Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/f74280-cc6d-41c1-858a-b5368330baf2/1/tc1d5e6xkpi9zGMCXzDg5kO29nw.roa
File: tc1d5e6xkpi9zGMCXzDg5kO29nw.roa (raw, json)
Hash identifier: 99EkI4Aua8DLTgYbWzti1L8vOpPfuOs2XSMCOZGK0sw=
Subject key identifier: B5:CD:5D:E5:EE:B1:92:98:BD:CC:63:02:5F:30:E0:E6:43:B6:F6:7C
Certificate issuer: /CN=a4b666cb0e5496116eb7ae6714d9055309ba69ac
Certificate serial: 01857039824D4E2CE8257A8B4DF0DC966BB8
Authority key identifier: A4:B6:66:CB:0E:54:96:11:6E:B7:AE:67:14:D9:05:53:09:BA:69:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pLZmyw5UlhFut65nFNkFUwm6aaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/f74280-cc6d-41c1-858a-b5368330baf2/1/tc1d5e6xkpi9zGMCXzDg5kO29nw.roa
Signing time: Mon 02 Jan 2023 02:04:55 +0000
ROA not before: Mon 02 Jan 2023 02:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48685
IP address blocks: 94.142.152.0/21 maxlen: 21
185.25.252.0/22 maxlen: 22
176.10.32.0/21 maxlen: 21
185.169.188.0/22 maxlen: 22
185.169.188.0/23 maxlen: 23
176.57.224.0/20 maxlen: 20
2a06:a100::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:82:4d:4e:2c:e8:25:7a:8b:4d:f0:dc:96:6b:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4b666cb0e5496116eb7ae6714d9055309ba69ac
Validity
Not Before: Jan 2 02:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5cd5de5eeb19298bdcc63025f30e0e643b6f67c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:5b:df:fe:10:f2:52:3d:54:cb:75:76:2a:77:
87:b9:88:d8:34:e6:31:02:b8:4c:5a:18:40:22:e2:
3d:5f:55:fc:1a:77:fe:8c:db:3b:8d:b9:af:12:9b:
da:2a:11:d4:81:01:c8:16:d2:48:60:b2:26:60:4c:
fc:f6:a1:dc:40:8f:22:d4:f7:21:4f:84:7f:b4:a0:
f9:82:f9:ef:52:37:0f:02:e8:43:a1:f1:4e:3c:fa:
75:c1:00:e1:5e:83:a8:04:0d:6c:83:76:7d:5c:4c:
2f:2e:0e:ab:03:4e:27:c0:d7:45:2e:58:78:50:bc:
02:2c:5a:f8:de:a8:e3:cf:52:5e:fb:73:50:b9:c6:
ce:96:c9:e4:67:97:6b:7f:fe:92:2b:8c:22:cc:f2:
95:68:1b:bd:c7:7a:1b:94:be:2f:a3:78:ec:43:85:
8c:1d:64:00:93:b7:2f:96:40:f1:fe:38:1d:a4:70:
49:e6:8e:97:33:51:23:29:0c:0d:39:cf:a1:08:4e:
58:aa:5f:41:8d:a9:d3:f6:35:fc:59:88:97:15:aa:
15:fd:10:41:52:07:ea:23:87:f0:ed:d7:fc:f2:0d:
c2:13:96:40:ac:5c:80:f0:9e:65:2b:a2:92:a3:6b:
4b:fe:65:f2:be:98:90:69:eb:4e:9d:03:74:fc:11:
f9:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:CD:5D:E5:EE:B1:92:98:BD:CC:63:02:5F:30:E0:E6:43:B6:F6:7C
X509v3 Authority Key Identifier:
keyid:A4:B6:66:CB:0E:54:96:11:6E:B7:AE:67:14:D9:05:53:09:BA:69:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pLZmyw5UlhFut65nFNkFUwm6aaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f74280-cc6d-41c1-858a-b5368330baf2/1/tc1d5e6xkpi9zGMCXzDg5kO29nw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f74280-cc6d-41c1-858a-b5368330baf2/1/pLZmyw5UlhFut65nFNkFUwm6aaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.142.152.0/21
