Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/99184f-1c80-47cd-a685-2dd650ea4ac3/1/tcWoeF8uWP-nQjuOgVxXm3Q-ccI.roa
File: tcWoeF8uWP-nQjuOgVxXm3Q-ccI.roa (raw, json)
Hash identifier: 7N4Y3auAYzVw9GJ0YSGF5QOb7Ta3EkDqZjMjpyBBuIk=
Subject key identifier: B5:C5:A8:78:5F:2E:58:FF:A7:42:3B:8E:81:5C:57:9B:74:3E:71:C2
Certificate issuer: /CN=dc1a3aa0cf8dfa9167d24d92ed8a16eb4e78044c
Certificate serial: 018944C757837F3801F63FE4F0D4D9403761
Authority key identifier: DC:1A:3A:A0:CF:8D:FA:91:67:D2:4D:92:ED:8A:16:EB:4E:78:04:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Bo6oM-N-pFn0k2S7YoW6054BEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/99184f-1c80-47cd-a685-2dd650ea4ac3/1/tcWoeF8uWP-nQjuOgVxXm3Q-ccI.roa
Signing time: Tue 11 Jul 2023 11:47:42 +0000
ROA not before: Tue 11 Jul 2023 11:47:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48385
IP address blocks: 91.229.66.0/23 maxlen: 23
91.209.139.0/24 maxlen: 24
193.105.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:44:c7:57:83:7f:38:01:f6:3f:e4:f0:d4:d9:40:37:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc1a3aa0cf8dfa9167d24d92ed8a16eb4e78044c
Validity
Not Before: Jul 11 11:47:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5c5a8785f2e58ffa7423b8e815c579b743e71c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:6a:e1:e9:4b:8a:92:db:2e:53:b6:a6:8d:57:
78:f9:6f:e5:09:c0:58:4d:44:0f:e0:64:0b:ff:48:
b5:9f:3b:a2:fc:21:74:57:98:a4:2f:65:f0:46:49:
f7:6b:72:a8:0c:88:8e:8c:6e:9d:43:2a:ab:6b:a1:
07:f9:e1:a7:eb:3f:86:0b:6e:27:61:aa:8a:a7:99:
26:fc:8f:06:06:f5:11:ac:e4:3d:26:c6:a5:fb:76:
75:fb:86:1b:36:36:df:a3:3e:06:af:6f:8f:35:e5:
1f:5b:ef:d2:7e:2a:b8:9c:b7:e0:b8:b8:1f:57:e8:
9b:e8:e8:38:de:e7:90:d9:28:2e:d3:fd:66:1f:3d:
0a:5c:50:09:74:a5:f4:26:2a:ce:73:ae:c1:95:85:
6a:1a:26:6d:bb:66:40:0b:69:fe:4c:3b:ac:11:92:
85:b5:1f:01:6e:ad:ba:b9:25:46:16:1f:1a:91:71:
53:e1:bb:6b:52:cf:ab:4e:a9:a3:9e:4e:1c:8c:b2:
30:4c:89:0a:ff:c0:7e:63:3c:50:7b:4c:f3:eb:38:
17:d0:5e:da:ac:fc:da:bd:a6:4d:b2:37:5e:84:1a:
17:e7:ea:d3:39:53:d8:03:18:55:0a:88:50:8b:55:
44:90:ef:4d:d9:f3:ca:49:a4:47:9e:16:c2:4b:c6:
38:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:C5:A8:78:5F:2E:58:FF:A7:42:3B:8E:81:5C:57:9B:74:3E:71:C2
X509v3 Authority Key Identifier:
keyid:DC:1A:3A:A0:CF:8D:FA:91:67:D2:4D:92:ED:8A:16:EB:4E:78:04:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Bo6oM-N-pFn0k2S7YoW6054BEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/99184f-1c80-47cd-a685-2dd650ea4ac3/1/tcWoeF8uWP-nQjuOgVxXm3Q-ccI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/99184f-1c80-47cd-a685-2dd650ea4ac3/1/3Bo6oM-N-pFn0k2S7YoW6054BEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.139.0/24
