Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/d559b2-4b33-4f8d-9d21-ba71fbdb0374/1/TilbD6cGI4pC119DDyn4Y60x7XQ.roa
File: TilbD6cGI4pC119DDyn4Y60x7XQ.roa (raw, json)
Hash identifier: DgImOdk2KV3HYxVXoj/E2oWSRJxXPSMiQqURbnC4QW8=
Subject key identifier: 4E:29:5B:0F:A7:06:23:8A:42:D7:5F:43:0F:29:F8:63:AD:31:ED:74
Certificate issuer: /CN=92686c852f36fbe9fc8be77c409b5226a6ee54d5
Certificate serial: 01856CF843AB786F6D05FEA7CF80E5CEDA32
Authority key identifier: 92:68:6C:85:2F:36:FB:E9:FC:8B:E7:7C:40:9B:52:26:A6:EE:54:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kmhshS82--n8i-d8QJtSJqbuVNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/d559b2-4b33-4f8d-9d21-ba71fbdb0374/1/TilbD6cGI4pC119DDyn4Y60x7XQ.roa
Signing time: Sun 01 Jan 2023 10:54:47 +0000
ROA not before: Sun 01 Jan 2023 10:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33848
IP address blocks: 141.36.0.0/16 maxlen: 27
192.109.218.0/24 maxlen: 27
185.152.96.0/22 maxlen: 27
84.21.32.0/19 maxlen: 27
147.12.96.0/19 maxlen: 27
2a00:4980::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:43:ab:78:6f:6d:05:fe:a7:cf:80:e5:ce:da:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92686c852f36fbe9fc8be77c409b5226a6ee54d5
Validity
Not Before: Jan 1 10:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e295b0fa706238a42d75f430f29f863ad31ed74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:80:f6:0d:37:86:5c:a8:82:b9:44:89:21:41:
f1:cb:d8:16:39:a7:96:ea:b3:1b:cd:dd:03:88:02:
54:c4:03:53:02:18:f7:25:e0:fd:34:98:3d:1b:9d:
87:cb:04:30:cc:ad:3a:5f:fc:8b:ba:b1:95:95:15:
32:18:b3:ac:4f:e9:a2:e7:36:45:9b:62:a5:34:89:
f7:2a:76:ec:c9:9d:6c:34:e3:50:7d:a2:87:07:e3:
60:50:30:da:00:f0:71:43:24:9c:3f:6f:a5:aa:77:
41:36:3d:b3:7f:1a:c7:19:24:f1:e9:d0:4e:39:dc:
30:22:a5:9a:8e:5e:d9:5e:38:5e:7a:7b:26:6d:1a:
0c:13:5a:31:5d:6f:72:b9:34:ce:ea:00:cc:b1:44:
d9:4d:b3:b1:6b:e7:37:1d:76:2d:c3:2e:6e:c9:76:
8e:4b:97:39:13:a0:f1:53:b2:b8:d3:6f:95:b0:2d:
74:75:d9:f7:91:ef:57:e6:31:88:50:4b:5c:b7:4c:
57:21:cc:00:8d:e8:32:66:56:8a:7b:e3:8a:fb:ae:
d4:e2:36:ba:d3:6e:70:e0:fa:a6:3c:c2:25:36:91:
85:38:4b:ae:eb:f4:60:e1:6d:c8:ff:16:54:c7:8f:
55:cc:30:77:54:bf:59:64:34:5e:70:e4:6b:ca:e7:
2a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:29:5B:0F:A7:06:23:8A:42:D7:5F:43:0F:29:F8:63:AD:31:ED:74
X509v3 Authority Key Identifier:
keyid:92:68:6C:85:2F:36:FB:E9:FC:8B:E7:7C:40:9B:52:26:A6:EE:54:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kmhshS82--n8i-d8QJtSJqbuVNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d559b2-4b33-4f8d-9d21-ba71fbdb0374/1/TilbD6cGI4pC119DDyn4Y60x7XQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d559b2-4b33-4f8d-9d21-ba71fbdb0374/1/kmhshS82--n8i-d8QJtSJqbuVNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.21.32.0/19
