Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/TpvBpcNrBej9cLKAHB5Bqv1diak.roa
File: TpvBpcNrBej9cLKAHB5Bqv1diak.roa (raw, json)
Hash identifier: gc33ax5Y3dDxp15x94BXYEyp1BlZvHp3MHapbxHtYaQ=
Subject key identifier: 4E:9B:C1:A5:C3:6B:05:E8:FD:70:B2:80:1C:1E:41:AA:FD:5D:89:A9
Certificate issuer: /CN=64d171f93cc1ca716fc806e36a55852cdf4f1c1c
Certificate serial: 018572A809903CF37EB83F35B94AB8BEBF7A
Authority key identifier: 64:D1:71:F9:3C:C1:CA:71:6F:C8:06:E3:6A:55:85:2C:DF:4F:1C:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZNFx-TzBynFvyAbjalWFLN9PHBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/TpvBpcNrBej9cLKAHB5Bqv1diak.roa
Signing time: Mon 02 Jan 2023 13:24:53 +0000
ROA not before: Mon 02 Jan 2023 13:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47962
IP address blocks: 176.106.224.0/24 maxlen: 24
176.106.230.0/24 maxlen: 24
37.122.152.0/22 maxlen: 22
37.122.153.0/24 maxlen: 24
37.122.157.0/24 maxlen: 24
37.122.156.0/23 maxlen: 23
37.122.156.0/24 maxlen: 24
37.122.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 Mar 2023 12:57:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:a8:09:90:3c:f3:7e:b8:3f:35:b9:4a:b8:be:bf:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64d171f93cc1ca716fc806e36a55852cdf4f1c1c
Validity
Not Before: Jan 2 13:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e9bc1a5c36b05e8fd70b2801c1e41aafd5d89a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:15:43:ec:91:0a:b9:48:f5:db:a0:27:ab:a3:
78:0e:58:17:4c:8e:e2:4d:c0:28:1c:65:46:25:2a:
b6:1b:13:62:0b:03:38:fa:56:9e:f1:6c:77:d1:e3:
bf:46:a4:e7:a7:f4:6b:b7:7e:2b:3c:66:fc:c8:35:
f0:99:9c:9a:02:5e:95:8c:40:c3:22:9b:c9:7f:00:
a8:6f:a6:99:f9:4a:f8:70:50:2e:ec:c9:9f:83:4d:
16:af:21:b5:74:46:19:d7:98:08:25:ab:1d:b7:9e:
a6:37:27:9b:2e:d4:9e:81:91:d9:10:71:9f:01:d5:
58:9c:67:17:c4:e8:d8:e4:93:64:e0:b5:a5:fc:19:
ed:38:9b:83:47:27:6f:03:f8:2c:4c:55:8c:0d:45:
34:d6:4e:71:44:d6:b7:2e:b9:5a:84:39:0c:bd:6a:
25:8f:e9:ae:97:64:5a:4d:29:40:73:cc:58:3f:1f:
0a:c5:7e:eb:00:0e:ee:ac:d9:13:79:15:97:a9:32:
20:ce:a4:c6:24:88:24:6b:d8:32:84:68:00:a5:b2:
22:d0:e0:ae:e1:43:7f:ef:4c:fd:c6:d7:f3:f6:fb:
94:a2:ec:6e:b7:47:d3:d4:a0:c8:1c:f7:06:d6:f7:
8d:6e:de:ca:b9:52:16:e8:73:0f:47:c7:b1:0a:7e:
a2:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:9B:C1:A5:C3:6B:05:E8:FD:70:B2:80:1C:1E:41:AA:FD:5D:89:A9
X509v3 Authority Key Identifier:
keyid:64:D1:71:F9:3C:C1:CA:71:6F:C8:06:E3:6A:55:85:2C:DF:4F:1C:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNFx-TzBynFvyAbjalWFLN9PHBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/TpvBpcNrBej9cLKAHB5Bqv1diak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/ZNFx-TzBynFvyAbjalWFLN9PHBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.122.152.0-37.122.157.255
