Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/tONS425C4CBdrdwEGd9Y9pVf0gA.roa
File: tONS425C4CBdrdwEGd9Y9pVf0gA.roa (raw, json)
Hash identifier: h7ExniVyS/U0hvprILN/ru/D//5cUseaO5RErC4nqH0=
Subject key identifier: B4:E3:52:E3:6E:42:E0:20:5D:AD:DC:04:19:DF:58:F6:95:5F:D2:00
Certificate issuer: /CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Certificate serial: 01856DDD7171AAA01516576CCC1162787624
Authority key identifier: F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/tONS425C4CBdrdwEGd9Y9pVf0gA.roa
Signing time: Sun 01 Jan 2023 15:05:07 +0000
ROA not before: Sun 01 Jan 2023 15:05:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35661
IP address blocks: 185.10.16.0/22 maxlen: 24
45.157.116.0/22 maxlen: 24
194.147.97.0/24 maxlen: 24
185.154.152.0/22 maxlen: 24
188.214.24.0/24 maxlen: 24
2a03:5840::/32 maxlen: 32
2a0d:e680::/32 maxlen: 32
2a07:8dc0::/29 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:71:71:aa:a0:15:16:57:6c:cc:11:62:78:76:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Validity
Not Before: Jan 1 15:05:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4e352e36e42e0205daddc0419df58f6955fd200
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:75:56:08:fd:7a:84:67:d5:d0:35:71:9e:ae:
ed:e7:34:64:d9:74:e6:fb:ba:92:ea:8d:b3:44:44:
cc:90:82:56:85:d9:3a:1e:30:e7:84:78:dc:86:84:
b6:aa:15:73:97:ec:ae:0e:ba:20:31:88:11:ab:7c:
9d:e7:4e:39:96:54:f2:3c:47:bb:56:6f:a0:6d:9d:
25:e2:2e:94:49:42:a3:16:36:e5:5e:4b:40:b5:ca:
fb:e4:b9:db:e6:19:86:e4:56:32:57:bd:41:60:70:
0a:0d:ed:f3:a3:7a:ac:cd:59:cf:50:49:62:82:a8:
0c:83:49:df:a9:cc:79:7e:df:9b:a9:75:85:ac:e5:
ee:d7:d6:1e:30:6b:fd:02:11:82:33:dc:cd:ee:77:
1b:af:87:2e:73:3a:27:82:73:e8:46:47:a0:a1:7f:
2e:c0:3f:f4:98:43:33:10:b6:50:05:d4:60:b8:99:
b9:96:f5:8c:09:a7:7e:92:d0:68:e4:bf:6f:61:8e:
ed:5f:13:7d:8c:8f:e9:aa:56:78:38:5c:65:a2:13:
6d:9c:0a:92:06:0b:a1:3e:2c:43:1c:23:70:21:a0:
c0:df:8a:2b:e2:21:05:36:67:56:f9:b5:08:2c:00:
1a:c8:05:c3:94:04:d5:c7:42:f8:c2:e9:8e:a0:70:
1b:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:E3:52:E3:6E:42:E0:20:5D:AD:DC:04:19:DF:58:F6:95:5F:D2:00
X509v3 Authority Key Identifier:
keyid:F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/tONS425C4CBdrdwEGd9Y9pVf0gA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.116.0/22
185.10.16.0/22
185.154.152.0/22
188.214.24.0/24
194.147.97.0/24
IPv6:
2a03:5840::/32
2a07:8dc0::/29
2a0d:e680::/32
Signature Algorithm: sha256WithRSAEncryption
