Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/bebb6f-947a-4eac-85b1-36313c532d04/1/tHhZzzM2h4lIHwczkhr1kDNR7-A.roa
File: tHhZzzM2h4lIHwczkhr1kDNR7-A.roa (raw, json)
Hash identifier: lmtmLAiQr7bQdwMWy9wEX4DBEUDygLWr463jyqNb4X8=
Subject key identifier: B4:78:59:CF:33:36:87:89:48:1F:07:33:92:1A:F5:90:33:51:EF:E0
Certificate issuer: /CN=58ff89023b87c0bf8479b9ff4725258613e4f0b5
Certificate serial: 018CC649C22B5B63822E4B6A64B22D81E289
Authority key identifier: 58:FF:89:02:3B:87:C0:BF:84:79:B9:FF:47:25:25:86:13:E4:F0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WP-JAjuHwL-Eebn_RyUlhhPk8LU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/bebb6f-947a-4eac-85b1-36313c532d04/1/tHhZzzM2h4lIHwczkhr1kDNR7-A.roa
Signing time: Mon 01 Jan 2024 18:29:31 +0000
ROA not before: Mon 01 Jan 2024 18:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49581
IP address blocks: 176.97.210.0/24 maxlen: 24
2a12:b200::/29 maxlen: 29
2a07:4b40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 09 Jan 2024 11:49:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:c2:2b:5b:63:82:2e:4b:6a:64:b2:2d:81:e2:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ff89023b87c0bf8479b9ff4725258613e4f0b5
Validity
Not Before: Jan 1 18:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b47859cf33368789481f0733921af5903351efe0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:5a:59:9c:1e:1c:dd:71:0b:60:53:89:c0:0a:
52:2d:df:54:a3:84:a7:dd:4d:66:5a:a4:4b:21:a3:
32:6c:e0:2e:1e:12:4d:93:76:56:1b:67:7b:ec:53:
34:fe:3d:0a:50:8b:bc:e1:0d:57:56:8d:b9:72:43:
0e:df:6e:ba:e3:fc:b3:d4:12:0e:07:0a:86:3f:20:
43:97:93:15:86:8a:3d:9c:00:40:ef:d2:19:ff:e1:
ff:b7:6b:2f:ef:8a:7b:7a:d4:2e:d7:8b:f6:94:e0:
7e:79:0a:4d:28:31:4b:77:ab:73:aa:ab:cf:38:ef:
07:a4:45:ed:6a:08:38:ba:36:fd:ab:d8:e5:99:bb:
04:eb:c4:59:07:27:00:df:11:9b:59:f3:6b:f9:4d:
e8:8a:02:ef:50:ae:b8:d6:a6:e6:ea:e9:cf:e4:5e:
2a:f8:94:1c:bd:9b:cb:89:8b:ba:a1:f5:0e:22:e4:
de:2f:b5:97:eb:40:77:e2:94:6b:37:cb:4e:8f:b0:
4e:fd:2f:76:d5:ae:d3:91:f4:30:ae:13:53:1e:fc:
6f:d8:e7:ab:e4:06:11:09:97:6b:59:43:77:c9:1c:
4a:d7:de:8f:0e:e2:dd:53:34:d6:00:57:c9:29:b0:
7f:a0:52:03:c9:55:a0:7e:41:d3:6c:b9:4e:d0:84:
63:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:78:59:CF:33:36:87:89:48:1F:07:33:92:1A:F5:90:33:51:EF:E0
X509v3 Authority Key Identifier:
keyid:58:FF:89:02:3B:87:C0:BF:84:79:B9:FF:47:25:25:86:13:E4:F0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WP-JAjuHwL-Eebn_RyUlhhPk8LU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/bebb6f-947a-4eac-85b1-36313c532d04/1/tHhZzzM2h4lIHwczkhr1kDNR7-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/bebb6f-947a-4eac-85b1-36313c532d04/1/WP-JAjuHwL-Eebn_RyUlhhPk8LU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.97.210.0/24
