Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/TpL3MvKctMm60iN1NFetqI5R4To.roa
File: TpL3MvKctMm60iN1NFetqI5R4To.roa (raw, json)
Hash identifier: dmQSTQXQ01K+MbFU9glki0RmOppjUbdnNofa+bg7X+4=
Subject key identifier: 4E:92:F7:32:F2:9C:B4:C9:BA:D2:23:75:34:57:AD:A8:8E:51:E1:3A
Certificate issuer: /CN=fc282a794b3f7ab4cd6feb6c5fd6b3d256afc461
Certificate serial: 0186C069BDEFFF339ACAE8DAF666D079D538
Authority key identifier: FC:28:2A:79:4B:3F:7A:B4:CD:6F:EB:6C:5F:D6:B3:D2:56:AF:C4:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_CgqeUs_erTNb-tsX9az0lavxGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/TpL3MvKctMm60iN1NFetqI5R4To.roa
Signing time: Wed 08 Mar 2023 08:50:00 +0000
ROA not before: Wed 08 Mar 2023 08:50:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 185.144.236.0/24 maxlen: 24
185.144.236.0/22 maxlen: 22
2a07:4407::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 08 Mar 2023 10:08:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c0:69:bd:ef:ff:33:9a:ca:e8:da:f6:66:d0:79:d5:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc282a794b3f7ab4cd6feb6c5fd6b3d256afc461
Validity
Not Before: Mar 8 08:50:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e92f732f29cb4c9bad223753457ada88e51e13a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:35:cc:30:4e:9f:fb:41:d2:43:e2:df:98:c8:
25:98:b9:cb:df:81:f9:8b:76:53:67:7c:5d:78:0e:
59:02:f3:a0:7a:d9:df:05:7c:08:04:9e:42:eb:59:
d2:f3:85:7d:c6:8c:d3:1f:4f:de:8b:d1:ad:1f:03:
d2:cd:75:38:d3:14:ad:04:6a:77:c7:ec:08:c0:31:
b8:19:71:1c:77:44:f6:c3:71:5c:3a:47:80:b2:52:
25:8c:bc:1d:3f:e7:79:13:c6:9a:1c:03:5f:a2:4f:
3a:1d:54:87:40:6a:0c:9d:ee:0e:f4:7a:f6:64:2a:
d5:a7:a6:47:68:56:38:a6:1b:11:b0:48:61:b8:df:
09:31:b5:af:39:a8:ff:fb:04:c9:6e:08:98:83:a7:
08:f8:a1:00:31:6e:89:08:b1:35:4a:64:0c:cc:ed:
a0:fa:77:5a:60:06:d8:f1:bb:08:e2:35:2e:25:3b:
c0:7c:01:ad:cf:d5:cd:fa:a8:20:2f:d0:68:ce:e9:
35:43:d7:18:c0:92:e2:b8:05:bc:8b:fb:99:e1:d7:
03:0a:70:25:f3:8e:0a:11:0a:bb:93:46:77:04:a3:
bc:1d:8e:34:e2:ee:ca:ed:30:cb:5f:c2:07:30:94:
2d:4b:f4:76:0b:d8:e9:70:e7:db:71:a4:00:62:82:
1b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:92:F7:32:F2:9C:B4:C9:BA:D2:23:75:34:57:AD:A8:8E:51:E1:3A
X509v3 Authority Key Identifier:
keyid:FC:28:2A:79:4B:3F:7A:B4:CD:6F:EB:6C:5F:D6:B3:D2:56:AF:C4:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_CgqeUs_erTNb-tsX9az0lavxGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/TpL3MvKctMm60iN1NFetqI5R4To.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/_CgqeUs_erTNb-tsX9az0lavxGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.236.0/22
IPv6:
2a07:4407::/32
Signature Algorithm: sha256WithRSAEncryption
c1:dd:4c:d4:db:d8:0d:18:7e:74:50:8d:4b:85:e4:96:c4:dc:
c4:9e:a0:e8:5a:6e:84:13:12:a8:85:70:8a:83:c8:8d:89:90:
95:83:d3:bd:00:d3:98:8a:38:73:ec:12:35:05:06:e1:86:bb:
a4:56:f1:f3:9d:a6:a1:1e:eb:54:ba:97:c3:fb:f2:3d:aa:da:
30:f4:e0:68:71:fc:56:8b:5c:7c:73:1e:81:9e:7d:d9:ea:d1:
f0:13:d0:c1:7a:f6:98:26:f1:b0:f1:be:43:43:e8:7f:6e:44:
b5:5f:9b:a4:5a:d4:44:54:65:c6:85:e4:8e:c7:54:ab:e1:c9:
75:e2:f1:47:80:c1:9a:4f:24:bf:a9:6e:b0:bd:1e:c8:e3:0e:
ad:fe:fb:f9:9f:19:88:79:aa:c2:99:86:dd:59:79:67:33:26:
e4:2f:5a:06:84:78:5b:a6:12:d1:f4:d5:53:2a:c2:14:32:d9:
11:02:67:0d:a6:62:2e:3c:18:af:39:eb:bb:43:a5:10:56:49:
91:11:84:ab:c9:1e:43:1d:41:a3:5d:95:f8:ce:e6:ba:78:9b:
4c:ce:d1:1b:ba:8b:7d:1b:47:4f:f4:ef:00:28:f6:9a:37:db:
3a:1d:c1:62:c8:e1:c9:c1:95:d5:55:b1:0d:d4:3b:f4:29:58:
2c:6a:02:12
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYbAab3v/zOayuja9mbQedU4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjMjgyYTc5NGIzZjdhYjRjZDZmZWI2YzVmZDZiM2QyNTZh
ZmM0NjEwHhcNMjMwMzA4MDg1MDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTkyZjczMmYyOWNiNGM5YmFkMjIzNzUzNDU3YWRhODhlNTFlMTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDXMME6f+0HSQ+LfmMglmLnL34H5
i3ZTZ3xdeA5ZAvOgetnfBXwIBJ5C61nS84V9xozTH0/ei9GtHwPSzXU40xStBGp3
x+wIwDG4GXEcd0T2w3FcOkeAslIljLwdP+d5E8aaHANfok86HVSHQGoMne4O9Hr2
ZCrVp6ZHaFY4phsRsEhhuN8JMbWvOaj/+wTJbgiYg6cI+KEAMW6JCLE1SmQMzO2g
+ndaYAbY8bsI4jUuJTvAfAGtz9XN+qggL9Bozuk1Q9cYwJLiuAW8i/uZ4dcDCnAl
844KEQq7k0Z3BKO8HY404u7K7TDLX8IHMJQtS/R2C9jpcOfbcaQAYoIb7wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE6S9zLynLTJutIjdTRXraiOUeE6MB8GA1UdIwQY
MBaAFPwoKnlLP3q0zW/rbF/Ws9JWr8RhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0NncWVVc19lclROYi10c1g5YXowbGF2eEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9lNDg1ZTEtYTY1Zi00M2Q0LWI1NzIt
ZDMzMjZjNTliY2QyLzEvVHBMM012S2N0TW02MGlOMU5GZXRxSTVSNFRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9lNDg1ZTEtYTY1Zi00M2Q0LWI1NzItZDMzMjZjNTliY2Qy
LzEvX0NncWVVc19lclROYi10c1g5YXowbGF2eEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZDsMA0E
AgACMAcDBQAqB0QHMA0GCSqGSIb3DQEBCwUAA4IBAQDB3UzU29gNGH50UI1LheSW
xNzEnqDoWm6EExKohXCKg8iNiZCVg9O9ANOYijhz7BI1BQbhhrukVvHznaahHutU
upfD+/I9qtow9OBocfxWi1x8cx6Bnn3Z6tHwE9DBevaYJvGw8b5DQ+h/bkS1X5uk
WtREVGXGheSOx1Sr4cl14vFHgMGaTyS/qW6wvR7I4w6t/vv5nxmIearCmYbdWXln
MybkL1oGhHhbphLR9NVTKsIUMtkRAmcNpmIuPBivOeu7Q6UQVkmREYSryR5DHUGj
XZX4zua6eJtMztEbuot9G0dP9O8AKPaaN9s6HcFiyOHJwZXVVbEN1Dv0KVgsagIS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:20 2024 by rpki-client on console-ams.rpki-client.org