Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/T-9YTLEkepgxT16zdbniFZimQeQ.roa
File: T-9YTLEkepgxT16zdbniFZimQeQ.roa (raw, json)
Hash identifier: THRevsqNdOCrdIUk6Zt4M0VdamwGjb5t8ksz/gjqaO0=
Subject key identifier: 4F:EF:58:4C:B1:24:7A:98:31:4F:5E:B3:75:B9:E2:15:98:A6:41:E4
Certificate issuer: /CN=a36d0ae5e2fbffcce08770ebc20c216b9fbf9485
Certificate serial: 01856BAEE27851CB745E0EC05FD0FEE5AABE
Authority key identifier: A3:6D:0A:E5:E2:FB:FF:CC:E0:87:70:EB:C2:0C:21:6B:9F:BF:94:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/T-9YTLEkepgxT16zdbniFZimQeQ.roa
Signing time: Sun 01 Jan 2023 04:55:01 +0000
ROA not before: Sun 01 Jan 2023 04:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47775
IP address blocks: 213.5.105.0/24 maxlen: 24
213.5.104.0/24 maxlen: 24
213.5.104.0/22 maxlen: 22
213.5.104.0/23 maxlen: 23
213.5.106.0/24 maxlen: 24
213.5.106.0/23 maxlen: 23
213.5.107.0/24 maxlen: 24
2a02:1c8:5::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ae:e2:78:51:cb:74:5e:0e:c0:5f:d0:fe:e5:aa:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a36d0ae5e2fbffcce08770ebc20c216b9fbf9485
Validity
Not Before: Jan 1 04:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4fef584cb1247a98314f5eb375b9e21598a641e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:3a:f1:b1:af:82:c0:7a:f0:ce:b1:31:94:73:
00:87:14:26:ac:1f:d3:df:9b:65:00:2e:81:f9:a4:
ab:ac:d1:be:07:ed:c8:0b:a6:5e:a4:01:b4:1e:8c:
55:4e:9b:0b:61:38:4f:28:35:9e:eb:15:ba:f9:0d:
57:4f:86:b3:29:c4:00:60:1b:5f:69:3a:86:db:7a:
24:16:4b:d6:5a:e7:f0:17:6f:33:6f:d8:9d:55:10:
ff:47:f6:f9:f3:f9:53:05:4a:26:6b:c6:5b:2d:be:
38:55:20:2b:ed:2f:54:a0:5b:1e:c4:a4:b0:28:42:
a3:18:87:c8:69:2c:08:ef:77:58:2f:0e:21:9f:95:
30:f9:62:3a:1a:29:74:4f:77:9a:c6:6b:3f:2d:6c:
b0:d4:be:63:f3:d8:70:6e:01:32:6f:4f:75:fc:f0:
ae:47:0c:a4:fb:e6:f5:89:86:b3:b6:e4:4a:b7:27:
9c:ef:66:94:0e:3a:70:ca:61:63:b9:a4:1e:df:aa:
f4:f8:09:54:30:38:09:15:a9:bb:a9:2a:83:05:08:
85:b3:b7:41:95:df:51:53:13:be:dd:e6:ac:54:1d:
80:05:7b:39:02:05:d0:23:1c:57:25:08:0a:13:cf:
a6:23:92:16:0e:58:f5:ca:7a:80:69:74:c1:ad:84:
c4:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:EF:58:4C:B1:24:7A:98:31:4F:5E:B3:75:B9:E2:15:98:A6:41:E4
X509v3 Authority Key Identifier:
keyid:A3:6D:0A:E5:E2:FB:FF:CC:E0:87:70:EB:C2:0C:21:6B:9F:BF:94:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/T-9YTLEkepgxT16zdbniFZimQeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/o20K5eL7_8zgh3Drwgwha5-_lIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.5.104.0/22
IPv6:
2a02:1c8:5::/48
Signature Algorithm: sha256WithRSAEncryption
