Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/TcC3suZD1acJPHgTp1IBVkSDrcA.roa
File: TcC3suZD1acJPHgTp1IBVkSDrcA.roa (raw, json)
Hash identifier: 9BovrWgtjGe4Js8kS1R0hYKXn+rbSlJapJqJDM1lr/I=
Subject key identifier: 4D:C0:B7:B2:E6:43:D5:A7:09:3C:78:13:A7:52:01:56:44:83:AD:C0
Certificate issuer: /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial: 01857039AB0A2CD7E736494B168ADED64F3F
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/TcC3suZD1acJPHgTp1IBVkSDrcA.roa
Signing time: Mon 02 Jan 2023 02:05:05 +0000
ROA not before: Mon 02 Jan 2023 02:05:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24651
IP address blocks: 213.21.218.0/24 maxlen: 24
213.21.222.0/24 maxlen: 24
185.118.76.0/24 maxlen: 24
213.21.227.0/24 maxlen: 24
194.8.6.0/24 maxlen: 24
193.68.67.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 31 Aug 2023 10:55:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:ab:0a:2c:d7:e7:36:49:4b:16:8a:de:d6:4f:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Validity
Not Before: Jan 2 02:05:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4dc0b7b2e643d5a7093c7813a75201564483adc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:eb:67:3e:e2:3c:9a:6c:84:b4:0e:56:44:f0:
53:c1:0c:5c:17:48:51:6c:5b:a6:d3:1e:93:37:45:
78:e2:81:ba:04:f5:85:f2:79:b8:60:4c:10:7b:d8:
0f:43:3b:9d:d5:09:a7:f2:a3:27:e7:55:91:1f:49:
11:39:52:68:eb:e8:5b:4f:12:4b:79:b7:fd:89:00:
76:88:69:e0:d3:67:be:4e:7c:08:ea:bd:a7:6e:f5:
38:2f:dd:50:37:c6:9b:07:db:c7:1f:41:44:36:17:
3c:11:44:45:59:c6:67:55:b2:d8:e7:71:55:a2:8d:
e1:10:c8:61:20:52:0d:89:03:83:94:3e:6e:29:f3:
10:c6:92:75:07:2f:0b:65:ef:59:e7:41:4b:c3:3f:
92:b7:bc:ec:b2:0d:b6:e6:90:d3:86:52:d5:f6:64:
98:13:88:ca:7c:af:29:ed:7e:37:ab:4a:68:bb:e9:
50:e2:15:6a:8d:dc:8d:70:6a:8d:0b:be:a1:dc:37:
71:80:29:a2:f0:e1:c0:ad:9b:c5:ad:30:cc:7b:41:
23:e5:b8:ef:36:2e:9f:ad:0d:c8:01:9c:85:22:01:
15:cf:1b:d4:91:74:73:34:35:c0:e0:e7:65:27:c6:
f7:74:22:61:15:51:8b:37:67:c4:43:6d:19:dd:f3:
b8:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:C0:B7:B2:E6:43:D5:A7:09:3C:78:13:A7:52:01:56:44:83:AD:C0
X509v3 Authority Key Identifier:
keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/TcC3suZD1acJPHgTp1IBVkSDrcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.76.0/24
193.68.67.0/24
194.8.6.0/24
213.21.218.0/24
213.21.222.0/24
213.21.227.0/24
Signature Algorithm: sha256WithRSAEncryption
41:ed:2f:d1:07:d0:57:43:80:85:32:1c:11:b7:34:98:38:18:
0e:a3:4f:e4:fa:b2:b3:52:2c:d1:b9:10:eb:a3:f0:7b:82:3d:
c0:f3:af:ad:89:72:b3:7b:de:93:72:38:b4:22:45:b8:0e:c0:
38:1b:6e:53:23:1a:99:18:60:98:ab:c5:11:a1:c1:07:fd:de:
19:23:61:b5:27:33:f9:86:8a:cb:72:a8:49:02:b2:b8:4a:38:
63:10:4c:91:da:49:ad:53:06:01:94:e6:63:33:b2:9a:2a:82:
12:bd:bd:bf:3d:df:7e:82:38:e7:77:78:26:42:19:1d:36:7c:
53:da:36:a9:dc:8d:62:a9:cb:f2:11:88:dc:20:47:6a:db:aa:
76:f6:69:82:e0:8e:12:5d:d5:c3:9e:db:5e:15:d9:70:99:1d:
41:6c:6a:f3:cd:bd:f7:81:6a:bb:0a:47:36:f3:63:4a:f8:d3:
fb:e3:48:e2:01:60:ab:fb:11:fe:d1:cb:7e:17:cd:39:87:bf:
dd:72:81:e0:4a:bc:c5:c6:40:5a:7b:0b:39:6e:79:8a:9c:57:
79:94:2a:5a:cd:ed:e2:ac:e6:6c:47:86:48:6e:35:f3:0b:3d:
d8:a9:ac:d2:f4:da:d6:df:5c:a1:e3:f8:4f:92:86:92:03:3b:
cb:5f:99:99
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVwOasKLNfnNklLFore1k8/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjMwMTAyMDIwNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGMwYjdiMmU2NDNkNWE3MDkzYzc4MTNhNzUyMDE1NjQ0ODNhZGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnutnPuI8mmyEtA5WRPBTwQxcF0hR
bFum0x6TN0V44oG6BPWF8nm4YEwQe9gPQzud1Qmn8qMn51WRH0kROVJo6+hbTxJL
ebf9iQB2iGng02e+TnwI6r2nbvU4L91QN8abB9vHH0FENhc8EURFWcZnVbLY53FV
oo3hEMhhIFINiQODlD5uKfMQxpJ1By8LZe9Z50FLwz+St7zssg225pDThlLV9mSY
E4jKfK8p7X43q0pou+lQ4hVqjdyNcGqNC76h3DdxgCmi8OHArZvFrTDMe0Ej5bjv
Ni6frQ3IAZyFIgEVzxvUkXRzNDXA4OdlJ8b3dCJhFVGLN2fEQ20Z3fO4bwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFE3At7LmQ9WnCTx4E6dSAVZEg63AMB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEvVGNDM3N1WkQxYWNKUEhnVHAxSUJWa1NEcmNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAuXZMAwQA
wURDAwQAwggGAwQA1RXaAwQA1RXeAwQA1RXjMA0GCSqGSIb3DQEBCwUAA4IBAQBB
7S/RB9BXQ4CFMhwRtzSYOBgOo0/k+rKzUizRuRDro/B7gj3A86+tiXKze96Tcji0
IkW4DsA4G25TIxqZGGCYq8URocEH/d4ZI2G1JzP5horLcqhJArK4SjhjEEyR2kmt
UwYBlOZjM7KaKoISvb2/Pd9+gjjnd3gmQhkdNnxT2jap3I1iqcvyEYjcIEdq26p2
9mmC4I4SXdXDntteFdlwmR1BbGrzzb33gWq7Ckc282NK+NP740jiAWCr+xH+0ct+
F805h7/dcoHgSrzFxkBaews5bnmKnFd5lCpaze3irOZsR4ZIbjXzCz3YqazS9NrW
31yh4/hPkoaSAzvLX5mZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:38 2024 by rpki-client on console-ams.rpki-client.org