Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/8e7785-9451-46fb-b244-7d9b8230537e/1/tgfWooCBKS344xq1HbZcFi_AHOQ.roa
File: tgfWooCBKS344xq1HbZcFi_AHOQ.roa (raw, json)
Hash identifier: NjdHHPAt+XUTM7sjHgwxmvYR6LNcwbQt4Cd66r8lJl4=
Subject key identifier: B6:07:D6:A2:80:81:29:2D:F8:E3:1A:B5:1D:B6:5C:16:2F:C0:1C:E4
Certificate issuer: /CN=7ec65a1dcf8225e7f10be20ddde1e216e800b67c
Certificate serial: 01856F4B4BDEF9434D8B1707CE1B2648AAA6
Authority key identifier: 7E:C6:5A:1D:CF:82:25:E7:F1:0B:E2:0D:DD:E1:E2:16:E8:00:B6:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fsZaHc-CJefxC-IN3eHiFugAtnw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/8e7785-9451-46fb-b244-7d9b8230537e/1/tgfWooCBKS344xq1HbZcFi_AHOQ.roa
Signing time: Sun 01 Jan 2023 21:44:43 +0000
ROA not before: Sun 01 Jan 2023 21:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6453
IP address blocks: 178.240.0.0/13 maxlen: 24
31.140.0.0/14 maxlen: 24
176.237.0.0/16 maxlen: 24
5.27.0.0/19 maxlen: 24
213.43.0.0/16 maxlen: 24
176.91.0.0/16 maxlen: 17
141.196.0.0/16 maxlen: 24
176.239.0.0/16 maxlen: 24
86.108.128.0/17 maxlen: 24
5.26.0.0/16 maxlen: 24
176.90.0.0/15 maxlen: 24
176.227.0.0/17 maxlen: 24
188.56.0.0/14 maxlen: 24
5.24.0.0/14 maxlen: 24
176.238.0.0/16 maxlen: 24
5.11.128.0/17 maxlen: 24
176.89.0.0/16 maxlen: 24
2a02:4e0::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 20 Feb 2023 05:45:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:4b:de:f9:43:4d:8b:17:07:ce:1b:26:48:aa:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ec65a1dcf8225e7f10be20ddde1e216e800b67c
Validity
Not Before: Jan 1 21:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b607d6a28081292df8e31ab51db65c162fc01ce4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:f3:b9:e2:bc:f7:54:4b:51:b5:45:78:c5:f1:
87:39:03:ff:70:7d:61:2e:19:cc:1e:e8:59:76:66:
b5:98:e5:50:68:88:48:b5:65:60:e8:08:c7:a1:d7:
f2:40:8b:e5:45:fe:17:69:6e:c7:6f:42:86:36:53:
33:04:ff:c2:9d:ab:75:61:4e:a9:cb:9f:e8:d4:63:
c7:9a:5b:0e:a9:54:b9:47:ac:1f:de:94:5b:b6:a8:
7f:47:42:85:03:7f:45:6f:e8:da:a5:a1:64:8c:7f:
ac:0d:39:40:16:55:ce:34:bb:cc:2a:da:ef:86:2f:
df:31:d6:87:a5:35:8e:04:4c:7a:94:0e:00:61:63:
68:33:c4:de:3d:a8:da:1a:7a:61:87:c5:5e:d7:71:
f4:48:fb:65:1c:0f:b3:f4:7f:50:b1:51:9a:80:fc:
0b:ca:84:be:fa:49:6c:be:2a:e3:7f:94:16:7f:7d:
f9:10:2f:f8:48:2f:35:8c:f5:db:f7:4a:83:41:f7:
9a:8c:38:5f:8e:34:aa:da:57:dc:92:02:c2:55:f1:
71:18:41:5a:a0:d2:4c:cb:55:79:67:ff:ce:aa:3c:
d5:45:1d:de:51:98:b4:94:cc:0a:52:be:43:77:97:
54:38:0a:b9:f6:ba:1c:b1:4a:d3:3f:c1:5c:15:26:
1b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:07:D6:A2:80:81:29:2D:F8:E3:1A:B5:1D:B6:5C:16:2F:C0:1C:E4
X509v3 Authority Key Identifier:
keyid:7E:C6:5A:1D:CF:82:25:E7:F1:0B:E2:0D:DD:E1:E2:16:E8:00:B6:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fsZaHc-CJefxC-IN3eHiFugAtnw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/8e7785-9451-46fb-b244-7d9b8230537e/1/tgfWooCBKS344xq1HbZcFi_AHOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/8e7785-9451-46fb-b244-7d9b8230537e/1/fsZaHc-CJefxC-IN3eHiFugAtnw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.128.0/17
