Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/57b53e-3003-46a6-9ce8-fafd1496ae59/1/tTTErBOYos7KF0hCkr5vzZPwqwM.roa
File: tTTErBOYos7KF0hCkr5vzZPwqwM.roa (raw, json)
Hash identifier: SOR3TEG4gNUgmtjbk5RTRqOc4P5otcsJCkeuvHbvja8=
Subject key identifier: B5:34:C4:AC:13:98:A2:CE:CA:17:48:42:92:BE:6F:CD:93:F0:AB:03
Certificate issuer: /CN=82e39681c5aaefb35e54f4ad8afa428d4ffde06a
Certificate serial: 018842AEAF77C0376759A52097D59071C29B
Authority key identifier: 82:E3:96:81:C5:AA:EF:B3:5E:54:F4:AD:8A:FA:42:8D:4F:FD:E0:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/guOWgcWq77NeVPStivpCjU_94Go.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/57b53e-3003-46a6-9ce8-fafd1496ae59/1/tTTErBOYos7KF0hCkr5vzZPwqwM.roa
Signing time: Mon 22 May 2023 08:58:44 +0000
ROA not before: Mon 22 May 2023 08:58:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47576
IP address blocks: 89.207.144.0/22 maxlen: 22
185.251.96.0/22 maxlen: 22
2a0c:18c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 18 Dec 2023 17:11:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:42:ae:af:77:c0:37:67:59:a5:20:97:d5:90:71:c2:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82e39681c5aaefb35e54f4ad8afa428d4ffde06a
Validity
Not Before: May 22 08:58:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b534c4ac1398a2ceca17484292be6fcd93f0ab03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:3e:64:17:47:f2:19:0d:96:73:49:77:f5:99:
79:d1:fc:f0:c0:0c:b1:17:ae:a6:84:b4:18:09:60:
bb:03:72:e0:a7:09:1b:39:1c:7f:f1:aa:0b:cc:ca:
3a:e5:b5:b6:52:1e:47:13:ea:c4:43:25:a5:1b:54:
29:fa:ec:15:05:1f:b4:81:46:c8:82:ef:7e:e2:7a:
8e:d7:8d:ec:34:6f:04:16:f9:0b:b1:58:41:4f:b0:
5e:70:c3:a5:82:d8:b1:fb:4d:54:1b:f8:31:41:2f:
cf:3c:30:08:7c:6f:3c:f0:62:1e:5b:9f:10:de:4d:
00:b8:4e:54:08:1a:bd:3e:17:cd:37:09:26:e7:bd:
6c:ec:ba:14:61:e3:7d:b0:49:91:d0:a2:da:6d:e8:
59:5e:8f:a2:8a:b0:98:4c:68:d8:e9:6b:55:11:12:
04:dd:59:34:6e:76:5d:29:07:24:c9:f1:6c:3c:2a:
c7:f7:f2:38:25:68:8b:0d:11:2d:cf:03:5a:61:8b:
1a:cc:9e:f6:b5:8a:a6:92:4b:57:65:40:9f:67:95:
88:81:de:14:e6:99:01:c4:2a:cb:31:79:bc:0f:93:
d8:28:db:ee:81:5d:ed:08:87:72:c1:ff:b5:e9:67:
88:40:8c:2f:c2:6a:36:90:b2:f2:1e:d8:17:b4:49:
66:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:34:C4:AC:13:98:A2:CE:CA:17:48:42:92:BE:6F:CD:93:F0:AB:03
X509v3 Authority Key Identifier:
keyid:82:E3:96:81:C5:AA:EF:B3:5E:54:F4:AD:8A:FA:42:8D:4F:FD:E0:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/guOWgcWq77NeVPStivpCjU_94Go.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/57b53e-3003-46a6-9ce8-fafd1496ae59/1/tTTErBOYos7KF0hCkr5vzZPwqwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/57b53e-3003-46a6-9ce8-fafd1496ae59/1/guOWgcWq77NeVPStivpCjU_94Go.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.207.144.0/22
