Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/3e72ed-1d65-4982-ad9a-9c37478a593f/1/tasTRTTV6XO8jKDKzrqqLK-wCGY.roa
File: tasTRTTV6XO8jKDKzrqqLK-wCGY.roa (raw, json)
Hash identifier: cAdOFCP4ZoOqr4pBRFEfVImSRsBQMH2prkSLrtAJvTU=
Subject key identifier: B5:AB:13:45:34:D5:E9:73:BC:8C:A0:CA:CE:BA:AA:2C:AF:B0:08:66
Certificate issuer: /CN=5ceb0ebd878b77d42f2ca9dd08f70c323c5d03db
Certificate serial: 01856C6EE2D18D69D53C3D7F3824EC7F84C2
Authority key identifier: 5C:EB:0E:BD:87:8B:77:D4:2F:2C:A9:DD:08:F7:0C:32:3C:5D:03:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XOsOvYeLd9QvLKndCPcMMjxdA9s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/3e72ed-1d65-4982-ad9a-9c37478a593f/1/tasTRTTV6XO8jKDKzrqqLK-wCGY.roa
Signing time: Sun 01 Jan 2023 08:24:44 +0000
ROA not before: Sun 01 Jan 2023 08:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44700
IP address blocks: 185.6.68.0/22 maxlen: 24
88.151.64.0/21 maxlen: 24
185.59.12.0/22 maxlen: 24
95.129.208.0/21 maxlen: 24
93.89.2.0/24 maxlen: 24
2a02:21e0::/32 maxlen: 48
2a02:17f8::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 29 Mar 2023 09:58:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6e:e2:d1:8d:69:d5:3c:3d:7f:38:24:ec:7f:84:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ceb0ebd878b77d42f2ca9dd08f70c323c5d03db
Validity
Not Before: Jan 1 08:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5ab134534d5e973bc8ca0cacebaaa2cafb00866
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f3:b4:0a:bf:8f:c2:34:4a:5a:c8:03:5a:0a:
58:ea:1e:f6:8f:42:cb:ff:a4:9d:c7:09:1f:c8:ff:
e8:fb:b6:55:50:01:36:0e:7f:39:34:38:e8:ca:22:
32:aa:61:93:74:39:6d:62:1c:be:17:c8:f0:e0:df:
bb:f0:bc:9c:07:30:15:26:13:e2:1c:7b:f6:ae:0a:
bd:4e:cf:81:62:38:54:8c:f9:5a:55:d4:bc:d4:71:
68:70:bd:ed:1b:bc:86:99:e0:29:ae:7f:7a:f4:a7:
2a:73:2d:c7:fb:1f:fe:49:36:61:da:1f:f9:41:1e:
45:17:54:b2:c7:6e:77:c0:43:40:45:dc:42:46:5d:
6e:85:e5:bf:5b:d9:71:2e:cd:68:58:d6:b4:84:62:
76:66:f1:06:ea:ea:21:e0:df:63:36:c3:4c:08:30:
97:7f:4d:2b:1d:f5:88:87:19:58:fc:ad:ec:04:09:
8f:bb:ee:ee:59:1b:b4:4a:17:f0:6d:ad:16:a1:0d:
72:7c:8a:cc:dd:88:24:a9:ae:51:72:15:94:ed:48:
4f:3f:84:e7:a7:b5:a3:38:0c:2a:2d:14:53:7e:a5:
e8:5b:54:0a:4b:d5:60:ca:d7:13:09:f5:b3:13:11:
95:05:1d:6c:bb:56:e4:ac:ec:df:0f:fe:d5:da:a3:
0b:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:AB:13:45:34:D5:E9:73:BC:8C:A0:CA:CE:BA:AA:2C:AF:B0:08:66
X509v3 Authority Key Identifier:
keyid:5C:EB:0E:BD:87:8B:77:D4:2F:2C:A9:DD:08:F7:0C:32:3C:5D:03:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XOsOvYeLd9QvLKndCPcMMjxdA9s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3e72ed-1d65-4982-ad9a-9c37478a593f/1/tasTRTTV6XO8jKDKzrqqLK-wCGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3e72ed-1d65-4982-ad9a-9c37478a593f/1/XOsOvYeLd9QvLKndCPcMMjxdA9s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.64.0/21
