Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/T_Ba7b-t4e3y2SyqaHlW20GCvhQ.roa
File: T_Ba7b-t4e3y2SyqaHlW20GCvhQ.roa (raw, json)
Hash identifier: 5QyYcgGYbh2IjiVLfnyOhn5jeJ7rxl946+FyEA2+A2Y=
Subject key identifier: 4F:F0:5A:ED:BF:AD:E1:ED:F2:D9:2C:AA:68:79:56:DB:41:82:BE:14
Certificate issuer: /CN=fce4f396729bf478e636549821f6f6970d893f52
Certificate serial: 018CC2DB3790253E291D62EDFE58178428B8
Authority key identifier: FC:E4:F3:96:72:9B:F4:78:E6:36:54:98:21:F6:F6:97:0D:89:3F:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_OTzlnKb9HjmNlSYIfb2lw2JP1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/T_Ba7b-t4e3y2SyqaHlW20GCvhQ.roa
Signing time: Mon 01 Jan 2024 02:29:55 +0000
ROA not before: Mon 01 Jan 2024 02:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47648
IP address blocks: 152.89.188.0/22 maxlen: 24
185.239.196.0/22 maxlen: 24
2a0c:6180::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 23 Feb 2024 10:25:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:37:90:25:3e:29:1d:62:ed:fe:58:17:84:28:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fce4f396729bf478e636549821f6f6970d893f52
Validity
Not Before: Jan 1 02:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ff05aedbfade1edf2d92caa687956db4182be14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:85:c3:56:26:62:01:38:b6:ac:29:21:53:00:
a6:8d:2a:4f:5f:97:de:63:56:9a:06:1e:cb:f6:89:
41:59:cc:04:eb:aa:16:e8:cc:28:45:22:67:48:8a:
26:fa:c0:ca:64:1d:9e:29:b6:5d:fd:46:7d:dd:b2:
fa:b5:cb:81:3b:26:49:32:36:ab:6c:f5:39:9d:07:
43:d6:00:95:a1:82:5a:5c:19:f1:d8:22:df:c6:95:
b5:e8:e9:8d:a9:65:4a:89:a6:65:c4:c2:e9:66:17:
c6:b9:d8:85:16:7a:9d:9a:5d:75:b0:fe:80:d9:9c:
a5:60:f1:70:c9:bf:da:3e:7b:c7:88:1b:70:7a:a3:
91:39:93:69:2d:4f:cd:fb:a2:10:db:a0:01:36:b5:
1d:1b:30:81:3a:df:ab:79:93:f2:08:aa:37:d0:fd:
2d:15:9f:10:5e:43:bb:5e:0c:a0:7a:08:ed:6c:83:
0e:22:c9:14:dd:c8:36:6a:cd:f5:98:e8:50:08:60:
8f:1a:86:78:46:b3:24:49:7c:18:91:2b:5e:29:b7:
d4:e0:86:87:4f:e4:2d:9e:d9:de:90:2d:da:2f:ce:
b1:dd:96:6b:75:de:85:0e:b5:a8:6a:df:8c:02:76:
90:a0:3a:83:92:31:82:c4:db:af:cf:b3:8b:47:a1:
28:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:F0:5A:ED:BF:AD:E1:ED:F2:D9:2C:AA:68:79:56:DB:41:82:BE:14
X509v3 Authority Key Identifier:
keyid:FC:E4:F3:96:72:9B:F4:78:E6:36:54:98:21:F6:F6:97:0D:89:3F:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_OTzlnKb9HjmNlSYIfb2lw2JP1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/T_Ba7b-t4e3y2SyqaHlW20GCvhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/36275e-6759-4d52-b2d1-8c70de9e9b9d/1/_OTzlnKb9HjmNlSYIfb2lw2JP1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.188.0/22
