Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/tNkWFG5BKC-cWRwRF8kUf72F3vY.roa
File: tNkWFG5BKC-cWRwRF8kUf72F3vY.roa (raw, json)
Hash identifier: aT0bLAbrCj+mIPo7YPXfjIdZFdEJ3IWtf9SJtJhiW0s=
Subject key identifier: B4:D9:16:14:6E:41:28:2F:9C:59:1C:11:17:C9:14:7F:BD:85:DE:F6
Certificate issuer: /CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Certificate serial: 01856F26D63C101DFB6DED7B0A849075CE4A
Authority key identifier: 0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/tNkWFG5BKC-cWRwRF8kUf72F3vY.roa
Signing time: Sun 01 Jan 2023 21:04:54 +0000
ROA not before: Sun 01 Jan 2023 21:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12722
IP address blocks: 37.252.0.0/23 maxlen: 23
5.45.80.0/22 maxlen: 22
91.193.180.0/22 maxlen: 22
185.4.64.0/22 maxlen: 22
2a02:c6c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:d6:3c:10:1d:fb:6d:ed:7b:0a:84:90:75:ce:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Validity
Not Before: Jan 1 21:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4d916146e41282f9c591c1117c9147fbd85def6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c8:96:f4:c4:0c:00:6f:20:c3:ae:64:2b:18:
08:90:09:38:8d:1a:57:cc:6f:49:66:4b:e0:88:86:
98:b2:ab:1f:b8:2c:b6:23:61:79:94:61:ec:59:bb:
c1:02:32:15:c1:ae:21:6b:e7:d5:76:0d:a5:50:00:
e2:33:b3:f9:64:a2:50:38:e9:67:67:d0:fa:85:2b:
b3:3b:2b:00:0a:a8:d0:21:52:1d:f8:c3:d5:1b:a9:
e3:6d:90:29:bd:d0:0e:b1:da:4c:df:4e:c3:6a:e3:
94:69:69:68:87:f2:94:d7:3b:c7:b7:d8:9e:21:15:
c9:d4:2e:17:1f:3a:06:65:e1:4a:79:80:d2:6b:c4:
19:6d:68:10:ad:d2:49:ec:b8:0c:91:41:af:24:4b:
a8:7a:a8:06:59:83:fa:31:10:2d:14:89:05:71:33:
e5:40:ab:76:88:cc:5a:37:ce:6b:fd:e2:2d:43:ce:
b3:f5:9f:90:8b:22:5e:f6:a3:1e:e2:04:f4:f2:e8:
35:b4:cf:32:07:b9:59:4e:27:6f:49:5f:c2:cd:35:
96:10:eb:4a:79:33:9a:5f:64:e9:e3:11:9c:f6:3c:
06:98:61:ba:1f:79:eb:7e:3d:62:63:e0:a3:1d:99:
01:f3:51:1a:18:c1:06:45:9e:c7:4b:c8:90:98:3a:
6b:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:D9:16:14:6E:41:28:2F:9C:59:1C:11:17:C9:14:7F:BD:85:DE:F6
X509v3 Authority Key Identifier:
keyid:0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/tNkWFG5BKC-cWRwRF8kUf72F3vY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.80.0/22
37.252.0.0/23
91.193.180.0/22
185.4.64.0/22
IPv6:
2a02:c6c0::/32
Signature Algorithm: sha256WithRSAEncryption
8b:71:7b:0e:58:63:28:62:23:91:f1:62:2f:72:07:a6:64:fb:
