Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/6e0cfa-205e-4d66-ae3a-c743d7c0bb22/1/Ts3wtr-rCcy6IqyPjdSp-BU3Nh0.roa
File: Ts3wtr-rCcy6IqyPjdSp-BU3Nh0.roa (raw, json)
Hash identifier: gPpiPZlppP/3rZKM5lVDFw45q0yIQyKVEUTdxCH5U6A=
Subject key identifier: 4E:CD:F0:B6:BF:AB:09:CC:BA:22:AC:8F:8D:D4:A9:F8:15:37:36:1D
Certificate issuer: /CN=8c32a6e57ec81cc5cb43bb503749b360f2b05c3b
Certificate serial: 018CCA2A0DEDCED3E78114C0C8418F6D63F0
Authority key identifier: 8C:32:A6:E5:7E:C8:1C:C5:CB:43:BB:50:37:49:B3:60:F2:B0:5C:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jDKm5X7IHMXLQ7tQN0mzYPKwXDs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/6e0cfa-205e-4d66-ae3a-c743d7c0bb22/1/Ts3wtr-rCcy6IqyPjdSp-BU3Nh0.roa
Signing time: Tue 02 Jan 2024 12:33:22 +0000
ROA not before: Tue 02 Jan 2024 12:33:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59877
IP address blocks: 185.61.176.0/22 maxlen: 24
185.160.52.0/22 maxlen: 24
193.39.0.0/22 maxlen: 24
31.223.190.0/24 maxlen: 24
2a02:7b20::/32 maxlen: 32
2a03:9260::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:0d:ed:ce:d3:e7:81:14:c0:c8:41:8f:6d:63:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c32a6e57ec81cc5cb43bb503749b360f2b05c3b
Validity
Not Before: Jan 2 12:33:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ecdf0b6bfab09ccba22ac8f8dd4a9f81537361d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:1d:38:81:fe:b4:81:83:e5:0f:d1:22:b0:07:
cd:6b:2a:c2:67:fc:30:ed:75:fc:f7:a3:7e:ff:25:
46:ba:c5:32:53:dc:bc:13:8a:b3:d3:07:e1:6e:b6:
3a:5c:19:69:52:1c:8a:c9:15:bd:83:99:54:de:a6:
44:f6:9b:41:a7:59:a1:bc:5c:7a:2a:c0:f4:3e:7a:
69:f9:d8:7c:db:27:28:f5:1c:83:0b:f5:2e:58:62:
f2:ac:8e:6d:0b:4d:1c:6b:6d:79:ce:be:34:c3:70:
8c:b0:01:e2:83:f1:fe:a0:0e:54:5f:37:d2:61:9a:
08:5b:e4:ba:15:f4:ef:d5:05:15:b8:5a:69:c6:31:
fd:55:a3:51:54:3a:ed:c9:61:54:7f:73:f9:c8:df:
f2:51:7c:d6:10:1f:51:f6:5a:ea:17:e1:3c:30:af:
64:59:f8:b6:88:2b:41:f8:c0:2e:c2:19:b0:d4:d2:
c4:71:7f:c1:3b:9c:c4:7e:dc:e2:50:93:ff:1a:d5:
fa:1b:aa:2d:ca:0e:33:c3:29:ea:15:60:4e:ca:b7:
a8:7b:ad:53:3b:5c:09:9f:54:af:6c:3c:41:37:ff:
60:68:1f:ff:43:fb:ee:62:00:cd:e4:d5:bb:2f:78:
f1:9e:12:b4:23:5d:18:d2:1b:f0:96:f0:1f:e3:dc:
10:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:CD:F0:B6:BF:AB:09:CC:BA:22:AC:8F:8D:D4:A9:F8:15:37:36:1D
X509v3 Authority Key Identifier:
keyid:8C:32:A6:E5:7E:C8:1C:C5:CB:43:BB:50:37:49:B3:60:F2:B0:5C:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jDKm5X7IHMXLQ7tQN0mzYPKwXDs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/6e0cfa-205e-4d66-ae3a-c743d7c0bb22/1/Ts3wtr-rCcy6IqyPjdSp-BU3Nh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/6e0cfa-205e-4d66-ae3a-c743d7c0bb22/1/jDKm5X7IHMXLQ7tQN0mzYPKwXDs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.223.190.0/24
