Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/774e26-d08f-46d3-ad06-347b566ddbd1/1/tnEpLZgsSacvnfjqy83SfJN7PBU.roa
File: tnEpLZgsSacvnfjqy83SfJN7PBU.roa (raw, json)
Hash identifier: rzyt7GZr8Wjluk5NvMo5wO9YDyI+GFKvTfyLjbr1wQU=
Subject key identifier: B6:71:29:2D:98:2C:49:A7:2F:9D:F8:EA:CB:CD:D2:7C:93:7B:3C:15
Certificate issuer: /CN=1b980f22a5952a4ef9a4ec4a9e0d0c351fec9454
Certificate serial: 0185729EFDF38AE52E82E54C4B61A7240139
Authority key identifier: 1B:98:0F:22:A5:95:2A:4E:F9:A4:EC:4A:9E:0D:0C:35:1F:EC:94:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G5gPIqWVKk75pOxKng0MNR_slFQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/774e26-d08f-46d3-ad06-347b566ddbd1/1/tnEpLZgsSacvnfjqy83SfJN7PBU.roa
Signing time: Mon 02 Jan 2023 13:15:00 +0000
ROA not before: Mon 02 Jan 2023 13:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25560
IP address blocks: 62.216.160.0/19 maxlen: 24
85.199.128.0/18 maxlen: 24
217.24.208.0/20 maxlen: 24
95.143.160.0/20 maxlen: 24
85.199.184.0/22 maxlen: 24
2001:1a50::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:fd:f3:8a:e5:2e:82:e5:4c:4b:61:a7:24:01:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b980f22a5952a4ef9a4ec4a9e0d0c351fec9454
Validity
Not Before: Jan 2 13:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b671292d982c49a72f9df8eacbcdd27c937b3c15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:a7:12:fd:3a:bc:a9:31:11:83:dc:d9:e9:9c:
fd:0a:e8:6f:91:a2:f2:46:0b:d3:1b:16:8e:a6:85:
32:f4:89:0f:e9:b8:59:a8:56:0c:65:09:0f:e0:4d:
1c:4c:41:d6:1d:46:09:7f:5d:5e:c9:c5:94:4c:fa:
98:24:ce:53:14:8d:e1:f5:19:ac:35:85:c9:66:95:
22:d4:42:15:44:b4:cd:e7:f5:70:a1:64:d0:16:82:
10:20:90:05:05:55:2e:dd:d8:e4:51:e8:3d:0b:94:
0e:0b:34:be:d1:c0:c2:66:81:3a:ca:c8:0b:64:10:
f5:0a:3f:85:37:d2:a1:66:17:6c:f4:4e:e3:bf:01:
b6:02:35:4f:5b:ae:ff:84:eb:6b:c1:ed:aa:23:8e:
ea:94:51:3c:b3:a6:71:ff:a4:76:58:8a:05:fa:91:
f1:4e:30:b7:89:14:d7:4e:16:19:54:f7:3b:4f:a6:
81:11:ac:00:19:8c:46:39:55:ad:94:29:70:f2:00:
da:43:d2:11:9e:3d:4d:a8:25:9d:14:b9:e1:60:f2:
fa:20:6f:03:65:de:67:cc:7a:de:ab:0a:90:5d:88:
93:32:52:14:5b:9e:94:4a:5b:76:05:de:18:9f:c1:
87:55:97:18:7d:b0:49:15:85:56:02:b5:ad:a1:80:
5a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:71:29:2D:98:2C:49:A7:2F:9D:F8:EA:CB:CD:D2:7C:93:7B:3C:15
X509v3 Authority Key Identifier:
keyid:1B:98:0F:22:A5:95:2A:4E:F9:A4:EC:4A:9E:0D:0C:35:1F:EC:94:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G5gPIqWVKk75pOxKng0MNR_slFQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/774e26-d08f-46d3-ad06-347b566ddbd1/1/tnEpLZgsSacvnfjqy83SfJN7PBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/774e26-d08f-46d3-ad06-347b566ddbd1/1/G5gPIqWVKk75pOxKng0MNR_slFQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.216.160.0/19
