Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/1aa2d8-6106-4808-8c97-f46224b0d161/1/tA08zkiyVvIDJTdOvNyIRkMCWPo.roa
File: tA08zkiyVvIDJTdOvNyIRkMCWPo.roa (raw, json)
Hash identifier: YEyKjDkpglMl8Gk91jXgAIQLHmJtBbwgB9W4TAxJzJg=
Subject key identifier: B4:0D:3C:CE:48:B2:56:F2:03:25:37:4E:BC:DC:88:46:43:02:58:FA
Certificate issuer: /CN=9b3f29ff9ea71b3c3dc1f5af054b41647c91af98
Certificate serial: 018570828CA480A2941CE9F7F135D326377F
Authority key identifier: 9B:3F:29:FF:9E:A7:1B:3C:3D:C1:F5:AF:05:4B:41:64:7C:91:AF:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mz8p_56nGzw9wfWvBUtBZHyRr5g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/1aa2d8-6106-4808-8c97-f46224b0d161/1/tA08zkiyVvIDJTdOvNyIRkMCWPo.roa
Signing time: Mon 02 Jan 2023 03:24:41 +0000
ROA not before: Mon 02 Jan 2023 03:24:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60602
IP address blocks: 194.33.40.0/22 maxlen: 24
185.181.230.0/24 maxlen: 24
185.181.228.0/24 maxlen: 24
185.181.228.0/23 maxlen: 23
185.181.229.0/24 maxlen: 24
2a0a:d580::/32 maxlen: 32
2a0a:d580::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:8c:a4:80:a2:94:1c:e9:f7:f1:35:d3:26:37:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b3f29ff9ea71b3c3dc1f5af054b41647c91af98
Validity
Not Before: Jan 2 03:24:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b40d3cce48b256f20325374ebcdc8846430258fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c6:9d:59:bd:24:30:44:03:f5:4c:33:22:dd:
7f:6e:c0:7f:97:78:65:35:bb:3a:f7:d0:2f:80:63:
26:69:20:6f:9e:70:a2:66:19:95:39:7f:0e:d3:e3:
1e:69:c6:fb:d4:de:cf:f5:84:15:1e:60:2a:33:7c:
78:3e:ea:5e:f9:55:b8:cf:ca:08:b6:79:97:36:bb:
b4:47:6d:75:5d:32:f8:04:e7:78:66:68:60:02:21:
2c:28:71:67:9c:ab:41:17:0e:0e:da:68:bf:dd:c5:
f1:a8:04:40:7b:d5:7d:fe:c1:46:9a:7d:39:b1:d7:
f1:ec:48:80:55:57:65:f3:b4:04:0e:16:e4:b1:7e:
5f:e3:58:99:58:8b:f6:d7:4c:56:6a:7c:6f:99:57:
33:74:54:02:a5:09:53:90:41:e0:4e:b4:54:b1:7d:
82:b0:b5:e4:fd:a4:8c:fd:bb:75:f0:24:5f:59:00:
c0:8d:d6:dc:29:be:e1:af:df:5b:74:45:21:f2:02:
83:dc:83:52:76:64:91:c2:f7:ac:69:10:71:70:6e:
92:fe:62:64:e1:5e:a6:9c:0d:0e:c7:fe:38:87:d1:
a3:02:e1:a2:0d:59:f2:ec:e4:24:23:1f:7e:95:5e:
85:a4:04:79:3c:02:fd:ed:b7:0b:1e:75:d8:11:9e:
f4:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:0D:3C:CE:48:B2:56:F2:03:25:37:4E:BC:DC:88:46:43:02:58:FA
X509v3 Authority Key Identifier:
keyid:9B:3F:29:FF:9E:A7:1B:3C:3D:C1:F5:AF:05:4B:41:64:7C:91:AF:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mz8p_56nGzw9wfWvBUtBZHyRr5g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/1aa2d8-6106-4808-8c97-f46224b0d161/1/tA08zkiyVvIDJTdOvNyIRkMCWPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/1aa2d8-6106-4808-8c97-f46224b0d161/1/mz8p_56nGzw9wfWvBUtBZHyRr5g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.181.228.0-185.181.230.255
