Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/4737c9-e263-44e7-8fed-57c955c9c85d/1/T9xQzNpr86dxv-_F15iU2wPV7zI.roa
File: T9xQzNpr86dxv-_F15iU2wPV7zI.roa (raw, json)
Hash identifier: HXLnd1ubGEFZ0PWTnHAUCZJtzt6Yn3iHgeo+z0xfjM8=
Subject key identifier: 4F:DC:50:CC:DA:6B:F3:A7:71:BF:EF:C5:D7:98:94:DB:03:D5:EF:32
Certificate issuer: /CN=006b06b5d0ff1000e10c4276eea0880af209d7a2
Certificate serial: 0186EAC94FADBB8C2D989F524C357D4CA419
Authority key identifier: 00:6B:06:B5:D0:FF:10:00:E1:0C:42:76:EE:A0:88:0A:F2:09:D7:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AGsGtdD_EADhDEJ27qCICvIJ16I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/4737c9-e263-44e7-8fed-57c955c9c85d/1/T9xQzNpr86dxv-_F15iU2wPV7zI.roa
Signing time: Thu 16 Mar 2023 14:18:27 +0000
ROA not before: Thu 16 Mar 2023 14:18:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49477
IP address blocks: 193.169.66.0/23 maxlen: 23
185.22.116.0/22 maxlen: 22
2a04:1f40::/29 maxlen: 29
2a04:1f40::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 16 Mar 2023 14:56:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ea:c9:4f:ad:bb:8c:2d:98:9f:52:4c:35:7d:4c:a4:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=006b06b5d0ff1000e10c4276eea0880af209d7a2
Validity
Not Before: Mar 16 14:18:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4fdc50ccda6bf3a771bfefc5d79894db03d5ef32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e1:84:22:b5:45:3c:48:80:82:d2:0c:da:cd:
e9:0a:25:50:d3:27:79:ca:bd:e2:bc:22:29:e0:d8:
0a:6a:44:b5:b2:7c:8e:2a:42:70:27:ad:55:57:d8:
4a:1c:ea:a8:53:ab:7a:88:72:35:2d:7e:a7:d5:bf:
1e:2e:52:40:d0:03:92:f4:bb:ac:71:f7:90:eb:e7:
13:a4:aa:6d:40:0f:37:a4:01:47:74:2c:04:43:c0:
3c:bf:00:9d:a4:54:5a:a9:cf:58:f5:a4:f5:1b:36:
9d:a2:e6:e6:0d:4d:8d:4f:0e:01:e9:b2:2f:46:99:
36:9f:0c:42:71:7f:b3:ee:d1:8f:1a:eb:f4:36:9c:
11:f7:09:ea:46:5b:21:b1:e9:15:36:1e:0a:a4:e0:
f3:f8:ab:55:19:c4:9f:13:47:53:e1:fd:74:eb:47:
bd:74:54:d6:98:ca:08:c3:77:a0:a9:3c:b0:f5:6a:
8e:e7:fe:33:1c:66:40:6c:64:2f:81:10:fd:f3:05:
05:0f:a6:84:65:c2:ae:66:d2:70:e9:8f:d0:f7:5b:
f7:38:5c:cc:a8:8a:22:a0:a4:41:c8:ce:73:19:d0:
60:df:dc:d7:b4:36:82:a0:c4:0c:27:de:7a:d5:32:
cf:8b:69:05:e0:ae:ab:3b:b0:1c:bf:20:c9:9d:7e:
eb:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:DC:50:CC:DA:6B:F3:A7:71:BF:EF:C5:D7:98:94:DB:03:D5:EF:32
X509v3 Authority Key Identifier:
keyid:00:6B:06:B5:D0:FF:10:00:E1:0C:42:76:EE:A0:88:0A:F2:09:D7:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AGsGtdD_EADhDEJ27qCICvIJ16I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/4737c9-e263-44e7-8fed-57c955c9c85d/1/T9xQzNpr86dxv-_F15iU2wPV7zI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/4737c9-e263-44e7-8fed-57c955c9c85d/1/AGsGtdD_EADhDEJ27qCICvIJ16I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.116.0/22
