Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/tW-ye2mr21zO-oeWrsSvvrrfHg4.roa
File: tW-ye2mr21zO-oeWrsSvvrrfHg4.roa (raw, json)
Hash identifier: jiagGmi89KqBJ5To0L0iZbMWM92gA/INBoGTVwFcGRk=
Subject key identifier: B5:6F:B2:7B:69:AB:DB:5C:CE:FA:87:96:AE:C4:AF:BE:BA:DF:1E:0E
Certificate issuer: /CN=435416b2282b4533c3509c18e957ce0c836bc837
Certificate serial: 018B0432406CB7BC8A1FEAE9942FCC89A303
Authority key identifier: 43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/tW-ye2mr21zO-oeWrsSvvrrfHg4.roa
Signing time: Fri 06 Oct 2023 08:54:43 +0000
ROA not before: Fri 06 Oct 2023 08:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203020
IP address blocks: 194.156.112.0/22 maxlen: 32
185.251.44.0/22 maxlen: 32
195.66.216.0/21 maxlen: 32
185.247.228.0/22 maxlen: 32
95.175.64.0/19 maxlen: 32
185.251.248.0/22 maxlen: 32
Validation: Failed, certificate revoked on Fri 06 Oct 2023 09:12:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:04:32:40:6c:b7:bc:8a:1f:ea:e9:94:2f:cc:89:a3:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=435416b2282b4533c3509c18e957ce0c836bc837
Validity
Not Before: Oct 6 08:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b56fb27b69abdb5ccefa8796aec4afbebadf1e0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a5:02:3d:62:03:be:2b:08:ed:0e:4b:35:a4:
58:05:ac:8e:ca:d2:6d:6d:cd:1c:41:0d:0b:f9:4f:
b2:f1:af:99:3f:a6:ca:72:e9:db:8f:a2:ed:af:8f:
b4:52:ea:d2:25:e9:53:21:85:89:15:71:9f:e9:e8:
81:bd:93:23:e0:c8:87:34:fe:ac:08:84:82:3a:d1:
4f:cf:41:7d:57:1d:71:c2:57:08:10:95:81:d3:c8:
50:30:01:40:9e:4b:41:e5:5e:ce:7e:72:85:f5:7e:
a1:2b:74:3a:51:c6:e2:a7:f1:d2:79:d5:a6:97:9f:
12:66:f1:9d:7e:90:c0:f8:a8:54:16:73:af:36:9d:
67:00:88:c2:f5:a1:c8:fd:3b:77:7f:40:5b:51:54:
9e:e1:0b:4d:73:01:98:dc:60:27:0c:2e:c3:f0:1c:
fa:3a:ca:c0:b5:8f:33:fb:6f:ca:ae:0c:39:8b:6d:
de:af:ca:0d:3c:f2:fc:4b:6e:cf:3c:0f:07:64:db:
bb:c8:bb:74:72:9d:71:fd:62:a5:86:29:dc:67:bd:
73:3b:89:89:41:50:62:8f:01:6d:a7:0e:d3:76:b8:
8f:71:ba:e2:3d:3b:b6:81:e1:04:b2:90:50:06:51:
24:11:b9:2b:61:20:91:dc:72:e9:2e:43:b1:5b:6f:
fb:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:6F:B2:7B:69:AB:DB:5C:CE:FA:87:96:AE:C4:AF:BE:BA:DF:1E:0E
X509v3 Authority Key Identifier:
keyid:43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/tW-ye2mr21zO-oeWrsSvvrrfHg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Q1QWsigrRTPDUJwY6VfODINryDc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.175.64.0/19
185.247.228.0/22
185.251.44.0/22
185.251.248.0/22
194.156.112.0/22
195.66.216.0/21
Signature Algorithm: sha256WithRSAEncryption