5.24.0.0/14
31.140.0.0/14
86.108.128.0/17
141.196.0.0/16
176.89.0.0-176.91.255.255
176.227.0.0/17
176.237.0.0-176.239.255.255
178.240.0.0/13
188.56.0.0/14
213.43.0.0/16
IPv6:
2a02:4e0::/32
Signature Algorithm: sha256WithRSAEncryption
93:74:3a:7f:34:62:5e:21:9f:5e:27:d6:a7:e1:95:9f:36:74:
4b:ab:c5:37:01:71:66:5a:bb:e0:90:e4:01:42:17:09:87:44:
52:5e:35:9b:79:61:0a:da:02:b3:79:65:ea:6b:62:5e:6f:26:
b3:ce:84:5d:59:c6:fe:4c:28:38:a7:16:0e:41:8a:14:08:e0:
36:79:05:3d:ff:91:dc:52:5b:7d:77:eb:30:e7:88:d6:cb:5a:
d2:95:74:17:1a:54:dc:6a:c3:10:4e:71:39:5d:22:fb:cf:2c:
cd:54:35:8a:d1:6e:8a:e5:bf:fd:52:71:6d:23:fb:b4:e9:f9:
60:cb:48:8c:ec:a6:df:6a:61:a7:25:2a:ca:32:ca:fb:a6:f7:
83:55:fc:e4:64:87:a4:08:8c:24:30:c6:2d:af:72:fb:0f:b0:
23:79:99:97:2d:85:b4:7e:bf:24:09:66:e1:be:38:8d:c9:bd:
3b:2f:39:4d:5d:2a:ea:c6:46:5f:64:32:bf:bf:09:64:a4:89:
c0:99:06:05:f7:5c:f1:78:8b:b2:66:d8:b7:0d:66:2c:f8:39:
bf:40:1c:83:fd:08:1b:71:82:dd:12:35:1a:2d:bf:be:f7:3d:
87:3d:c0:4f:de:a7:c3:86:5c:81:e0:a4:85:52:d1:e4:f4:c9:
54:5b:d7:83
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYVvS0ve+UNNixcHzhsmSKqmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlYzY1YTFkY2Y4MjI1ZTdmMTBiZTIwZGRkZTFlMjE2ZTgw
MGI2N2MwHhcNMjMwMTAxMjE0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjA3ZDZhMjgwODEyOTJkZjhlMzFhYjUxZGI2NWMxNjJmYzAxY2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvO54rz3VEtRtUV4xfGHOQP/cH1h
LhnMHuhZdma1mOVQaIhItWVg6AjHodfyQIvlRf4XaW7Hb0KGNlMzBP/Cnat1YU6p
y5/o1GPHmlsOqVS5R6wf3pRbtqh/R0KFA39Fb+japaFkjH+sDTlAFlXONLvMKtrv
hi/fMdaHpTWOBEx6lA4AYWNoM8TePajaGnphh8Ve13H0SPtlHA+z9H9QsVGagPwL
yoS++klsvirjf5QWf335EC/4SC81jPXb90qDQfeajDhfjjSq2lfckgLCVfFxGEFa
oNJMy1V5Z//OqjzVRR3eUZi0lMwKUr5Dd5dUOAq59rocsUrTP8FcFSYbbQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFLYH1qKAgSkt+OMatR22XBYvwBzkMB8GA1UdIwQY
MBaAFH7GWh3PgiXn8QviDd3h4hboALZ8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnNaYUhjLUNKZWZ4Qy1JTjNlSGlGdWdBdG53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi84ZTc3ODUtOTQ1MS00NmZiLWIyNDQt
N2Q5YjgyMzA1MzdlLzEvdGdmV29vQ0JLUzM0NHhxMUhiWmNGaV9BSE9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi84ZTc3ODUtOTQ1MS00NmZiLWIyNDQtN2Q5YjgyMzA1Mzdl
LzEvZnNaYUhjLUNKZWZ4Qy1JTjNlSGlGdWdBdG53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQHBQuAAwMC
BRgDAwIfjAMEB1ZsgAMDAI3EMAoDAwCwWQMDArBYAwQHsOMAMAoDAwCw7QMDBLDg
AwMDsvADAwK8OAMDANUrMA0EAgACMAcDBQAqAgTgMA0GCSqGSIb3DQEBCwUAA4IB
AQCTdDp/NGJeIZ9eJ9an4ZWfNnRLq8U3AXFmWrvgkOQBQhcJh0RSXjWbeWEK2gKz
eWXqa2JebyazzoRdWcb+TCg4pxYOQYoUCOA2eQU9/5HcUlt9d+sw54jWy1rSlXQX
GlTcasMQTnE5XSL7zyzNVDWK0W6K5b/9UnFtI/u06flgy0iM7KbfamGnJSrKMsr7
pveDVfzkZIekCIwkMMYtr3L7D7AjeZmXLYW0fr8kCWbhvjiNyb07LzlNXSrqxkZf
ZDK/vwlkpInAmQYF91zxeIuyZti3DWYs+Dm/QByD/QgbcYLdEjUaLb++9z2HPcBP
3qfDhlyB4KSFUtHk9MlUW9eD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:42 2024 by rpki-client on console-fra.rpki-client.org