Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/f7bbc4-562a-4e79-a8ee-9380e5cc0580/1/tgFYy3vJPJViGCKagtod-ubyafo.roa
File: tgFYy3vJPJViGCKagtod-ubyafo.roa (raw, json)
Hash identifier: vGJStN8hzmYK9bNxKA+zPT0xWS4E7Jo8O0hBieHk1L0=
Subject key identifier: B6:01:58:CB:7B:C9:3C:95:62:18:22:9A:82:DA:1D:FA:E6:F2:69:FA
Certificate issuer: /CN=3db6e24cfc00d22f4efa39a421dafb7bb1da4b83
Certificate serial: 018BD2B1EAD8D141F95AAFB0C56D3384AA54
Authority key identifier: 3D:B6:E2:4C:FC:00:D2:2F:4E:FA:39:A4:21:DA:FB:7B:B1:DA:4B:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PbbiTPwA0i9O-jmkIdr7e7HaS4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/f7bbc4-562a-4e79-a8ee-9380e5cc0580/1/tgFYy3vJPJViGCKagtod-ubyafo.roa
Signing time: Wed 15 Nov 2023 11:15:57 +0000
ROA not before: Wed 15 Nov 2023 11:15:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49067
IP address blocks: 194.31.11.0/24 maxlen: 24
185.98.218.0/24 maxlen: 24
185.98.216.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 24 Dec 2023 10:06:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d2:b1:ea:d8:d1:41:f9:5a:af:b0:c5:6d:33:84:aa:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3db6e24cfc00d22f4efa39a421dafb7bb1da4b83
Validity
Not Before: Nov 15 11:15:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b60158cb7bc93c956218229a82da1dfae6f269fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:9d:b6:ce:49:53:a6:e2:9c:80:41:08:48:f1:
fd:7a:64:87:b4:90:e4:7a:79:20:8e:d5:9f:4c:b7:
cb:02:3a:47:a5:24:d3:ab:28:a1:73:ac:d3:53:6f:
0c:20:06:f9:03:3b:17:6c:df:6a:25:bb:54:66:fe:
0b:a8:af:d6:f6:a2:4e:d1:d8:0e:82:ac:df:09:03:
86:83:f2:f8:29:ab:32:98:a0:c1:40:3a:67:0e:a6:
50:9d:de:40:5a:64:8b:ed:38:3f:1f:c5:1a:fb:4d:
d0:5f:41:ac:16:1d:ff:7a:94:a2:b7:e4:e0:46:7e:
6b:9d:85:f0:b3:e9:2d:c3:24:0a:ad:89:0c:1d:c9:
aa:24:7a:e5:79:32:cf:7c:b3:0e:da:a1:03:94:e8:
ea:97:d3:71:8c:2d:da:d3:a0:e3:08:b0:b9:47:e3:
67:42:38:60:21:bc:3d:5a:cf:4b:86:06:a4:9f:18:
5b:3d:b1:ef:ad:98:a2:48:4f:00:cd:ab:24:a7:26:
c4:1b:cf:6c:ed:a9:3a:eb:70:9a:53:55:e2:dd:ef:
28:cf:24:d0:04:c1:b8:fe:3b:9f:9b:94:54:e1:79:
97:52:5c:c3:01:f7:f1:27:bd:97:e3:6c:2c:f1:2a:
85:73:f9:c3:e1:e2:90:fc:32:5e:a3:7e:59:98:44:
5b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:01:58:CB:7B:C9:3C:95:62:18:22:9A:82:DA:1D:FA:E6:F2:69:FA
X509v3 Authority Key Identifier:
keyid:3D:B6:E2:4C:FC:00:D2:2F:4E:FA:39:A4:21:DA:FB:7B:B1:DA:4B:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PbbiTPwA0i9O-jmkIdr7e7HaS4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/f7bbc4-562a-4e79-a8ee-9380e5cc0580/1/tgFYy3vJPJViGCKagtod-ubyafo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/f7bbc4-562a-4e79-a8ee-9380e5cc0580/1/PbbiTPwA0i9O-jmkIdr7e7HaS4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.216.0/24
