Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/0b4629-39cc-4e6c-9e1c-991b7aee746c/1/tauTRdyoxHc3oq3iOYExtDUmuMA.roa
File: tauTRdyoxHc3oq3iOYExtDUmuMA.roa (raw, json)
Hash identifier: CK7tEXQGB5lSkt/cVQTBPevCTJVe+QaiMPx2E8wbRKQ=
Subject key identifier: B5:AB:93:45:DC:A8:C4:77:37:A2:AD:E2:39:81:31:B4:35:26:B8:C0
Certificate issuer: /CN=a92dc7bdbc9d097336de6243b550ab173375ea39
Certificate serial: 01856D38750E1E78570D6ED7A847DC4D69D2
Authority key identifier: A9:2D:C7:BD:BC:9D:09:73:36:DE:62:43:B5:50:AB:17:33:75:EA:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qS3HvbydCXM23mJDtVCrFzN16jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/0b4629-39cc-4e6c-9e1c-991b7aee746c/1/tauTRdyoxHc3oq3iOYExtDUmuMA.roa
Signing time: Sun 01 Jan 2023 12:04:54 +0000
ROA not before: Sun 01 Jan 2023 12:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3301
IP address blocks: 212.39.36.0/24 maxlen: 24
212.39.35.0/24 maxlen: 24
212.39.37.0/24 maxlen: 24
212.39.32.0/24 maxlen: 24
212.39.38.0/24 maxlen: 24
212.39.34.0/24 maxlen: 24
212.39.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:38:75:0e:1e:78:57:0d:6e:d7:a8:47:dc:4d:69:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a92dc7bdbc9d097336de6243b550ab173375ea39
Validity
Not Before: Jan 1 12:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5ab9345dca8c47737a2ade2398131b43526b8c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:63:68:82:75:ae:a0:9e:99:06:05:80:1e:23:
fc:39:08:34:ca:a4:f0:a2:41:4f:3a:b4:eb:ff:f6:
2c:80:51:3e:5a:21:15:eb:0a:2d:4f:c7:f3:e1:83:
b9:34:b3:5d:c7:77:de:7a:bc:c3:e2:37:9f:da:69:
40:e3:ca:9f:ec:49:78:d1:7f:d5:47:24:29:e4:ec:
9a:be:cc:74:95:23:1a:e7:56:b9:be:c0:50:a3:7d:
fa:24:68:57:2a:c6:df:b9:ed:79:b8:40:0f:29:c3:
b2:1d:20:2c:ca:47:83:a7:cb:cd:74:f2:38:ea:aa:
02:da:78:22:36:5b:8b:d3:ba:99:b7:4b:2f:17:c1:
05:b3:9a:96:e2:9c:bc:8b:8a:75:c3:68:d8:44:fd:
1a:d2:67:9a:f8:52:5d:ee:23:88:85:87:54:11:f7:
ba:8a:20:e7:77:64:49:59:df:5e:f1:dc:45:dd:ec:
eb:86:b2:74:cb:5f:24:6b:9c:39:58:70:45:e1:87:
f7:c6:ea:89:1b:69:88:17:ed:17:f6:f3:3f:0e:f2:
09:15:61:25:f0:21:fa:e0:c2:b2:f4:4f:de:90:89:
63:c7:46:56:5b:64:25:bb:59:d6:60:3d:2d:07:4f:
27:57:92:02:52:36:ed:15:a0:6f:22:8c:bb:75:ea:
73:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:AB:93:45:DC:A8:C4:77:37:A2:AD:E2:39:81:31:B4:35:26:B8:C0
X509v3 Authority Key Identifier:
keyid:A9:2D:C7:BD:BC:9D:09:73:36:DE:62:43:B5:50:AB:17:33:75:EA:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qS3HvbydCXM23mJDtVCrFzN16jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/0b4629-39cc-4e6c-9e1c-991b7aee746c/1/tauTRdyoxHc3oq3iOYExtDUmuMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/0b4629-39cc-4e6c-9e1c-991b7aee746c/1/qS3HvbydCXM23mJDtVCrFzN16jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.39.32.0/24
