Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/6f99d2-ad05-4cfc-9a5e-9cbedcec86d6/1/TNqtCXsaJg4Ip8XTttjLJQWMQ-o.roa
File: TNqtCXsaJg4Ip8XTttjLJQWMQ-o.roa (raw, json)
Hash identifier: FGjxx7xO59CnyDONdIwsbRfAYBMX92LpZpaYXQMNrMc=
Subject key identifier: 4C:DA:AD:09:7B:1A:26:0E:08:A7:C5:D3:B6:D8:CB:25:05:8C:43:EA
Certificate issuer: /CN=b9e2dc2340c5309b63eba23cfbe7eed11b74af47
Certificate serial: 018CCA2A7E6243190886B9767E9BF3A4E92F
Authority key identifier: B9:E2:DC:23:40:C5:30:9B:63:EB:A2:3C:FB:E7:EE:D1:1B:74:AF:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueLcI0DFMJtj66I8--fu0Rt0r0c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/6f99d2-ad05-4cfc-9a5e-9cbedcec86d6/1/TNqtCXsaJg4Ip8XTttjLJQWMQ-o.roa
Signing time: Tue 02 Jan 2024 12:33:51 +0000
ROA not before: Tue 02 Jan 2024 12:33:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21454
IP address blocks: 80.252.224.0/20 maxlen: 24
185.173.237.0/24 maxlen: 24
185.173.236.0/22 maxlen: 24
188.214.198.0/24 maxlen: 24
2a10:5340::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 29 Mar 2024 13:09:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:7e:62:43:19:08:86:b9:76:7e:9b:f3:a4:e9:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9e2dc2340c5309b63eba23cfbe7eed11b74af47
Validity
Not Before: Jan 2 12:33:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4cdaad097b1a260e08a7c5d3b6d8cb25058c43ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:90:5e:82:c4:b8:5d:73:71:75:44:ba:b7:da:
30:1f:6f:68:d2:7a:8a:ee:0f:70:51:aa:44:b5:15:
cc:ec:e7:6b:a7:4c:e8:50:15:a5:a2:a3:50:5a:10:
86:33:26:a2:3d:32:c1:87:24:d5:1a:7b:44:bf:da:
56:c5:43:c9:16:99:4f:71:ea:50:a6:04:31:7d:1e:
cf:cc:3c:48:ba:83:a4:86:b4:d6:e2:6c:aa:df:2b:
07:db:2d:6e:05:7f:3e:82:d9:9d:f6:bd:5b:78:30:
70:3d:ae:ec:33:11:b1:0d:ae:d5:01:bc:14:48:bb:
50:0b:1e:77:09:f7:fc:79:7e:7d:2c:48:e6:83:77:
6e:e9:06:b5:ac:2b:9b:21:18:68:38:53:a5:f2:06:
8f:b0:20:1b:39:29:2e:bd:b1:2a:ef:69:2a:90:9d:
cb:9c:98:ec:fb:ed:d1:69:21:ca:75:8c:11:90:2c:
cf:e9:cf:ad:f9:01:47:57:ea:8d:19:b4:4c:17:66:
23:f5:23:f8:47:92:ac:d0:01:5a:91:3c:70:ef:9e:
2d:02:d8:11:59:6e:7a:39:e5:58:c7:02:62:ad:1b:
1c:78:d1:1b:03:c4:95:96:e4:91:22:94:6a:fb:6c:
d0:7e:16:27:14:72:97:74:1b:bf:74:ec:22:34:cd:
b3:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:DA:AD:09:7B:1A:26:0E:08:A7:C5:D3:B6:D8:CB:25:05:8C:43:EA
X509v3 Authority Key Identifier:
keyid:B9:E2:DC:23:40:C5:30:9B:63:EB:A2:3C:FB:E7:EE:D1:1B:74:AF:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueLcI0DFMJtj66I8--fu0Rt0r0c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/6f99d2-ad05-4cfc-9a5e-9cbedcec86d6/1/TNqtCXsaJg4Ip8XTttjLJQWMQ-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/6f99d2-ad05-4cfc-9a5e-9cbedcec86d6/1/ueLcI0DFMJtj66I8--fu0Rt0r0c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.252.224.0/20
