Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/1425a6-1863-42a0-8323-3c72967ff7c1/1/TR6sRwDgqN_guzafQnnjzqzxvQc.roa
File: TR6sRwDgqN_guzafQnnjzqzxvQc.roa (raw, json)
Hash identifier: 1XiHXB7i9PPYrJ8KHvaxVQPCwNaDW+ok1Eh7+jO/OR0=
Subject key identifier: 4D:1E:AC:47:00:E0:A8:DF:E0:BB:36:9F:42:79:E3:CE:AC:F1:BD:07
Certificate issuer: /CN=564ead38096303bc4b6a1f2b02e1b91be4849146
Certificate serial: 01856C0128CF9883A25B8C2D140E74F1C288
Authority key identifier: 56:4E:AD:38:09:63:03:BC:4B:6A:1F:2B:02:E1:B9:1B:E4:84:91:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vk6tOAljA7xLah8rAuG5G-SEkUY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/1425a6-1863-42a0-8323-3c72967ff7c1/1/TR6sRwDgqN_guzafQnnjzqzxvQc.roa
Signing time: Sun 01 Jan 2023 06:24:53 +0000
ROA not before: Sun 01 Jan 2023 06:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203416
IP address blocks: 185.131.8.0/24 maxlen: 24
185.131.10.0/23 maxlen: 23
185.131.9.0/24 maxlen: 24
91.244.192.0/22 maxlen: 22
2a06:dd40:1::/48 maxlen: 48
2a06:dd40:5601::/48 maxlen: 48
2a06:dd40:2::/48 maxlen: 48
2a06:dd40::/48 maxlen: 48
2a06:dd40:5600::/48 maxlen: 48
2a06:dd40:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 13 Dec 2023 22:07:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:01:28:cf:98:83:a2:5b:8c:2d:14:0e:74:f1:c2:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=564ead38096303bc4b6a1f2b02e1b91be4849146
Validity
Not Before: Jan 1 06:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d1eac4700e0a8dfe0bb369f4279e3ceacf1bd07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:cf:0a:6c:5b:a5:79:36:9a:79:79:e6:67:49:
01:28:2d:78:4d:78:f8:7e:71:86:6e:03:fe:17:ab:
f2:62:33:a2:3a:86:73:16:64:e0:55:ee:d7:57:49:
69:a1:2c:4f:c2:ad:1a:09:83:92:30:bd:5d:ca:91:
04:c8:3c:ac:55:6a:ed:04:24:bd:42:95:a1:6c:d9:
59:eb:ed:b3:af:f3:f4:23:aa:b0:ff:c3:09:61:45:
93:33:1d:a8:87:cb:fc:de:de:21:96:7b:58:08:f2:
6b:59:bc:8c:10:23:36:78:c2:ec:89:0f:29:83:61:
81:46:db:2e:65:a2:da:c2:f1:13:5a:ff:dd:e6:21:
2b:ad:cc:df:88:a6:c6:0f:e1:9f:b5:e4:df:4b:58:
f8:a3:48:2d:94:9d:ba:17:9a:f4:df:0c:02:01:e1:
7c:57:53:0b:28:b3:c6:03:a0:fd:dc:3e:6f:94:82:
df:43:f4:e6:ac:75:4d:18:52:e6:71:dc:b8:9e:a7:
61:22:1b:a7:9e:2e:77:49:07:34:d4:5c:98:24:c0:
8d:17:af:09:0c:87:44:b9:6c:10:f7:f6:6e:a0:2c:
18:49:21:68:a7:b4:7b:9f:51:36:a3:ef:09:f5:8e:
2a:e9:b3:5e:da:aa:19:fe:b7:d0:9d:f1:68:23:af:
36:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:1E:AC:47:00:E0:A8:DF:E0:BB:36:9F:42:79:E3:CE:AC:F1:BD:07
X509v3 Authority Key Identifier:
keyid:56:4E:AD:38:09:63:03:BC:4B:6A:1F:2B:02:E1:B9:1B:E4:84:91:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vk6tOAljA7xLah8rAuG5G-SEkUY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1425a6-1863-42a0-8323-3c72967ff7c1/1/TR6sRwDgqN_guzafQnnjzqzxvQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1425a6-1863-42a0-8323-3c72967ff7c1/1/Vk6tOAljA7xLah8rAuG5G-SEkUY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.244.192.0/22
