Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/ttBH9yh0qZV1xy8BKjm6XA5m8dk.roa
File: ttBH9yh0qZV1xy8BKjm6XA5m8dk.roa (raw, json)
Hash identifier: LeGE32DQZjVBLxO0O0JuEuJTJ4XvMWITikCULAPrF3A=
Subject key identifier: B6:D0:47:F7:28:74:A9:95:75:C7:2F:01:2A:39:BA:5C:0E:66:F1:D9
Certificate issuer: /CN=1220dd2b92da284c63cec46f6f6a41c013a9c881
Certificate serial: 019017B0B2B0A5A7F75129FBF8A11AE83117
Authority key identifier: 12:20:DD:2B:92:DA:28:4C:63:CE:C4:6F:6F:6A:41:C0:13:A9:C8:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EiDdK5LaKExjzsRvb2pBwBOpyIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/ttBH9yh0qZV1xy8BKjm6XA5m8dk.roa
Signing time: Fri 14 Jun 2024 16:59:34 +0000
ROA not before: Fri 14 Jun 2024 16:59:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61414
IP address blocks: 185.243.40.0/24 maxlen: 24
185.243.41.0/24 maxlen: 24
193.3.191.0/24 maxlen: 24
2a0d:280::/29 maxlen: 29
2a0d:280::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 25 Jun 2024 23:13:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:17:b0:b2:b0:a5:a7:f7:51:29:fb:f8:a1:1a:e8:31:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1220dd2b92da284c63cec46f6f6a41c013a9c881
Validity
Not Before: Jun 14 16:59:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6d047f72874a99575c72f012a39ba5c0e66f1d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:4e:0d:48:3e:f6:16:45:1f:a9:41:9b:b6:38:
c1:bb:18:fa:9e:25:a7:e8:48:40:e1:ec:6a:36:01:
83:8a:0a:46:9c:26:4e:30:61:c0:6a:74:26:8f:fa:
f6:81:08:a9:d7:8e:44:65:39:f3:38:52:83:74:f8:
bd:c8:70:04:ce:81:23:5d:49:69:28:d7:a9:e6:2a:
ea:38:a7:77:08:d9:d4:0f:61:4a:07:3b:29:58:57:
79:70:bb:ff:66:df:5b:8e:77:c1:6d:29:59:dd:5f:
93:c5:6c:3a:34:fe:2e:f6:30:19:a4:36:f8:31:a5:
4a:71:1a:cb:4e:9e:b0:de:ac:c8:3a:ca:04:1c:e4:
7a:c5:8b:9f:23:8c:5d:5b:93:13:06:d7:40:a2:e6:
7d:20:84:42:42:15:c7:5b:18:f7:f9:1b:e8:ed:a8:
dd:a2:35:54:2e:56:31:25:ae:aa:06:92:6b:91:ab:
fe:1e:0f:7b:fc:85:6a:a7:af:52:27:b5:9e:a9:48:
30:d3:61:d0:29:43:60:f5:b1:7e:8b:82:41:72:6d:
f3:c1:c4:7a:8f:bf:41:08:7e:66:8c:24:a2:e1:4e:
e7:4f:c8:42:bd:94:b9:a3:aa:9c:da:14:4e:15:3a:
8b:8d:fa:d8:a0:6c:1f:e7:b6:8d:3d:36:af:b4:db:
ae:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:D0:47:F7:28:74:A9:95:75:C7:2F:01:2A:39:BA:5C:0E:66:F1:D9
X509v3 Authority Key Identifier:
keyid:12:20:DD:2B:92:DA:28:4C:63:CE:C4:6F:6F:6A:41:C0:13:A9:C8:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EiDdK5LaKExjzsRvb2pBwBOpyIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/ttBH9yh0qZV1xy8BKjm6XA5m8dk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/3b8f3b-ebf0-4cb7-a49b-a8585849be14/1/EiDdK5LaKExjzsRvb2pBwBOpyIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.40.0/23