185.173.236.0/22
188.214.198.0/24
IPv6:
2a10:5340::/29
Signature Algorithm: sha256WithRSAEncryption
4d:bb:1c:be:71:fc:1f:2a:c2:d8:93:1e:5a:4b:48:9d:f8:0d:
73:e2:4e:9e:e0:ed:d3:bd:f9:16:74:c5:c4:9a:5a:e6:43:da:
24:7f:49:45:7b:41:cb:40:86:a7:25:07:bd:af:47:aa:25:96:
bb:45:23:ce:be:1b:b8:96:f2:a1:1d:97:bf:3e:b9:f4:ab:75:
0d:41:d0:59:e6:ca:59:02:54:53:de:5a:dd:de:f9:9b:48:6e:
b7:ad:db:05:9d:f2:33:b0:df:af:7d:e8:e9:cc:3a:c3:23:72:
a6:61:60:f4:49:d6:21:b6:3d:cc:68:d0:a6:f9:bc:77:44:8a:
9e:74:f5:89:4a:e7:e3:44:be:4b:84:04:6f:0a:06:ff:52:38:
e4:99:95:09:ad:dd:bb:17:81:61:92:46:e3:45:96:13:de:b4:
93:df:f9:20:89:53:c5:f3:8c:be:d2:9e:0c:5a:a6:ec:9f:9f:
28:81:61:e4:fd:a2:38:68:2b:65:c4:8a:f2:6a:50:1c:e7:7b:
91:b4:ad:0a:70:f2:c8:a2:d6:bb:4d:33:92:86:81:d9:f7:b8:
96:b7:b4:b4:80:f4:3a:54:1d:a4:64:12:10:c0:e2:7a:a6:96:
5c:03:39:66:8f:e8:c0:0b:aa:f4:dc:ec:e1:2c:d7:df:d8:05:
23:df:e4:de
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzKKn5iQxkIhrl2fpvzpOkvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZTJkYzIzNDBjNTMwOWI2M2ViYTIzY2ZiZTdlZWQxMWI3
NGFmNDcwHhcNMjQwMTAyMTIzMzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2RhYWQwOTdiMWEyNjBlMDhhN2M1ZDNiNmQ4Y2IyNTA1OGM0M2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpBegsS4XXNxdUS6t9owH29o0nqK
7g9wUapEtRXM7Odrp0zoUBWloqNQWhCGMyaiPTLBhyTVGntEv9pWxUPJFplPcepQ
pgQxfR7PzDxIuoOkhrTW4myq3ysH2y1uBX8+gtmd9r1beDBwPa7sMxGxDa7VAbwU
SLtQCx53Cff8eX59LEjmg3du6Qa1rCubIRhoOFOl8gaPsCAbOSkuvbEq72kqkJ3L
nJjs++3RaSHKdYwRkCzP6c+t+QFHV+qNGbRMF2Yj9SP4R5Ks0AFakTxw754tAtgR
WW56OeVYxwJirRsceNEbA8SVluSRIpRq+2zQfhYnFHKXdBu/dOwiNM2zfwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEzarQl7GiYOCKfF07bYyyUFjEPqMB8GA1UdIwQY
MBaAFLni3CNAxTCbY+uiPPvn7tEbdK9HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVMY0kwREZNSnRqNjZJOC0tZnUwUnQwcjBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny82Zjk5ZDItYWQwNS00Y2ZjLTlhNWUt
OWNiZWRjZWM4NmQ2LzEvVE5xdENYc2FKZzRJcDhYVHR0akxKUVdNUS1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny82Zjk5ZDItYWQwNS00Y2ZjLTlhNWUtOWNiZWRjZWM4NmQ2
LzEvdWVMY0kwREZNSnRqNjZJOC0tZnUwUnQwcjBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEUPzgAwQC
ua3sAwQAvNbGMA0EAgACMAcDBQMqEFNAMA0GCSqGSIb3DQEBCwUAA4IBAQBNuxy+
cfwfKsLYkx5aS0id+A1z4k6e4O3TvfkWdMXEmlrmQ9okf0lFe0HLQIanJQe9r0eq
JZa7RSPOvhu4lvKhHZe/Prn0q3UNQdBZ5spZAlRT3lrd3vmbSG63rdsFnfIzsN+v
fejpzDrDI3KmYWD0SdYhtj3MaNCm+bx3RIqedPWJSufjRL5LhARvCgb/UjjkmZUJ
rd27F4FhkkbjRZYT3rST3/kgiVPF84y+0p4MWqbsn58ogWHk/aI4aCtlxIryalAc
53uRtK0KcPLIota7TTOShoHZ97iWt7S0gPQ6VB2kZBIQwOJ6ppZcAzlmj+jAC6r0
3OzhLNff2AUj3+Te
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:27 2024 by rpki-client on console-fra.rpki-client.org