Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Tzj6VLj7J7WcDfWy_EwhtZj23tE.roa
File: Tzj6VLj7J7WcDfWy_EwhtZj23tE.roa (raw, json)
Hash identifier: GrdvBEvXCpggzR/4RccxYVkdCVDBeajppqa1vp3/u8w=
Subject key identifier: 4F:38:FA:54:B8:FB:27:B5:9C:0D:F5:B2:FC:4C:21:B5:98:F6:DE:D1
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018E9B77D3E63A13B0E0E6CA00A0993E069B
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Tzj6VLj7J7WcDfWy_EwhtZj23tE.roa
Signing time: Mon 01 Apr 2024 21:01:45 +0000
ROA not before: Mon 01 Apr 2024 21:01:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 45.147.224.0/24 maxlen: 24
185.222.30.0/24 maxlen: 24
185.230.65.0/24 maxlen: 24
185.230.66.0/24 maxlen: 24
194.5.67.0/24 maxlen: 24
194.76.172.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Oct 2024 12:23:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9b:77:d3:e6:3a:13:b0:e0:e6:ca:00:a0:99:3e:06:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 1 21:01:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f38fa54b8fb27b59c0df5b2fc4c21b598f6ded1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:74:9a:38:67:47:ee:69:6e:c5:f9:2b:22:c1:
82:9a:bf:28:f8:86:00:6c:24:b9:8d:c6:d0:4f:42:
00:bd:a7:b1:39:de:d4:07:48:06:70:b0:99:e4:62:
11:34:3d:bc:5b:54:c3:16:21:0b:ce:0b:ab:b8:d0:
39:ea:5c:70:72:cb:87:6b:31:07:3e:64:71:03:68:
d7:05:c6:e2:3d:01:65:11:8e:62:e9:24:e2:9e:93:
70:f7:97:fd:fe:67:0c:ec:28:4c:af:20:a7:fa:09:
b2:58:77:11:96:46:72:80:0e:8f:4a:49:d4:38:5c:
3a:be:b4:a0:94:c1:73:02:d8:ae:71:71:46:94:2f:
fe:17:be:b0:15:8a:70:f6:f4:a7:ec:54:92:24:cf:
0f:a1:a1:47:67:94:78:29:c7:20:41:e4:92:18:eb:
b4:b7:b7:b9:ab:a3:e6:f7:ba:48:1f:bf:aa:ec:9a:
92:87:c2:71:92:00:4f:4c:f5:2c:61:75:79:20:23:
f7:cd:16:6d:9a:e7:fc:4e:9d:9a:73:de:a2:bd:cd:
53:68:bc:b4:cc:8d:eb:7a:40:57:41:ce:a8:0f:90:
a5:d4:f9:ac:d9:31:f5:9e:a5:3f:9c:c0:de:f7:04:
99:5c:3c:56:47:77:2e:b0:6c:3b:38:42:38:fe:62:
52:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:38:FA:54:B8:FB:27:B5:9C:0D:F5:B2:FC:4C:21:B5:98:F6:DE:D1
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Tzj6VLj7J7WcDfWy_EwhtZj23tE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.224.0/24
185.222.30.0/24
185.230.65.0-185.230.66.255
194.5.67.0/24
194.76.172.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:1c:37:e3:9c:78:bf:54:81:55:eb:84:7c:93:1c:82:70:bc:
09:4e:e6:1c:35:d5:37:7d:4d:10:93:93:18:8e:43:f0:3b:fe:
ff:52:cf:41:78:85:ec:49:28:78:b6:c2:59:34:d7:58:19:ca:
c8:63:33:40:66:a1:81:ff:c2:73:ca:9d:cb:1d:9b:d3:64:c4:
9d:4a:28:ce:ee:32:a6:22:f2:5b:d1:63:b0:74:bf:55:bb:7b:
de:33:9e:5d:d6:08:ce:96:cd:30:9f:42:86:3b:1c:e6:64:4a:
db:84:d0:db:e8:9c:38:4f:c1:77:b4:b2:63:5f:98:a4:87:fd:
56:59:3d:7c:21:1d:60:fe:43:c9:dc:9b:99:c5:fb:50:01:1c:
65:5b:49:97:2f:ea:e0:b5:17:3d:7e:a6:ad:66:7b:5f:1a:95:
ca:7d:0a:8d:0c:34:29:b2:2e:ce:b0:5d:d5:70:0a:4b:1e:8f:
4e:be:b0:71:db:d3:9a:b4:86:ba:f5:87:0c:cf:eb:e2:6a:1e:
3a:95:69:95:3c:07:30:b3:7a:38:21:ff:23:fc:ca:7c:02:00:
19:e1:a6:cf:63:ec:33:d9:33:27:fa:3a:92:21:74:56:82:91:
3b:2b:19:2a:68:84:2d:e6:2b:8d:91:72:25:c7:98:cf:e3:e7:
ac:ab:6c:27
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY6bd9PmOhOw4ObKAKCZPgabMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwNDAxMjEwMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjM4ZmE1NGI4ZmIyN2I1OWMwZGY1YjJmYzRjMjFiNTk4ZjZkZWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3SaOGdH7mluxfkrIsGCmr8o+IYA
bCS5jcbQT0IAvaexOd7UB0gGcLCZ5GIRND28W1TDFiELzguruNA56lxwcsuHazEH
PmRxA2jXBcbiPQFlEY5i6STinpNw95f9/mcM7ChMryCn+gmyWHcRlkZygA6PSknU
OFw6vrSglMFzAtiucXFGlC/+F76wFYpw9vSn7FSSJM8PoaFHZ5R4KccgQeSSGOu0
t7e5q6Pm97pIH7+q7JqSh8JxkgBPTPUsYXV5ICP3zRZtmuf8Tp2ac96ivc1TaLy0
zI3rekBXQc6oD5Cl1Pms2TH1nqU/nMDe9wSZXDxWR3cusGw7OEI4/mJSYQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFE84+lS4+ye1nA31svxMIbWY9t7RMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvVHpqNlZMajdKN1djRGZXeV9Fd2h0WmoyM3RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQALZPgAwQA
ud4eMAwDBAC55kEDBAC55kIDBADCBUMDBADCTKwwDQYJKoZIhvcNAQELBQADggEB
AAwcN+OceL9UgVXrhHyTHIJwvAlO5hw11Td9TRCTkxiOQ/A7/v9Sz0F4hexJKHi2
wlk011gZyshjM0BmoYH/wnPKncsdm9NkxJ1KKM7uMqYi8lvRY7B0v1W7e94znl3W
CM6WzTCfQoY7HOZkStuE0NvonDhPwXe0smNfmKSH/VZZPXwhHWD+Q8ncm5nF+1AB
HGVbSZcv6uC1Fz1+pq1me18alcp9Co0MNCmyLs6wXdVwCksej06+sHHb05q0hrr1
hwzP6+JqHjqVaZU8BzCzejgh/yP8ynwCABnhps9j7DPZMyf6OpIhdFaCkTsrGSpo
hC3mK42RciXHmM/j56yrbCc=
-----END CERTIFICATE-----
Generated at Tue Oct 8 18:03:47 2024 by rpki-client on console-ams.rpki-client.org