Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/tmsUDoB-3a0fSCOWuA7IuVZSmqY.roa
File: tmsUDoB-3a0fSCOWuA7IuVZSmqY.roa (raw, json)
Hash identifier: dIimGDJCFl5qPRACjmmRAleDkcZWPx2NvG5jAHIcsLo=
Subject key identifier: B6:6B:14:0E:80:7E:DD:AD:1F:48:23:96:B8:0E:C8:B9:56:52:9A:A6
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 018D9385CBB6FC8E878DF63B7F4A6BC6CCAE
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/tmsUDoB-3a0fSCOWuA7IuVZSmqY.roa
Signing time: Sat 10 Feb 2024 14:57:15 +0000
ROA not before: Sat 10 Feb 2024 14:57:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3343
IP address blocks: 85.143.191.0/24 maxlen: 24
86.110.116.0/24 maxlen: 24
86.110.117.0/24 maxlen: 24
86.110.118.0/24 maxlen: 24
86.110.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 13 Apr 2024 15:28:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:93:85:cb:b6:fc:8e:87:8d:f6:3b:7f:4a:6b:c6:cc:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Feb 10 14:57:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b66b140e807eddad1f482396b80ec8b956529aa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:0a:89:b3:22:a9:55:52:0c:54:da:e8:5c:f9:
41:db:22:81:83:3d:76:72:7b:76:71:ff:3e:8d:0e:
66:b3:ae:08:b2:9e:b0:54:fb:03:f3:9f:dc:e4:e9:
99:34:49:39:3b:6d:57:20:4d:70:f0:35:91:31:95:
95:f4:96:31:56:a6:cd:38:5f:97:c4:c2:0e:11:71:
93:3e:74:cd:5d:4e:f9:08:5d:a5:fe:6c:b1:0f:07:
c3:cb:f6:39:6c:25:2d:86:ed:17:64:50:e0:88:64:
d4:1d:0b:a6:52:37:d8:9d:9a:8f:5f:49:87:d1:ff:
04:2e:ac:7d:7e:35:ed:ea:45:cf:fc:31:ce:c6:3b:
14:41:d7:36:7a:76:9f:34:e6:9d:94:db:dd:e5:c8:
91:a2:88:57:5b:b2:44:e2:c8:54:41:8d:3c:f1:98:
f0:27:64:b5:e7:6b:fc:cb:e6:51:74:9f:83:4b:dd:
1c:a1:cc:22:69:b7:5a:44:6b:44:8f:5e:42:5b:38:
67:75:ef:ef:b5:b6:ff:14:af:88:e1:37:c2:81:ea:
ee:4f:63:d1:e4:59:26:01:a9:97:23:66:c1:fd:0a:
39:28:94:20:30:4d:25:00:c2:d4:b2:55:56:0b:1a:
82:f5:b3:6e:69:a1:1e:4e:78:55:08:03:cf:e5:27:
fd:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:6B:14:0E:80:7E:DD:AD:1F:48:23:96:B8:0E:C8:B9:56:52:9A:A6
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/tmsUDoB-3a0fSCOWuA7IuVZSmqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.143.191.0/24
86.110.116.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:ac:16:9a:69:71:90:2b:a8:f2:0c:95:a6:6a:2f:88:30:71:
9c:b9:fa:5d:81:10:89:e1:de:e9:5e:15:11:d7:64:e4:86:be:
37:79:cf:85:ac:ac:38:44:8a:f2:ce:50:e6:3d:01:73:a9:55:
93:2f:09:c6:1e:7f:a8:0f:6e:e2:eb:b8:d9:ab:28:4d:05:37:
11:94:c0:27:39:2b:da:31:35:b4:3d:94:8e:e2:98:69:d3:39:
fd:9b:9f:1f:c8:90:f1:70:ec:cc:59:46:b0:75:b6:bd:8c:ad:
5e:c5:ae:ff:1b:64:1d:f1:8b:1d:4c:e9:da:c6:ab:05:7a:48:
5e:43:fb:42:60:aa:81:0e:55:8d:5e:c0:be:78:e7:78:7d:09:
55:84:a3:c8:22:18:a4:b0:ed:0f:7b:89:f2:43:44:f4:98:8b:
30:d9:e1:bc:2c:72:8b:b0:67:0d:68:19:bf:a8:fb:a3:35:69:
2c:70:e2:8c:4a:eb:dc:26:4b:19:e0:e4:78:c2:48:b6:bf:07:
ec:26:d1:dc:67:b0:d5:a5:99:c4:81:fe:2e:e9:4f:7e:1c:e7:
cc:bd:25:a2:7d:db:74:7a:11:4a:af:19:00:19:85:b3:14:86:
f5:b5:5b:bc:28:ad:a6:20:27:0b:ca:60:73:fe:da:08:fc:a7:
d9:29:f9:78
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2Thcu2/I6HjfY7f0prxsyuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjQwMjEwMTQ1NzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjZiMTQwZTgwN2VkZGFkMWY0ODIzOTZiODBlYzhiOTU2NTI5YWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwqJsyKpVVIMVNroXPlB2yKBgz12
cnt2cf8+jQ5ms64Isp6wVPsD85/c5OmZNEk5O21XIE1w8DWRMZWV9JYxVqbNOF+X
xMIOEXGTPnTNXU75CF2l/myxDwfDy/Y5bCUthu0XZFDgiGTUHQumUjfYnZqPX0mH
0f8ELqx9fjXt6kXP/DHOxjsUQdc2enafNOadlNvd5ciRoohXW7JE4shUQY088Zjw
J2S152v8y+ZRdJ+DS90cocwiabdaRGtEj15CWzhnde/vtbb/FK+I4TfCgeruT2PR
5FkmAamXI2bB/Qo5KJQgME0lAMLUslVWCxqC9bNuaaEeTnhVCAPP5Sf9hwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLZrFA6Aft2tH0gjlrgOyLlWUpqmMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvdG1zVURvQi0zYTBmU0NPV3VBN0l1VlpTbXFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVY+/AwQC
Vm50MA0GCSqGSIb3DQEBCwUAA4IBAQCMrBaaaXGQK6jyDJWmai+IMHGcufpdgRCJ
4d7pXhUR12Tkhr43ec+FrKw4RIryzlDmPQFzqVWTLwnGHn+oD27i67jZqyhNBTcR
lMAnOSvaMTW0PZSO4php0zn9m58fyJDxcOzMWUawdba9jK1exa7/G2Qd8YsdTOna
xqsFekheQ/tCYKqBDlWNXsC+eOd4fQlVhKPIIhiksO0Pe4nyQ0T0mIsw2eG8LHKL
sGcNaBm/qPujNWkscOKMSuvcJksZ4OR4wki2vwfsJtHcZ7DVpZnEgf4u6U9+HOfM
vSWifdt0ehFKrxkAGYWzFIb1tVu8KK2mICcLymBz/toI/KfZKfl4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:46 2024 by rpki-client on console-fra.rpki-client.org