Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Tcm5wgvnwlcnFmVYeEeacPd3rg8.roa
File: Tcm5wgvnwlcnFmVYeEeacPd3rg8.roa (raw, json)
Hash identifier: VTz1cDvhrXYnC67V5mUx4IyO3A83gHpSN17/zPZfuK8=
Subject key identifier: 4D:C9:B9:C2:0B:E7:C2:57:27:16:65:58:78:47:9A:70:F7:77:AE:0F
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018BFDF82BF634C31E8A0A1C350F91446E2F
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Tcm5wgvnwlcnFmVYeEeacPd3rg8.roa
Signing time: Thu 23 Nov 2023 20:56:21 +0000
ROA not before: Thu 23 Nov 2023 20:56:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 45.131.134.0/24 maxlen: 24
185.225.1.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fd:f8:2b:f6:34:c3:1e:8a:0a:1c:35:0f:91:44:6e:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Nov 23 20:56:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4dc9b9c20be7c2572716655878479a70f777ae0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:4a:02:20:aa:5f:c2:8f:b7:e7:4e:ef:f7:c9:
20:31:02:65:e4:4d:4f:99:1d:d8:fb:fc:a5:fc:d9:
4b:0f:0f:b9:48:ed:cc:a4:68:46:16:18:59:f9:50:
00:01:02:81:4c:11:4a:ee:3a:5e:45:76:34:c7:9c:
4f:2c:3d:78:80:69:39:06:69:83:43:68:6e:d9:91:
a1:7d:1b:2e:d5:75:d3:b1:2d:bb:27:2e:66:bf:c8:
9f:5c:50:85:79:6c:ee:5f:f2:d1:b8:99:47:39:8a:
d4:60:1a:dc:17:21:31:0d:b2:f6:a2:63:fc:14:91:
58:99:24:e5:58:20:df:2b:89:2a:5a:c8:84:b5:03:
f1:2d:0f:e1:fd:99:5d:e2:06:cc:e3:72:c4:70:73:
ff:c8:28:8a:b3:96:e4:e9:38:63:9b:71:74:45:f2:
0a:bf:92:7e:cd:80:6f:da:5f:3b:15:77:6b:50:eb:
e5:79:7c:2b:03:8f:63:22:1f:14:4e:8f:3d:0a:5b:
47:b2:64:50:c7:6e:3f:16:a2:ba:8b:a5:d1:83:ea:
07:ea:56:07:25:6c:98:5d:1a:75:b8:64:6e:fc:a4:
fd:e0:92:a6:0e:17:a8:3b:75:20:8b:eb:c2:0a:c4:
c8:6a:2c:ef:d6:06:b9:fd:43:0e:f0:32:1b:5c:fc:
9f:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:C9:B9:C2:0B:E7:C2:57:27:16:65:58:78:47:9A:70:F7:77:AE:0F
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Tcm5wgvnwlcnFmVYeEeacPd3rg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.134.0/24
185.225.1.0/24
Signature Algorithm: sha256WithRSAEncryption
94:99:6b:af:fb:3c:9a:2a:07:26:21:e6:f9:bc:84:72:00:f6:
90:31:10:3f:97:8c:e6:30:37:79:1d:20:d5:58:21:ad:5c:78:
b0:c3:06:19:f6:d2:71:b8:01:27:c2:43:5b:41:32:fe:05:95:
bd:95:1b:7b:62:30:e0:b7:5b:f8:9f:f1:40:48:63:cd:e1:93:
40:73:ed:9e:02:03:3b:a2:21:9f:43:23:18:4b:28:42:7e:db:
e2:24:9e:66:d9:45:e6:93:d4:07:43:fd:d9:cb:74:14:fb:2e:
8b:2b:70:6c:27:17:f0:9a:eb:a8:e7:d3:4c:35:92:50:00:b3:
51:1f:33:ff:3d:c9:5c:a6:27:42:c4:d5:44:53:8a:61:21:62:
6d:f4:e6:7d:60:55:8a:3e:1d:ec:b4:d1:29:c2:bc:aa:26:a7:
ec:d8:4b:38:8d:7e:67:f0:7c:43:f3:d3:71:67:78:56:fd:f6:
4e:63:72:e2:c1:08:8d:17:d7:98:f1:37:d9:35:5b:e7:5c:9d:
2c:45:12:d7:82:8f:31:b3:3d:3f:ac:d3:da:37:f5:52:9d:64:
dc:18:53:98:4e:e7:88:e2:e5:53:0d:7e:05:59:ef:71:d8:5a:
e2:3b:9f:e4:30:05:ef:67:81:cf:86:87:3a:c5:59:6b:4a:21:
cb:20:0a:6c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYv9+Cv2NMMeigocNQ+RRG4vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMTIzMjA1NjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGM5YjljMjBiZTdjMjU3MjcxNjY1NTg3ODQ3OWE3MGY3NzdhZTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5koCIKpfwo+3507v98kgMQJl5E1P
mR3Y+/yl/NlLDw+5SO3MpGhGFhhZ+VAAAQKBTBFK7jpeRXY0x5xPLD14gGk5BmmD
Q2hu2ZGhfRsu1XXTsS27Jy5mv8ifXFCFeWzuX/LRuJlHOYrUYBrcFyExDbL2omP8
FJFYmSTlWCDfK4kqWsiEtQPxLQ/h/Zld4gbM43LEcHP/yCiKs5bk6Thjm3F0RfIK
v5J+zYBv2l87FXdrUOvleXwrA49jIh8UTo89CltHsmRQx24/FqK6i6XRg+oH6lYH
JWyYXRp1uGRu/KT94JKmDheoO3Ugi+vCCsTIaizv1ga5/UMO8DIbXPyfMwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE3JucIL58JXJxZlWHhHmnD3d64PMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvVGNtNXdndm53bGNuRm1WWWVFZWFjUGQzcmc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYOGAwQA
ueEBMA0GCSqGSIb3DQEBCwUAA4IBAQCUmWuv+zyaKgcmIeb5vIRyAPaQMRA/l4zm
MDd5HSDVWCGtXHiwwwYZ9tJxuAEnwkNbQTL+BZW9lRt7YjDgt1v4n/FASGPN4ZNA
c+2eAgM7oiGfQyMYSyhCftviJJ5m2UXmk9QHQ/3Zy3QU+y6LK3BsJxfwmuuo59NM
NZJQALNRHzP/PclcpidCxNVEU4phIWJt9OZ9YFWKPh3stNEpwryqJqfs2Es4jX5n
8HxD89NxZ3hW/fZOY3LiwQiNF9eY8TfZNVvnXJ0sRRLXgo8xsz0/rNPaN/VSnWTc
GFOYTueI4uVTDX4FWe9x2FriO5/kMAXvZ4HPhoc6xVlrSiHLIAps
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:42 2024 by rpki-client on console-fra.rpki-client.org