85.199.128.0/18
95.143.160.0/20
217.24.208.0/20
IPv6:
2001:1a50::/32
Signature Algorithm: sha256WithRSAEncryption
46:54:5e:d1:2c:04:7c:fe:18:0b:8c:93:cb:89:2d:8b:16:87:
bf:f5:b7:51:49:11:72:d6:e7:bd:7a:9a:cc:90:60:14:9e:cf:
7e:3f:6c:a8:e5:71:bf:0b:05:d2:45:1c:15:a3:b6:bf:fb:e1:
11:b8:20:0a:b2:31:df:95:a3:a8:64:27:b4:c0:4d:5e:68:52:
54:9a:a4:fe:9b:c1:9f:f8:97:57:cf:f2:59:e8:06:7b:4a:bc:
62:5d:9f:79:05:65:b8:80:dd:55:b0:d6:06:32:e7:59:4d:58:
c8:52:82:f0:e1:6a:2b:82:72:e4:6e:b1:86:de:6f:1b:cf:27:
19:3a:f1:06:e5:e5:23:5f:db:55:4f:d0:78:84:20:15:90:99:
75:38:e7:1c:7b:db:f3:55:c1:16:e0:47:97:a8:50:21:a7:89:
50:e3:25:fe:f1:cd:f5:cc:42:2c:ec:5f:67:7b:73:41:77:dd:
f9:7c:a9:be:64:7f:78:40:61:4d:be:e0:58:c3:ff:1c:95:37:
89:ed:93:00:2e:78:e2:4a:66:06:ba:6b:04:52:65:aa:63:39:
96:a2:7b:17:64:6b:17:5d:00:f4:b5:09:e1:5e:92:83:fd:86:
d4:3f:85:15:86:a1:e2:7d:89:5c:a9:38:52:20:2c:47:b3:cb:
2d:69:cd:6a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVynv3ziuUuguVMS2GnJAE5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOTgwZjIyYTU5NTJhNGVmOWE0ZWM0YTllMGQwYzM1MWZl
Yzk0NTQwHhcNMjMwMTAyMTMxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjcxMjkyZDk4MmM0OWE3MmY5ZGY4ZWFjYmNkZDI3YzkzN2IzYzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqcS/Tq8qTERg9zZ6Zz9CuhvkaLy
RgvTGxaOpoUy9IkP6bhZqFYMZQkP4E0cTEHWHUYJf11eycWUTPqYJM5TFI3h9Rms
NYXJZpUi1EIVRLTN5/VwoWTQFoIQIJAFBVUu3djkUeg9C5QOCzS+0cDCZoE6ysgL
ZBD1Cj+FN9KhZhds9E7jvwG2AjVPW67/hOtrwe2qI47qlFE8s6Zx/6R2WIoF+pHx
TjC3iRTXThYZVPc7T6aBEawAGYxGOVWtlClw8gDaQ9IRnj1NqCWdFLnhYPL6IG8D
Zd5nzHreqwqQXYiTMlIUW56USlt2Bd4Yn8GHVZcYfbBJFYVWArWtoYBa5wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLZxKS2YLEmnL5346svN0nyTezwVMB8GA1UdIwQY
MBaAFBuYDyKllSpO+aTsSp4NDDUf7JRUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzVnUElxV1ZLazc1cE94S25nME1OUl9zbEZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny83NzRlMjYtZDA4Zi00NmQzLWFkMDYt
MzQ3YjU2NmRkYmQxLzEvdG5FcExaZ3NTYWN2bmZqcXk4M1NmSk43UEJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny83NzRlMjYtZDA4Zi00NmQzLWFkMDYtMzQ3YjU2NmRkYmQx
LzEvRzVnUElxV1ZLazc1cE94S25nME1OUl9zbEZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFPtigAwQG
VceAAwQEX4+gAwQE2RjQMA0EAgACMAcDBQAgARpQMA0GCSqGSIb3DQEBCwUAA4IB
AQBGVF7RLAR8/hgLjJPLiS2LFoe/9bdRSRFy1ue9eprMkGAUns9+P2yo5XG/CwXS
RRwVo7a/++ERuCAKsjHflaOoZCe0wE1eaFJUmqT+m8Gf+JdXz/JZ6AZ7SrxiXZ95
BWW4gN1VsNYGMudZTVjIUoLw4WorgnLkbrGG3m8bzycZOvEG5eUjX9tVT9B4hCAV
kJl1OOcce9vzVcEW4EeXqFAhp4lQ4yX+8c31zEIs7F9ne3NBd935fKm+ZH94QGFN
vuBYw/8clTeJ7ZMALnjiSmYGumsEUmWqYzmWonsXZGsXXQD0tQnhXpKD/YbUP4UV
hqHifYlcqThSICxHs8stac1q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:01 2024 by rpki-client on console-fra.rpki-client.org