Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/7e47d7-b369-4baa-af4e-f33e3c5c65db/1/tmx00irKyOISW-L0pwsLp8MzITE.roa
File: tmx00irKyOISW-L0pwsLp8MzITE.roa (raw, json)
Hash identifier: KuoUmXb806wFXgBN9ZWm1AMCr9SxriSXOUrOAPw2Bhs=
Subject key identifier: B6:6C:74:D2:2A:CA:C8:E2:12:5B:E2:F4:A7:0B:0B:A7:C3:33:21:31
Certificate issuer: /CN=06373eb821c966ba267a838d952fc4a418cba107
Certificate serial: 0185711539E23389FB1A42B06A6B40C9FAE0
Authority key identifier: 06:37:3E:B8:21:C9:66:BA:26:7A:83:8D:95:2F:C4:A4:18:CB:A1:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bjc-uCHJZromeoONlS_EpBjLoQc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/7e47d7-b369-4baa-af4e-f33e3c5c65db/1/tmx00irKyOISW-L0pwsLp8MzITE.roa
Signing time: Mon 02 Jan 2023 06:04:54 +0000
ROA not before: Mon 02 Jan 2023 06:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206559
IP address blocks: 194.105.132.0/23 maxlen: 23
185.183.36.0/22 maxlen: 22
2a0d:4980::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:15:39:e2:33:89:fb:1a:42:b0:6a:6b:40:c9:fa:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06373eb821c966ba267a838d952fc4a418cba107
Validity
Not Before: Jan 2 06:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b66c74d22acac8e2125be2f4a70b0ba7c3332131
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:c4:25:50:cf:d1:ae:a8:35:33:db:74:36:8e:
f0:80:39:78:5a:a8:1a:8f:92:17:ac:e3:c8:cb:1b:
b1:9c:c9:a4:9c:77:c1:e4:d7:b5:98:08:17:90:8f:
6f:51:1f:cb:f7:41:67:73:42:c2:89:ea:b5:ff:2c:
1e:32:7b:13:a2:83:71:3b:09:33:46:9b:28:80:30:
9e:a1:bc:6b:ff:fc:0b:96:2f:5e:f7:46:8c:7e:f7:
59:e6:fc:51:33:4d:c3:95:69:35:1d:57:d1:bc:43:
19:2c:5d:8d:d9:9a:c3:fb:e3:36:6f:64:be:7b:85:
7d:ca:60:19:73:c7:38:ac:e4:97:05:57:b6:7a:62:
93:93:80:b6:44:18:f8:a7:a8:f8:f6:bd:2c:57:90:
a5:c0:5c:5a:f4:7a:fb:76:c5:59:cf:63:1b:6d:36:
94:a4:02:d5:7c:d2:94:78:4e:ce:9c:c4:7a:89:25:
39:62:6d:bd:bd:c8:57:59:03:da:d4:81:70:bc:c4:
3a:1f:0e:05:25:1d:4e:1c:85:24:79:84:21:9b:48:
60:35:c9:fd:9d:5e:91:fc:86:37:93:61:d4:7a:49:
52:c8:f4:0b:e5:87:09:22:27:4d:40:30:f4:0d:69:
ce:31:26:58:a1:c2:7e:4c:87:37:a0:a7:6e:0e:5a:
7e:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:6C:74:D2:2A:CA:C8:E2:12:5B:E2:F4:A7:0B:0B:A7:C3:33:21:31
X509v3 Authority Key Identifier:
keyid:06:37:3E:B8:21:C9:66:BA:26:7A:83:8D:95:2F:C4:A4:18:CB:A1:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bjc-uCHJZromeoONlS_EpBjLoQc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/7e47d7-b369-4baa-af4e-f33e3c5c65db/1/tmx00irKyOISW-L0pwsLp8MzITE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/7e47d7-b369-4baa-af4e-f33e3c5c65db/1/Bjc-uCHJZromeoONlS_EpBjLoQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.183.36.0/22