176.10.32.0/21
176.57.224.0/20
185.25.252.0/22
185.169.188.0/22
IPv6:
2a06:a100::/29
Signature Algorithm: sha256WithRSAEncryption
7c:b7:1b:db:d3:b2:87:4a:01:8d:1c:64:08:63:04:bb:d7:80:
96:a8:a8:e9:c3:b1:f0:d8:87:98:c0:6b:d6:9f:64:d2:34:5e:
35:71:48:3a:30:5c:f8:39:2a:0d:80:49:b0:af:c7:42:34:3a:
39:86:cf:12:9d:55:dd:cf:01:fe:c2:18:89:13:bb:ed:90:85:
f5:e2:0f:bb:81:4b:82:69:16:3c:cd:b4:dd:78:7d:94:78:04:
85:64:e5:46:52:41:89:da:50:f5:1c:2f:b8:09:13:16:89:1f:
97:98:b4:9b:4e:4d:9b:20:ee:6d:9e:08:7c:5e:89:16:3c:68:
0d:4f:58:e7:a4:b7:7e:22:8c:cd:15:9c:09:8d:11:83:70:87:
e1:5f:82:04:c4:15:2c:29:ca:d2:da:13:db:23:f7:fb:28:18:
d3:12:c7:c7:b4:68:2a:27:9d:54:50:84:4c:ca:41:75:74:e4:
3c:41:ef:26:8d:ad:4d:d7:36:68:45:6d:49:52:6b:4a:05:d4:
18:cc:fc:ab:0f:97:5d:86:a1:a1:80:69:21:ae:c0:4e:55:ad:
a0:e4:00:e1:0d:28:0c:09:4c:58:9d:21:4f:d1:4e:55:18:e6:
11:56:42:be:73:ce:e6:0f:70:59:d7:6c:c2:48:0c:fa:4b:44:
b0:ee:0a:4e
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVwOYJNTizoJXqLTfDclmu4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YjY2NmNiMGU1NDk2MTE2ZWI3YWU2NzE0ZDkwNTUzMDli
YTY5YWMwHhcNMjMwMTAyMDIwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWNkNWRlNWVlYjE5Mjk4YmRjYzYzMDI1ZjMwZTBlNjQzYjZmNjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1vf/hDyUj1Uy3V2KneHuYjYNOYx
ArhMWhhAIuI9X1X8Gnf+jNs7jbmvEpvaKhHUgQHIFtJIYLImYEz89qHcQI8i1Pch
T4R/tKD5gvnvUjcPAuhDofFOPPp1wQDhXoOoBA1sg3Z9XEwvLg6rA04nwNdFLlh4
ULwCLFr43qjjz1Je+3NQucbOlsnkZ5drf/6SK4wizPKVaBu9x3oblL4vo3jsQ4WM
HWQAk7cvlkDx/jgdpHBJ5o6XM1EjKQwNOc+hCE5Yql9BjanT9jX8WYiXFaoV/RBB
UgfqI4fw7df88g3CE5ZArFyA8J5lK6KSo2tL/mXyvpiQaetOnQN0/BH5oQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFLXNXeXusZKYvcxjAl8w4OZDtvZ8MB8GA1UdIwQY
MBaAFKS2ZssOVJYRbreuZxTZBVMJummsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcExabXl3NVVsaEZ1dDY1bkZOa0ZVd202YWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9mNzQyODAtY2M2ZC00MWMxLTg1OGEt
YjUzNjgzMzBiYWYyLzEvdGMxZDVlNnhrcGk5ekdNQ1h6RGc1a08yOW53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9mNzQyODAtY2M2ZC00MWMxLTg1OGEtYjUzNjgzMzBiYWYy
LzEvcExabXl3NVVsaEZ1dDY1bkZOa0ZVd202YWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDXo6YAwQD
sAogAwQEsDngAwQCuRn8AwQCuam8MA0EAgACMAcDBQMqBqEAMA0GCSqGSIb3DQEB
CwUAA4IBAQB8txvb07KHSgGNHGQIYwS714CWqKjpw7Hw2IeYwGvWn2TSNF41cUg6
MFz4OSoNgEmwr8dCNDo5hs8SnVXdzwH+whiJE7vtkIX14g+7gUuCaRY8zbTdeH2U
eASFZOVGUkGJ2lD1HC+4CRMWiR+XmLSbTk2bIO5tngh8XokWPGgNT1jnpLd+IozN
FZwJjRGDcIfhX4IExBUsKcrS2hPbI/f7KBjTEsfHtGgqJ51UUIRMykF1dOQ8Qe8m
ja1N1zZoRW1JUmtKBdQYzPyrD5ddhqGhgGkhrsBOVa2g5ADhDSgMCUxYnSFP0U5V
GOYRVkK+c87mD3BZ12zCSAz6S0Sw7gpO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:30 2024 by rpki-client on console-ams.rpki-client.org