Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/88c9d7-e377-4874-9868-715247c3dcdc/1/TRiy6Gqu_UMU34J6pBov8GsmkAE.roa
File: TRiy6Gqu_UMU34J6pBov8GsmkAE.roa (raw, json)
Hash identifier: jRiyLp8uJTcggLCfVqiueA+rbbdXUC9LkWir/rw1C1E=
Subject key identifier: 4D:18:B2:E8:6A:AE:FD:43:14:DF:82:7A:A4:1A:2F:F0:6B:26:90:01
Certificate issuer: /CN=b2d8ad027a9674edc936e78c5d4d1b64964d8440
Certificate serial: 018CC94AF0E882A5956906B6D477E65B174A
Authority key identifier: B2:D8:AD:02:7A:96:74:ED:C9:36:E7:8C:5D:4D:1B:64:96:4D:84:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/stitAnqWdO3JNueMXU0bZJZNhEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/88c9d7-e377-4874-9868-715247c3dcdc/1/TRiy6Gqu_UMU34J6pBov8GsmkAE.roa
Signing time: Tue 02 Jan 2024 08:29:40 +0000
ROA not before: Tue 02 Jan 2024 08:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198895
IP address blocks: 45.140.133.0/24 maxlen: 24
46.229.242.0/24 maxlen: 24
46.229.241.0/24 maxlen: 24
193.16.149.0/24 maxlen: 24
2a13:2580::/29 maxlen: 32
Validation: Failed, certificate revoked on Thu 15 Feb 2024 09:31:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:f0:e8:82:a5:95:69:06:b6:d4:77:e6:5b:17:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2d8ad027a9674edc936e78c5d4d1b64964d8440
Validity
Not Before: Jan 2 08:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d18b2e86aaefd4314df827aa41a2ff06b269001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:a9:6f:82:34:8d:ff:fd:c7:22:65:34:1c:3a:
66:a2:18:60:d5:c1:1d:2d:21:78:04:8f:0e:b0:f7:
23:53:8c:12:7a:83:19:93:0a:d6:1b:e3:8a:a9:fe:
0a:bd:e9:c3:05:09:33:a2:90:0c:80:49:c6:5e:eb:
ba:f1:04:f5:2b:76:5c:c4:09:76:b0:72:bf:29:a3:
41:73:73:ef:66:9a:df:8b:1a:8f:65:38:6e:06:c1:
fa:bf:2c:7b:12:1a:73:65:64:05:5e:98:ba:77:a1:
f0:2f:e6:e7:7b:23:95:a5:c5:2c:cf:bc:59:ff:35:
e0:13:39:bf:00:7f:af:24:bd:22:2c:9d:d3:68:b4:
06:9f:c9:8e:71:ab:e9:b4:58:9c:12:e2:22:7b:25:
20:c4:f1:e8:b7:c3:e5:7e:fe:95:2a:3e:82:02:89:
ef:49:b6:bf:77:e7:a4:d4:ad:74:b0:1c:20:30:91:
61:dd:ae:f1:b6:6a:9f:5e:0e:68:99:67:92:82:4c:
87:d4:c3:1b:0c:11:bb:68:de:15:06:7c:8e:5f:32:
6d:04:a4:8b:27:64:f7:74:29:91:52:b2:0d:82:ec:
a9:2a:4d:bc:7a:35:87:c8:00:7c:35:5a:b9:e4:65:
2f:9b:ab:dd:69:21:73:2f:c1:3a:6d:a0:f0:1c:a7:
1f:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:18:B2:E8:6A:AE:FD:43:14:DF:82:7A:A4:1A:2F:F0:6B:26:90:01
X509v3 Authority Key Identifier:
keyid:B2:D8:AD:02:7A:96:74:ED:C9:36:E7:8C:5D:4D:1B:64:96:4D:84:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/stitAnqWdO3JNueMXU0bZJZNhEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/88c9d7-e377-4874-9868-715247c3dcdc/1/TRiy6Gqu_UMU34J6pBov8GsmkAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/88c9d7-e377-4874-9868-715247c3dcdc/1/stitAnqWdO3JNueMXU0bZJZNhEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.133.0/24