IPv6:
2a07:4b40::/29
2a12:b200::/29
Signature Algorithm: sha256WithRSAEncryption
74:ce:0e:aa:63:0e:c2:83:1a:d8:7a:f9:dc:03:8d:e8:36:32:
8e:94:69:3b:be:39:19:1a:20:9f:16:11:f3:70:06:07:25:6c:
53:47:c9:e4:d8:e1:90:66:79:65:87:7d:18:be:61:d1:f2:04:
a3:ca:4e:db:c9:df:9d:25:9f:23:5e:b5:21:30:dc:00:75:3b:
47:02:5d:dd:4f:8b:e8:ac:ef:7d:c1:bb:e2:78:70:a5:30:b9:
5b:5c:88:42:55:f6:0d:16:72:ea:8e:c4:bb:e4:be:2e:b8:2e:
98:26:24:d5:61:b3:0d:8b:e2:ce:36:63:0e:bf:32:d7:5d:dd:
1f:74:27:a7:85:1c:82:17:6a:3a:4b:54:0d:d0:9f:a3:dc:69:
70:80:cf:22:8f:63:66:61:80:cc:a1:0f:76:a5:4f:5b:7e:2e:
89:28:04:7d:32:e4:43:97:97:33:5e:cc:77:71:fe:f8:4e:6f:
3a:4e:0b:88:d3:fd:22:fe:fb:97:0b:44:3f:0d:3f:14:a1:3d:
67:ed:e5:9b:13:c5:dc:b3:63:bc:55:c4:f4:02:f7:ef:40:1a:
12:18:0a:6b:01:23:16:6a:2d:58:2c:c2:d2:0d:7b:f1:50:94:
bc:17:54:9c:60:22:97:2a:43:45:c0:70:51:4f:30:1b:5a:60:
2c:4f:f2:a7
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzGScIrW2OCLktqZLItgeKJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ZmY4OTAyM2I4N2MwYmY4NDc5YjlmZjQ3MjUyNTg2MTNl
NGYwYjUwHhcNMjQwMTAxMTgyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDc4NTljZjMzMzY4Nzg5NDgxZjA3MzM5MjFhZjU5MDMzNTFlZmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1pZnB4c3XELYFOJwApSLd9Uo4Sn
3U1mWqRLIaMybOAuHhJNk3ZWG2d77FM0/j0KUIu84Q1XVo25ckMO32664/yz1BIO
BwqGPyBDl5MVhoo9nABA79IZ/+H/t2sv74p7etQu14v2lOB+eQpNKDFLd6tzqqvP
OO8HpEXtagg4ujb9q9jlmbsE68RZBycA3xGbWfNr+U3oigLvUK641qbm6unP5F4q
+JQcvZvLiYu6ofUOIuTeL7WX60B34pRrN8tOj7BO/S921a7TkfQwrhNTHvxv2Oer
5AYRCZdrWUN3yRxK196PDuLdUzTWAFfJKbB/oFIDyVWgfkHTbLlO0IRjZQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFLR4Wc8zNoeJSB8HM5Ia9ZAzUe/gMB8GA1UdIwQY
MBaAFFj/iQI7h8C/hHm5/0clJYYT5PC1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1AtSkFqdUh3TC1FZWJuX1J5VWxoaFBrOExVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9iZWJiNmYtOTQ3YS00ZWFjLTg1YjEt
MzYzMTNjNTMyZDA0LzEvdEhoWnp6TTJoNGxJSHdjemtocjFrRE5SNy1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9iZWJiNmYtOTQ3YS00ZWFjLTg1YjEtMzYzMTNjNTMyZDA0
LzEvV1AtSkFqdUh3TC1FZWJuX1J5VWxoaFBrOExVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQAsGHSMBQE
AgACMA4DBQMqB0tAAwUDKhKyADANBgkqhkiG9w0BAQsFAAOCAQEAdM4OqmMOwoMa
2Hr53AON6DYyjpRpO745GRognxYR83AGByVsU0fJ5NjhkGZ5ZYd9GL5h0fIEo8pO
28nfnSWfI161ITDcAHU7RwJd3U+L6KzvfcG74nhwpTC5W1yIQlX2DRZy6o7Eu+S+
LrgumCYk1WGzDYvizjZjDr8y113dH3Qnp4UcghdqOktUDdCfo9xpcIDPIo9jZmGA
zKEPdqVPW34uiSgEfTLkQ5eXM17Md3H++E5vOk4LiNP9Iv77lwtEPw0/FKE9Z+3l
mxPF3LNjvFXE9AL370AaEhgKawEjFmotWCzC0g178VCUvBdUnGAilypDRcBwUU8w
G1pgLE/ypw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:22 2024 by rpki-client on console-fra.rpki-client.org