Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/tXgTLa69dpllMx6ouN-w2zw5e2c.roa
File: tXgTLa69dpllMx6ouN-w2zw5e2c.roa (raw, json)
Hash identifier: MNxvqO/xOqKAHGDjrY4uIUZYicPXqilzdmyQ/WY+XkU=
Subject key identifier: B5:78:13:2D:AE:BD:76:99:65:33:1E:A8:B8:DF:B0:DB:3C:39:7B:67
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 018B6701D84DD3D851F7DDD810BE1907751F
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/tXgTLa69dpllMx6ouN-w2zw5e2c.roa
Signing time: Wed 25 Oct 2023 13:24:16 +0000
ROA not before: Wed 25 Oct 2023 13:24:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212212
IP address blocks: 176.108.224.0/22 maxlen: 22
151.248.70.0/23 maxlen: 23
195.54.54.0/24 maxlen: 24
195.54.55.0/24 maxlen: 24
194.213.6.0/24 maxlen: 24
185.76.52.0/23 maxlen: 23
185.76.54.0/23 maxlen: 23
91.239.164.0/23 maxlen: 23
91.242.48.0/23 maxlen: 23
91.242.50.0/23 maxlen: 23
91.239.166.0/23 maxlen: 23
194.107.122.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:67:01:d8:4d:d3:d8:51:f7:dd:d8:10:be:19:07:75:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Oct 25 13:24:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b578132daebd769965331ea8b8dfb0db3c397b67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:cd:40:a7:5d:74:ef:23:30:db:56:5a:cc:a9:
5f:c9:de:4a:e1:5c:dc:49:58:3f:5f:21:36:ae:a2:
8b:dd:b1:89:87:49:5b:9f:17:d5:06:d7:4f:26:48:
08:db:24:4b:27:e5:55:c5:9a:c3:b3:d6:51:1d:96:
f1:75:e4:5b:11:90:d0:ff:9d:4b:60:3c:49:24:91:
23:09:ea:ba:d5:77:d2:63:9b:17:e3:4b:f8:5a:e8:
c3:10:9b:21:53:77:ff:78:64:f9:1c:e0:07:db:43:
fc:6b:78:1a:c0:9e:ee:b8:7b:1d:f7:4d:6e:7a:3c:
ae:bc:b6:c5:53:9e:04:19:0f:3a:cb:a1:01:d2:41:
79:75:37:85:68:a3:39:d7:28:da:0d:b5:35:1b:98:
c1:c5:b7:cb:cb:14:cd:14:2c:4f:aa:e9:40:5d:29:
d2:b3:cf:4d:07:e6:28:70:be:83:b5:80:de:77:10:
12:cb:a9:28:eb:15:15:e1:a8:0a:87:a4:b6:3b:80:
67:4f:21:ab:d4:ba:36:e5:68:cb:06:4d:e8:ad:63:
31:37:48:e3:33:75:41:d5:70:0a:d3:c4:70:ac:d4:
85:12:97:4e:f5:da:4a:fe:00:fd:f1:2f:53:9b:86:
38:6a:8c:4e:d7:32:00:8a:2a:c7:40:a3:02:df:dc:
c4:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:78:13:2D:AE:BD:76:99:65:33:1E:A8:B8:DF:B0:DB:3C:39:7B:67
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/tXgTLa69dpllMx6ouN-w2zw5e2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.164.0/22
91.242.48.0/22
151.248.70.0/23
176.108.224.0/22
185.76.52.0/22
194.107.122.0/24
194.213.6.0/24
195.54.54.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:43:0d:7a:85:66:5c:b6:b5:80:5f:8f:e8:d5:4d:f6:f9:95:
b1:f9:2e:02:0b:b9:8d:49:27:6c:e2:81:b2:2b:8a:29:3c:d5:
7e:93:ea:ee:0d:e1:1a:20:db:de:69:54:95:31:79:8a:9e:63:
67:b7:b4:e4:ef:07:7f:d4:d1:f0:e5:b0:0f:56:43:2d:58:98:
33:9e:85:cf:97:25:07:72:a1:1b:fc:4d:39:2f:91:56:01:e3:
c7:5e:1e:37:94:eb:72:74:7a:82:96:f8:9a:46:55:87:93:ee:
cd:c6:c9:15:2c:ac:09:48:5d:0c:2c:24:d4:40:43:02:2e:b9:
3e:ed:47:49:f9:b0:6a:0b:46:81:bc:6e:11:27:c7:12:aa:06:
89:14:1c:66:92:3c:b7:14:69:61:76:42:fa:b0:c2:2f:bd:21:
07:0c:39:0f:08:96:e8:18:da:e0:d7:66:73:3a:8f:7a:4d:62:
35:5b:ea:95:c2:e1:2e:5d:5e:37:96:d4:8b:6b:7b:85:d4:bc:
0c:16:7a:ac:03:ee:70:7c:1a:bb:58:d3:33:3c:62:78:ab:5f:
c0:f0:11:e1:87:79:f8:c9:37:2a:5b:34:74:e3:38:c8:d7:3b:
6f:d7:c8:b0:6a:d0:ca:22:5d:0e:63:65:9c:b0:7e:a2:7a:e8:
ab:66:3a:db
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYtnAdhN09hR993YEL4ZB3UfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjMxMDI1MTMyNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTc4MTMyZGFlYmQ3Njk5NjUzMzFlYThiOGRmYjBkYjNjMzk3YjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAns1Ap1107yMw21ZazKlfyd5K4Vzc
SVg/XyE2rqKL3bGJh0lbnxfVBtdPJkgI2yRLJ+VVxZrDs9ZRHZbxdeRbEZDQ/51L
YDxJJJEjCeq61XfSY5sX40v4WujDEJshU3f/eGT5HOAH20P8a3gawJ7uuHsd901u
ejyuvLbFU54EGQ86y6EB0kF5dTeFaKM51yjaDbU1G5jBxbfLyxTNFCxPqulAXSnS
s89NB+YocL6DtYDedxASy6ko6xUV4agKh6S2O4BnTyGr1Lo25WjLBk3orWMxN0jj
M3VB1XAK08RwrNSFEpdO9dpK/gD98S9Tm4Y4aoxO1zIAiirHQKMC39zEewIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFLV4Ey2uvXaZZTMeqLjfsNs8OXtnMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvdFhnVExhNjlkcGxsTXg2b3VOLXcyenc1ZTJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCW++kAwQC
W/IwAwQBl/hGAwQCsGzgAwQCuUw0AwQAwmt6AwQAwtUGAwQBwzY2MA0GCSqGSIb3
DQEBCwUAA4IBAQBrQw16hWZctrWAX4/o1U32+ZWx+S4CC7mNSSds4oGyK4opPNV+
k+ruDeEaINveaVSVMXmKnmNnt7Tk7wd/1NHw5bAPVkMtWJgznoXPlyUHcqEb/E05
L5FWAePHXh43lOtydHqClviaRlWHk+7NxskVLKwJSF0MLCTUQEMCLrk+7UdJ+bBq
C0aBvG4RJ8cSqgaJFBxmkjy3FGlhdkL6sMIvvSEHDDkPCJboGNrg12ZzOo96TWI1
W+qVwuEuXV43ltSLa3uF1LwMFnqsA+5wfBq7WNMzPGJ4q1/A8BHhh3n4yTcqWzR0
4zjI1ztv18iwatDKIl0OY2WcsH6ieuirZjrb
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:53 2024 by rpki-client on console-fra.rpki-client.org