193.169.66.0/23
IPv6:
2a04:1f40::/29
Signature Algorithm: sha256WithRSAEncryption
5d:91:8d:20:f3:03:49:45:d5:a0:c3:92:4f:31:0a:ad:fc:e2:
0c:c5:87:f4:16:e4:f1:26:0d:1d:d0:c3:dd:23:72:02:7f:d8:
2a:1c:27:0d:9e:35:b1:bc:45:f9:00:54:19:36:29:55:e1:73:
7f:51:ff:34:e0:64:a1:82:50:d5:29:1a:8e:58:0f:d7:28:e9:
de:98:87:c9:17:7c:f6:c1:7e:30:9f:ab:d8:95:af:61:a4:a3:
6a:0e:75:02:aa:3d:fe:6d:4a:a4:c2:5e:89:38:c9:5e:d4:43:
23:91:a1:4b:8b:a4:a4:1e:8c:fb:85:39:d4:d0:5c:df:d0:fb:
6c:8a:e1:35:b5:c3:ac:5e:88:15:1d:39:a5:7e:18:44:23:11:
de:41:b3:e0:35:f5:50:1e:5a:fb:ff:52:a0:1e:d3:5c:0e:3e:
c3:8b:80:0f:6d:da:b4:67:36:fb:39:88:af:04:5e:a6:0e:16:
00:ec:39:f9:b7:c4:43:78:32:ce:ee:73:57:fd:6f:fc:3b:98:
16:46:08:72:8b:c1:b9:0c:ce:b2:b6:fd:b6:12:2b:ae:1b:50:
71:41:4e:ba:e5:7a:07:10:e0:1a:96:89:8a:72:9e:64:6e:85:
18:2a:85:e1:56:ba:b5:95:82:ad:8f:3c:df:f9:0e:35:b6:89:
6b:70:45:ed
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYbqyU+tu4wtmJ9STDV9TKQZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNmIwNmI1ZDBmZjEwMDBlMTBjNDI3NmVlYTA4ODBhZjIw
OWQ3YTIwHhcNMjMwMzE2MTQxODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmRjNTBjY2RhNmJmM2E3NzFiZmVmYzVkNzk4OTRkYjAzZDVlZjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeGEIrVFPEiAgtIM2s3pCiVQ0yd5
yr3ivCIp4NgKakS1snyOKkJwJ61VV9hKHOqoU6t6iHI1LX6n1b8eLlJA0AOS9Lus
cfeQ6+cTpKptQA83pAFHdCwEQ8A8vwCdpFRaqc9Y9aT1GzadoubmDU2NTw4B6bIv
Rpk2nwxCcX+z7tGPGuv0NpwR9wnqRlshsekVNh4KpODz+KtVGcSfE0dT4f1060e9
dFTWmMoIw3egqTyw9WqO5/4zHGZAbGQvgRD98wUFD6aEZcKuZtJw6Y/Q91v3OFzM
qIoioKRByM5zGdBg39zXtDaCoMQMJ9561TLPi2kF4K6rO7AcvyDJnX7rAQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFE/cUMzaa/Oncb/vxdeYlNsD1e8yMB8GA1UdIwQY
MBaAFABrBrXQ/xAA4QxCdu6giAryCdeiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUdzR3RkRF9FQURoREVKMjdxQ0lDdklKMTZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80NzM3YzktZTI2My00NGU3LThmZWQt
NTdjOTU1YzljODVkLzEvVDl4UXpOcHI4NmR4di1fRjE1aVUyd1BWN3pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80NzM3YzktZTI2My00NGU3LThmZWQtNTdjOTU1YzljODVk
LzEvQUdzR3RkRF9FQURoREVKMjdxQ0lDdklKMTZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuRZ0AwQB
walCMA0EAgACMAcDBQMqBB9AMA0GCSqGSIb3DQEBCwUAA4IBAQBdkY0g8wNJRdWg
w5JPMQqt/OIMxYf0FuTxJg0d0MPdI3ICf9gqHCcNnjWxvEX5AFQZNilV4XN/Uf80
4GShglDVKRqOWA/XKOnemIfJF3z2wX4wn6vYla9hpKNqDnUCqj3+bUqkwl6JOMle
1EMjkaFLi6SkHoz7hTnU0Fzf0PtsiuE1tcOsXogVHTmlfhhEIxHeQbPgNfVQHlr7
/1KgHtNcDj7Di4APbdq0Zzb7OYivBF6mDhYA7Dn5t8RDeDLO7nNX/W/8O5gWRghy
i8G5DM6ytv22EiuuG1BxQU665XoHEOAalomKcp5kboUYKoXhVrq1lYKtjzzf+Q41
tolrcEXt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:26 2024 by rpki-client on console-ams.rpki-client.org