93.89.2.0/24
95.129.208.0/21
185.6.68.0/22
185.59.12.0/22
IPv6:
2a02:17f8::/32
2a02:21e0::/32
Signature Algorithm: sha256WithRSAEncryption
00:30:29:1e:86:b7:87:16:40:91:b3:47:24:e0:87:2e:b3:e2:
6b:ae:a1:d5:ac:1d:db:f0:66:03:ee:5d:b3:0d:e0:02:8e:93:
d8:17:57:4d:78:24:4c:25:fb:2c:4f:23:77:e3:48:11:66:94:
d5:a0:10:13:44:e3:02:74:03:75:85:df:7b:34:9d:93:29:3a:
bc:58:79:9d:32:1e:1f:1b:8c:86:31:b4:b8:16:95:11:67:4c:
61:c2:98:80:de:1c:07:f2:5a:9c:af:50:00:5c:71:5e:75:bb:
9d:64:e6:cc:b6:fb:a0:9a:c7:32:79:60:ee:de:c1:9d:69:a5:
8c:7a:d4:84:51:41:1d:f1:08:e6:ed:a9:c0:a1:85:8a:95:6c:
b3:39:b4:5e:2e:88:5a:fe:62:3e:2a:58:14:5b:d9:db:12:55:
71:7f:55:d5:27:f0:8e:0b:f5:b2:29:3b:88:4d:8f:77:c3:ce:
ff:5d:c0:0c:89:0d:4c:da:1f:0c:c3:66:20:84:5d:5b:67:d6:
89:76:cf:1c:b9:f5:96:c6:2d:46:0f:46:16:70:29:ab:02:8d:
34:5e:8b:97:ef:3c:f2:a2:c1:09:a0:07:7f:c3:c1:88:18:a8:
95:d6:4f:aa:8e:cb:d6:bd:6e:b5:76:46:7b:92:13:92:2d:e0:
bb:00:83:4e
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYVsbuLRjWnVPD1/OCTsf4TCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZWIwZWJkODc4Yjc3ZDQyZjJjYTlkZDA4ZjcwYzMyM2M1
ZDAzZGIwHhcNMjMwMTAxMDgyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWFiMTM0NTM0ZDVlOTczYmM4Y2EwY2FjZWJhYWEyY2FmYjAwODY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PO0Cr+PwjRKWsgDWgpY6h72j0LL
/6SdxwkfyP/o+7ZVUAE2Dn85NDjoyiIyqmGTdDltYhy+F8jw4N+78LycBzAVJhPi
HHv2rgq9Ts+BYjhUjPlaVdS81HFocL3tG7yGmeAprn969Kcqcy3H+x/+STZh2h/5
QR5FF1Syx253wENARdxCRl1uheW/W9lxLs1oWNa0hGJ2ZvEG6uoh4N9jNsNMCDCX
f00rHfWIhxlY/K3sBAmPu+7uWRu0Shfwba0WoQ1yfIrM3Ygkqa5RchWU7UhPP4Tn
p7WjOAwqLRRTfqXoW1QKS9VgytcTCfWzExGVBR1su1bkrOzfD/7V2qMLewIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFLWrE0U01elzvIygys66qiyvsAhmMB8GA1UdIwQY
MBaAFFzrDr2Hi3fULyyp3Qj3DDI8XQPbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE9zT3ZZZUxkOVF2TEtuZENQY01NanhkQTlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8zZTcyZWQtMWQ2NS00OTgyLWFkOWEt
OWMzNzQ3OGE1OTNmLzEvdGFzVFJUVFY2WE84aktES3pycXFMSy13Q0dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8zZTcyZWQtMWQ2NS00OTgyLWFkOWEtOWMzNzQ3OGE1OTNm
LzEvWE9zT3ZZZUxkOVF2TEtuZENQY01NanhkQTlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQDWJdAAwQA
XVkCAwQDX4HQAwQCuQZEAwQCuTsMMBQEAgACMA4DBQAqAhf4AwUAKgIh4DANBgkq
hkiG9w0BAQsFAAOCAQEAADApHoa3hxZAkbNHJOCHLrPia66h1awd2/BmA+5dsw3g
Ao6T2BdXTXgkTCX7LE8jd+NIEWaU1aAQE0TjAnQDdYXfezSdkyk6vFh5nTIeHxuM
hjG0uBaVEWdMYcKYgN4cB/JanK9QAFxxXnW7nWTmzLb7oJrHMnlg7t7BnWmljHrU
hFFBHfEI5u2pwKGFipVsszm0Xi6IWv5iPipYFFvZ2xJVcX9V1Sfwjgv1sik7iE2P
d8PO/13ADIkNTNofDMNmIIRdW2fWiXbPHLn1lsYtRg9GFnApqwKNNF6Ll+888qLB
CaAHf8PBiBioldZPqo7L1r1utXZGe5ITki3guwCDTg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:24 2024 by rpki-client on console-ams.rpki-client.org