Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/c37c16-0603-4845-b4d4-95ddb0974e4b/1/tpNSiKMnzMb3psSCAL49AI9ziWY.roa
File: tpNSiKMnzMb3psSCAL49AI9ziWY.roa (raw, json)
Hash identifier: pd0mk8GzLg/zqRoLXbM6fxm5oKQMFVcM1jwnsfkyQN0=
Subject key identifier: B6:93:52:88:A3:27:CC:C6:F7:A6:C4:82:00:BE:3D:00:8F:73:89:66
Certificate issuer: /CN=841f36fcbf7334eff6b91e80297ea5b25c4ecfd2
Certificate serial: 018709802B2022561FB1A38BF5F00BCCD0EF
Authority key identifier: 84:1F:36:FC:BF:73:34:EF:F6:B9:1E:80:29:7E:A5:B2:5C:4E:CF:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hB82_L9zNO_2uR6AKX6lslxOz9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/c37c16-0603-4845-b4d4-95ddb0974e4b/1/tpNSiKMnzMb3psSCAL49AI9ziWY.roa
Signing time: Wed 22 Mar 2023 13:26:47 +0000
ROA not before: Wed 22 Mar 2023 13:26:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35334
IP address blocks: 176.57.80.0/21 maxlen: 24
185.218.172.0/22 maxlen: 24
2a00:ef80::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:09:80:2b:20:22:56:1f:b1:a3:8b:f5:f0:0b:cc:d0:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=841f36fcbf7334eff6b91e80297ea5b25c4ecfd2
Validity
Not Before: Mar 22 13:26:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b6935288a327ccc6f7a6c48200be3d008f738966
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:06:c9:2f:ae:56:e9:39:d8:f7:9c:a5:4c:86:
7a:b1:a9:03:53:35:4b:ef:cd:6f:4f:29:d0:49:2a:
2d:53:5e:eb:14:79:70:07:d6:18:21:db:8d:19:e7:
3d:9e:02:af:37:73:49:fc:17:13:10:7c:c2:6b:17:
93:26:6d:52:d3:a8:91:ad:2c:54:5a:b9:ba:7f:cf:
39:bd:7a:4a:c2:95:71:dd:95:42:41:a9:37:86:ec:
0c:27:5b:74:78:ea:b6:84:9d:57:b7:76:5d:83:73:
e7:6c:e8:bc:50:3c:1d:b6:36:d8:66:cc:da:4b:b1:
05:68:bb:1e:4b:0c:bb:68:53:8f:b7:7d:4a:58:dc:
82:4f:f9:b1:2f:f6:db:14:d9:52:0a:39:b1:24:ab:
61:b7:1e:e3:8d:28:04:b4:ea:8a:c8:2e:4c:82:a2:
84:ff:90:b8:f3:9c:be:f5:95:1e:41:06:bd:a6:6e:
ca:c8:2d:1d:db:28:94:ce:bf:7c:52:46:8b:b4:39:
a9:fb:91:2f:db:d2:2d:66:9f:da:a3:a1:45:41:2d:
55:9d:e4:cc:25:6b:8a:90:e1:55:18:6c:7f:ad:c5:
fc:e5:47:8e:40:04:27:1c:7c:7b:89:e7:92:df:13:
b8:ec:cb:98:ca:b6:38:63:6c:49:a6:b2:2d:4a:bd:
d9:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:93:52:88:A3:27:CC:C6:F7:A6:C4:82:00:BE:3D:00:8F:73:89:66
X509v3 Authority Key Identifier:
keyid:84:1F:36:FC:BF:73:34:EF:F6:B9:1E:80:29:7E:A5:B2:5C:4E:CF:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hB82_L9zNO_2uR6AKX6lslxOz9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c37c16-0603-4845-b4d4-95ddb0974e4b/1/tpNSiKMnzMb3psSCAL49AI9ziWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/c37c16-0603-4845-b4d4-95ddb0974e4b/1/hB82_L9zNO_2uR6AKX6lslxOz9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.57.80.0/21
