Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/tTlzCAiURhPCOy2y7nVPlcsthEM.roa
File: tTlzCAiURhPCOy2y7nVPlcsthEM.roa (raw, json)
Hash identifier: /OlMW9wMakqcLy2ET7Vt1MgvrK2gl5a2qR+MAwhGEW0=
Subject key identifier: B5:39:73:08:08:94:46:13:C2:3B:2D:B2:EE:75:4F:95:CB:2D:84:43
Certificate issuer: /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial: 018CC500B25A81B1EAD89914CEAC895BCEFD
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/tTlzCAiURhPCOy2y7nVPlcsthEM.roa
Signing time: Mon 01 Jan 2024 12:30:06 +0000
ROA not before: Mon 01 Jan 2024 12:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 176.105.228.0/24 maxlen: 24
185.177.27.0/24 maxlen: 24
81.28.253.0/24 maxlen: 24
91.239.149.0/24 maxlen: 24
91.238.92.0/24 maxlen: 24
45.132.80.0/22 maxlen: 24
91.244.198.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Feb 2024 19:34:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:b2:5a:81:b1:ea:d8:99:14:ce:ac:89:5b:ce:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Validity
Not Before: Jan 1 12:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b539730808944613c23b2db2ee754f95cb2d8443
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f1:91:8f:04:a6:2b:6d:84:45:d3:34:f2:17:
fa:bf:ce:94:e1:52:75:01:a3:74:27:8e:b5:20:96:
0d:ef:5d:9f:52:bd:0f:fc:30:07:35:42:eb:74:cb:
c2:39:9a:85:62:be:7c:18:b7:2c:c5:8f:c8:d3:da:
63:7b:6e:f1:9a:b7:4c:f5:a5:22:e5:29:6c:20:85:
65:4f:e7:a4:d4:28:58:3f:d0:cf:93:3d:74:10:b5:
33:04:19:38:f9:ba:a2:aa:9f:ef:eb:e5:3c:45:c0:
67:36:56:ea:79:fd:37:bf:b3:70:8e:4b:cb:9f:5b:
3d:b8:8a:57:46:9a:65:2f:9f:91:8d:22:04:f8:83:
f9:33:e7:8d:07:2b:c0:5e:a1:54:36:ff:f2:05:7e:
da:42:63:25:55:d1:9d:23:ec:94:07:f2:a1:47:00:
05:8d:df:f7:d1:00:7e:1f:5a:85:28:72:0e:23:bf:
ab:f7:18:4d:17:01:ff:8b:3f:cc:d5:b1:dc:8a:8f:
76:c8:02:62:f2:81:3b:5c:83:28:dd:fc:13:64:1f:
79:0f:61:21:0a:97:fa:c6:12:48:33:d7:82:6b:31:
c0:67:f4:3e:45:0b:f6:a7:ce:97:3b:32:aa:79:b8:
86:8d:46:9e:0a:73:5d:30:ee:a3:ec:38:01:b5:26:
9b:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:39:73:08:08:94:46:13:C2:3B:2D:B2:EE:75:4F:95:CB:2D:84:43
X509v3 Authority Key Identifier:
keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/tTlzCAiURhPCOy2y7nVPlcsthEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.80.0/22
81.28.253.0/24
91.238.92.0/24
91.239.149.0/24
91.244.198.0/24
176.105.228.0/24
185.177.27.0/24
Signature Algorithm: sha256WithRSAEncryption
14:4a:9a:57:42:d9:8f:b0:36:0a:4c:94:a5:a5:b8:89:67:a2:
70:28:f5:db:0e:d4:52:db:5b:cf:a5:d0:35:8b:f2:a9:90:df:
6a:4d:91:23:77:99:b4:d4:97:67:64:58:8a:8e:f2:75:12:1d:
00:38:40:26:40:10:ce:c3:5b:e4:48:76:7d:b8:36:e3:94:dd:
21:82:c4:07:6b:03:71:19:bb:78:f3:f8:91:c9:95:94:d2:e2:
1c:00:75:f1:47:71:a4:7c:a8:11:21:f4:b1:f0:71:7b:5b:0b:
b7:68:f0:82:43:57:49:c5:85:74:a5:1d:1d:21:60:15:1b:2b:
55:6b:6b:18:d8:9f:14:f3:82:44:78:68:e4:16:2e:7d:99:b2:
e1:4e:d5:4b:03:9a:bf:b6:58:ea:80:95:82:04:1e:e0:91:7b:
c2:a7:9c:87:95:41:3b:bb:07:5b:75:32:b5:05:d1:6b:cc:05:
a7:2a:f7:77:f6:54:86:c5:c4:81:2b:96:a8:fa:a1:88:98:3c:
c2:40:95:d7:2f:22:49:f8:9f:b7:95:ad:eb:16:63:4d:e9:71:
f9:75:7b:43:cf:25:5b:82:40:a3:17:f1:cb:f0:00:09:89:c1:
e6:f8:6d:0f:87:e4:d8:40:a3:75:71:22:c2:a4:8b:bb:f4:16:
6b:29:cd:c4
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzFALJagbHq2JkUzqyJW879MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMGMwZDA0MjI1NTY2ZGI5NWU5YWQzYjJlZjYwNTAxNDk3
NWFhYTIwHhcNMjQwMTAxMTIzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTM5NzMwODA4OTQ0NjEzYzIzYjJkYjJlZTc1NGY5NWNiMmQ4NDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/GRjwSmK22ERdM08hf6v86U4VJ1
AaN0J461IJYN712fUr0P/DAHNULrdMvCOZqFYr58GLcsxY/I09pje27xmrdM9aUi
5SlsIIVlT+ek1ChYP9DPkz10ELUzBBk4+bqiqp/v6+U8RcBnNlbqef03v7NwjkvL
n1s9uIpXRpplL5+RjSIE+IP5M+eNByvAXqFUNv/yBX7aQmMlVdGdI+yUB/KhRwAF
jd/30QB+H1qFKHIOI7+r9xhNFwH/iz/M1bHcio92yAJi8oE7XIMo3fwTZB95D2Eh
Cpf6xhJIM9eCazHAZ/Q+RQv2p86XOzKqebiGjUaeCnNdMO6j7DgBtSabBQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFLU5cwgIlEYTwjstsu51T5XLLYRDMB8GA1UdIwQY
MBaAFJsMDQQiVWbblemtOy72BQFJdaqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMt
ZThlZjJmMDk1OThlLzEvdFRsekNBaVVSaFBDT3kyeTduVlBsY3N0aEVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8wZWM2ZDItZjFkNy00YjBhLWFkMzMtZThlZjJmMDk1OThl
LzEvbXd3TkJDSlZadHVWNmEwN0x2WUZBVWwxcXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLYRQAwQA
URz9AwQAW+5cAwQAW++VAwQAW/TGAwQAsGnkAwQAubEbMA0GCSqGSIb3DQEBCwUA
A4IBAQAUSppXQtmPsDYKTJSlpbiJZ6JwKPXbDtRS21vPpdA1i/KpkN9qTZEjd5m0
1JdnZFiKjvJ1Eh0AOEAmQBDOw1vkSHZ9uDbjlN0hgsQHawNxGbt48/iRyZWU0uIc
AHXxR3GkfKgRIfSx8HF7Wwu3aPCCQ1dJxYV0pR0dIWAVGytVa2sY2J8U84JEeGjk
Fi59mbLhTtVLA5q/tljqgJWCBB7gkXvCp5yHlUE7uwdbdTK1BdFrzAWnKvd39lSG
xcSBK5ao+qGImDzCQJXXLyJJ+J+3la3rFmNN6XH5dXtDzyVbgkCjF/HL8AAJicHm
+G0Ph+TYQKN1cSLCpIu79BZrKc3E
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:49 2024 by rpki-client on console-ams.rpki-client.org