193.3.191.0/24
IPv6:
2a0d:280::/29
Signature Algorithm: sha256WithRSAEncryption
82:86:c1:f3:f0:b6:79:34:ed:e3:a8:e3:1e:db:94:c3:42:17:
2d:12:6c:2a:00:bb:84:1f:87:68:d6:42:97:43:d7:ac:7a:82:
35:7a:32:6c:f9:b1:1b:95:88:ca:0a:23:bc:83:3f:15:f6:74:
cc:c6:6e:e5:24:4e:14:d2:4a:61:f8:98:89:86:6d:8a:80:5c:
02:11:7f:f5:50:78:fb:16:a8:2c:ce:4d:85:f1:3e:27:2b:fd:
49:c7:f2:fd:44:4d:88:41:9d:bf:dd:30:fd:a9:d9:b3:82:fc:
d3:fb:32:1b:32:e5:3a:53:46:4e:9e:13:51:bb:23:ef:a1:0e:
e1:f0:77:07:17:8f:7f:d1:9e:b9:0a:cf:69:6b:97:8c:85:cf:
77:b5:19:0e:17:72:1c:91:5a:d2:8b:fa:a4:fe:5f:d5:b0:cf:
2c:00:02:08:89:5d:c5:59:72:9d:fd:2b:1b:2e:90:5f:0c:67:
d5:16:2a:e1:32:9f:2e:bf:e4:85:23:b7:03:ba:1a:1f:ae:40:
7b:c8:a5:79:0c:19:a5:7a:9a:7a:c8:82:80:67:ae:a5:d2:16:
49:71:5f:aa:76:f1:4b:53:04:68:40:40:2d:e4:16:c9:8f:01:
ed:d6:d1:11:cd:15:72:3c:bc:24:21:a1:49:a7:da:cd:7e:06:
64:88:db:6c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZAXsLKwpaf3USn7+KEa6DEXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMjBkZDJiOTJkYTI4NGM2M2NlYzQ2ZjZmNmE0MWMwMTNh
OWM4ODEwHhcNMjQwNjE0MTY1OTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmQwNDdmNzI4NzRhOTk1NzVjNzJmMDEyYTM5YmE1YzBlNjZmMWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA804NSD72FkUfqUGbtjjBuxj6niWn
6EhA4exqNgGDigpGnCZOMGHAanQmj/r2gQip145EZTnzOFKDdPi9yHAEzoEjXUlp
KNep5irqOKd3CNnUD2FKBzspWFd5cLv/Zt9bjnfBbSlZ3V+TxWw6NP4u9jAZpDb4
MaVKcRrLTp6w3qzIOsoEHOR6xYufI4xdW5MTBtdAouZ9IIRCQhXHWxj3+Rvo7ajd
ojVULlYxJa6qBpJrkav+Hg97/IVqp69SJ7WeqUgw02HQKUNg9bF+i4JBcm3zwcR6
j79BCH5mjCSi4U7nT8hCvZS5o6qc2hROFTqLjfrYoGwf57aNPTavtNuuwwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLbQR/codKmVdccvASo5ulwOZvHZMB8GA1UdIwQY
MBaAFBIg3SuS2ihMY87Eb29qQcATqciBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWlEZEs1TGFLRXhqenNSdmIycEJ3Qk9weUlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8zYjhmM2ItZWJmMC00Y2I3LWE0OWIt
YTg1ODU4NDliZTE0LzEvdHRCSDl5aDBxWlYxeHk4QktqbTZYQTVtOGRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8zYjhmM2ItZWJmMC00Y2I3LWE0OWItYTg1ODU4NDliZTE0
LzEvRWlEZEs1TGFLRXhqenNSdmIycEJ3Qk9weUlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBufMoAwQA
wQO/MA0EAgACMAcDBQMqDQKAMA0GCSqGSIb3DQEBCwUAA4IBAQCChsHz8LZ5NO3j
qOMe25TDQhctEmwqALuEH4do1kKXQ9eseoI1ejJs+bEblYjKCiO8gz8V9nTMxm7l
JE4U0kph+JiJhm2KgFwCEX/1UHj7Fqgszk2F8T4nK/1Jx/L9RE2IQZ2/3TD9qdmz
gvzT+zIbMuU6U0ZOnhNRuyPvoQ7h8HcHF49/0Z65Cs9pa5eMhc93tRkOF3IckVrS
i/qk/l/VsM8sAAIIiV3FWXKd/SsbLpBfDGfVFirhMp8uv+SFI7cDuhofrkB7yKV5
DBmlepp6yIKAZ66l0hZJcV+qdvFLUwRoQEAt5BbJjwHt1tERzRVyPLwkIaFJp9rN
fgZkiNts
-----END CERTIFICATE-----
Generated at Wed Jun 26 03:16:45 2024 by rpki-client on console-ams.rpki-client.org