194.33.40.0/22
IPv6:
2a0a:d580::/32
Signature Algorithm: sha256WithRSAEncryption
19:93:f8:55:fe:39:b3:62:c9:2b:47:d4:36:e5:20:68:65:52:
d2:fb:5c:06:7d:59:80:f3:15:e8:df:c2:42:f8:20:35:5e:49:
b0:aa:af:cf:ed:24:f3:90:40:c1:0a:70:57:78:44:2c:3e:88:
93:ec:b9:05:85:06:de:03:60:7b:a7:19:dd:4f:0d:6e:a7:ba:
0e:c9:f4:aa:e8:df:e2:d7:ff:91:8d:5f:fa:46:d9:42:69:e9:
09:a8:6c:85:75:bf:f9:bc:5f:85:ee:06:09:69:56:cd:33:89:
e6:0c:b9:75:dd:5d:6c:21:14:0c:cb:69:27:25:4f:d1:eb:7d:
7a:59:c6:46:72:92:c8:17:24:ec:57:89:21:e0:ec:7d:96:40:
50:b0:3a:cc:3a:d0:43:59:00:ab:41:d3:76:3e:d6:f8:99:62:
0c:52:6d:6b:4d:00:b9:0a:1d:79:b7:89:3d:02:57:09:4d:81:
80:68:ba:93:7d:52:97:dd:a4:09:30:61:65:08:73:81:b9:a0:
9d:be:d2:ad:a5:61:09:71:34:1f:9a:4e:51:73:26:c7:b1:14:
40:5b:63:3b:32:0d:41:f6:8b:84:46:51:62:81:46:bd:8b:2c:
69:df:2f:bb:4f:46:75:6b:2d:3d:99:53:1f:69:89:3e:8d:db:
3f:a1:31:7b
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVwgoykgKKUHOn38TXTJjd/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliM2YyOWZmOWVhNzFiM2MzZGMxZjVhZjA1NGI0MTY0N2M5
MWFmOTgwHhcNMjMwMTAyMDMyNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDBkM2NjZTQ4YjI1NmYyMDMyNTM3NGViY2RjODg0NjQzMDI1OGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosadWb0kMEQD9UwzIt1/bsB/l3hl
Nbs699AvgGMmaSBvnnCiZhmVOX8O0+Meacb71N7P9YQVHmAqM3x4Pupe+VW4z8oI
tnmXNru0R211XTL4BOd4ZmhgAiEsKHFnnKtBFw4O2mi/3cXxqARAe9V9/sFGmn05
sdfx7EiAVVdl87QEDhbksX5f41iZWIv210xWanxvmVczdFQCpQlTkEHgTrRUsX2C
sLXk/aSM/bt18CRfWQDAjdbcKb7hr99bdEUh8gKD3INSdmSRwvesaRBxcG6S/mJk
4V6mnA0Ox/44h9GjAuGiDVny7OQkIx9+lV6FpAR5PAL97bcLHnXYEZ70GwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFLQNPM5IslbyAyU3TrzciEZDAlj6MB8GA1UdIwQY
MBaAFJs/Kf+epxs8PcH1rwVLQWR8ka+YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXo4cF81Nm5Henc5d2ZXdkJVdEJaSHlScjVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8xYWEyZDgtNjEwNi00ODA4LThjOTct
ZjQ2MjI0YjBkMTYxLzEvdEEwOHpraXlWdklESlRkT3ZOeUlSa01DV1BvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8xYWEyZDgtNjEwNi00ODA4LThjOTctZjQ2MjI0YjBkMTYx
LzEvbXo4cF81Nm5Henc5d2ZXdkJVdEJaSHlScjVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAK5teQD
BAC5teYDBALCISgwDQQCAAIwBwMFACoK1YAwDQYJKoZIhvcNAQELBQADggEBABmT
+FX+ObNiyStH1DblIGhlUtL7XAZ9WYDzFejfwkL4IDVeSbCqr8/tJPOQQMEKcFd4
RCw+iJPsuQWFBt4DYHunGd1PDW6nug7J9Kro3+LX/5GNX/pG2UJp6QmobIV1v/m8
X4XuBglpVs0zieYMuXXdXWwhFAzLaSclT9HrfXpZxkZyksgXJOxXiSHg7H2WQFCw
Osw60ENZAKtB03Y+1viZYgxSbWtNALkKHXm3iT0CVwlNgYBoupN9UpfdpAkwYWUI
c4G5oJ2+0q2lYQlxNB+aTlFzJsexFEBbYzsyDUH2i4RGUWKBRr2LLGnfL7tPRnVr
LT2ZUx9piT6N2z+hMXs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:31 2024 by rpki-client on console-fra.rpki-client.org