9f:0b:c4:11:79:62:a2:74:7a:b5:13:71:8a:bc:70:78:f6:4e:
1f:fb:ee:35:79:ef:81:f8:d1:83:06:d3:20:ed:3e:df:07:76:
5b:75:c7:48:8a:df:e8:c5:79:50:be:47:92:f2:cb:af:13:62:
93:f7:04:d9:82:86:38:01:4c:c8:b0:26:27:58:b3:be:d9:e1:
5d:96:74:96:ef:e4:8c:3a:08:6d:c8:38:f0:64:9e:eb:cf:99:
d9:91:26:74:0a:9e:c6:28:58:c2:2c:0c:a4:9c:65:36:78:c2:
1b:4e:3c:d6:39:1f:f8:ab:4b:71:43:f5:f4:d9:6e:a5:34:5f:
4f:10:74:39:7c:8e:b3:d8:9b:f3:15:4f:fc:df:a6:5b:fc:d1:
93:01:34:04:fc:36:72:b5:48:cb:ac:9f:be:d1:d3:fc:c1:09:
ed:7e:ea:d7:2b:6c:cc:b6:c0:34:61:a2:38:f1:7c:09:db:37:
e4:e5:bd:92:de:49:16:45:77:4f:66:2a:31:95:0a:b7:e9:a2:
d9:4f:71:6b:0a:5c:8d:0b:3e:da:55:b0:82:6e:24:b4:b7:03:
cb:eb:1a:cb:52:c3:ec:98:0f:e4:7d:2a:b4:df:0b:e0:74:68:
b5:42:ac:6b
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVvJtY8EB37be17CoSQdc5KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZjVjYjJmNTkwZDA0MTY1NGY0ZGZkYjYwYTI4ZjlhMTU0
NGY0NDQwHhcNMjMwMTAxMjEwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGQ5MTYxNDZlNDEyODJmOWM1OTFjMTExN2M5MTQ3ZmJkODVkZWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAociW9MQMAG8gw65kKxgIkAk4jRpX
zG9JZkvgiIaYsqsfuCy2I2F5lGHsWbvBAjIVwa4ha+fVdg2lUADiM7P5ZKJQOOln
Z9D6hSuzOysACqjQIVId+MPVG6njbZApvdAOsdpM307DauOUaWloh/KU1zvHt9ie
IRXJ1C4XHzoGZeFKeYDSa8QZbWgQrdJJ7LgMkUGvJEuoeqgGWYP6MRAtFIkFcTPl
QKt2iMxaN85r/eItQ86z9Z+QiyJe9qMe4gT08ug1tM8yB7lZTidvSV/CzTWWEOtK
eTOaX2Tp4xGc9jwGmGG6H3nrfj1iY+CjHZkB81EaGMEGRZ7HS8iQmDprrQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLTZFhRuQSgvnFkcERfJFH+9hd72MB8GA1UdIwQY
MBaAFA71yy9ZDQQWVPTf22Cij5oVRPREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmIt
ZWU0MzVkM2NkNTg1LzEvdE5rV0ZHNUJLQy1jV1J3UkY4a1VmNzJGM3ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmItZWU0MzVkM2NkNTg1
LzEvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCBS1QAwQB
JfwAAwQCW8G0AwQCuQRAMA0EAgACMAcDBQAqAsbAMA0GCSqGSIb3DQEBCwUAA4IB
AQCLcXsOWGMoYiOR8WIvcgemZPufC8QReWKidHq1E3GKvHB49k4f++41ee+B+NGD
BtMg7T7fB3ZbdcdIit/oxXlQvkeS8suvE2KT9wTZgoY4AUzIsCYnWLO+2eFdlnSW
7+SMOghtyDjwZJ7rz5nZkSZ0Cp7GKFjCLAyknGU2eMIbTjzWOR/4q0txQ/X02W6l
NF9PEHQ5fI6z2JvzFU/836Zb/NGTATQE/DZytUjLrJ++0dP8wQntfurXK2zMtsA0
YaI48XwJ2zfk5b2S3kkWRXdPZioxlQq36aLZT3FrClyNCz7aVbCCbiS0twPL6xrL
UsPsmA/kfSq03wvgdGi1Qqxr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:44 2024 by rpki-client on console-fra.rpki-client.org