Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/tZRNB-bC4nVNW1WYum1YbauplRg.roa
File: tZRNB-bC4nVNW1WYum1YbauplRg.roa (raw, json)
Hash identifier: AG04sYHQraHJxFx7s+Qb3G4ae1h8meSArPCPXqcSDQM=
Subject key identifier: B5:94:4D:07:E6:C2:E2:75:4D:5B:55:98:BA:6D:58:6D:AB:A9:95:18
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01879DC982DAA19C0032AF810DE5CFC285C0
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/tZRNB-bC4nVNW1WYum1YbauplRg.roa
Signing time: Thu 20 Apr 2023 08:30:41 +0000
ROA not before: Thu 20 Apr 2023 08:30:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209043
IP address blocks: 45.90.16.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
176.125.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Jun 2023 08:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9d:c9:82:da:a1:9c:00:32:af:81:0d:e5:cf:c2:85:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 20 08:30:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5944d07e6c2e2754d5b5598ba6d586daba99518
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:19:f6:56:28:fa:7e:78:22:cd:1a:5f:17:dd:
e7:45:44:49:a9:51:61:b8:9c:31:9e:82:bd:3d:6f:
c2:d2:6e:b3:d0:57:5b:b1:98:fa:38:2f:b9:18:46:
ab:99:6b:55:26:27:78:19:a4:18:68:7d:f7:ad:d4:
44:15:8f:99:28:1e:41:f4:7e:e6:37:92:f4:2f:26:
68:4e:db:2d:55:34:a0:89:9e:69:f5:a1:58:27:03:
be:60:e5:fc:6f:e4:f2:92:6d:fa:41:82:4d:17:11:
f9:cc:1c:22:7f:1e:3d:01:37:1a:d0:c5:7f:1d:a6:
eb:36:27:07:59:98:f8:d8:08:85:ea:18:7e:8e:a6:
ff:da:f5:ab:3c:36:52:9a:f7:e1:37:b6:71:17:f2:
3e:c4:6c:fd:95:39:a2:58:8e:35:81:08:6d:8d:cf:
88:fd:4d:de:7f:75:c5:0e:39:41:88:7d:bd:ce:a7:
fc:33:21:f8:cb:44:da:5e:c6:8a:23:bb:76:34:60:
19:57:e3:fc:4d:bc:29:9d:e1:80:1f:df:4c:47:17:
7d:e8:3d:55:77:b7:76:15:6d:2d:39:f3:57:7d:b6:
8a:71:10:a7:ee:45:fe:4d:67:34:b5:d2:81:44:e2:
70:24:ca:3b:88:48:15:92:33:2a:7a:bd:ef:45:ef:
19:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:94:4D:07:E6:C2:E2:75:4D:5B:55:98:BA:6D:58:6D:AB:A9:95:18
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/tZRNB-bC4nVNW1WYum1YbauplRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.16.0/24
176.125.248.0/24
185.126.82.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:e0:33:17:89:d3:f5:b1:dc:b0:b5:14:5e:b7:11:be:61:29:
c9:9b:d3:e2:ab:2d:08:3c:de:2c:c2:68:38:eb:aa:23:27:5c:
1b:91:20:61:89:ab:e4:d0:f7:71:c7:ae:1b:e6:a3:19:87:e9:
d3:14:11:32:de:be:36:88:fe:28:2e:45:68:a1:78:0b:e0:a8:
22:85:9a:af:fb:34:46:51:92:f3:39:f2:21:c8:79:21:67:bb:
fc:24:06:7b:a9:1f:9f:59:4b:a7:29:e4:00:15:91:48:28:99:
13:3f:b6:1d:3d:96:16:e5:4b:16:cb:b8:35:ca:5b:da:60:8f:
ca:d9:eb:61:d5:bc:f2:27:a2:a5:33:2b:a8:f2:94:94:72:07:
ad:07:4b:1d:75:cd:28:05:f9:99:fb:d7:d3:fe:f8:d9:0c:23:
d6:42:f3:0b:ae:10:1f:8c:99:d1:a2:20:53:92:2f:f4:21:21:
b6:76:9b:ef:d4:6a:e0:d6:7c:dd:b8:9a:e1:a1:19:a8:a3:b2:
65:3d:ec:02:3c:e8:b6:b8:68:4e:15:3b:d7:d9:58:32:c0:d4:
98:1a:ff:10:9b:5e:8c:00:29:ce:a6:01:b9:46:e8:40:73:ba:
9c:42:9d:50:e8:43:c1:93:59:1b:15:03:72:40:a0:01:43:a4:
62:d0:0e:38
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYedyYLaoZwAMq+BDeXPwoXAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNDIwMDgzMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTk0NGQwN2U2YzJlMjc1NGQ1YjU1OThiYTZkNTg2ZGFiYTk5NTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRn2Vij6fngizRpfF93nRURJqVFh
uJwxnoK9PW/C0m6z0FdbsZj6OC+5GEarmWtVJid4GaQYaH33rdREFY+ZKB5B9H7m
N5L0LyZoTtstVTSgiZ5p9aFYJwO+YOX8b+Tykm36QYJNFxH5zBwifx49ATca0MV/
HabrNicHWZj42AiF6hh+jqb/2vWrPDZSmvfhN7ZxF/I+xGz9lTmiWI41gQhtjc+I
/U3ef3XFDjlBiH29zqf8MyH4y0TaXsaKI7t2NGAZV+P8TbwpneGAH99MRxd96D1V
d7d2FW0tOfNXfbaKcRCn7kX+TWc0tdKBROJwJMo7iEgVkjMqer3vRe8Z2wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLWUTQfmwuJ1TVtVmLptWG2rqZUYMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvdFpSTkItYkM0blZOVzFXWXVtMVliYXVwbFJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVoQAwQA
sH34AwQAuX5SMA0GCSqGSIb3DQEBCwUAA4IBAQDD4DMXidP1sdywtRRetxG+YSnJ
m9Piqy0IPN4swmg466ojJ1wbkSBhiavk0Pdxx64b5qMZh+nTFBEy3r42iP4oLkVo
oXgL4KgihZqv+zRGUZLzOfIhyHkhZ7v8JAZ7qR+fWUunKeQAFZFIKJkTP7YdPZYW
5UsWy7g1ylvaYI/K2eth1bzyJ6KlMyuo8pSUcgetB0sddc0oBfmZ+9fT/vjZDCPW
QvMLrhAfjJnRoiBTki/0ISG2dpvv1Grg1nzduJrhoRmoo7JlPewCPOi2uGhOFTvX
2VgywNSYGv8Qm16MACnOpgG5RuhAc7qcQp1Q6EPBk1kbFQNyQKABQ6Ri0A44
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:29 2024 by rpki-client on console-ams.rpki-client.org