Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/e8bd0b-f36d-45f5-b985-09bb5287531b/1/tIh-o0gwZPx-_6959BP51r0mu5o.roa
File: tIh-o0gwZPx-_6959BP51r0mu5o.roa (raw, json)
Hash identifier: InyGXI5LAWDRjK59Pw+xf0e3rrXdz01F160HphlP5CI=
Subject key identifier: B4:88:7E:A3:48:30:64:FC:7E:FF:AF:79:F4:13:F9:D6:BD:26:BB:9A
Certificate issuer: /CN=e53ad9b432bb83d141c480dee78bc35ff47cb72c
Certificate serial: 01856ED4BBCFA4C9A8DC9143532F3CCA0936
Authority key identifier: E5:3A:D9:B4:32:BB:83:D1:41:C4:80:DE:E7:8B:C3:5F:F4:7C:B7:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5TrZtDK7g9FBxIDe54vDX_R8tyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/e8bd0b-f36d-45f5-b985-09bb5287531b/1/tIh-o0gwZPx-_6959BP51r0mu5o.roa
Signing time: Sun 01 Jan 2023 19:35:13 +0000
ROA not before: Sun 01 Jan 2023 19:35:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29484
IP address blocks: 192.35.72.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:bb:cf:a4:c9:a8:dc:91:43:53:2f:3c:ca:09:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e53ad9b432bb83d141c480dee78bc35ff47cb72c
Validity
Not Before: Jan 1 19:35:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4887ea3483064fc7effaf79f413f9d6bd26bb9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:71:af:e8:d9:03:f6:da:72:41:07:b0:07:be:
6a:52:f2:ea:40:4a:9e:7b:47:33:e9:ef:44:d3:15:
03:56:d3:1d:79:43:e4:3f:b9:99:0d:4d:73:13:c1:
ec:99:ee:d1:b1:f9:b5:a2:80:9c:91:1d:0d:2d:f8:
4b:16:49:e0:2a:f8:f6:f1:ee:72:13:09:6b:7b:3f:
2c:43:f4:59:f7:d1:b3:c6:9f:ef:d7:84:95:41:2e:
93:df:fc:6b:7b:8b:b9:68:b1:fc:91:c5:63:29:66:
e0:68:a2:fc:11:5c:79:b6:11:27:c9:39:3c:19:a3:
ca:c0:25:ea:12:3d:b2:32:7b:62:6e:f1:bc:c7:d0:
25:89:8e:a7:c4:70:cf:d1:23:98:97:88:a8:e9:e7:
36:e6:db:b9:67:53:c2:14:53:b5:62:fa:73:77:b2:
db:41:fe:f8:48:16:af:64:06:67:c1:f1:72:2e:05:
42:a2:da:59:15:c5:ab:7a:f6:62:fd:0a:70:05:08:
9b:66:7d:20:e8:8a:d9:16:0f:c4:76:e0:b9:0d:63:
38:36:f7:07:e4:99:e0:dc:34:2b:0a:6c:ec:e7:60:
65:34:c4:8e:0c:13:b3:29:c4:41:50:85:8d:4a:6c:
46:0b:99:1d:5d:3a:b4:c6:b0:b2:72:2f:b9:ec:2f:
63:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:88:7E:A3:48:30:64:FC:7E:FF:AF:79:F4:13:F9:D6:BD:26:BB:9A
X509v3 Authority Key Identifier:
keyid:E5:3A:D9:B4:32:BB:83:D1:41:C4:80:DE:E7:8B:C3:5F:F4:7C:B7:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5TrZtDK7g9FBxIDe54vDX_R8tyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/e8bd0b-f36d-45f5-b985-09bb5287531b/1/tIh-o0gwZPx-_6959BP51r0mu5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/e8bd0b-f36d-45f5-b985-09bb5287531b/1/5TrZtDK7g9FBxIDe54vDX_R8tyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.35.72.0/24