185.251.96.0/22
IPv6:
2a0c:18c0::/32
Signature Algorithm: sha256WithRSAEncryption
23:48:25:09:23:a2:99:f2:35:7b:6c:38:86:a2:b6:f2:27:35:
ea:9c:59:da:55:d1:b3:c0:3d:42:da:6c:2b:64:b8:c6:57:28:
58:bf:54:27:a8:fd:d0:70:14:1d:ad:fe:4a:e5:83:92:18:17:
09:52:52:90:30:58:92:c4:50:11:5e:cc:bb:e5:6b:48:f5:8e:
6a:59:5a:ae:8d:65:f4:fb:dc:c8:c1:61:19:3a:82:f1:42:83:
ce:79:a4:aa:cc:a3:31:cd:5d:0d:14:c5:34:61:de:0a:eb:3d:
d1:cb:03:68:13:bf:4b:52:e3:b7:fb:f2:ee:58:e2:ca:e9:32:
ba:2d:a1:88:1f:53:c2:8c:f6:80:ae:ce:e7:da:94:dd:3a:83:
18:1c:c9:fb:2b:89:48:5e:eb:89:f1:13:7d:eb:18:ae:31:37:
85:2d:12:d5:0c:d1:d1:74:f1:e0:91:fb:8e:0e:6e:46:f9:76:
e4:ff:97:c2:a4:d9:a4:5e:bb:b9:1b:f3:c5:13:fe:66:d8:c9:
fa:09:82:03:90:f0:18:5b:30:84:e3:ac:e3:19:9b:fd:3c:ab:
4b:ec:a6:e1:59:cf:1c:5a:27:08:94:1d:5d:27:ca:42:5d:d5:
d8:6b:e1:8a:3d:4c:32:e1:48:fc:4e:41:0f:ee:4a:a5:50:ee:
30:ec:fc:5b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYhCrq93wDdnWaUgl9WQccKbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZTM5NjgxYzVhYWVmYjM1ZTU0ZjRhZDhhZmE0MjhkNGZm
ZGUwNmEwHhcNMjMwNTIyMDg1ODQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTM0YzRhYzEzOThhMmNlY2ExNzQ4NDI5MmJlNmZjZDkzZjBhYjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlT5kF0fyGQ2Wc0l39Zl50fzwwAyx
F66mhLQYCWC7A3LgpwkbORx/8aoLzMo65bW2Uh5HE+rEQyWlG1Qp+uwVBR+0gUbI
gu9+4nqO143sNG8EFvkLsVhBT7BecMOlgtix+01UG/gxQS/PPDAIfG888GIeW58Q
3k0AuE5UCBq9PhfNNwkm571s7LoUYeN9sEmR0KLabehZXo+iirCYTGjY6WtVERIE
3Vk0bnZdKQckyfFsPCrH9/I4JWiLDREtzwNaYYsazJ72tYqmkktXZUCfZ5WIgd4U
5pkBxCrLMXm8D5PYKNvugV3tCIdywf+16WeIQIwvwmo2kLLyHtgXtElm1QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLU0xKwTmKLOyhdIQpK+b82T8KsDMB8GA1UdIwQY
MBaAFILjloHFqu+zXlT0rYr6Qo1P/eBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3VPV2djV3E3N05lVlBTdGl2cENqVV85NEdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81N2I1M2UtMzAwMy00NmE2LTljZTgt
ZmFmZDE0OTZhZTU5LzEvdFRURXJCT1lvczdLRjBoQ2tyNXZ6WlB3cXdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81N2I1M2UtMzAwMy00NmE2LTljZTgtZmFmZDE0OTZhZTU5
LzEvZ3VPV2djV3E3N05lVlBTdGl2cENqVV85NEdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCWc+QAwQC
uftgMA0EAgACMAcDBQAqDBjAMA0GCSqGSIb3DQEBCwUAA4IBAQAjSCUJI6KZ8jV7
bDiGorbyJzXqnFnaVdGzwD1C2mwrZLjGVyhYv1QnqP3QcBQdrf5K5YOSGBcJUlKQ
MFiSxFARXsy75WtI9Y5qWVqujWX0+9zIwWEZOoLxQoPOeaSqzKMxzV0NFMU0Yd4K
6z3RywNoE79LUuO3+/LuWOLK6TK6LaGIH1PCjPaArs7n2pTdOoMYHMn7K4lIXuuJ
8RN96xiuMTeFLRLVDNHRdPHgkfuODm5G+Xbk/5fCpNmkXru5G/PFE/5m2Mn6CYID
kPAYWzCE46zjGZv9PKtL7KbhWc8cWicIlB1dJ8pCXdXYa+GKPUwy4Uj8TkEP7kql
UO4w7Pxb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:55 2024 by rpki-client on console-fra.rpki-client.org