185.98.218.0/24
194.31.11.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:72:12:c2:3a:40:df:3b:d8:92:cb:cb:50:c3:46:93:95:e2:
fd:75:c8:e1:c3:b0:1c:57:59:d3:ef:8a:c3:d0:2e:c7:c8:9a:
06:1f:6b:0b:d7:13:d3:e3:88:1d:68:8b:63:2a:51:56:64:8b:
00:8d:d9:e4:ed:92:91:0a:b4:e0:25:bd:92:e1:bb:03:63:ed:
55:32:f6:34:0e:bd:40:70:6b:d0:d9:de:04:db:85:ad:a9:cc:
1e:0f:52:ca:d8:4a:d4:ca:69:f9:ed:56:ff:49:b6:0d:f4:a6:
61:32:13:8a:39:49:1b:4a:0f:a5:13:4a:2d:02:6e:a3:bc:df:
90:4c:12:fc:36:6e:18:65:81:72:4a:46:24:21:35:0e:df:51:
fe:ed:15:58:6d:96:89:e0:ad:bf:a7:8d:ca:5d:b0:d4:c6:44:
80:68:9e:5f:a0:b6:df:0c:46:c7:8b:a6:e2:e2:b4:3c:98:6f:
9c:d7:7d:e5:27:d1:66:60:9b:ab:18:d9:f1:03:be:15:9c:e5:
fb:76:17:c3:7c:17:32:da:c7:c8:45:b1:67:1b:81:74:e3:b7:
b9:e3:da:5b:a2:19:d0:73:b7:b6:e0:74:04:e5:9f:4f:49:4c:
b0:33:aa:f9:85:6e:6e:c5:bd:3f:31:f1:8b:1c:04:37:e3:ff:
ec:35:18:cf
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYvSserY0UH5Wq+wxW0zhKpUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkYjZlMjRjZmMwMGQyMmY0ZWZhMzlhNDIxZGFmYjdiYjFk
YTRiODMwHhcNMjMxMTE1MTExNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjAxNThjYjdiYzkzYzk1NjIxODIyOWE4MmRhMWRmYWU2ZjI2OWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk522zklTpuKcgEEISPH9emSHtJDk
enkgjtWfTLfLAjpHpSTTqyihc6zTU28MIAb5AzsXbN9qJbtUZv4LqK/W9qJO0dgO
gqzfCQOGg/L4KasymKDBQDpnDqZQnd5AWmSL7Tg/H8Ua+03QX0GsFh3/epSit+Tg
Rn5rnYXws+ktwyQKrYkMHcmqJHrleTLPfLMO2qEDlOjql9NxjC3a06DjCLC5R+Nn
QjhgIbw9Ws9LhgaknxhbPbHvrZiiSE8AzaskpybEG89s7ak663CaU1Xi3e8ozyTQ
BMG4/jufm5RU4XmXUlzDAffxJ72X42ws8SqFc/nD4eKQ/DJeo35ZmERbswIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLYBWMt7yTyVYhgimoLaHfrm8mn6MB8GA1UdIwQY
MBaAFD224kz8ANIvTvo5pCHa+3ux2kuDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGJiaVRQd0EwaTlPLWpta0lkcjdlN0hhUzRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9mN2JiYzQtNTYyYS00ZTc5LWE4ZWUt
OTM4MGU1Y2MwNTgwLzEvdGdGWXkzdkpQSlZpR0NLYWd0b2QtdWJ5YWZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9mN2JiYzQtNTYyYS00ZTc5LWE4ZWUtOTM4MGU1Y2MwNTgw
LzEvUGJiaVRQd0EwaTlPLWpta0lkcjdlN0hhUzRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuWLYAwQA
uWLaAwQAwh8LMA0GCSqGSIb3DQEBCwUAA4IBAQC8chLCOkDfO9iSy8tQw0aTleL9
dcjhw7AcV1nT74rD0C7HyJoGH2sL1xPT44gdaItjKlFWZIsAjdnk7ZKRCrTgJb2S
4bsDY+1VMvY0Dr1AcGvQ2d4E24WtqcweD1LK2ErUymn57Vb/SbYN9KZhMhOKOUkb
Sg+lE0otAm6jvN+QTBL8Nm4YZYFySkYkITUO31H+7RVYbZaJ4K2/p43KXbDUxkSA
aJ5foLbfDEbHi6bi4rQ8mG+c133lJ9FmYJurGNnxA74VnOX7dhfDfBcy2sfIRbFn
G4F047e549pbohnQc7e24HQE5Z9PSUywM6r5hW5uxb0/MfGLHAQ34//sNRjP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:14 2024 by rpki-client on console-fra.rpki-client.org