68:71:cb:4f:f2:aa:a1:c2:72:69:5e:f8:24:d3:0b:3d:e9:a7:
90:97:d0:75:30:0b:c0:d5:10:97:74:d4:93:85:68:a2:db:ed:
e1:19:b4:21:67:ed:12:d4:9b:7a:12:b3:47:50:00:f8:63:a2:
19:b2:3e:e4:50:b1:d5:c9:07:a5:e8:04:39:09:fd:b0:ac:02:
a2:82:f6:5a:44:bc:8d:45:9d:d8:fb:58:c3:3e:5a:c4:53:f4:
80:e3:71:25:b6:be:eb:84:e2:c2:92:63:06:a5:98:f4:b2:dd:
ab:8f:a9:a4:be:27:8a:89:20:70:eb:c9:c7:11:83:9a:bf:19:
a6:09:23:81:0d:41:1a:a8:de:0d:37:17:80:9d:5a:bc:8a:cc:
8c:56:da:2d:a8:14:59:3e:db:f3:af:84:cf:9f:d3:46:d5:ea:
15:94:82:fc:93:b9:d3:30:a3:34:45:27:f6:cf:89:ff:eb:dd:
31:c0:2f:df:e3:40:7c:8f:02:d7:e5:0a:70:38:94:ed:74:9c:
5f:d2:3f:54:0d:c7:44:1c:ed:40:5a:e2:dd:b0:a9:c9:73:8e:
8d:cf:2b:37:de:ab:a8:5d:6a:24:32:f7:93:5f:f2:fd:43:87:
4d:dc:a9:8a:a6:a0:8a:30:17:07:e1:db:6b:dc:09:69:a6:06:
94:50:0a:9a
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYVt3XFxqqAVFldszBFieHYkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzcwNWU4OWJiNjViNDcyZTRlMDE4NGQ2ZmU5YmZiOGM1
ODYzNWEwHhcNMjMwMTAxMTUwNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGUzNTJlMzZlNDJlMDIwNWRhZGRjMDQxOWRmNThmNjk1NWZkMjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnVWCP16hGfV0DVxnq7t5zRk2XTm
+7qS6o2zRETMkIJWhdk6HjDnhHjchoS2qhVzl+yuDrogMYgRq3yd5045llTyPEe7
Vm+gbZ0l4i6USUKjFjblXktAtcr75Lnb5hmG5FYyV71BYHAKDe3zo3qszVnPUEli
gqgMg0nfqcx5ft+bqXWFrOXu19YeMGv9AhGCM9zN7ncbr4cuczongnPoRkegoX8u
wD/0mEMzELZQBdRguJm5lvWMCad+ktBo5L9vYY7tXxN9jI/pqlZ4OFxlohNtnAqS
BguhPixDHCNwIaDA34or4iEFNmdW+bUILAAayAXDlATVx0L4wumOoHAbtwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFLTjUuNuQuAgXa3cBBnfWPaVX9IAMB8GA1UdIwQY
MBaAFPd3BeibtltHLk4BhNb+m/uMWGNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYt
NmNiODk3OTFkN2ZkLzEvdE9OUzQyNUM0Q0JkcmR3RUdkOVk5cFZmMGdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYtNmNiODk3OTFkN2Zk
LzEvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAkBAIAATAeAwQCLZ10AwQC
uQoQAwQCuZqYAwQAvNYYAwQAwpNhMBsEAgACMBUDBQAqA1hAAwUDKgeNwAMFACoN
5oAwDQYJKoZIhvcNAQELBQADggEBAGhxy0/yqqHCcmle+CTTCz3pp5CX0HUwC8DV
EJd01JOFaKLb7eEZtCFn7RLUm3oSs0dQAPhjohmyPuRQsdXJB6XoBDkJ/bCsAqKC
9lpEvI1Fndj7WMM+WsRT9IDjcSW2vuuE4sKSYwalmPSy3auPqaS+J4qJIHDryccR
g5q/GaYJI4ENQRqo3g03F4CdWryKzIxW2i2oFFk+2/OvhM+f00bV6hWUgvyTudMw
ozRFJ/bPif/r3THAL9/jQHyPAtflCnA4lO10nF/SP1QNx0Qc7UBa4t2wqclzjo3P
Kzfeq6hdaiQy95Nf8v1Dh03cqYqmoIowFwfh22vcCWmmBpRQCpo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:12 2024 by rpki-client on console-fra.rpki-client.org