b2:8b:78:5f:1a:5a:52:3b:4a:c7:86:aa:e0:d0:54:72:a4:f9:
f4:6c:84:d4:4d:67:12:a1:80:cf:82:4d:06:2e:2c:d0:db:36:
0d:3c:10:29:36:c9:b2:84:2a:52:66:f9:e7:0a:f6:3a:52:eb:
0a:97:c3:48:08:84:42:ca:75:3e:6f:2e:3f:e4:d3:fd:77:19:
92:cd:dd:1f:9a:44:3f:40:5d:b0:78:60:81:e8:62:65:6b:81:
0e:4e:16:1f:76:66:15:28:cf:98:36:73:b7:80:92:21:86:b6:
80:0b:ec:e6:74:6d:27:47:68:9a:b2:a5:ec:01:f3:8c:da:7e:
31:75:da:38:2a:78:3f:af:3a:fe:80:63:05:43:c4:92:c6:3f:
0f:96:6b:c5:5f:86:27:39:6d:48:58:e5:05:77:eb:dc:f4:ed:
86:f5:b2:05:b0:a0:9a:85:7a:dd:61:09:e0:cd:d3:97:a2:55:
8a:a8:69:34:c8:85:6f:e3:8d:71:7a:4c:4c:f2:26:b8:5f:09:
80:f6:7b:dd:2b:ce:a3:ba:71:94:30:a3:04:27:28:14:c4:95:
3a:09:e7:b3:9c:0f:16:22:69:a0:fc:99:58:54:58:b4:e9:09:
84:b0:b0:bc:a4:22:1d:a7:ca:63:74:5c:66:80:8b:4c:f2:92:
72:3a:bf:2b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYsEMkBst7yKH+rplC/MiaMDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTQxNmIyMjgyYjQ1MzNjMzUwOWMxOGU5NTdjZTBjODM2
YmM4MzcwHhcNMjMxMDA2MDg1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTZmYjI3YjY5YWJkYjVjY2VmYTg3OTZhZWM0YWZiZWJhZGYxZTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKUCPWIDvisI7Q5LNaRYBayOytJt
bc0cQQ0L+U+y8a+ZP6bKcunbj6Ltr4+0UurSJelTIYWJFXGf6eiBvZMj4MiHNP6s
CISCOtFPz0F9Vx1xwlcIEJWB08hQMAFAnktB5V7OfnKF9X6hK3Q6Ucbip/HSedWm
l58SZvGdfpDA+KhUFnOvNp1nAIjC9aHI/Tt3f0BbUVSe4QtNcwGY3GAnDC7D8Bz6
OsrAtY8z+2/Krgw5i23er8oNPPL8S27PPA8HZNu7yLt0cp1x/WKlhincZ71zO4mJ
QVBijwFtpw7TdriPcbriPTu2geEEspBQBlEkEbkrYSCR3HLpLkOxW2/7UQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLVvsntpq9tczvqHlq7Er7663x4OMB8GA1UdIwQY
MBaAFENUFrIoK0Uzw1CcGOlXzgyDa8g3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFRV3NpZ3JSVFBEVUp3WTZWZk9ESU5yeURjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82M2ZmODEtNjQ2MC00YzA1LTg1MmQt
MjYyZWIzOWJiZTc2LzEvdFcteWUybXIyMXpPLW9lV3JzU3Z2cnJmSGc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82M2ZmODEtNjQ2MC00YzA1LTg1MmQtMjYyZWIzOWJiZTc2
LzEvUTFRV3NpZ3JSVFBEVUp3WTZWZk9ESU5yeURjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQFX69AAwQC
uffkAwQCufssAwQCufv4AwQCwpxwAwQDw0LYMA0GCSqGSIb3DQEBCwUAA4IBAQCy
i3hfGlpSO0rHhqrg0FRypPn0bITUTWcSoYDPgk0GLizQ2zYNPBApNsmyhCpSZvnn
CvY6UusKl8NICIRCynU+by4/5NP9dxmSzd0fmkQ/QF2weGCB6GJla4EOThYfdmYV
KM+YNnO3gJIhhraAC+zmdG0nR2iasqXsAfOM2n4xddo4Kng/rzr+gGMFQ8SSxj8P
lmvFX4YnOW1IWOUFd+vc9O2G9bIFsKCahXrdYQngzdOXolWKqGk0yIVv441xekxM
8ia4XwmA9nvdK86junGUMKMEJygUxJU6CeeznA8WImmg/JlYVFi06QmEsLC8pCId
p8pjdFxmgItM8pJyOr8r
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:32 2024 by rpki-client on console-fra.rpki-client.org