185.61.176.0/22
185.160.52.0/22
193.39.0.0/22
IPv6:
2a02:7b20::/32
2a03:9260::/32
Signature Algorithm: sha256WithRSAEncryption
24:2f:0a:52:d8:df:01:e7:06:f5:ed:2e:fc:45:b3:c2:4a:9c:
44:64:4d:8f:08:9d:bf:61:c7:41:21:9b:93:d5:2e:68:20:5b:
72:87:2a:3d:28:e8:a2:6d:bd:89:9b:0e:c9:9e:66:71:70:8f:
59:ce:44:47:03:9e:9b:35:c5:4b:89:fe:86:c1:65:17:1e:f5:
ab:08:4c:a9:66:d1:40:05:7a:02:e9:f5:c4:50:9f:58:70:34:
e7:5d:f8:25:f8:06:dd:43:28:bb:20:d7:79:32:de:55:78:f6:
85:70:16:0b:b8:cc:08:77:4a:c1:c5:eb:62:09:56:fe:97:13:
7e:ad:79:a4:e0:38:7f:ad:2d:95:79:b0:cc:b6:c4:35:38:ab:
bd:fb:b5:4d:53:00:09:a9:84:d7:b5:c3:2c:2d:d6:7b:06:77:
de:45:9e:e2:49:5d:42:c3:3d:e8:e1:33:6e:a3:6f:12:1c:d0:
9a:89:41:ed:83:e2:59:b9:64:45:7e:18:96:ae:27:ec:fa:3f:
ea:b1:50:f8:f0:82:00:04:c9:b8:4e:35:02:ca:0a:a6:29:25:
27:de:4e:d5:9e:27:4f:02:52:13:0a:09:dd:f7:bb:cf:b4:8b:
d2:8f:48:49:58:16:69:6c:ce:24:19:9a:c1:74:13:02:25:56:
eb:1b:6d:88
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzKKg3tztPngRTAyEGPbWPwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjMzJhNmU1N2VjODFjYzVjYjQzYmI1MDM3NDliMzYwZjJi
MDVjM2IwHhcNMjQwMTAyMTIzMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWNkZjBiNmJmYWIwOWNjYmEyMmFjOGY4ZGQ0YTlmODE1MzczNjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhh04gf60gYPlD9EisAfNayrCZ/ww
7XX896N+/yVGusUyU9y8E4qz0wfhbrY6XBlpUhyKyRW9g5lU3qZE9ptBp1mhvFx6
KsD0Pnpp+dh82yco9RyDC/UuWGLyrI5tC00ca215zr40w3CMsAHig/H+oA5UXzfS
YZoIW+S6FfTv1QUVuFppxjH9VaNRVDrtyWFUf3P5yN/yUXzWEB9R9lrqF+E8MK9k
Wfi2iCtB+MAuwhmw1NLEcX/BO5zEftziUJP/GtX6G6otyg4zwynqFWBOyreoe61T
O1wJn1SvbDxBN/9gaB//Q/vuYgDN5NW7L3jxnhK0I10Y0hvwlvAf49wQkwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFE7N8La/qwnMuiKsj43UqfgVNzYdMB8GA1UdIwQY
MBaAFIwypuV+yBzFy0O7UDdJs2DysFw7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakRLbTVYN0lITVhMUTd0UU4wbXpZUEt3WERzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC82ZTBjZmEtMjA1ZS00ZDY2LWFlM2Et
Yzc0M2Q3YzBiYjIyLzEvVHMzd3RyLXJDY3k2SXF5UGpkU3AtQlUzTmgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC82ZTBjZmEtMjA1ZS00ZDY2LWFlM2EtYzc0M2Q3YzBiYjIy
LzEvakRLbTVYN0lITVhMUTd0UU4wbXpZUEt3WERzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQAH9++AwQC
uT2wAwQCuaA0AwQCwScAMBQEAgACMA4DBQAqAnsgAwUAKgOSYDANBgkqhkiG9w0B
AQsFAAOCAQEAJC8KUtjfAecG9e0u/EWzwkqcRGRNjwidv2HHQSGbk9UuaCBbcocq
PSjoom29iZsOyZ5mcXCPWc5ERwOemzXFS4n+hsFlFx71qwhMqWbRQAV6Aun1xFCf
WHA05134JfgG3UMouyDXeTLeVXj2hXAWC7jMCHdKwcXrYglW/pcTfq15pOA4f60t
lXmwzLbENTirvfu1TVMACamE17XDLC3WewZ33kWe4kldQsM96OEzbqNvEhzQmolB
7YPiWblkRX4Ylq4n7Po/6rFQ+PCCAATJuE41AsoKpiklJ95O1Z4nTwJSEwoJ3fe7
z7SL0o9ISVgWaWzOJBmawXQTAiVW6xttiA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:37:39 2025 by rpki-client