212.39.34.0-212.39.39.255
Signature Algorithm: sha256WithRSAEncryption
ab:8a:13:cb:27:39:6e:63:57:38:d6:fd:06:ec:67:c4:03:4f:
eb:61:21:8c:88:09:5d:1a:a4:35:4c:73:80:5f:9a:e6:e8:fc:
64:b7:12:ab:71:f4:3b:2c:a1:95:c0:d2:4c:55:a5:81:70:52:
39:d4:ed:a9:25:8d:b7:11:38:bc:ba:27:14:c6:fc:da:c5:e1:
bc:35:63:13:49:2f:af:33:0f:27:b0:7e:3e:c4:5f:e4:7a:23:
7b:03:06:1f:4b:66:27:97:33:44:16:2b:79:14:c9:99:73:29:
85:51:04:37:f2:16:20:68:06:12:32:fb:f7:75:27:23:6b:c8:
35:f2:83:ba:f9:e5:24:95:1d:c5:e2:21:4a:1d:68:ea:cc:16:
14:95:70:87:b7:bc:52:04:28:51:0e:6f:5b:95:dc:05:f4:56:
5d:9f:c7:a1:c0:0b:30:88:0c:9e:40:fe:32:ca:91:de:3b:42:
ed:12:4c:64:dd:72:c2:0c:a4:d6:b3:a9:02:53:cb:f2:22:d1:
5a:70:45:2c:1d:86:91:53:8c:1f:c8:a6:7f:35:dc:cd:fe:62:
12:2d:21:9c:8f:ef:f1:45:e9:4e:79:6c:f9:b1:05:f4:a9:1e:
01:20:bb:b5:35:f2:89:d6:27:b1:4d:50:19:7f:90:f3:4b:ba:
e1:63:46:e1
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVtOHUOHnhXDW7XqEfcTWnSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5MmRjN2JkYmM5ZDA5NzMzNmRlNjI0M2I1NTBhYjE3MzM3
NWVhMzkwHhcNMjMwMTAxMTIwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWFiOTM0NWRjYThjNDc3MzdhMmFkZTIzOTgxMzFiNDM1MjZiOGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2NognWuoJ6ZBgWAHiP8OQg0yqTw
okFPOrTr//YsgFE+WiEV6wotT8fz4YO5NLNdx3feerzD4jef2mlA48qf7El40X/V
RyQp5Oyavsx0lSMa51a5vsBQo336JGhXKsbfue15uEAPKcOyHSAsykeDp8vNdPI4
6qoC2ngiNluL07qZt0svF8EFs5qW4py8i4p1w2jYRP0a0mea+FJd7iOIhYdUEfe6
iiDnd2RJWd9e8dxF3ezrhrJ0y18ka5w5WHBF4Yf3xuqJG2mIF+0X9vM/DvIJFWEl
8CH64MKy9E/ekIljx0ZWW2Qlu1nWYD0tB08nV5ICUjbtFaBvIoy7depzLQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLWrk0XcqMR3N6Kt4jmBMbQ1JrjAMB8GA1UdIwQY
MBaAFKktx728nQlzNt5iQ7VQqxczdeo5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVMzSHZieWRDWE0yM21KRHRWQ3JGek4xNmprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8wYjQ2MjktMzljYy00ZTZjLTllMWMt
OTkxYjdhZWU3NDZjLzEvdGF1VFJkeW94SGMzb3EzaU9ZRXh0RFVtdU1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8wYjQ2MjktMzljYy00ZTZjLTllMWMtOTkxYjdhZWU3NDZj
LzEvcVMzSHZieWRDWE0yM21KRHRWQ3JGek4xNmprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQA1CcgMAwD
BAHUJyIDBAPUJyAwDQYJKoZIhvcNAQELBQADggEBAKuKE8snOW5jVzjW/QbsZ8QD
T+thIYyICV0apDVMc4Bfmubo/GS3Eqtx9DssoZXA0kxVpYFwUjnU7akljbcROLy6
JxTG/NrF4bw1YxNJL68zDyewfj7EX+R6I3sDBh9LZieXM0QWK3kUyZlzKYVRBDfy
FiBoBhIy+/d1JyNryDXyg7r55SSVHcXiIUodaOrMFhSVcIe3vFIEKFEOb1uV3AX0
Vl2fx6HACzCIDJ5A/jLKkd47Qu0STGTdcsIMpNazqQJTy/Ii0VpwRSwdhpFTjB/I
pn813M3+YhItIZyP7/FF6U55bPmxBfSpHgEgu7U18onWJ7FNUBl/kPNLuuFjRuE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:01 2024 by rpki-client on console-ams.rpki-client.org