Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/tiihDyggTlNrGs7qGS_6CynTVm0.roa
File: tiihDyggTlNrGs7qGS_6CynTVm0.roa (raw, json)
Hash identifier: 8R7q3JLHdHLUCTjCQJJQM9lDPx9qJ9zgL03pV3gIHvs=
Subject key identifier: B6:28:A1:0F:28:20:4E:53:6B:1A:CE:EA:19:2F:FA:0B:29:D3:56:6D
Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial: 018CC8DEDE5CA36BD736A2F05AF9157296D4
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/tiihDyggTlNrGs7qGS_6CynTVm0.roa
Signing time: Tue 02 Jan 2024 06:31:38 +0000
ROA not before: Tue 02 Jan 2024 06:31:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200420
IP address blocks: 212.110.157.0/24 maxlen: 24
192.109.248.0/24 maxlen: 24
185.76.82.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Jun 2024 09:53:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:de:5c:a3:6b:d7:36:a2:f0:5a:f9:15:72:96:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Validity
Not Before: Jan 2 06:31:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b628a10f28204e536b1aceea192ffa0b29d3566d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:a2:56:3b:78:20:bb:c3:df:6a:f2:c5:a3:79:
4f:cf:43:cd:97:d8:c7:0b:7e:c8:81:e2:24:54:76:
26:9d:c7:bf:da:26:74:77:94:ba:67:eb:fd:e9:93:
ca:2a:53:c2:dd:b6:88:ec:60:ce:f0:4e:b0:40:0e:
ff:8b:bc:b8:0b:a6:c2:e4:9a:63:08:c8:b2:91:93:
b3:0e:04:65:d5:8c:8a:1c:8b:8c:13:49:1b:62:40:
0b:72:43:a7:d2:45:6b:25:26:7b:88:e5:b1:c7:0f:
25:7e:68:e9:14:a7:04:da:71:13:2a:47:b5:9a:58:
95:b1:92:58:ae:ad:b5:59:e7:f7:c4:44:3f:a5:6a:
ce:c1:7b:83:5f:0e:a1:30:87:60:bd:3d:12:39:27:
1e:e0:0f:71:ea:60:5f:87:9e:2c:22:62:7d:fa:82:
62:47:fc:59:97:78:89:d0:0c:31:97:f7:4b:06:d8:
60:39:df:d4:4d:e5:f4:4b:a5:9b:51:af:c1:e0:0a:
73:49:fe:c2:e0:5d:be:10:d6:fa:87:07:23:66:b8:
2a:72:da:dd:3e:40:73:de:ba:27:fd:ab:b4:3d:b4:
5d:78:29:bd:8e:07:ac:fb:e2:d7:3b:33:f6:60:a0:
97:a4:5b:aa:3c:58:1b:ef:9f:bd:07:8e:d7:9e:e3:
99:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:28:A1:0F:28:20:4E:53:6B:1A:CE:EA:19:2F:FA:0B:29:D3:56:6D
X509v3 Authority Key Identifier:
keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/tiihDyggTlNrGs7qGS_6CynTVm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.76.82.0/24
192.109.248.0/24
212.110.157.0/24
Signature Algorithm: sha256WithRSAEncryption
79:4c:6f:7b:6c:65:73:a0:0c:d4:57:9d:89:71:ac:06:ee:2d:
60:24:51:80:4c:06:8b:76:97:8e:8d:29:f1:fd:7b:fd:ac:3b:
24:da:5e:96:00:95:5a:da:34:df:10:ed:53:20:7e:da:1f:45:
22:04:e2:0a:1e:55:34:b4:d1:d5:d9:57:81:b7:a6:58:b1:18:
89:27:c0:46:05:78:d4:9a:0d:e6:af:6b:d4:c3:a9:cb:dd:e2:
70:50:b5:29:ac:bc:47:b4:9b:23:82:41:45:19:b1:cb:aa:64:
59:38:4e:7c:d9:2a:dc:df:c5:10:ef:e7:84:15:57:cb:51:64:
80:31:56:1e:c3:58:cc:6f:a1:82:d3:eb:a1:2b:33:1b:54:01:
95:32:48:f9:ad:bf:5a:3d:45:3a:9e:7e:21:79:5e:b2:e2:fd:
74:73:f1:cb:dc:ce:b1:84:17:05:d4:ec:ea:a8:c5:f9:9b:a2:
55:61:02:7b:0d:7b:08:a6:fc:38:ed:8f:7d:10:46:8f:20:09:
2c:f0:e9:67:5b:a4:b9:a6:68:f7:c4:ce:81:d3:9a:09:46:6c:
34:bd:d8:52:c5:d1:96:c0:84:86:f7:c7:fd:2b:68:da:c8:15:
e3:1d:f5:5a:ed:9f:85:43:e0:af:5d:fc:9e:e6:4d:f5:29:b6:
5d:22:e4:43
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzI3t5co2vXNqLwWvkVcpbUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjQwMTAyMDYzMTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjI4YTEwZjI4MjA0ZTUzNmIxYWNlZWExOTJmZmEwYjI5ZDM1NjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgqJWO3ggu8PfavLFo3lPz0PNl9jH
C37IgeIkVHYmnce/2iZ0d5S6Z+v96ZPKKlPC3baI7GDO8E6wQA7/i7y4C6bC5Jpj
CMiykZOzDgRl1YyKHIuME0kbYkALckOn0kVrJSZ7iOWxxw8lfmjpFKcE2nETKke1
mliVsZJYrq21Wef3xEQ/pWrOwXuDXw6hMIdgvT0SOSce4A9x6mBfh54sImJ9+oJi
R/xZl3iJ0Awxl/dLBthgOd/UTeX0S6WbUa/B4ApzSf7C4F2+ENb6hwcjZrgqctrd
PkBz3ron/au0PbRdeCm9jges++LXOzP2YKCXpFuqPFgb75+9B47XnuOZlQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLYooQ8oIE5TaxrO6hkv+gsp01ZtMB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvdGlpaER5Z2dUbE5yR3M3cUdTXzZDeW5UVm0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuUxSAwQA
wG34AwQA1G6dMA0GCSqGSIb3DQEBCwUAA4IBAQB5TG97bGVzoAzUV52JcawG7i1g
JFGATAaLdpeOjSnx/Xv9rDsk2l6WAJVa2jTfEO1TIH7aH0UiBOIKHlU0tNHV2VeB
t6ZYsRiJJ8BGBXjUmg3mr2vUw6nL3eJwULUprLxHtJsjgkFFGbHLqmRZOE582Src
38UQ7+eEFVfLUWSAMVYew1jMb6GC0+uhKzMbVAGVMkj5rb9aPUU6nn4heV6y4v10
c/HL3M6xhBcF1OzqqMX5m6JVYQJ7DXsIpvw47Y99EEaPIAks8OlnW6S5pmj3xM6B
05oJRmw0vdhSxdGWwISG98f9K2jayBXjHfVa7Z+FQ+CvXfye5k31KbZdIuRD
-----END CERTIFICATE-----
Generated at Tue Jun 11 16:28:28 2024 by rpki-client on console-ams.rpki-client.org