194.105.132.0/23
IPv6:
2a0d:4980::/32
Signature Algorithm: sha256WithRSAEncryption
7c:8c:2f:a5:fd:0e:a8:7f:54:68:f8:85:44:17:c1:a3:a2:f9:
62:ef:c9:ca:e8:4d:b6:36:40:14:5f:fc:4c:2b:b4:40:87:18:
13:ae:01:76:7f:ab:0c:6a:7b:9f:d3:de:53:c2:43:60:8c:c3:
46:ce:50:26:55:f3:ce:fa:4f:d0:50:e2:9d:81:35:80:03:44:
58:c2:1a:51:a7:f9:74:4b:6e:69:2c:89:03:e1:58:b2:d6:73:
28:45:57:70:6d:36:42:93:89:f9:8a:0d:b0:de:ee:8e:fb:51:
93:09:06:82:b9:21:39:cc:fe:3c:b0:b7:e1:e4:a0:7d:7b:6a:
64:ad:b6:c3:1d:99:4a:92:1a:98:86:20:84:27:b9:9e:f0:e7:
0e:f0:9e:70:47:6c:26:7e:7d:de:67:cd:60:e2:15:fd:19:31:
a8:8b:1f:45:60:60:55:91:99:1d:bf:cd:ec:97:25:ea:60:64:
79:fc:d9:ab:20:dd:38:18:4d:fd:3f:ec:fc:5f:8e:9e:35:91:
11:20:89:f0:d0:bc:df:94:bc:45:aa:3f:9f:d8:89:b9:e4:d4:
e4:f1:84:db:4f:a3:70:c4:95:a7:a4:92:e4:02:82:9d:bd:88:
b8:5c:70:9a:b4:0b:5a:6e:00:35:88:0b:88:4a:e9:4f:ec:e5:
b2:04:a5:8a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxFTniM4n7GkKwamtAyfrgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MzczZWI4MjFjOTY2YmEyNjdhODM4ZDk1MmZjNGE0MThj
YmExMDcwHhcNMjMwMTAyMDYwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjZjNzRkMjJhY2FjOGUyMTI1YmUyZjRhNzBiMGJhN2MzMzMyMTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhcQlUM/Rrqg1M9t0No7wgDl4Wqga
j5IXrOPIyxuxnMmknHfB5Ne1mAgXkI9vUR/L90Fnc0LCieq1/yweMnsTooNxOwkz
RpsogDCeobxr//wLli9e90aMfvdZ5vxRM03DlWk1HVfRvEMZLF2N2ZrD++M2b2S+
e4V9ymAZc8c4rOSXBVe2emKTk4C2RBj4p6j49r0sV5ClwFxa9Hr7dsVZz2MbbTaU
pALVfNKUeE7OnMR6iSU5Ym29vchXWQPa1IFwvMQ6Hw4FJR1OHIUkeYQhm0hgNcn9
nV6R/IY3k2HUeklSyPQL5YcJIidNQDD0DWnOMSZYocJ+TIc3oKduDlp+qQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLZsdNIqysjiElvi9KcLC6fDMyExMB8GA1UdIwQY
MBaAFAY3PrghyWa6JnqDjZUvxKQYy6EHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmpjLXVDSEpacm9tZW9PTmxTX0VwQmpMb1FjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi83ZTQ3ZDctYjM2OS00YmFhLWFmNGUt
ZjMzZTNjNWM2NWRiLzEvdG14MDBpckt5T0lTVy1MMHB3c0xwOE16SVRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi83ZTQ3ZDctYjM2OS00YmFhLWFmNGUtZjMzZTNjNWM2NWRi
LzEvQmpjLXVDSEpacm9tZW9PTmxTX0VwQmpMb1FjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCubckAwQB
wmmEMA0EAgACMAcDBQAqDUmAMA0GCSqGSIb3DQEBCwUAA4IBAQB8jC+l/Q6of1Ro
+IVEF8Gjovli78nK6E22NkAUX/xMK7RAhxgTrgF2f6sManuf095TwkNgjMNGzlAm
VfPO+k/QUOKdgTWAA0RYwhpRp/l0S25pLIkD4Viy1nMoRVdwbTZCk4n5ig2w3u6O
+1GTCQaCuSE5zP48sLfh5KB9e2pkrbbDHZlKkhqYhiCEJ7me8OcO8J5wR2wmfn3e
Z81g4hX9GTGoix9FYGBVkZkdv83slyXqYGR5/NmrIN04GE39P+z8X46eNZERIInw
0LzflLxFqj+f2Im55NTk8YTbT6NwxJWnpJLkAoKdvYi4XHCatAtabgA1iAuISulP
7OWyBKWK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:25 2024 by rpki-client on console-ams.rpki-client.org