185.239.196.0/22
IPv6:
2a0c:6180::/29
Signature Algorithm: sha256WithRSAEncryption
61:ad:63:62:45:d2:09:49:85:0e:d8:f2:16:e4:4b:52:fe:ff:
a2:81:dd:66:db:77:18:86:5a:26:e1:3a:20:7f:8d:cc:02:6c:
f0:dc:26:be:a5:d2:82:b2:7c:a8:f8:99:fd:ca:37:ca:c8:b5:
e9:be:da:9a:4f:93:c1:21:e6:32:7f:4d:a9:30:69:a7:8a:fe:
c1:d8:3e:e4:9f:c7:eb:a0:86:fb:c7:b0:28:dc:e6:22:91:00:
25:eb:29:0a:1a:41:b6:c9:13:68:35:58:8f:38:bf:a4:6e:d3:
51:c1:fc:ba:b2:1e:a9:53:93:05:f1:6e:d0:9e:9b:43:33:13:
a8:72:90:6e:04:ed:01:0f:97:ed:8c:27:b7:59:74:ff:31:b7:
df:19:ff:fb:21:30:4c:3e:4a:b0:a2:7a:7d:f4:95:c2:99:a2:
86:10:2f:55:db:61:89:a6:78:71:76:60:73:8b:8c:ed:49:cb:
76:6a:bc:63:95:98:f8:ee:f7:12:e3:93:64:f3:aa:b1:ee:2b:
9b:6c:c6:4b:32:17:09:fa:33:18:c2:de:04:75:19:ad:5d:b5:
b0:d6:09:d2:60:04:fc:c4:3d:df:ca:5a:37:47:ca:5c:34:ef:
11:db:e3:1b:ae:cd:be:51:8e:96:36:34:8e:a0:f0:09:44:9a:
d4:da:5f:6f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzC2zeQJT4pHWLt/lgXhCi4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjZTRmMzk2NzI5YmY0NzhlNjM2NTQ5ODIxZjZmNjk3MGQ4
OTNmNTIwHhcNMjQwMTAxMDIyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmYwNWFlZGJmYWRlMWVkZjJkOTJjYWE2ODc5NTZkYjQxODJiZTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYXDViZiATi2rCkhUwCmjSpPX5fe
Y1aaBh7L9olBWcwE66oW6MwoRSJnSIom+sDKZB2eKbZd/UZ93bL6tcuBOyZJMjar
bPU5nQdD1gCVoYJaXBnx2CLfxpW16OmNqWVKiaZlxMLpZhfGudiFFnqdml11sP6A
2ZylYPFwyb/aPnvHiBtweqOROZNpLU/N+6IQ26ABNrUdGzCBOt+reZPyCKo30P0t
FZ8QXkO7XgygegjtbIMOIskU3cg2as31mOhQCGCPGoZ4RrMkSXwYkSteKbfU4IaH
T+QtntnekC3aL86x3ZZrdd6FDrWoat+MAnaQoDqDkjGCxNuvz7OLR6EoVQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFE/wWu2/reHt8tksqmh5VttBgr4UMB8GA1UdIwQY
MBaAFPzk85Zym/R45jZUmCH29pcNiT9SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX09UemxuS2I5SGptTmxTWUlmYjJsdzJKUDFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8zNjI3NWUtNjc1OS00ZDUyLWIyZDEt
OGM3MGRlOWU5YjlkLzEvVF9CYTdiLXQ0ZTN5MlN5cWFIbFcyMEdDdmhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8zNjI3NWUtNjc1OS00ZDUyLWIyZDEtOGM3MGRlOWU5Yjlk
LzEvX09UemxuS2I5SGptTmxTWUlmYjJsdzJKUDFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCmFm8AwQC
ue/EMA0EAgACMAcDBQMqDGGAMA0GCSqGSIb3DQEBCwUAA4IBAQBhrWNiRdIJSYUO
2PIW5EtS/v+igd1m23cYhlom4Togf43MAmzw3Ca+pdKCsnyo+Jn9yjfKyLXpvtqa
T5PBIeYyf02pMGmniv7B2D7kn8froIb7x7Ao3OYikQAl6ykKGkG2yRNoNViPOL+k
btNRwfy6sh6pU5MF8W7QnptDMxOocpBuBO0BD5ftjCe3WXT/MbffGf/7ITBMPkqw
onp99JXCmaKGEC9V22GJpnhxdmBzi4ztSct2arxjlZj47vcS45Nk86qx7iubbMZL
MhcJ+jMYwt4EdRmtXbWw1gnSYAT8xD3fylo3R8pcNO8R2+Mbrs2+UY6WNjSOoPAJ
RJrU2l9v
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:36 2024 by rpki-client on console-ams.rpki-client.org