Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/RTbl6t2cd79vUEusmZpNqyi7iWA.roa
File: RTbl6t2cd79vUEusmZpNqyi7iWA.roa (raw, json)
Hash identifier: Uu/klSP6WjDC8WNssEAApxEHytYKTHOsNwvZ8Ir0qPk=
Subject key identifier: 45:36:E5:EA:DD:9C:77:BF:6F:50:4B:AC:99:9A:4D:AB:28:BB:89:60
Certificate issuer: /CN=b914961f67f22c61e84a66c8ad9c1a8ce51d099b
Certificate serial: 01928BE8554112FC6E729CC846FEA2102DCE
Authority key identifier: B9:14:96:1F:67:F2:2C:61:E8:4A:66:C8:AD:9C:1A:8C:E5:1D:09:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRSWH2fyLGHoSmbIrZwajOUdCZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/RTbl6t2cd79vUEusmZpNqyi7iWA.roa
Signing time: Mon 14 Oct 2024 16:41:51 +0000
ROA not before: Mon 14 Oct 2024 16:41:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202766
IP address blocks: 176.98.220.0/22 maxlen: 24
185.145.224.0/22 maxlen: 24
185.155.64.0/22 maxlen: 24
185.173.44.0/22 maxlen: 24
185.187.180.0/22 maxlen: 24
185.224.76.0/22 maxlen: 24
193.34.240.0/22 maxlen: 24
2a0d:59c1::/32 maxlen: 32
2a0d:59c7::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 21 Oct 2024 12:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8b:e8:55:41:12:fc:6e:72:9c:c8:46:fe:a2:10:2d:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b914961f67f22c61e84a66c8ad9c1a8ce51d099b
Validity
Not Before: Oct 14 16:41:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4536e5eadd9c77bf6f504bac999a4dab28bb8960
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:a1:0d:34:f7:29:6e:0d:35:ca:e3:29:bb:f3:
ea:f9:b8:8e:33:9f:cc:c1:eb:10:2a:e4:36:90:d2:
6a:7d:8f:76:19:af:3f:1d:03:d4:af:d4:0a:23:38:
90:c8:35:8f:0d:4d:ef:bc:d3:18:a3:f7:e5:ca:70:
02:e4:1f:cd:9a:a7:25:cd:9c:5a:6d:4b:9a:f2:a3:
e4:bf:a2:51:aa:a3:3e:78:1c:9d:d6:e6:d0:c5:22:
41:c3:d5:2d:ee:89:1a:f4:fb:71:6b:fa:d9:b1:51:
47:89:c0:78:fb:64:29:3e:d7:4a:89:5c:2e:17:97:
88:42:79:de:61:f4:03:07:01:39:1d:7c:c2:23:a4:
4e:ad:e6:4b:fe:5e:6e:92:75:d7:50:bb:98:3f:71:
c3:68:b1:8f:40:ab:a8:cd:de:e7:20:4a:bb:b5:cf:
d5:40:c1:1d:50:e3:25:27:9a:43:f9:8d:9c:92:50:
3f:3b:fb:ce:3e:ac:af:75:fa:84:3f:96:57:4a:c1:
79:86:58:f7:85:b6:d1:d5:eb:07:7a:84:fa:2e:ee:
d5:22:dd:0e:ae:29:e9:f5:fb:8b:1c:a6:51:2f:ea:
3c:86:73:a6:39:18:6a:8d:2a:6e:f5:3e:cd:23:16:
6a:b7:33:96:a7:bd:f3:4d:c3:db:65:e8:7f:19:1a:
df:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:36:E5:EA:DD:9C:77:BF:6F:50:4B:AC:99:9A:4D:AB:28:BB:89:60
X509v3 Authority Key Identifier:
keyid:B9:14:96:1F:67:F2:2C:61:E8:4A:66:C8:AD:9C:1A:8C:E5:1D:09:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRSWH2fyLGHoSmbIrZwajOUdCZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/RTbl6t2cd79vUEusmZpNqyi7iWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/uRSWH2fyLGHoSmbIrZwajOUdCZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.98.220.0/22