185.131.8.0/22
IPv6:
2a06:dd40::/46
2a06:dd40:5600::/47
Signature Algorithm: sha256WithRSAEncryption
09:dd:2c:f8:0d:c7:11:e2:06:27:57:67:ad:d4:4d:dc:9f:a7:
2f:8f:95:43:f8:48:f8:ec:b5:bf:88:34:98:77:cc:8b:3a:07:
27:51:04:d8:f1:89:47:cd:3c:b9:cb:5b:0e:0e:ec:0d:d1:9d:
ae:21:2b:bf:55:2f:c4:0a:fb:08:07:3c:87:64:a1:92:00:f6:
1d:fb:f2:6c:68:62:c8:42:a4:fa:dc:23:b8:89:45:2b:e6:1b:
ad:35:18:09:6d:b7:a9:0b:60:03:e2:d2:0a:87:4f:44:61:07:
e4:e8:ec:55:3c:81:76:22:b0:b5:17:09:38:1d:b8:ee:f2:69:
6f:30:7d:88:e8:1e:25:08:0c:a5:ee:7c:eb:02:fe:78:81:56:
f9:43:b4:16:59:9c:e1:6e:2d:65:2d:3e:b1:61:81:54:f5:62:
5a:eb:bb:25:c9:4b:31:1e:45:89:1a:a6:45:ca:38:a2:20:10:
a7:08:72:5d:22:25:b6:0e:3e:99:d7:83:80:2a:88:f7:af:8e:
53:cd:c0:4f:d7:c4:aa:16:f0:2a:24:b5:a8:fc:f6:67:81:57:
9f:d5:63:e8:11:5b:e9:bb:e6:0d:4f:de:62:17:81:94:0c:d1:
4c:ec:f1:55:5e:f1:76:c1:19:ff:49:a0:62:28:70:05:26:15:
a7:70:f9:21
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVsASjPmIOiW4wtFA508cKIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2NGVhZDM4MDk2MzAzYmM0YjZhMWYyYjAyZTFiOTFiZTQ4
NDkxNDYwHhcNMjMwMTAxMDYyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDFlYWM0NzAwZTBhOGRmZTBiYjM2OWY0Mjc5ZTNjZWFjZjFiZDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAts8KbFuleTaaeXnmZ0kBKC14TXj4
fnGGbgP+F6vyYjOiOoZzFmTgVe7XV0lpoSxPwq0aCYOSML1dypEEyDysVWrtBCS9
QpWhbNlZ6+2zr/P0I6qw/8MJYUWTMx2oh8v83t4hlntYCPJrWbyMECM2eMLsiQ8p
g2GBRtsuZaLawvETWv/d5iErrczfiKbGD+GfteTfS1j4o0gtlJ26F5r03wwCAeF8
V1MLKLPGA6D93D5vlILfQ/TmrHVNGFLmcdy4nqdhIhunni53SQc01FyYJMCNF68J
DIdEuWwQ9/ZuoCwYSSFop7R7n1E2o+8J9Y4q6bNe2qoZ/rfQnfFoI682UwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFE0erEcA4Kjf4Ls2n0J5486s8b0HMB8GA1UdIwQY
MBaAFFZOrTgJYwO8S2ofKwLhuRvkhJFGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVms2dE9BbGpBN3hMYWg4ckF1RzVHLVNFa1VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8xNDI1YTYtMTg2My00MmEwLTgzMjMt
M2M3Mjk2N2ZmN2MxLzEvVFI2c1J3RGdxTl9ndXphZlFubmp6cXp4dlFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8xNDI1YTYtMTg2My00MmEwLTgzMjMtM2M3Mjk2N2ZmN2Mx
LzEvVms2dE9BbGpBN3hMYWg4ckF1RzVHLVNFa1VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQCW/TAAwQC
uYMIMBgEAgACMBIDBwIqBt1AAAADBwEqBt1AVgAwDQYJKoZIhvcNAQELBQADggEB
AAndLPgNxxHiBidXZ63UTdyfpy+PlUP4SPjstb+INJh3zIs6BydRBNjxiUfNPLnL
Ww4O7A3Rna4hK79VL8QK+wgHPIdkoZIA9h378mxoYshCpPrcI7iJRSvmG601GAlt
t6kLYAPi0gqHT0RhB+To7FU8gXYisLUXCTgduO7yaW8wfYjoHiUIDKXufOsC/niB
VvlDtBZZnOFuLWUtPrFhgVT1YlrruyXJSzEeRYkapkXKOKIgEKcIcl0iJbYOPpnX
g4AqiPevjlPNwE/XxKoW8Coktaj89meBV5/VY+gRW+m75g1P3mIXgZQM0Uzs8VVe
8XbBGf9JoGIocAUmFadw+SE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:20 2024 by rpki-client on console-ams.rpki-client.org