Signature Algorithm: sha256WithRSAEncryption
33:0b:f6:cb:6a:ef:7d:7b:f3:ba:4d:d7:bb:83:cc:4e:a2:dc:
62:35:12:20:9b:5f:b8:54:c7:e7:07:18:e0:a8:20:7d:b7:a4:
23:ae:7f:c5:bf:fd:72:9c:44:ec:9b:f2:50:b6:67:6d:d6:68:
ac:7f:f9:93:e6:23:77:2e:50:0d:d9:dd:62:96:e3:6c:45:ba:
d5:9b:0d:5f:dc:89:35:55:d1:5f:2b:4a:99:c1:be:62:ea:99:
0f:58:f5:8c:fd:4d:ad:ac:67:7a:0c:c8:91:b1:92:43:aa:f0:
5a:79:21:28:7d:0c:bd:9c:16:15:af:43:fd:14:7f:66:c0:c4:
19:00:89:8a:7c:c7:72:e3:64:10:69:98:b1:8a:a7:17:0b:95:
08:2c:20:99:fd:42:64:36:5f:c1:85:bc:2b:cb:ef:f8:7b:81:
ef:26:0e:0d:cb:5d:27:e4:47:8c:e9:b5:69:6c:a5:e0:cc:2f:
d0:4b:32:bc:a2:96:d5:86:21:4c:b2:ac:2f:40:9c:ae:fb:cb:
c9:22:5c:73:58:7d:10:b8:56:c5:0e:96:75:a2:cf:ce:1e:37:
bb:fc:77:e1:50:61:32:60:66:a6:2a:e9:d4:53:d0:6d:7e:ec:
0b:83:aa:6f:d3:4b:ce:c2:fb:98:d7:19:78:d4:e3:4b:f4:e2:
3c:f0:38:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1LvPpMmo3JFDUy88ygk2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1M2FkOWI0MzJiYjgzZDE0MWM0ODBkZWU3OGJjMzVmZjQ3
Y2I3MmMwHhcNMjMwMTAxMTkzNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDg4N2VhMzQ4MzA2NGZjN2VmZmFmNzlmNDEzZjlkNmJkMjZiYjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnGv6NkD9tpyQQewB75qUvLqQEqe
e0cz6e9E0xUDVtMdeUPkP7mZDU1zE8Hsme7Rsfm1ooCckR0NLfhLFkngKvj28e5y
Ewlrez8sQ/RZ99Gzxp/v14SVQS6T3/xre4u5aLH8kcVjKWbgaKL8EVx5thEnyTk8
GaPKwCXqEj2yMntibvG8x9AliY6nxHDP0SOYl4io6ec25tu5Z1PCFFO1Yvpzd7Lb
Qf74SBavZAZnwfFyLgVCotpZFcWrevZi/QpwBQibZn0g6IrZFg/EduC5DWM4NvcH
5Jng3DQrCmzs52BlNMSODBOzKcRBUIWNSmxGC5kdXTq0xrCyci+57C9j2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLSIfqNIMGT8fv+vefQT+da9JruaMB8GA1UdIwQY
MBaAFOU62bQyu4PRQcSA3ueLw1/0fLcsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVRyWnRESzdnOUZCeElEZTU0dkRYX1I4dHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9lOGJkMGItZjM2ZC00NWY1LWI5ODUt
MDliYjUyODc1MzFiLzEvdEloLW8wZ3daUHgtXzY5NTlCUDUxcjBtdTVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9lOGJkMGItZjM2ZC00NWY1LWI5ODUtMDliYjUyODc1MzFi
LzEvNVRyWnRESzdnOUZCeElEZTU0dkRYX1I4dHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwCNIMA0G
CSqGSIb3DQEBCwUAA4IBAQAzC/bLau99e/O6Tde7g8xOotxiNRIgm1+4VMfnBxjg
qCB9t6Qjrn/Fv/1ynETsm/JQtmdt1misf/mT5iN3LlAN2d1iluNsRbrVmw1f3Ik1
VdFfK0qZwb5i6pkPWPWM/U2trGd6DMiRsZJDqvBaeSEofQy9nBYVr0P9FH9mwMQZ
AImKfMdy42QQaZixiqcXC5UILCCZ/UJkNl/Bhbwry+/4e4HvJg4Ny10n5EeM6bVp
bKXgzC/QSzK8opbVhiFMsqwvQJyu+8vJIlxzWH0QuFbFDpZ1os/OHje7/HfhUGEy
YGamKunUU9BtfuwLg6pv00vOwvuY1xl41ONL9OI88DiR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:11 2024 by rpki-client on console-fra.rpki-client.org