Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/TmG87IorUdgIGyWL3W5VJ0Urhjo.roa
File: TmG87IorUdgIGyWL3W5VJ0Urhjo.roa (raw, json)
Hash identifier: oOptJuvXZauuMvkyKw6zywDT2h9sZCaxllFhAgaD5Ok=
Subject key identifier: 4E:61:BC:EC:8A:2B:51:D8:08:1B:25:8B:DD:6E:55:27:45:2B:86:3A
Certificate issuer: /CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Certificate serial: 0190CC7502E5896987CE9B81A68A930BE3CB
Authority key identifier: 95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/TmG87IorUdgIGyWL3W5VJ0Urhjo.roa
Signing time: Fri 19 Jul 2024 19:25:38 +0000
ROA not before: Fri 19 Jul 2024 19:25:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54203
IP address blocks: 185.147.213.0/24 maxlen: 24
185.147.215.0/24 maxlen: 24
2a03:efc0:200::/40 maxlen: 40
2a03:efc0:500::/40 maxlen: 40
2a03:efc0:1100::/40 maxlen: 40
2a03:efc0:1300::/40 maxlen: 40
2a03:efc0:1900::/40 maxlen: 40
Validation: Failed, certificate revoked on Fri 19 Jul 2024 22:59:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:cc:75:02:e5:89:69:87:ce:9b:81:a6:8a:93:0b:e3:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Validity
Not Before: Jul 19 19:25:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e61bcec8a2b51d8081b258bdd6e5527452b863a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:c0:0a:27:3b:7f:1f:4b:f0:ac:16:1e:80:97:
bc:67:5b:65:f8:18:b8:5a:ce:b5:8e:23:d2:af:79:
65:2e:73:da:72:36:0c:a5:37:25:39:fd:00:b6:06:
82:f5:bb:7a:d1:b1:58:6e:46:6d:55:b6:4d:b6:62:
ea:0f:7d:49:da:94:da:65:de:87:86:0e:52:40:7e:
a0:f9:c3:97:93:8d:30:f8:a4:eb:0a:d8:20:11:0b:
f0:8a:ed:4a:9f:09:bd:6b:55:3d:18:50:a7:fc:d3:
6f:f4:8f:fb:f5:a0:2f:dd:92:fb:c2:f4:3f:0f:ef:
01:89:4b:ff:45:2b:dc:bd:b7:b5:df:21:23:5f:26:
67:12:03:33:f1:14:dd:1f:ad:52:ac:6f:2a:14:26:
2a:c0:24:b1:c8:19:dd:5b:3f:f4:85:a6:06:9d:54:
fb:98:eb:67:76:d9:c7:45:58:dd:aa:27:5a:3f:4a:
0c:90:16:f2:f6:4a:06:08:90:13:3b:08:bd:a4:35:
af:a4:22:e4:a2:b4:02:02:2c:f4:48:86:77:4a:54:
af:25:90:e8:ca:23:17:de:5c:09:e8:dc:06:39:02:
4a:e4:c9:c8:78:32:fb:19:e3:bc:a6:b1:65:bf:7a:
86:83:e5:ac:48:fb:c5:7f:b2:b5:e0:5a:4e:6d:ba:
13:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:61:BC:EC:8A:2B:51:D8:08:1B:25:8B:DD:6E:55:27:45:2B:86:3A
X509v3 Authority Key Identifier:
keyid:95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/TmG87IorUdgIGyWL3W5VJ0Urhjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.147.213.0/24
185.147.215.0/24
IPv6:
2a03:efc0:200::/40
2a03:efc0:500::/40
2a03:efc0:1100::/40
2a03:efc0:1300::/40
