Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/tXuBUJV8lBpEf8oOppq6w0yMbwM.roa
File: tXuBUJV8lBpEf8oOppq6w0yMbwM.roa (raw, json)
Hash identifier: t85gj7Cb/8J/rEgphAYF4ittKM7V6wTJcDSwDGB2nOs=
Subject key identifier: B5:7B:81:50:95:7C:94:1A:44:7F:CA:0E:A6:9A:BA:C3:4C:8C:6F:03
Certificate issuer: /CN=2b8966d0f14fd59993ca4878e774fa4779036694
Certificate serial: 018CC2DAB11076909BC63B11EC7A66F4AA4F
Authority key identifier: 2B:89:66:D0:F1:4F:D5:99:93:CA:48:78:E7:74:FA:47:79:03:66:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K4lm0PFP1ZmTykh453T6R3kDZpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/tXuBUJV8lBpEf8oOppq6w0yMbwM.roa
Signing time: Mon 01 Jan 2024 02:29:21 +0000
ROA not before: Mon 01 Jan 2024 02:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24935
IP address blocks: 195.74.80.0/24 maxlen: 24
185.161.45.0/24 maxlen: 24
185.161.47.0/24 maxlen: 24
185.252.159.0/24 maxlen: 24
185.252.158.0/24 maxlen: 24
185.252.156.0/24 maxlen: 24
46.29.123.0/24 maxlen: 24
46.29.122.0/24 maxlen: 24
37.235.93.0/24 maxlen: 24
37.235.92.0/24 maxlen: 24
194.213.30.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Feb 2024 13:48:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:b1:10:76:90:9b:c6:3b:11:ec:7a:66:f4:aa:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b8966d0f14fd59993ca4878e774fa4779036694
Validity
Not Before: Jan 1 02:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b57b8150957c941a447fca0ea69abac34c8c6f03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d7:5e:62:d8:9c:d4:01:27:5c:86:36:bb:13:
19:55:9a:7e:3a:e3:81:1b:79:58:dc:0d:29:9f:66:
09:d0:b2:bb:04:5a:e8:bc:88:94:7b:b3:6c:68:98:
bb:08:b5:93:47:05:44:9b:6e:42:82:7b:c2:ae:cd:
d1:ee:0d:e3:d1:20:cc:0c:1c:b6:56:2e:f1:9f:ff:
88:31:5c:15:67:c6:a1:78:f8:68:7d:c1:13:2b:0d:
b7:be:e3:8e:da:cf:ea:91:3d:92:ff:7f:22:d2:b1:
e5:9f:49:6d:92:80:ca:85:9f:ad:a3:bb:27:32:78:
96:18:32:6e:0d:92:e8:23:8b:28:c2:59:ff:39:d8:
4d:f2:ac:e6:11:65:c0:69:7e:1d:d8:20:14:74:58:
6f:04:1d:7d:54:13:0a:01:43:c0:14:06:7c:3a:33:
57:d8:fa:52:90:fe:fb:dd:09:1b:c7:f1:00:00:ab:
6d:d7:8d:fb:44:e7:ea:3d:7c:c0:66:58:2a:f3:77:
93:5d:2f:28:4b:52:bf:2a:9a:af:52:1b:87:22:32:
d6:2e:88:1b:2b:78:a9:78:70:6d:be:d5:fc:1f:65:
29:0c:20:b9:e6:ca:e8:43:27:24:32:5f:a5:be:e3:
db:78:a7:7e:4a:5c:67:5f:57:4b:da:75:c1:1c:14:
4f:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:7B:81:50:95:7C:94:1A:44:7F:CA:0E:A6:9A:BA:C3:4C:8C:6F:03
X509v3 Authority Key Identifier:
keyid:2B:89:66:D0:F1:4F:D5:99:93:CA:48:78:E7:74:FA:47:79:03:66:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K4lm0PFP1ZmTykh453T6R3kDZpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/tXuBUJV8lBpEf8oOppq6w0yMbwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/cf7f6d-b225-4bdf-9504-838ebf412a61/1/K4lm0PFP1ZmTykh453T6R3kDZpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.92.0/23
