Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/tYbQSVbqeOKm80ZMVXzbOHcg640.roa
File: tYbQSVbqeOKm80ZMVXzbOHcg640.roa (raw, json)
Hash identifier: RMQ8ENLxm5Xw5+klFfdzn01NCSrNqDw0fFaM2Ma5RYc=
Subject key identifier: B5:86:D0:49:56:EA:78:E2:A6:F3:46:4C:55:7C:DB:38:77:20:EB:8D
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 01856F1DCB64564B120B6801CB09C7B60431
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/tYbQSVbqeOKm80ZMVXzbOHcg640.roa
Signing time: Sun 01 Jan 2023 20:55:01 +0000
ROA not before: Sun 01 Jan 2023 20:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 185.255.54.0/24 maxlen: 24
62.133.34.0/24 maxlen: 24
2a0b:4080::/32 maxlen: 48
Validation: Failed, certificate revoked on Sun 17 Dec 2023 15:49:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:cb:64:56:4b:12:0b:68:01:cb:09:c7:b6:04:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 1 20:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b586d04956ea78e2a6f3464c557cdb387720eb8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:06:88:a2:28:df:32:66:11:c5:3e:ca:b2:a6:
72:ea:d7:c1:59:4e:85:f1:77:cc:b8:a3:06:7e:0d:
00:58:f2:23:f9:55:2a:af:66:09:ab:b8:bc:5e:48:
d3:c7:83:8c:a8:85:8c:56:48:0f:1c:a6:57:12:38:
28:e2:2a:3c:39:f1:e3:aa:74:38:70:e2:79:66:39:
f0:47:7b:4e:c3:cf:d9:d8:c5:f9:0f:3c:86:ba:5b:
a1:1e:18:b0:7d:f0:4c:8d:e8:7a:42:07:b9:86:9c:
27:13:73:9a:69:ea:c3:b2:1b:38:4c:b7:76:ff:30:
a2:07:52:b2:7f:bc:1d:a8:1a:e6:1c:68:f9:d2:dd:
ef:0f:44:72:e2:a3:5f:72:44:c2:2a:e8:67:c9:f0:
81:3b:bf:d9:72:60:eb:ec:01:a1:a1:55:bd:fa:14:
1d:78:09:e7:d9:0e:c3:90:96:42:a4:e9:79:d6:8b:
84:54:8e:66:6c:99:dc:38:34:ed:07:d8:66:d5:6e:
2a:30:49:3b:e6:de:8a:ec:85:de:2f:63:ce:31:0a:
75:af:96:2c:a7:b7:1d:2c:c6:99:28:6d:86:d2:33:
2c:bc:af:aa:39:ae:82:bd:d9:4c:5f:7e:ad:bc:7f:
01:0c:c6:bb:83:92:38:06:a6:78:40:e3:2b:4f:6b:
cc:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:86:D0:49:56:EA:78:E2:A6:F3:46:4C:55:7C:DB:38:77:20:EB:8D
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/tYbQSVbqeOKm80ZMVXzbOHcg640.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.133.34.0/24
185.255.54.0/24
IPv6:
2a0b:4080::/32
Signature Algorithm: sha256WithRSAEncryption
04:1f:b8:8c:62:e6:ac:78:6d:48:29:97:c7:60:0b:c2:e0:2a:
a8:78:73:a0:d5:ac:e3:db:83:af:2b:6e:10:34:33:4d:89:ec:
ce:c9:5a:c9:f6:00:61:ca:f7:bc:73:d4:fc:94:aa:77:c1:35:
73:b6:88:42:3d:4f:56:b3:71:04:38:9e:e6:ff:a0:56:d3:d2:
23:77:ed:b9:b7:43:4b:54:3c:5c:27:3e:cf:6e:5f:60:36:82:
32:dd:06:db:ea:70:15:d9:e2:8f:ef:85:81:32:46:a5:40:cb:
8e:70:ca:6a:82:e0:4c:65:d0:8f:02:6f:ef:87:a8:b0:2b:1c:
40:25:67:ac:12:71:75:ba:79:fe:0e:f3:8d:6a:88:1b:59:94:
a5:87:6e:ed:e4:6f:bc:03:4b:17:9f:2c:71:01:35:06:59:a8:
67:77:45:f2:0f:bb:8f:76:c0:c2:32:ce:2a:e1:66:71:fe:73:
5f:e9:5f:ef:32:69:66:57:e4:22:ed:4b:57:d3:28:2a:c7:a0:
fa:e6:36:7e:73:01:71:67:73:de:0b:ec:a4:e0:ba:a6:c7:97:
9a:39:e8:46:2b:1e:fe:81:ad:0f:ad:2d:76:1b:cf:fb:67:43:
bb:2f:bf:e9:2c:55:25:17:2e:b0:3e:53:fe:93:c6:bd:20:a8:
80:72:7a:5a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvHctkVksSC2gBywnHtgQxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjMwMTAxMjA1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTg2ZDA0OTU2ZWE3OGUyYTZmMzQ2NGM1NTdjZGIzODc3MjBlYjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7QaIoijfMmYRxT7KsqZy6tfBWU6F
8XfMuKMGfg0AWPIj+VUqr2YJq7i8XkjTx4OMqIWMVkgPHKZXEjgo4io8OfHjqnQ4
cOJ5ZjnwR3tOw8/Z2MX5DzyGuluhHhiwffBMjeh6Qge5hpwnE3OaaerDshs4TLd2
/zCiB1Kyf7wdqBrmHGj50t3vD0Ry4qNfckTCKuhnyfCBO7/ZcmDr7AGhoVW9+hQd
eAnn2Q7DkJZCpOl51ouEVI5mbJncODTtB9hm1W4qMEk75t6K7IXeL2POMQp1r5Ys
p7cdLMaZKG2G0jMsvK+qOa6CvdlMX36tvH8BDMa7g5I4BqZ4QOMrT2vMvwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLWG0ElW6njipvNGTFV82zh3IOuNMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvdFliUVNWYnFlT0ttODBaTVZYemJPSGNnNjQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAPoUiAwQA
uf82MA0EAgACMAcDBQAqC0CAMA0GCSqGSIb3DQEBCwUAA4IBAQAEH7iMYuaseG1I
KZfHYAvC4CqoeHOg1azj24OvK24QNDNNiezOyVrJ9gBhyve8c9T8lKp3wTVztohC
PU9Ws3EEOJ7m/6BW09Ijd+25t0NLVDxcJz7Pbl9gNoIy3Qbb6nAV2eKP74WBMkal
QMuOcMpqguBMZdCPAm/vh6iwKxxAJWesEnF1unn+DvONaogbWZSlh27t5G+8A0sX
nyxxATUGWahnd0XyD7uPdsDCMs4q4WZx/nNf6V/vMmlmV+Qi7UtX0ygqx6D65jZ+
cwFxZ3PeC+yk4Lqmx5eaOehGKx7+ga0PrS12G8/7Z0O7L7/pLFUlFy6wPlP+k8a9
IKiAcnpa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:48 2024 by rpki-client on console-fra.rpki-client.org