2a03:efc0:1900::/40
Signature Algorithm: sha256WithRSAEncryption
ab:98:28:c5:e9:05:ad:45:df:cd:62:65:51:ec:39:67:23:23:
0a:60:1c:4b:18:bd:87:40:11:3b:0a:8c:39:31:88:a5:fa:ab:
22:b6:a6:08:9d:78:06:ec:4c:ad:fe:4c:40:9b:b8:8f:3d:2c:
54:ec:6a:b1:b4:48:21:0b:37:ce:10:0a:3c:7f:42:99:db:e0:
6a:c2:24:4e:56:72:bf:b3:0e:a2:ef:23:bc:b8:5c:8c:aa:53:
1b:10:72:69:17:93:60:50:86:70:7a:17:2e:1f:a5:7b:28:d2:
d5:eb:2a:c7:32:91:17:2a:4c:93:75:83:f8:b1:7e:e3:18:6e:
a5:e5:c6:71:bc:cd:03:d8:b1:b1:8c:8a:72:58:c4:5e:78:2d:
95:15:e0:7e:a6:32:62:5b:12:83:8a:5b:39:36:a7:cc:74:d2:
77:a5:cb:9f:e1:59:45:13:86:c4:46:ef:28:33:b2:bc:be:32:
6e:31:97:13:1d:2c:68:28:08:d8:27:d9:7d:59:13:b1:a3:e0:
2b:1f:e6:2b:b9:ac:c2:40:8f:2d:33:71:25:3a:e1:f2:5e:54:
c6:8e:15:d5:35:c7:da:f8:58:4e:05:9c:8f:e0:17:1a:a8:10:
c6:90:18:50:63:ca:02:75:a7:be:86:f6:2d:65:46:7c:22:4f:
c8:a3:f2:7e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZDMdQLliWmHzpuBpoqTC+PLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MDJkOGI4MjY5YzZiMDdmODE0YWNmMGM3ZWQ3MjliM2Y0
YjU5ODQwHhcNMjQwNzE5MTkyNTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTYxYmNlYzhhMmI1MWQ4MDgxYjI1OGJkZDZlNTUyNzQ1MmI4NjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8AKJzt/H0vwrBYegJe8Z1tl+Bi4
Ws61jiPSr3llLnPacjYMpTclOf0AtgaC9bt60bFYbkZtVbZNtmLqD31J2pTaZd6H
hg5SQH6g+cOXk40w+KTrCtggEQvwiu1Knwm9a1U9GFCn/NNv9I/79aAv3ZL7wvQ/
D+8BiUv/RSvcvbe13yEjXyZnEgMz8RTdH61SrG8qFCYqwCSxyBndWz/0haYGnVT7
mOtndtnHRVjdqidaP0oMkBby9koGCJATOwi9pDWvpCLkorQCAiz0SIZ3SlSvJZDo
yiMX3lwJ6NwGOQJK5MnIeDL7GeO8prFlv3qGg+WsSPvFf7K14FpObboTCwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFE5hvOyKK1HYCBsli91uVSdFK4Y6MB8GA1UdIwQY
MBaAFJUC2LgmnGsH+BSs8Mftcps/S1mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYt
MDFiOGJiNmFkOTBhLzEvVG1HODdJb3JVZGdJR3lXTDNXNVZKMFVyaGpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYtMDFiOGJiNmFkOTBh
LzEvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDASBAIAATAMAwQAuZPVAwQA
uZPXMC4EAgACMCgDBgAqA+/AAgMGACoD78AFAwYAKgPvwBEDBgAqA+/AEwMGACoD
78AZMA0GCSqGSIb3DQEBCwUAA4IBAQCrmCjF6QWtRd/NYmVR7DlnIyMKYBxLGL2H
QBE7Cow5MYil+qsitqYInXgG7Eyt/kxAm7iPPSxU7GqxtEghCzfOEAo8f0KZ2+Bq
wiROVnK/sw6i7yO8uFyMqlMbEHJpF5NgUIZwehcuH6V7KNLV6yrHMpEXKkyTdYP4
sX7jGG6l5cZxvM0D2LGxjIpyWMReeC2VFeB+pjJiWxKDils5NqfMdNJ3pcuf4VlF
E4bERu8oM7K8vjJuMZcTHSxoKAjYJ9l9WROxo+ArH+YruazCQI8tM3ElOuHyXlTG
jhXVNcfa+FhOBZyP4BcaqBDGkBhQY8oCdae+hvYtZUZ8Ik/Io/J+
-----END CERTIFICATE-----
Generated at Fri Jul 19 23:56:39 2024 by rpki-client on console-fra.rpki-client.org