Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/tkYXBZxP9q3WSaSTCvjXuuFoEJM.roa
File: tkYXBZxP9q3WSaSTCvjXuuFoEJM.roa (raw, json)
Hash identifier: mL/QfcH/5Vt7ZFdwPJ1EYXaNiYDMZyhn1bVF88Mmdec=
Subject key identifier: B6:46:17:05:9C:4F:F6:AD:D6:49:A4:93:0A:F8:D7:BA:E1:68:10:93
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 0191A92C5DDADB8BBCCC9D5F22FAE76C6467
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/tkYXBZxP9q3WSaSTCvjXuuFoEJM.roa
Signing time: Sat 31 Aug 2024 16:02:22 +0000
ROA not before: Sat 31 Aug 2024 16:02:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9123
IP address blocks: 5.42.220.0/24 maxlen: 24
45.91.236.0/24 maxlen: 24
45.91.237.0/24 maxlen: 24
45.91.238.0/24 maxlen: 24
80.68.156.0/24 maxlen: 24
91.240.254.0/24 maxlen: 24
185.201.28.0/24 maxlen: 24
185.211.170.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Nov 2024 17:50:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a9:2c:5d:da:db:8b:bc:cc:9d:5f:22:fa:e7:6c:64:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Aug 31 16:02:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b64617059c4ff6add649a4930af8d7bae1681093
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:8f:cc:ce:34:a2:89:c4:41:ef:c4:75:f0:c1:
ca:a3:2a:ee:93:a7:d3:3f:2c:a7:3c:df:12:d9:9a:
0b:f6:43:82:36:58:07:b1:1d:c9:f7:e1:01:bb:b7:
9a:31:d4:8e:11:00:75:ec:5f:3a:2e:b0:3c:9b:08:
8c:89:59:88:ae:75:2b:d9:8e:99:e5:8c:c3:21:c4:
60:90:fb:88:2a:e9:88:38:61:de:ea:db:ff:39:90:
33:d9:6e:d6:d2:f7:c4:71:41:99:b5:9a:d8:e3:e4:
93:ff:e7:f1:61:b0:ed:18:46:04:05:31:ed:50:e5:
dc:71:30:61:88:a8:a2:c9:e2:77:dc:dd:3c:f0:5e:
46:1c:32:b9:aa:af:a5:65:a8:a5:f1:39:32:6c:3e:
9a:0d:7f:1c:aa:bb:b4:4b:53:c2:20:f8:41:bb:34:
aa:c6:f6:bc:0b:b4:6d:59:12:d9:30:d9:42:ec:88:
3f:73:e9:47:2c:a0:26:25:67:69:c3:f0:c4:cf:57:
9b:0a:5e:0f:62:b2:ea:55:b5:28:35:18:fd:b5:6f:
1f:b7:cc:94:bd:bd:e7:6a:3d:48:1b:7f:cd:2a:93:
aa:08:cc:7e:e7:cb:f8:2e:4f:15:f9:d1:a2:f5:3c:
1b:c9:20:d7:b7:44:a8:4a:a4:43:b1:5b:8a:02:7c:
4d:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:46:17:05:9C:4F:F6:AD:D6:49:A4:93:0A:F8:D7:BA:E1:68:10:93
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/tkYXBZxP9q3WSaSTCvjXuuFoEJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.220.0/24
45.91.236.0-45.91.238.255
80.68.156.0/24
91.240.254.0/24
185.201.28.0/24
185.211.170.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:34:14:d3:a7:6a:72:4f:8e:eb:b2:a8:24:dd:2a:c7:36:5a:
66:3c:04:32:a2:de:53:eb:d8:32:bb:85:be:62:18:f6:cd:d1:
25:bf:d4:97:db:a5:0f:8d:ac:a5:2d:c5:52:37:3a:6d:cc:fe:
b8:9b:18:9b:55:4e:6e:f6:e2:d1:2f:30:0e:77:e4:52:20:45:
fd:5b:51:bd:b2:4a:1b:09:d2:5f:59:7e:f1:4d:a6:4c:2e:a9:
32:f2:7b:e1:11:d2:38:4c:96:0b:19:e6:60:35:35:2b:51:e9:
29:e7:5e:23:bf:55:ff:b9:07:78:20:05:ed:77:38:42:6d:0c:
45:6d:6c:42:a8:d8:12:29:f2:f7:0f:e2:75:02:65:66:2d:79:
9a:f7:9e:ef:e2:fc:6e:a7:76:1d:8c:1b:4b:3d:d1:22:65:9b:
20:0a:87:5d:ae:c1:aa:9f:50:d3:59:3d:78:c6:b9:4f:80:e5:
c3:c9:f9:17:b5:2c:8a:31:e1:1b:d2:2e:3e:95:79:ee:7a:8e:
b8:44:2b:07:46:94:5b:63:8a:47:49:02:6a:6b:1d:6a:da:8c:
eb:34:2a:9d:94:5f:e1:d9:13:a3:1f:54:48:1b:4e:d8:17:2b:
a7:9e:11:9a:1d:33:ad:4a:f1:bf:0f:d3:bb:2a:58:c7:6c:c3:
c7:61:68:69
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZGpLF3a24u8zJ1fIvrnbGRnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwODMxMTYwMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjQ2MTcwNTljNGZmNmFkZDY0OWE0OTMwYWY4ZDdiYWUxNjgxMDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAto/MzjSiicRB78R18MHKoyruk6fT
PyynPN8S2ZoL9kOCNlgHsR3J9+EBu7eaMdSOEQB17F86LrA8mwiMiVmIrnUr2Y6Z
5YzDIcRgkPuIKumIOGHe6tv/OZAz2W7W0vfEcUGZtZrY4+ST/+fxYbDtGEYEBTHt
UOXccTBhiKiiyeJ33N088F5GHDK5qq+lZail8TkybD6aDX8cqru0S1PCIPhBuzSq
xva8C7RtWRLZMNlC7Ig/c+lHLKAmJWdpw/DEz1ebCl4PYrLqVbUoNRj9tW8ft8yU
vb3naj1IG3/NKpOqCMx+58v4Lk8V+dGi9TwbySDXt0SoSqRDsVuKAnxNOwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFLZGFwWcT/at1kmkkwr417rhaBCTMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvdGtZWEJaeFA5cTNXU2FTVEN2alh1dUZvRUpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQABSrcMAwD
BAItW+wDBAAtW+4DBABQRJwDBABb8P4DBAC5yRwDBAC506owDQYJKoZIhvcNAQEL
BQADggEBAFo0FNOnanJPjuuyqCTdKsc2WmY8BDKi3lPr2DK7hb5iGPbN0SW/1Jfb
pQ+NrKUtxVI3Om3M/ribGJtVTm724tEvMA535FIgRf1bUb2yShsJ0l9ZfvFNpkwu
qTLye+ER0jhMlgsZ5mA1NStR6SnnXiO/Vf+5B3ggBe13OEJtDEVtbEKo2BIp8vcP
4nUCZWYteZr3nu/i/G6ndh2MG0s90SJlmyAKh12uwaqfUNNZPXjGuU+A5cPJ+Re1
LIox4RvSLj6Vee56jrhEKwdGlFtjikdJAmprHWrajOs0Kp2UX+HZE6MfVEgbTtgX
K6eeEZodM61K8b8P07sqWMdsw8dhaGk=
-----END CERTIFICATE-----
Generated at Wed Nov 6 20:24:34 2024 by rpki-client on console-fra.rpki-client.org