185.145.224.0/22
185.155.64.0/22
185.173.44.0/22
185.187.180.0/22
185.224.76.0/22
193.34.240.0/22
IPv6:
2a0d:59c1::/32
2a0d:59c7::/32
Signature Algorithm: sha256WithRSAEncryption
e6:4a:c1:ce:af:81:6d:20:48:c0:2d:40:18:c1:91:2b:8c:54:
7a:92:1e:a4:99:0c:8d:23:25:10:f3:6c:88:64:c0:ac:48:11:
b9:7e:30:d7:c9:13:f8:46:ec:ca:8f:5a:88:d6:be:35:15:54:
72:cd:f1:71:07:81:b9:84:66:95:2b:dd:02:09:ad:4a:7d:21:
0a:e5:82:55:ed:a2:1f:e5:b3:e8:50:0c:a8:1e:d8:5e:fc:12:
f2:1d:be:32:0e:af:d4:96:1d:7d:a1:6d:87:d3:17:c5:32:85:
f8:0f:42:a7:d9:68:f5:87:0d:b8:ef:fd:f9:ab:4e:48:24:8c:
5b:58:fc:d1:be:ca:f3:07:51:9d:9d:2e:d5:f2:09:57:48:f1:
d1:d4:65:f1:bb:28:e7:87:a5:31:3c:ef:e5:1d:cc:b3:29:19:
82:38:d8:3d:99:cc:fd:00:87:0d:b4:93:78:7d:c9:78:fe:5d:
72:12:a7:02:e0:ec:e4:92:7c:ea:5b:2e:98:8b:11:4d:45:28:
69:f3:8d:95:ab:3a:70:ca:04:b6:28:3e:e7:c9:11:75:ce:59:
3e:4b:7f:fe:26:d8:fb:b2:23:5d:e2:d4:72:cc:fa:c8:57:8f:
21:ab:d0:a7:35:42:52:93:42:41:59:9c:d5:5b:95:b5:f6:09:
4f:dd:ec:8f
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZKL6FVBEvxucpzIRv6iEC3OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MTQ5NjFmNjdmMjJjNjFlODRhNjZjOGFkOWMxYThjZTUx
ZDA5OWIwHhcNMjQxMDE0MTY0MTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTM2ZTVlYWRkOWM3N2JmNmY1MDRiYWM5OTlhNGRhYjI4YmI4OTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA36ENNPcpbg01yuMpu/Pq+biOM5/M
wesQKuQ2kNJqfY92Ga8/HQPUr9QKIziQyDWPDU3vvNMYo/flynAC5B/NmqclzZxa
bUua8qPkv6JRqqM+eByd1ubQxSJBw9Ut7oka9Ptxa/rZsVFHicB4+2QpPtdKiVwu
F5eIQnneYfQDBwE5HXzCI6ROreZL/l5uknXXULuYP3HDaLGPQKuozd7nIEq7tc/V
QMEdUOMlJ5pD+Y2cklA/O/vOPqyvdfqEP5ZXSsF5hlj3hbbR1esHeoT6Lu7VIt0O
rinp9fuLHKZRL+o8hnOmORhqjSpu9T7NIxZqtzOWp73zTcPbZeh/GRrfqQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFEU25erdnHe/b1BLrJmaTasou4lgMB8GA1UdIwQY
MBaAFLkUlh9n8ixh6EpmyK2cGozlHQmbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJTV0gyZnlMR0hvU21iSXJad2FqT1VkQ1pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wOTE3YTctOWViZC00NWI5LTlkZTIt
Mjc0NzNjYTYxMmRlLzEvUlRibDZ0MmNkNzl2VUV1c21acE5xeWk3aVdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wOTE3YTctOWViZC00NWI5LTlkZTItMjc0NzNjYTYxMmRl
LzEvdVJTV0gyZnlMR0hvU21iSXJad2FqT1VkQ1pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQCsGLcAwQC
uZHgAwQCuZtAAwQCua0sAwQCubu0AwQCueBMAwQCwSLwMBQEAgACMA4DBQAqDVnB
AwUAKg1ZxzANBgkqhkiG9w0BAQsFAAOCAQEA5krBzq+BbSBIwC1AGMGRK4xUepIe
pJkMjSMlEPNsiGTArEgRuX4w18kT+Ebsyo9aiNa+NRVUcs3xcQeBuYRmlSvdAgmt
Sn0hCuWCVe2iH+Wz6FAMqB7YXvwS8h2+Mg6v1JYdfaFth9MXxTKF+A9Cp9lo9YcN
uO/9+atOSCSMW1j80b7K8wdRnZ0u1fIJV0jx0dRl8bso54elMTzv5R3MsykZgjjY
PZnM/QCHDbSTeH3JeP5dchKnAuDs5JJ86lsumIsRTUUoafONlas6cMoEtig+58kR
dc5ZPkt//ibY+7IjXeLUcsz6yFePIavQpzVCUpNCQVmc1VuVtfYJT93sjw==
-----END CERTIFICATE-----
Generated at Mon Oct 21 13:26:14 2024 by rpki-client on console-fra.rpki-client.org