185.218.172.0/22
IPv6:
2a00:ef80::/32
Signature Algorithm: sha256WithRSAEncryption
8b:03:30:6c:41:ba:86:3b:3a:16:69:e6:6d:b9:11:0f:74:0a:
7d:34:eb:52:a2:c1:06:dc:42:0f:e9:97:f1:7e:3b:88:eb:ff:
54:bc:ac:28:f7:c5:6a:56:3d:90:e2:83:5f:0a:ad:0c:ec:08:
68:07:92:99:aa:58:dd:4c:d2:a9:52:36:5a:3e:30:28:26:3e:
b6:a0:da:ca:c0:3b:06:6d:c0:67:05:1c:56:b1:36:f0:ae:13:
06:ca:bb:03:e6:a8:cd:3e:83:18:f7:d5:eb:b7:48:74:75:e2:
80:2d:cc:3a:3f:46:9c:8d:0f:bc:69:f4:e0:2c:7f:26:d3:a0:
74:a6:68:da:a6:6c:7a:9b:e5:6e:4b:4b:f6:e5:31:1d:a5:be:
e6:e9:ed:2d:47:62:d2:a6:73:d7:bd:0c:ae:ca:e4:c5:c1:eb:
d5:1f:a9:07:05:d5:e4:5e:02:1e:38:18:11:28:82:96:1c:57:
11:dd:4c:67:cf:b3:67:f3:e3:d4:40:19:8a:fa:a5:d7:09:6e:
c8:80:68:1e:88:8a:0d:01:b2:bc:43:4b:e7:85:8c:5c:77:fc:
05:48:b3:21:2b:9f:d5:bb:e8:43:99:52:b5:3c:25:21:1c:57:
78:86:c6:78:87:8a:19:95:d9:c8:4b:cd:49:bd:08:20:c1:8e:
dd:2a:e7:7e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYcJgCsgIlYfsaOL9fALzNDvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MWYzNmZjYmY3MzM0ZWZmNmI5MWU4MDI5N2VhNWIyNWM0
ZWNmZDIwHhcNMjMwMzIyMTMyNjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjkzNTI4OGEzMjdjY2M2ZjdhNmM0ODIwMGJlM2QwMDhmNzM4OTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5wbJL65W6TnY95ylTIZ6sakDUzVL
781vTynQSSotU17rFHlwB9YYIduNGec9ngKvN3NJ/BcTEHzCaxeTJm1S06iRrSxU
Wrm6f885vXpKwpVx3ZVCQak3huwMJ1t0eOq2hJ1Xt3Zdg3PnbOi8UDwdtjbYZsza
S7EFaLseSwy7aFOPt31KWNyCT/mxL/bbFNlSCjmxJKthtx7jjSgEtOqKyC5MgqKE
/5C485y+9ZUeQQa9pm7KyC0d2yiUzr98UkaLtDmp+5Ev29ItZp/ao6FFQS1VneTM
JWuKkOFVGGx/rcX85UeOQAQnHHx7ieeS3xO47MuYyrY4Y2xJprItSr3ZFwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLaTUoijJ8zG96bEggC+PQCPc4lmMB8GA1UdIwQY
MBaAFIQfNvy/czTv9rkegCl+pbJcTs/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEI4Ml9MOXpOT18ydVI2QUtYNmxzbHhPejlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9jMzdjMTYtMDYwMy00ODQ1LWI0ZDQt
OTVkZGIwOTc0ZTRiLzEvdHBOU2lLTW56TWIzcHNTQ0FMNDlBSTl6aVdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9jMzdjMTYtMDYwMy00ODQ1LWI0ZDQtOTVkZGIwOTc0ZTRi
LzEvaEI4Ml9MOXpOT18ydVI2QUtYNmxzbHhPejlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDsDlQAwQC
udqsMA0EAgACMAcDBQAqAO+AMA0GCSqGSIb3DQEBCwUAA4IBAQCLAzBsQbqGOzoW
aeZtuREPdAp9NOtSosEG3EIP6ZfxfjuI6/9UvKwo98VqVj2Q4oNfCq0M7AhoB5KZ
qljdTNKpUjZaPjAoJj62oNrKwDsGbcBnBRxWsTbwrhMGyrsD5qjNPoMY99Xrt0h0
deKALcw6P0acjQ+8afTgLH8m06B0pmjapmx6m+VuS0v25TEdpb7m6e0tR2LSpnPX
vQyuyuTFwevVH6kHBdXkXgIeOBgRKIKWHFcR3Uxnz7Nn8+PUQBmK+qXXCW7IgGge
iIoNAbK8Q0vnhYxcd/wFSLMhK5/Vu+hDmVK1PCUhHFd4hsZ4h4oZldnIS81JvQgg
wY7dKud+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:45 2024 by rpki-client on console-ams.rpki-client.org