Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/tKqzw-szswLqLtD1InCf1uyvsqY.roa
File: tKqzw-szswLqLtD1InCf1uyvsqY.roa (raw, json)
Hash identifier: RfDqkJ98Fso/1ymHjQ9pPHPwgOapoGJxr5YV6KQjjgI=
Subject key identifier: B4:AA:B3:C3:EB:33:B3:02:EA:2E:D0:F5:22:70:9F:D6:EC:AF:B2:A6
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0188C512373F83D975E1E233357830C1A656
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/tKqzw-szswLqLtD1InCf1uyvsqY.roa
Signing time: Fri 16 Jun 2023 16:38:05 +0000
ROA not before: Fri 16 Jun 2023 16:38:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 185.230.52.0/24 maxlen: 24
193.58.144.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Jun 2023 11:50:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:c5:12:37:3f:83:d9:75:e1:e2:33:35:78:30:c1:a6:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 16 16:38:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4aab3c3eb33b302ea2ed0f522709fd6ecafb2a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:27:f6:19:8b:bb:b1:7c:d3:c8:1f:3a:c9:aa:
fe:66:cd:2d:1f:58:16:a7:3d:04:7a:c0:43:d6:c8:
27:a8:57:57:b1:97:39:ed:16:87:a4:6b:61:9f:d2:
bb:33:d1:17:04:de:0f:f8:7f:5e:0d:26:74:b4:01:
67:09:5d:9a:f9:51:99:76:42:96:af:b9:60:2a:4f:
db:8e:a8:fc:4e:3a:ea:12:49:e9:1a:96:c1:28:2c:
6d:01:a3:84:e5:cf:d0:35:15:82:c4:41:f3:c2:97:
9b:23:27:46:c7:1e:c5:a3:f5:74:ed:d9:f9:2f:a1:
73:02:a5:6e:73:cf:e8:af:ff:95:45:c6:d5:b1:12:
70:14:20:cd:37:e5:c0:c7:89:08:64:db:23:90:c4:
93:1f:4c:15:7e:90:19:39:27:95:db:21:e1:70:01:
61:e6:69:90:ee:0b:4a:c9:e1:57:a8:23:cb:92:b8:
aa:ec:8d:e3:98:f7:e9:50:28:47:df:ec:82:58:3b:
9a:3d:70:d3:d9:91:d8:16:da:ac:bd:52:c0:ad:42:
24:a4:94:3b:1c:21:26:fd:7d:d2:8a:a7:9d:6e:d7:
5c:d0:b3:c4:12:8f:47:1b:17:e0:06:23:5a:42:1f:
9b:a2:32:2f:f9:42:1e:0f:f8:52:c1:3f:37:5d:e1:
e3:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:AA:B3:C3:EB:33:B3:02:EA:2E:D0:F5:22:70:9F:D6:EC:AF:B2:A6
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/tKqzw-szswLqLtD1InCf1uyvsqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.52.0/24
185.251.231.0/24
193.58.144.0/24
Signature Algorithm: sha256WithRSAEncryption
90:80:5f:df:15:68:42:a8:bc:15:5e:c9:74:79:2e:89:3a:b0:
de:6d:e0:e5:64:5f:90:7c:43:9c:3a:36:4e:84:8f:7c:75:82:
1e:c1:34:ba:27:9c:20:4c:70:db:a2:e8:c4:48:0f:ac:08:75:
b2:9f:61:6c:49:00:a7:ec:80:02:c0:eb:e8:34:44:17:ba:52:
f1:27:99:1d:93:30:63:1b:a4:31:59:f5:ed:4d:2c:75:af:47:
12:2a:74:45:25:35:3d:24:fa:ba:ef:dd:b5:1e:4a:14:39:25:
f6:83:25:12:ed:11:31:fd:2e:1c:ec:19:c7:ab:05:3d:5f:94:
a9:02:e2:06:9c:67:24:0a:cc:30:31:67:9d:07:eb:69:64:db:
8c:9c:68:b8:bd:e5:92:bf:53:6d:f0:ce:3d:8d:7c:7d:2a:d6:
c6:e3:a2:d9:06:32:6f:1f:4e:75:d1:06:63:54:f7:78:e1:35:
13:2a:3a:54:fd:5a:22:e2:a4:d7:e9:c1:9c:d1:0b:8a:cf:3f:
b4:22:21:32:0b:41:c7:ef:83:20:67:c6:7f:f4:47:56:2b:7c:
8d:18:2a:39:71:1e:07:85:6b:fc:9d:a0:75:a6:cf:92:28:54:
aa:df:dd:78:ef:53:73:70:30:3f:d6:5e:e3:fa:70:67:ad:71:
0d:32:ef:aa
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYjFEjc/g9l14eIzNXgwwaZWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNjE2MTYzODA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGFhYjNjM2ViMzNiMzAyZWEyZWQwZjUyMjcwOWZkNmVjYWZiMmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuif2GYu7sXzTyB86yar+Zs0tH1gW
pz0EesBD1sgnqFdXsZc57RaHpGthn9K7M9EXBN4P+H9eDSZ0tAFnCV2a+VGZdkKW
r7lgKk/bjqj8TjrqEknpGpbBKCxtAaOE5c/QNRWCxEHzwpebIydGxx7Fo/V07dn5
L6FzAqVuc8/or/+VRcbVsRJwFCDNN+XAx4kIZNsjkMSTH0wVfpAZOSeV2yHhcAFh
5mmQ7gtKyeFXqCPLkriq7I3jmPfpUChH3+yCWDuaPXDT2ZHYFtqsvVLArUIkpJQ7
HCEm/X3Siqedbtdc0LPEEo9HGxfgBiNaQh+bojIv+UIeD/hSwT83XeHjkwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLSqs8PrM7MC6i7Q9SJwn9bsr7KmMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvdEtxenctc3pzd0xxTHREMUluQ2YxdXl2c3FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAueY0AwQA
ufvnAwQAwTqQMA0GCSqGSIb3DQEBCwUAA4IBAQCQgF/fFWhCqLwVXsl0eS6JOrDe
beDlZF+QfEOcOjZOhI98dYIewTS6J5wgTHDboujESA+sCHWyn2FsSQCn7IACwOvo
NEQXulLxJ5kdkzBjG6QxWfXtTSx1r0cSKnRFJTU9JPq67921HkoUOSX2gyUS7REx
/S4c7BnHqwU9X5SpAuIGnGckCswwMWedB+tpZNuMnGi4veWSv1Nt8M49jXx9KtbG
46LZBjJvH0510QZjVPd44TUTKjpU/Voi4qTX6cGc0QuKzz+0IiEyC0HH74MgZ8Z/
9EdWK3yNGCo5cR4HhWv8naB1ps+SKFSq391471NzcDA/1l7j+nBnrXENMu+q
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:29 2024 by rpki-client on console-ams.rpki-client.org