Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/Tdr3ERj9kHsqBAsQabdWGHrGLLA.roa
File: Tdr3ERj9kHsqBAsQabdWGHrGLLA.roa (raw, json)
Hash identifier: 1YZaG9xk6ne4UZOuxol4X0xXuXRMEP4yXCdMmjAidq0=
Subject key identifier: 4D:DA:F7:11:18:FD:90:7B:2A:04:0B:10:69:B7:56:18:7A:C6:2C:B0
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 018C0A4A29F7C631FFC19FED9BFF925AB724
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/Tdr3ERj9kHsqBAsQabdWGHrGLLA.roa
Signing time: Sun 26 Nov 2023 06:21:21 +0000
ROA not before: Sun 26 Nov 2023 06:21:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207724
IP address blocks: 185.239.2.0/24 maxlen: 24
5.159.49.0/24 maxlen: 24
5.159.54.0/24 maxlen: 24
45.94.213.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 10 Dec 2023 06:45:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:0a:4a:29:f7:c6:31:ff:c1:9f:ed:9b:ff:92:5a:b7:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Nov 26 06:21:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ddaf71118fd907b2a040b1069b756187ac62cb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ee:2d:64:e9:dd:c5:0e:36:91:66:75:de:2f:
2f:d9:b6:0d:c9:fa:83:fa:0c:41:e1:d9:59:62:03:
6b:0d:07:d6:16:a3:e2:d3:26:20:d0:f3:b4:06:f6:
be:1c:0d:b8:51:77:af:ef:2e:5d:35:95:a9:8d:51:
7d:09:fd:8f:47:a5:63:be:71:2e:4e:6e:79:8f:a0:
38:6f:e0:4a:29:35:0c:7a:b6:8a:2b:ee:a6:c8:fb:
48:05:64:7f:6d:fa:62:09:df:b9:cd:f1:65:ad:35:
85:3b:72:b2:86:a1:2a:d3:77:75:b1:11:8d:d5:25:
90:e0:79:a7:25:c1:11:f4:27:fa:df:ad:6a:30:19:
12:61:7a:39:33:b0:9f:0b:9f:a2:09:c4:e0:b5:09:
54:4b:3a:62:9b:7b:05:57:33:59:ee:d8:78:cf:91:
96:73:dc:15:4a:9c:f4:bd:2b:6d:b6:07:00:30:b2:
c2:c0:81:ea:e0:94:a7:72:5a:db:58:2c:be:ba:bc:
88:1d:85:0c:8e:96:1d:96:f7:db:1d:24:72:3f:ae:
a9:26:46:bd:d9:b2:9d:97:76:c3:55:d3:42:3a:4c:
0c:77:04:e6:37:33:cb:1d:7a:56:d7:ab:54:39:53:
b7:82:86:e3:be:57:a2:6c:81:ab:96:a7:b8:32:ed:
fb:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:DA:F7:11:18:FD:90:7B:2A:04:0B:10:69:B7:56:18:7A:C6:2C:B0
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/Tdr3ERj9kHsqBAsQabdWGHrGLLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.49.0/24
5.159.54.0/24
45.94.213.0/24
185.239.2.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:00:05:a9:f9:4f:48:46:f4:28:89:0f:7b:fe:16:78:07:6d:
3a:d7:43:58:81:0b:02:37:4e:29:27:c4:05:ac:d5:87:e2:34:
f0:d8:27:ef:fa:c5:58:c0:f6:bb:79:e8:99:c8:d8:4f:d3:f9:
d3:39:f4:e8:24:17:d3:9e:16:56:20:8e:22:27:2a:0a:08:d1:
5b:b7:b3:81:4d:e8:26:db:6f:31:25:60:13:4b:71:26:cf:e7:
b1:32:d2:f8:f0:38:d7:43:66:27:ec:22:99:2d:42:6f:a0:65:
06:58:fe:26:59:7c:f0:34:9b:a1:7d:96:b2:40:58:ca:ae:e4:
84:d5:52:fe:e5:eb:23:4c:41:ba:67:dc:96:a8:21:23:7a:77:
34:44:e5:f4:61:61:39:9c:d3:94:30:79:07:a4:b8:ab:61:95:
5e:cb:5b:b2:c7:c0:48:88:a0:cc:12:3c:0a:97:89:5d:99:e3:
e3:24:ac:d2:7d:dd:58:ba:a2:b1:07:8a:90:5a:45:15:bd:0f:
55:7c:41:e9:62:fb:8e:2c:25:df:06:ab:61:fe:15:ba:89:84:
2d:70:bd:bc:17:bc:1d:3b:32:e3:c0:be:53:84:6d:30:09:08:
ed:9d:7c:47:0e:bc:07:86:51:0c:b2:f1:57:ef:a1:47:c7:9c:
8e:04:6c:fd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYwKSin3xjH/wZ/tm/+SWrckMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjMxMTI2MDYyMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGRhZjcxMTE4ZmQ5MDdiMmEwNDBiMTA2OWI3NTYxODdhYzYyY2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAle4tZOndxQ42kWZ13i8v2bYNyfqD
+gxB4dlZYgNrDQfWFqPi0yYg0PO0Bva+HA24UXev7y5dNZWpjVF9Cf2PR6VjvnEu
Tm55j6A4b+BKKTUMeraKK+6myPtIBWR/bfpiCd+5zfFlrTWFO3KyhqEq03d1sRGN
1SWQ4HmnJcER9Cf6361qMBkSYXo5M7CfC5+iCcTgtQlUSzpim3sFVzNZ7th4z5GW
c9wVSpz0vStttgcAMLLCwIHq4JSnclrbWCy+uryIHYUMjpYdlvfbHSRyP66pJka9
2bKdl3bDVdNCOkwMdwTmNzPLHXpW16tUOVO3gobjvleibIGrlqe4Mu37swIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFE3a9xEY/ZB7KgQLEGm3Vhh6xiywMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvVGRyM0VSajlrSHNxQkFzUWFiZFdHSHJHTExBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABZ8xAwQA
BZ82AwQALV7VAwQAue8CMA0GCSqGSIb3DQEBCwUAA4IBAQCwAAWp+U9IRvQoiQ97
/hZ4B20610NYgQsCN04pJ8QFrNWH4jTw2Cfv+sVYwPa7eeiZyNhP0/nTOfToJBfT
nhZWII4iJyoKCNFbt7OBTegm228xJWATS3Emz+exMtL48DjXQ2Yn7CKZLUJvoGUG
WP4mWXzwNJuhfZayQFjKruSE1VL+5esjTEG6Z9yWqCEjenc0ROX0YWE5nNOUMHkH
pLirYZVey1uyx8BIiKDMEjwKl4ldmePjJKzSfd1YuqKxB4qQWkUVvQ9VfEHpYvuO
LCXfBqth/hW6iYQtcL28F7wdOzLjwL5ThG0wCQjtnXxHDrwHhlEMsvFX76FHx5yO
BGz9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:51 2024 by rpki-client on console-fra.rpki-client.org