Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/TN5jLXm_cXlGUMYSO3Ls1aEItfI.roa
File: TN5jLXm_cXlGUMYSO3Ls1aEItfI.roa (raw, json)
Hash identifier: 27Pqf2qJTBXY5N9Nk2uy48HsK7Y03Hwr6+CVGSvsdUk=
Subject key identifier: 4C:DE:63:2D:79:BF:71:79:46:50:C6:12:3B:72:EC:D5:A1:08:B5:F2
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018A92D709D70C374DC86E5893464F9E20E5
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/TN5jLXm_cXlGUMYSO3Ls1aEItfI.roa
Signing time: Thu 14 Sep 2023 08:38:00 +0000
ROA not before: Thu 14 Sep 2023 08:38:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208392
IP address blocks: 185.112.80.0/24 maxlen: 24
185.112.100.0/24 maxlen: 24
82.115.222.0/24 maxlen: 24
185.17.1.0/24 maxlen: 24
185.114.75.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Sep 2023 15:30:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:92:d7:09:d7:0c:37:4d:c8:6e:58:93:46:4f:9e:20:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Sep 14 08:38:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4cde632d79bf71794650c6123b72ecd5a108b5f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:2d:2e:3f:03:f8:72:de:ad:31:75:bb:ba:35:
02:52:2d:48:49:1f:ad:30:1f:9d:6d:78:98:f1:bc:
66:41:78:c4:46:46:69:88:fa:66:2e:ac:16:e9:43:
2e:05:23:bd:ab:c6:47:2d:09:25:9e:45:bb:9f:3b:
35:2e:e8:9d:99:e5:ad:1f:b5:40:d0:21:9c:19:b9:
8c:bd:2c:8d:93:ce:0a:36:60:63:ee:a1:ed:3a:40:
d1:8a:fa:ef:10:28:27:1b:ab:3d:98:83:dd:5f:9a:
63:ac:5a:58:25:76:99:59:87:08:e2:ee:a9:d1:7a:
7c:e6:f0:ae:10:9d:f8:d9:88:b0:b3:9e:66:f6:d4:
8c:60:81:1a:fd:6a:36:3e:85:05:ad:c3:82:3b:f3:
f4:a8:93:fa:c1:e6:92:df:37:56:02:1b:dd:3b:09:
3b:07:dd:23:2a:55:b3:a8:67:27:8e:32:24:85:d8:
bd:78:95:ab:9a:39:aa:1e:4b:7d:ee:47:79:4c:95:
8b:30:40:70:58:31:67:ac:b0:98:4a:e2:b8:5d:5d:
94:d8:1b:9e:22:ce:ea:fa:2f:06:1b:70:bb:75:6a:
a3:28:20:7e:3b:e1:b9:be:64:f9:14:01:f1:42:7c:
45:cb:58:18:ea:c8:0c:e6:94:54:1e:0f:f7:54:ed:
b0:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:DE:63:2D:79:BF:71:79:46:50:C6:12:3B:72:EC:D5:A1:08:B5:F2
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/TN5jLXm_cXlGUMYSO3Ls1aEItfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.222.0/24
185.17.1.0/24
185.112.80.0/24
185.112.100.0/24
185.114.75.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:4b:ee:af:2f:5b:04:7b:48:1e:13:11:ed:a6:2d:4e:8f:bd:
d1:12:6f:31:04:07:e3:3e:6e:ad:8d:46:64:2b:59:c0:06:74:
aa:43:b3:fd:59:f4:31:b3:41:70:a1:1b:45:1d:61:6e:82:2b:
09:5e:8d:7e:05:a9:d9:e3:09:17:94:54:a5:fc:b4:32:3d:92:
c1:fd:11:e6:1f:cd:1e:24:f7:19:60:93:14:82:3b:93:78:ee:
bc:bb:b7:6f:da:b5:c8:83:c5:dd:a4:c7:59:0d:80:4a:2a:f4:
34:19:c3:a1:44:7e:32:30:71:15:3e:6f:6d:4e:df:08:33:a0:
f1:bf:6c:f6:d6:1e:a3:51:f8:2d:9b:97:2f:78:58:8d:7e:77:
68:2f:cc:6c:c7:e1:fe:4d:9e:9b:85:a2:fa:f1:21:a4:f1:1b:
3b:09:2c:0a:44:0b:f3:93:d7:c7:5d:9e:b3:18:db:74:d1:31:
43:91:b3:1f:0a:26:23:21:f3:51:3d:90:3d:9b:00:8a:ec:8d:
7f:da:f8:eb:3f:50:65:9b:31:67:7e:fd:41:e7:47:22:5c:77:
b1:1b:84:10:fc:80:16:7f:59:f9:51:01:ad:cd:a5:08:c7:95:
8e:39:a5:58:7e:54:9c:c8:ea:0a:e1:71:a2:90:0d:1c:2f:1f:
24:f1:30:d4
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYqS1wnXDDdNyG5Yk0ZPniDlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwOTE0MDgzODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2RlNjMyZDc5YmY3MTc5NDY1MGM2MTIzYjcyZWNkNWExMDhiNWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApi0uPwP4ct6tMXW7ujUCUi1ISR+t
MB+dbXiY8bxmQXjERkZpiPpmLqwW6UMuBSO9q8ZHLQklnkW7nzs1LuidmeWtH7VA
0CGcGbmMvSyNk84KNmBj7qHtOkDRivrvECgnG6s9mIPdX5pjrFpYJXaZWYcI4u6p
0Xp85vCuEJ342Yiws55m9tSMYIEa/Wo2PoUFrcOCO/P0qJP6weaS3zdWAhvdOwk7
B90jKlWzqGcnjjIkhdi9eJWrmjmqHkt97kd5TJWLMEBwWDFnrLCYSuK4XV2U2Bue
Is7q+i8GG3C7dWqjKCB+O+G5vmT5FAHxQnxFy1gY6sgM5pRUHg/3VO2wCQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEzeYy15v3F5RlDGEjty7NWhCLXyMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvVE41akxYbV9jWGxHVU1ZU08zTHMxYUVJdGZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUnPeAwQA
uREBAwQAuXBQAwQAuXBkAwQAuXJLMA0GCSqGSIb3DQEBCwUAA4IBAQCgS+6vL1sE
e0geExHtpi1Oj73REm8xBAfjPm6tjUZkK1nABnSqQ7P9WfQxs0FwoRtFHWFugisJ
Xo1+BanZ4wkXlFSl/LQyPZLB/RHmH80eJPcZYJMUgjuTeO68u7dv2rXIg8XdpMdZ
DYBKKvQ0GcOhRH4yMHEVPm9tTt8IM6Dxv2z21h6jUfgtm5cveFiNfndoL8xsx+H+
TZ6bhaL68SGk8Rs7CSwKRAvzk9fHXZ6zGNt00TFDkbMfCiYjIfNRPZA9mwCK7I1/
2vjrP1BlmzFnfv1B50ciXHexG4QQ/IAWf1n5UQGtzaUIx5WOOaVYflScyOoK4XGi
kA0cLx8k8TDU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org