Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/tIn_5Ff7NAEN79GVccQLhqjsHFw.roa
File: tIn_5Ff7NAEN79GVccQLhqjsHFw.roa (raw, json)
Hash identifier: h5bbJr3BFkscfbRS0rKFlBjCck3bQbdEqx0UYRRC9EU=
Subject key identifier: B4:89:FF:E4:57:FB:34:01:0D:EF:D1:95:71:C4:0B:86:A8:EC:1C:5C
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 018570FB929B7B6B1AE5F17A35EFF8481519
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/tIn_5Ff7NAEN79GVccQLhqjsHFw.roa
Signing time: Mon 02 Jan 2023 05:36:53 +0000
ROA not before: Mon 02 Jan 2023 05:36:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42423
IP address blocks: 193.168.184.0/23 maxlen: 24
193.168.187.0/24 maxlen: 24
194.1.167.0/24 maxlen: 24
193.36.162.0/23 maxlen: 24
2a09:1400::/30 maxlen: 48
Validation: Failed, certificate revoked on Wed 26 Jul 2023 08:21:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:92:9b:7b:6b:1a:e5:f1:7a:35:ef:f8:48:15:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Jan 2 05:36:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b489ffe457fb34010defd19571c40b86a8ec1c5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:44:3e:61:17:e3:0e:53:b9:a7:29:63:15:b3:
88:e6:40:d8:4a:15:fc:6b:71:6a:55:2a:8f:0b:0d:
2a:3c:c8:3a:d0:03:54:84:9e:2f:4b:3c:9b:62:bb:
d1:42:97:8a:f1:74:f3:7a:60:7a:4e:49:d2:35:19:
8b:d4:89:81:39:af:bb:7f:77:ff:37:58:c8:0f:1c:
8e:c5:e1:88:91:f1:4f:76:09:4f:91:ba:b6:a5:a9:
7f:57:70:2c:02:da:10:56:84:0d:e8:64:7c:f1:65:
57:2d:ce:53:86:e0:2f:e4:e9:02:74:fe:c3:75:7b:
3e:1c:fc:a5:91:4b:5f:93:57:80:09:74:54:9c:5c:
fa:90:ab:c5:1d:62:64:21:e1:37:bc:25:52:cf:46:
c1:72:c6:15:ad:24:45:dd:50:6a:f3:f0:f8:82:89:
77:1a:0a:8d:fe:6e:ef:b0:b8:0f:f6:fd:8e:13:53:
73:f2:2d:f2:a9:ed:74:61:9d:d3:31:9e:55:de:57:
79:7f:99:55:85:29:67:a8:d0:cd:a7:42:2d:42:7f:
2e:96:8f:2e:67:74:16:f8:36:58:78:22:7d:30:39:
80:52:72:57:b4:e9:90:c9:dd:58:7c:af:05:88:bd:
b6:4b:da:61:e5:6c:39:da:27:e2:25:b9:52:80:df:
47:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:89:FF:E4:57:FB:34:01:0D:EF:D1:95:71:C4:0B:86:A8:EC:1C:5C
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/tIn_5Ff7NAEN79GVccQLhqjsHFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.36.162.0/23
193.168.184.0/23
193.168.187.0/24
194.1.167.0/24
IPv6:
2a09:1400::/30
Signature Algorithm: sha256WithRSAEncryption
9c:5c:d2:57:77:20:66:d5:ce:fb:ff:ac:27:60:ca:8e:35:a1:
e1:73:f1:14:91:1e:d7:72:63:62:2a:d0:cd:6f:df:d7:a0:d8:
01:69:71:1d:73:94:32:c6:b3:15:4b:af:af:a9:33:12:99:ba:
db:10:52:0e:8f:b9:8d:e3:93:2c:4f:4f:58:11:15:07:6c:44:
fa:f7:7f:4e:cb:67:91:c7:e3:85:19:42:41:0b:f7:75:6f:2e:
ed:e9:86:fd:4c:8e:c6:61:30:ff:f6:84:7a:51:53:67:02:ed:
14:5b:7e:e3:6d:e3:df:6e:1d:4d:fa:9a:b9:50:ad:60:49:a9:
2f:99:b4:4c:78:8c:4c:9f:ae:1a:3b:09:a3:c4:7f:86:af:b4:
2d:43:1b:cc:25:21:e1:8c:7a:a4:b8:44:25:2b:02:3e:64:4d:
c6:3b:3b:73:9d:20:9c:ed:d2:04:40:5c:fc:5a:0c:67:80:31:
15:b5:09:07:70:73:46:e9:6b:42:99:1c:a0:e2:e6:31:e2:9b:
54:c3:8e:45:29:f9:80:72:68:ca:0a:d2:2d:bb:78:5b:f7:55:
21:e2:15:ff:f7:c0:8f:2f:f4:16:90:77:85:8d:80:f6:43:c4:
71:58:0a:9c:fc:d6:6a:57:d3:07:5d:db:3a:c6:74:61:21:4b:
20:58:7d:5b
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVw+5Kbe2sa5fF6Ne/4SBUZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjMwMTAyMDUzNjUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDg5ZmZlNDU3ZmIzNDAxMGRlZmQxOTU3MWM0MGI4NmE4ZWMxYzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1kQ+YRfjDlO5pyljFbOI5kDYShX8
a3FqVSqPCw0qPMg60ANUhJ4vSzybYrvRQpeK8XTzemB6TknSNRmL1ImBOa+7f3f/
N1jIDxyOxeGIkfFPdglPkbq2pal/V3AsAtoQVoQN6GR88WVXLc5ThuAv5OkCdP7D
dXs+HPylkUtfk1eACXRUnFz6kKvFHWJkIeE3vCVSz0bBcsYVrSRF3VBq8/D4gol3
GgqN/m7vsLgP9v2OE1Nz8i3yqe10YZ3TMZ5V3ld5f5lVhSlnqNDNp0ItQn8ulo8u
Z3QW+DZYeCJ9MDmAUnJXtOmQyd1YfK8FiL22S9ph5Ww52ifiJblSgN9H2wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLSJ/+RX+zQBDe/RlXHEC4ao7BxcMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvdEluXzVGZjdOQUVONzlHVmNjUUxocWpzSEZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBwSSiAwQB
wai4AwQAwai7AwQAwgGnMA0EAgACMAcDBQIqCRQAMA0GCSqGSIb3DQEBCwUAA4IB
AQCcXNJXdyBm1c77/6wnYMqONaHhc/EUkR7XcmNiKtDNb9/XoNgBaXEdc5QyxrMV
S6+vqTMSmbrbEFIOj7mN45MsT09YERUHbET6939Oy2eRx+OFGUJBC/d1by7t6Yb9
TI7GYTD/9oR6UVNnAu0UW37jbePfbh1N+pq5UK1gSakvmbRMeIxMn64aOwmjxH+G
r7QtQxvMJSHhjHqkuEQlKwI+ZE3GOztznSCc7dIEQFz8WgxngDEVtQkHcHNG6WtC
mRyg4uYx4ptUw45FKfmAcmjKCtItu3hb91Uh4hX/98CPL/QWkHeFjYD2Q8RxWAqc
/NZqV9MHXds6xnRhIUsgWH1b
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:12 2024 by rpki-client on console-ams.rpki-client.org