd:08:20:86:9b:39:e0:ba:d6:f9:
bf:93:19:c8:84:af:b3:3e:82:cd:70:c7:b6:e9:0c:a5:61:b5:
13:1d:e3:2a:b0:21:9e:65:6c:7b:28:68:6f:65:8a:c6:99:e7:
cc:bb:2d:92:e8:55:ef:f6:20:09:da:79:cc:29:6b:42:60:a3:
0f:ee:f7:6d:07:88:2f:b7:26:52:22:42:42:2a:a8:a3:28:e0:
31:40:4b:a7
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVx+iHpkYP/ABau+lgyDzvsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhM2VjMDUzNzI0MmY0NGNlN2Q1OTMzZTliMzIyMDRiM2Y4
NWU5OWYwHhcNMjMwMTAyMTAxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzM0MmFmZDE4MTk1NDVmMzEyOTQ4MTMxMzAzMmM0OTM3Y2U4OGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnARuzR5XTGItRKu5wGMGv1/Xst36
Fzhk6ZycIvdVnNVu1hmpnyd65wtqPcUUO5/FaQBOTq26sq/J4btF+359WWVNupUS
zF+O9aQWo3eZ9XfVvv7+bF1CrL7cskXMFB0I4CuwuvMIKEP++eqSJ2n16PyfjLV9
UzMkbyJkaqN7Y/DQZEROD08XDufPWIbsU+Dp8QB9jSUT9j+sdsbwyNb+yx3uUvLz
+IiJkLf55frBKSWpfQNGXYpoadknSUNRNY4pwxqikBGW131U23pza/uzt0c3fu+9
Lpqj4IKYaZT5CO+n7qxDVGcGdlRV++XyC9CdpYV6N8kkOEABc1uOAj/0OwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEw0Kv0YGVRfMSlIExMDLEk3zoi+MB8GA1UdIwQY
MBaAFIo+wFNyQvRM59WTPpsyIEs/hemfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWo3QVUzSkM5RXpuMVpNLW16SWdTei1GNlo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS85ZWIwMDItZDI2YS00NmQ2LTlkODct
ODQwOTMwNjFlOWZmLzEvVERRcV9SZ1pWRjh4S1VnVEV3TXNTVGZPaUw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS85ZWIwMDItZDI2YS00NmQ2LTlkODctODQwOTMwNjFlOWZm
LzEvaWo3QVUzSkM5RXpuMVpNLW16SWdTei1GNlo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAW5bmAD
BAC5bmIwDQYJKoZIhvcNAQELBQADggEBAAPt1iBaH68U4o3/+YbLUXiwynmNvvkj
sHm2OlfHQoLT3Xpyea+nrsLc/7zcMqZ7A8r1R2mOrNPRs+7LZ8pMMtgPpEU5zp3H
sRiKHCsRX39TB4kqjHgV+KwUK6OICmmPrKpHSJC54HdTlvnW9CqQZvP7/CWqe5n+
EwH3EOXanR1r9GZ6e06XcPeOIuYUXv7Er81jWsKjsNqQN/5SrqpF30oOiAfy8MT6
KYD93Qgghps54LrW+b+TGciEr7M+gs1wx7bpDKVhtRMd4yqwIZ5lbHsoaG9lisaZ
58y7LZLoVe/2IAnaecwpa0Jgow/u920HiC+3JlIiQkIqqKMo4DFAS6c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:16 2024 by rpki-client on console-ams.rpki-client.org