46.29.122.0/23
185.161.45.0/24
185.161.47.0/24
185.252.156.0/24
185.252.158.0/23
194.213.30.0/24
195.74.80.0/24
Signature Algorithm: sha256WithRSAEncryption
59:95:ce:f3:26:9c:31:39:48:d9:c2:f4:11:d2:e0:23:3d:f0:
da:7a:5e:9e:28:52:c4:22:c5:0f:1a:f3:12:7a:bb:06:4f:a1:
c5:9f:7b:b1:07:36:52:d6:d5:62:61:c0:67:f3:e6:fe:c3:c9:
a0:48:ea:0d:5e:3c:b9:1b:a8:11:31:be:01:a7:ee:ce:79:e0:
5b:3e:fd:28:6a:f4:1e:e6:3c:20:a0:0f:82:8c:87:da:d6:e9:
62:17:92:17:72:b1:3e:da:09:55:f6:47:5f:4f:eb:c8:61:b8:
da:8a:18:2c:d8:95:a9:a3:3f:ef:6c:7e:39:ba:67:53:71:39:
39:88:dc:71:2e:63:a7:a8:19:ce:2d:c6:1e:e2:8a:8c:f5:a6:
41:c8:94:fb:d9:52:cc:f4:9a:4a:55:58:3d:cd:32:42:0f:2a:
3d:e8:a1:62:dd:a3:14:26:f0:27:a4:11:be:ac:c7:4d:da:af:
44:45:a0:31:4f:4d:ab:cd:4a:69:ea:ad:f8:ee:6d:2c:82:1b:
b0:f2:eb:57:ff:6b:b8:30:16:71:00:69:fb:9a:72:b2:29:f1:
8f:96:99:ee:0a:98:42:b2:7a:22:0b:3d:0f:67:ef:36:d5:19:
c2:ad:df:ad:e4:a1:69:65:87:86:c0:de:f6:e3:4a:24:88:13:
a8:16:2a:29
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzC2rEQdpCbxjsR7Hpm9KpPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiODk2NmQwZjE0ZmQ1OTk5M2NhNDg3OGU3NzRmYTQ3Nzkw
MzY2OTQwHhcNMjQwMTAxMDIyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTdiODE1MDk1N2M5NDFhNDQ3ZmNhMGVhNjlhYmFjMzRjOGM2ZjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptdeYtic1AEnXIY2uxMZVZp+OuOB
G3lY3A0pn2YJ0LK7BFrovIiUe7NsaJi7CLWTRwVEm25CgnvCrs3R7g3j0SDMDBy2
Vi7xn/+IMVwVZ8ahePhofcETKw23vuOO2s/qkT2S/38i0rHln0ltkoDKhZ+to7sn
MniWGDJuDZLoI4sowln/OdhN8qzmEWXAaX4d2CAUdFhvBB19VBMKAUPAFAZ8OjNX
2PpSkP773Qkbx/EAAKtt1437ROfqPXzAZlgq83eTXS8oS1K/KpqvUhuHIjLWLogb
K3ipeHBtvtX8H2UpDCC55sroQyckMl+lvuPbeKd+SlxnX1dL2nXBHBRPiwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFLV7gVCVfJQaRH/KDqaausNMjG8DMB8GA1UdIwQY
MBaAFCuJZtDxT9WZk8pIeOd0+kd5A2aUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzRsbTBQRlAxWm1UeWtoNDUzVDZSM2tEWnBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQt
ODM4ZWJmNDEyYTYxLzEvdFh1QlVKVjhsQnBFZjhvT3BwcTZ3MHlNYndNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9jZjdmNmQtYjIyNS00YmRmLTk1MDQtODM4ZWJmNDEyYTYx
LzEvSzRsbTBQRlAxWm1UeWtoNDUzVDZSM2tEWnBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBJetcAwQB
Lh16AwQAuaEtAwQAuaEvAwQAufycAwQBufyeAwQAwtUeAwQAw0pQMA0GCSqGSIb3
DQEBCwUAA4IBAQBZlc7zJpwxOUjZwvQR0uAjPfDael6eKFLEIsUPGvMSersGT6HF
n3uxBzZS1tViYcBn8+b+w8mgSOoNXjy5G6gRMb4Bp+7OeeBbPv0oavQe5jwgoA+C
jIfa1uliF5IXcrE+2glV9kdfT+vIYbjaihgs2JWpoz/vbH45umdTcTk5iNxxLmOn
qBnOLcYe4oqM9aZByJT72VLM9JpKVVg9zTJCDyo96KFi3aMUJvAnpBG+rMdN2q9E
RaAxT02rzUpp6q347m0sghuw8utX/2u4MBZxAGn7mnKyKfGPlpnuCphCsnoiCz0P
Z+821RnCrd+t5KFpZYeGwN7240okiBOoFiop
-----END CERTIFICATE-----
Generated at Mon Feb 26 17:25:45 2024 by rpki-client on console-fra.rpki-client.org