91.229.66.0/23
193.105.41.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:c5:2e:d0:ed:13:4f:3f:ff:5c:e6:86:da:ab:0a:96:e6:99:
1f:72:af:7e:75:04:51:9d:7e:36:b4:d0:0f:c1:49:7d:3e:87:
53:18:18:48:d0:e2:e6:61:ca:85:f1:d4:18:91:7f:9c:95:11:
dd:41:b2:e5:1f:aa:7a:c3:ba:0d:e2:84:1b:0f:5a:3b:5d:28:
57:85:84:db:16:ea:cd:08:df:16:3e:1d:d2:80:44:e5:ad:e4:
41:b7:0d:d0:5a:e4:89:28:ac:db:43:76:53:b3:af:c8:93:fa:
37:14:a4:5e:6c:00:8c:c7:3b:9c:bc:63:1d:a1:c9:e1:ab:31:
6c:5c:8f:13:7b:ec:77:44:c7:fc:b0:73:09:4e:19:7e:3d:c2:
f9:fa:c0:bc:21:fa:62:86:88:5d:12:c2:c6:f2:e9:9c:85:cf:
88:58:ae:43:77:d9:11:69:63:c5:13:f7:4c:66:62:3b:b1:86:
bb:96:ff:d9:7c:3f:fb:a6:f3:07:e7:5a:9a:2c:ec:59:2a:7a:
9c:f3:65:19:29:dd:18:e7:7a:ab:7e:93:72:8c:06:af:0d:8a:
5d:d4:8e:79:9b:7e:4d:96:09:76:eb:64:a0:a8:42:ab:1a:c0:
7b:53:e7:a7:c1:5d:6d:4c:38:e9:ed:b7:c7:30:36:5e:bb:6b:
46:ce:ef:79
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYlEx1eDfzgB9j/k8NTZQDdhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMWEzYWEwY2Y4ZGZhOTE2N2QyNGQ5MmVkOGExNmViNGU3
ODA0NGMwHhcNMjMwNzExMTE0NzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWM1YTg3ODVmMmU1OGZmYTc0MjNiOGU4MTVjNTc5Yjc0M2U3MWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGrh6UuKktsuU7amjVd4+W/lCcBY
TUQP4GQL/0i1nzui/CF0V5ikL2XwRkn3a3KoDIiOjG6dQyqra6EH+eGn6z+GC24n
YaqKp5km/I8GBvURrOQ9Jsal+3Z1+4YbNjbfoz4Gr2+PNeUfW+/Sfiq4nLfguLgf
V+ib6Og43ueQ2Sgu0/1mHz0KXFAJdKX0JirOc67BlYVqGiZtu2ZAC2n+TDusEZKF
tR8Bbq26uSVGFh8akXFT4btrUs+rTqmjnk4cjLIwTIkK/8B+YzxQe0zz6zgX0F7a
rPzavaZNsjdehBoX5+rTOVPYAxhVCohQi1VEkO9N2fPKSaRHnhbCS8Y4swIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLXFqHhfLlj/p0I7joFcV5t0PnHCMB8GA1UdIwQY
MBaAFNwaOqDPjfqRZ9JNku2KFutOeARMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JvNm9NLU4tcEZuMGsyUzdZb1c2MDU0QkV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi85OTE4NGYtMWM4MC00N2NkLWE2ODUt
MmRkNjUwZWE0YWMzLzEvdGNXb2VGOHVXUC1uUWp1T2dWeFhtM1EtY2NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi85OTE4NGYtMWM4MC00N2NkLWE2ODUtMmRkNjUwZWE0YWMz
LzEvM0JvNm9NLU4tcEZuMGsyUzdZb1c2MDU0QkV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9GLAwQB
W+VCAwQAwWkpMA0GCSqGSIb3DQEBCwUAA4IBAQALxS7Q7RNPP/9c5obaqwqW5pkf
cq9+dQRRnX42tNAPwUl9PodTGBhI0OLmYcqF8dQYkX+clRHdQbLlH6p6w7oN4oQb
D1o7XShXhYTbFurNCN8WPh3SgETlreRBtw3QWuSJKKzbQ3ZTs6/Ik/o3FKRebACM
xzucvGMdocnhqzFsXI8Te+x3RMf8sHMJThl+PcL5+sC8IfpihohdEsLG8umchc+I
WK5Dd9kRaWPFE/dMZmI7sYa7lv/ZfD/7pvMH51qaLOxZKnqc82UZKd0Y53qrfpNy
jAavDYpd1I55m35Nlgl262SgqEKrGsB7U+enwV1tTDjp7bfHMDZeu2tGzu95
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:42 2024 by rpki-client on console-fra.rpki-client.org