70:4b:bd:92:ee:70:4b:5f:d7:54:cc:46:44:e4:73:39:79:69:
37:ac:d0:98:52:36:24:e5:12:39:58:fb:55:f1:f9:f8:fe:1b:
fb:cf:b9:c1:de:36:b1:a4:0b:96:cd:f9:50:94:d7:25:2d:e3:
c2:4c:09:38:d4:7b:ce:b5:c2:5b:ae:84:9b:7b:07:ff:bb:fa:
ad:9a:e9:0c:08:2d:12:93:f5:7a:a7:ef:9d:18:08:e0:01:0b:
82:84:b0:ce:0f:4e:c1:f0:5b:71:76:65:b1:62:cc:17:c2:cd:
85:49:11:f9:7e:33:a8:15:e9:fb:c9:dc:81:ff:cf:a2:d1:44:
5c:6f:2c:ee:4f:94:92:de:0b:b2:60:97:3d:d4:86:45:cc:cc:
e3:85:4f:91:c7:62:f6:07:ff:8e:ce:84:15:64:c4:db:6f:ef:
d4:3f:1f:6a:d0:07:1e:86:08:de:fc:38:c2:be:ea:33:d4:71:
1a:90:c5:4e:2d:bd:f0:d7:19:41:6f:3c:b4:68:88:2a:67:b3:
1c:fa:d0:c0:45:37:95:40:9e:6b:18:9c:58:0e:42:9d:13:b3:
fa:9b:b4:b2:e2:48:2d:c0:9e:7d:ce:84:8d:71:ff:55:a4:c3:
4e:5d:a3:66:65:89:1d:a8:7f:04:8c:57:08:04:98:ee:2e:e8:
e7:17:18:c6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVrruJ4Uct0Xg7AX9D+5aq+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNmQwYWU1ZTJmYmZmY2NlMDg3NzBlYmMyMGMyMTZiOWZi
Zjk0ODUwHhcNMjMwMTAxMDQ1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmVmNTg0Y2IxMjQ3YTk4MzE0ZjVlYjM3NWI5ZTIxNTk4YTY0MWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDrxsa+CwHrwzrExlHMAhxQmrB/T
35tlAC6B+aSrrNG+B+3IC6ZepAG0HoxVTpsLYThPKDWe6xW6+Q1XT4azKcQAYBtf
aTqG23okFkvWWufwF28zb9idVRD/R/b58/lTBUoma8ZbLb44VSAr7S9UoFsexKSw
KEKjGIfIaSwI73dYLw4hn5Uw+WI6Gil0T3eaxms/LWyw1L5j89hwbgEyb091/PCu
Rwyk++b1iYaztuRKtyec72aUDjpwymFjuaQe36r0+AlUMDgJFam7qSqDBQiFs7dB
ld9RUxO+3easVB2ABXs5AgXQIxxXJQgKE8+mI5IWDlj1ynqAaXTBrYTEmwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE/vWEyxJHqYMU9es3W54hWYpkHkMB8GA1UdIwQY
MBaAFKNtCuXi+//M4Idw68IMIWufv5SFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzIwSzVlTDdfOHpnaDNEcndnd2hhNS1fbElVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC84Y2FjMGMtMzQyNi00ZjA3LWFmMjAt
Y2JiOTUxODNiMjdhLzEvVC05WVRMRWtlcGd4VDE2emRibmlGWmltUWVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC84Y2FjMGMtMzQyNi00ZjA3LWFmMjAtY2JiOTUxODNiMjdh
LzEvbzIwSzVlTDdfOHpnaDNEcndnd2hhNS1fbElVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQC1QVoMA8E
AgACMAkDBwAqAgHIAAUwDQYJKoZIhvcNAQELBQADggEBAHBLvZLucEtf11TMRkTk
czl5aTes0JhSNiTlEjlY+1Xx+fj+G/vPucHeNrGkC5bN+VCU1yUt48JMCTjUe861
wluuhJt7B/+7+q2a6QwILRKT9Xqn750YCOABC4KEsM4PTsHwW3F2ZbFizBfCzYVJ
Efl+M6gV6fvJ3IH/z6LRRFxvLO5PlJLeC7Jglz3UhkXMzOOFT5HHYvYH/47OhBVk
xNtv79Q/H2rQBx6GCN78OMK+6jPUcRqQxU4tvfDXGUFvPLRoiCpnsxz60MBFN5VA
nmsYnFgOQp0Ts/qbtLLiSC3Ann3OhI1x/1Wkw05do2ZliR2ofwSMVwgEmO4u6OcX
GMY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:53 2024 by rpki-client on console-fra.rpki-client.org