176.106.224.0/24
176.106.230.0/24
Signature Algorithm: sha256WithRSAEncryption
22:f2:85:ba:81:c1:3a:da:91:c2:45:98:c5:9f:09:d7:f5:e9:
3d:40:c5:fe:2d:ce:3d:a3:ee:da:6d:13:fe:22:55:ec:17:69:
e8:63:14:15:c0:ed:ff:a2:34:3c:5e:2b:1e:8d:59:ca:0b:88:
ce:a3:2a:64:82:41:2e:66:d5:37:1b:c4:2a:50:7d:3b:8c:c0:
2a:77:91:1c:0e:50:ec:92:40:f1:e2:80:f0:47:93:62:4d:1b:
b6:97:bd:3d:c1:26:9b:3b:dd:67:97:e5:e1:a7:1b:c7:db:3b:
ca:6d:2b:ba:17:7f:2d:5f:77:47:c8:39:cb:80:b5:ea:31:5a:
10:05:40:83:ce:5b:4c:d5:dc:de:79:93:5c:ba:23:81:c9:4b:
fb:76:c8:54:a4:d5:75:1e:df:e6:c5:5a:4b:b9:72:70:80:32:
79:06:ee:df:a1:7e:81:0e:5a:bf:2f:c5:33:28:5d:f5:50:d6:
db:6a:9a:c8:b5:d9:1a:c5:d6:1d:e8:70:7f:c5:f3:98:da:16:
6e:a5:a4:a4:38:77:51:ef:13:38:c5:7a:89:a2:43:eb:5b:0c:
e6:3e:d8:c0:66:cb:2c:0c:65:b4:1f:d0:42:0a:3a:51:47:93:
ac:57:5c:1b:79:b6:1b:26:bb:3b:be:1e:99:15:15:fe:b1:27:
51:e6:75:8e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVyqAmQPPN+uD81uUq4vr96MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZDE3MWY5M2NjMWNhNzE2ZmM4MDZlMzZhNTU4NTJjZGY0
ZjFjMWMwHhcNMjMwMTAyMTMyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTliYzFhNWMzNmIwNWU4ZmQ3MGIyODAxYzFlNDFhYWZkNWQ4OWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphVD7JEKuUj126Anq6N4DlgXTI7i
TcAoHGVGJSq2GxNiCwM4+lae8Wx30eO/RqTnp/Rrt34rPGb8yDXwmZyaAl6VjEDD
IpvJfwCob6aZ+Ur4cFAu7Mmfg00WryG1dEYZ15gIJasdt56mNyebLtSegZHZEHGf
AdVYnGcXxOjY5JNk4LWl/BntOJuDRydvA/gsTFWMDUU01k5xRNa3LrlahDkMvWol
j+mul2RaTSlAc8xYPx8KxX7rAA7urNkTeRWXqTIgzqTGJIgka9gyhGgApbIi0OCu
4UN/70z9xtfz9vuUouxut0fT1KDIHPcG1veNbt7KuVIW6HMPR8exCn6imwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFE6bwaXDawXo/XCygBweQar9XYmpMB8GA1UdIwQY
MBaAFGTRcfk8wcpxb8gG42pVhSzfTxwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5GeC1UekJ5bkZ2eUFiamFsV0ZMTjlQSEJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9mMmQ5ZGYtMTZlYi00NDllLTgzZjAt
YTQ2MzVkZjQ3ZDcwLzEvVHB2QnBjTnJCZWo5Y0xLQUhCNUJxdjFkaWFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9mMmQ5ZGYtMTZlYi00NDllLTgzZjAtYTQ2MzVkZjQ3ZDcw
LzEvWk5GeC1UekJ5bkZ2eUFiamFsV0ZMTjlQSEJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAMlepgD
BAElepwDBACwauADBACwauYwDQYJKoZIhvcNAQELBQADggEBACLyhbqBwTrakcJF
mMWfCdf16T1Axf4tzj2j7tptE/4iVewXaehjFBXA7f+iNDxeKx6NWcoLiM6jKmSC
QS5m1TcbxCpQfTuMwCp3kRwOUOySQPHigPBHk2JNG7aXvT3BJps73WeX5eGnG8fb
O8ptK7oXfy1fd0fIOcuAteoxWhAFQIPOW0zV3N55k1y6I4HJS/t2yFSk1XUe3+bF
Wku5cnCAMnkG7t+hfoEOWr8vxTMoXfVQ1ttqmsi12RrF1h3ocH/F85jaFm6lpKQ4
d1HvEzjFeomiQ+tbDOY+2MBmyywMZbQf0EIKOlFHk6xXXBt5thsmuzu+HpkVFf6x
J1HmdY4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:16 2024 by rpki-client on console-ams.rpki-client.org