46.229.241.0-46.229.242.255
193.16.149.0/24
IPv6:
2a13:2580::/29
Signature Algorithm: sha256WithRSAEncryption
2c:22:60:02:45:74:6f:62:c7:10:fa:83:c8:e7:63:05:dc:fc:
68:26:a0:5f:54:9d:aa:c7:74:6c:62:1e:4d:af:e8:30:94:bb:
84:66:d9:82:38:f0:ee:9b:b1:2e:33:f1:df:3d:7f:bb:54:6f:
98:a0:f1:8f:d8:8c:c7:45:77:d7:17:4b:d2:44:cd:a1:dd:83:
d4:8d:a5:f0:a2:3b:f0:65:5d:22:7d:29:82:0c:d6:fb:b9:b2:
f1:f8:90:59:eb:6c:6d:c7:fb:ce:b7:f9:a6:dc:f7:72:1c:42:
ce:3b:c9:07:de:6d:44:6e:51:12:20:40:c8:b4:c2:fa:8b:17:
33:b7:a8:47:fe:36:a9:d8:57:ff:55:4e:ed:f1:be:4f:3d:fa:
7a:7f:6a:03:dd:76:ea:1d:f8:8d:a9:2c:d0:4a:02:f8:1b:14:
7e:14:59:81:32:42:b6:87:55:40:7d:0d:86:8d:90:1c:27:cf:
dd:06:7e:c7:d5:98:d4:07:43:c6:e7:bc:3f:0c:d9:72:cb:cf:
a6:d8:b2:ad:0d:70:ce:8c:5e:ee:53:b4:23:08:fe:97:81:57:
af:e9:ed:0f:cb:6f:d8:25:2e:e5:d3:f5:9d:95:87:d5:86:bd:
29:ed:38:9a:66:c1:41:68:ad:03:4c:66:d0:66:00:87:7f:f4:
03:a3:1c:50
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzJSvDogqWVaQa21HfmWxdKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZDhhZDAyN2E5Njc0ZWRjOTM2ZTc4YzVkNGQxYjY0OTY0
ZDg0NDAwHhcNMjQwMTAyMDgyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDE4YjJlODZhYWVmZDQzMTRkZjgyN2FhNDFhMmZmMDZiMjY5MDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqlvgjSN//3HImU0HDpmohhg1cEd
LSF4BI8OsPcjU4wSeoMZkwrWG+OKqf4KvenDBQkzopAMgEnGXuu68QT1K3ZcxAl2
sHK/KaNBc3PvZprfixqPZThuBsH6vyx7EhpzZWQFXpi6d6HwL+bneyOVpcUsz7xZ
/zXgEzm/AH+vJL0iLJ3TaLQGn8mOcavptFicEuIieyUgxPHot8Plfv6VKj6CAonv
Sba/d+ek1K10sBwgMJFh3a7xtmqfXg5omWeSgkyH1MMbDBG7aN4VBnyOXzJtBKSL
J2T3dCmRUrINguypKk28ejWHyAB8NVq55GUvm6vdaSFzL8E6baDwHKcf8QIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFE0Ysuhqrv1DFN+CeqQaL/BrJpABMB8GA1UdIwQY
MBaAFLLYrQJ6lnTtyTbnjF1NG2SWTYRAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3RpdEFucVdkTzNKTnVlTVhVMGJaSlpOaEVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS84OGM5ZDctZTM3Ny00ODc0LTk4Njgt
NzE1MjQ3YzNkY2RjLzEvVFJpeTZHcXVfVU1VMzRKNnBCb3Y4R3Nta0FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS84OGM5ZDctZTM3Ny00ODc0LTk4NjgtNzE1MjQ3YzNkY2Rj
LzEvc3RpdEFucVdkTzNKTnVlTVhVMGJaSlpOaEVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQALYyFMAwD
BAAu5fEDBAAu5fIDBADBEJUwDQQCAAIwBwMFAyoTJYAwDQYJKoZIhvcNAQELBQAD
ggEBACwiYAJFdG9ixxD6g8jnYwXc/GgmoF9UnarHdGxiHk2v6DCUu4Rm2YI48O6b
sS4z8d89f7tUb5ig8Y/YjMdFd9cXS9JEzaHdg9SNpfCiO/BlXSJ9KYIM1vu5svH4
kFnrbG3H+863+abc93IcQs47yQfebURuURIgQMi0wvqLFzO3qEf+NqnYV/9VTu3x
vk89+np/agPdduod+I2pLNBKAvgbFH4UWYEyQraHVUB9DYaNkBwnz90GfsfVmNQH
Q8bnvD8M2XLLz6bYsq0NcM6MXu5TtCMI/peBV6/p7Q/Lb9glLuXT9Z2Vh9WGvSnt
OJpmwUForQNMZtBmAId/9AOjHFA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:34 2024 by rpki-client on console-fra.rpki-client.org