141.36.0.0/16
147.12.96.0/19
185.152.96.0/22
192.109.218.0/24
IPv6:
2a00:4980::/29
Signature Algorithm: sha256WithRSAEncryption
2d:59:a2:85:54:df:13:90:2a:80:16:bf:01:8b:a0:0b:73:95:
f0:73:04:cc:d1:bf:52:d3:81:c4:a0:b1:53:26:7d:1e:0f:ca:
6e:d7:9a:31:2c:7a:4e:4c:5f:2a:45:88:f4:f4:91:ef:48:c5:
a3:27:84:3f:1d:a4:22:81:6c:bf:a7:07:b4:dd:8a:65:b1:98:
8d:17:4d:a2:b2:fc:9d:d2:87:86:16:c1:8d:01:0b:f7:50:83:
68:25:97:2c:19:d1:c0:cd:d8:85:a5:42:74:b8:f7:43:c0:67:
34:dd:cf:28:4e:62:cd:ee:ff:cd:c6:2d:81:c0:3e:ce:fe:9f:
7a:f8:bb:d4:f7:2b:50:40:98:5d:e8:34:7c:01:4e:a1:bb:7f:
2e:8a:0d:b8:32:7d:28:e3:a0:16:27:bd:4d:64:62:ea:51:95:
e5:d5:53:e7:27:51:75:0a:38:93:58:81:0e:4f:45:7b:31:56:
72:79:7d:9e:26:d2:5a:8d:85:e3:81:5c:51:fc:6f:60:65:b3:
9d:a0:ce:69:b4:de:4f:49:bc:f6:1c:49:a4:1f:c0:e7:2f:9d:
44:58:6c:a9:6f:00:16:c1:a3:e8:49:d8:77:72:ed:a4:55:83:
be:c4:46:84:2e:95:ac:76:04:f0:7f:7f:18:38:a8:ef:c2:e6:
bb:61:38:38
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYVs+EOreG9tBf6nz4DlztoyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNjg2Yzg1MmYzNmZiZTlmYzhiZTc3YzQwOWI1MjI2YTZl
ZTU0ZDUwHhcNMjMwMTAxMTA1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTI5NWIwZmE3MDYyMzhhNDJkNzVmNDMwZjI5Zjg2M2FkMzFlZDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoD2DTeGXKiCuUSJIUHxy9gWOaeW
6rMbzd0DiAJUxANTAhj3JeD9NJg9G52HywQwzK06X/yLurGVlRUyGLOsT+mi5zZF
m2KlNIn3KnbsyZ1sNONQfaKHB+NgUDDaAPBxQyScP2+lqndBNj2zfxrHGSTx6dBO
OdwwIqWajl7ZXjheensmbRoME1oxXW9yuTTO6gDMsUTZTbOxa+c3HXYtwy5uyXaO
S5c5E6DxU7K402+VsC10ddn3ke9X5jGIUEtct0xXIcwAjegyZlaKe+OK+67U4ja6
025w4PqmPMIlNpGFOEuu6/Rg4W3I/xZUx49VzDB3VL9ZZDRecORryucqOQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFE4pWw+nBiOKQtdfQw8p+GOtMe10MB8GA1UdIwQY
MBaAFJJobIUvNvvp/IvnfECbUiam7lTVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva21oc2hTODItLW44aS1kOFFKdFNKcWJ1Vk5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9kNTU5YjItNGIzMy00ZjhkLTlkMjEt
YmE3MWZiZGIwMzc0LzEvVGlsYkQ2Y0dJNHBDMTE5RER5bjRZNjB4N1hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9kNTU5YjItNGIzMy00ZjhkLTlkMjEtYmE3MWZiZGIwMzc0
LzEva21oc2hTODItLW44aS1kOFFKdFNKcWJ1Vk5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwQFVBUgAwMA
jSQDBAWTDGADBAK5mGADBADAbdowDQQCAAIwBwMFAyoASYAwDQYJKoZIhvcNAQEL
BQADggEBAC1ZooVU3xOQKoAWvwGLoAtzlfBzBMzRv1LTgcSgsVMmfR4Pym7XmjEs
ek5MXypFiPT0ke9IxaMnhD8dpCKBbL+nB7TdimWxmI0XTaKy/J3Sh4YWwY0BC/dQ
g2gllywZ0cDN2IWlQnS490PAZzTdzyhOYs3u/83GLYHAPs7+n3r4u9T3K1BAmF3o
NHwBTqG7fy6KDbgyfSjjoBYnvU1kYupRleXVU+cnUXUKOJNYgQ5PRXsxVnJ5fZ4m
0lqNheOBXFH8b2Bls52gzmm03k9JvPYcSaQfwOcvnURYbKlvABbBo+hJ2Hdy7aRV
g77ERoQulax2BPB/fxg4qO/C5rthODg=
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:36 2024 by rpki-client on console-ams.rpki-client.org