Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/TaZIfm0l9lGL8TQW6PTfr0f25kw.roa
File: TaZIfm0l9lGL8TQW6PTfr0f25kw.roa (raw, json)
Hash identifier: TJj38vYUcioam5lB3urBOl0HVZs+TH8SZa5Zn6AraKI=
Subject key identifier: 4D:A6:48:7E:6D:25:F6:51:8B:F1:34:16:E8:F4:DF:AF:47:F6:E6:4C
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 018B7FFA0E89397B1E12CBCD065CFD686D7A
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/TaZIfm0l9lGL8TQW6PTfr0f25kw.roa
Signing time: Mon 30 Oct 2023 09:46:15 +0000
ROA not before: Mon 30 Oct 2023 09:46:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52073
IP address blocks: 2.58.198.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:7f:fa:0e:89:39:7b:1e:12:cb:cd:06:5c:fd:68:6d:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Oct 30 09:46:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4da6487e6d25f6518bf13416e8f4dfaf47f6e64c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:4a:4c:b2:d8:4d:cf:bc:be:32:60:fb:b1:b4:
8c:c4:d6:02:de:1a:cf:73:60:82:6b:ba:26:00:97:
bd:66:20:5e:ff:b1:b3:da:88:89:70:67:07:f0:e0:
34:a7:ba:91:7b:66:1c:89:b7:a5:a0:86:7a:bd:58:
8b:4b:29:b5:81:ec:69:b5:c7:0e:2a:1d:29:c2:e9:
fa:02:0d:1a:fa:5e:cc:d2:e0:ba:55:5d:4f:2f:3d:
50:0c:87:26:7d:2d:a4:8c:a2:1d:27:d7:0f:eb:b6:
bc:69:c5:92:d8:ae:49:b5:aa:d2:31:4f:01:d3:13:
f8:94:11:c0:81:57:52:87:d2:0b:d5:6f:eb:2c:78:
59:f7:09:02:56:87:7a:58:ba:67:da:e8:91:39:87:
a7:97:33:2a:06:b6:83:87:05:30:83:a8:27:34:59:
ec:51:50:b6:1e:5d:36:51:00:60:3f:b7:f0:89:3a:
75:ad:e3:f0:18:31:7b:e2:f0:b2:0e:53:a1:6b:66:
7b:df:ce:6e:99:94:d0:83:6c:f7:76:9b:f4:40:79:
ee:2e:63:54:33:b5:04:64:b4:4c:59:71:d7:fd:37:
97:ab:de:18:bc:51:aa:33:7d:8a:c9:bd:83:77:6d:
b0:67:0b:e8:4b:df:41:35:3f:db:f7:8b:4a:fa:82:
04:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:A6:48:7E:6D:25:F6:51:8B:F1:34:16:E8:F4:DF:AF:47:F6:E6:4C
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/TaZIfm0l9lGL8TQW6PTfr0f25kw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.198.0/23
Signature Algorithm: sha256WithRSAEncryption
49:64:12:db:8a:c4:24:f8:64:3e:cb:76:82:3d:9b:3d:c6:32:
dd:ad:ad:08:f6:17:9d:20:f7:a9:36:de:fd:43:bf:7f:35:d0:
50:6c:b9:c4:4e:bf:c7:40:ed:e2:da:36:93:7f:cc:c0:1f:83:
d8:ac:de:61:6a:74:8b:1f:92:71:18:3c:81:45:eb:2a:29:06:
76:f1:84:6f:95:c9:da:50:94:61:50:c5:4d:3d:ad:23:fb:60:
47:7b:df:8a:ae:c8:ca:23:91:43:27:0e:f3:ee:a7:06:51:31:
7d:3a:bb:4a:3a:d5:a7:3e:62:a0:86:aa:f0:dd:d7:10:0f:31:
11:46:52:be:0e:f8:53:30:0c:1d:ab:39:92:f6:7d:29:03:51:
00:b3:ec:d1:54:0e:25:6c:a9:00:8b:2f:d3:99:42:16:b4:8b:
11:24:bd:39:da:11:8a:ea:eb:ff:82:8b:7f:6c:4b:65:64:b5:
cd:d6:d3:e0:fc:7d:3c:4e:e0:01:eb:6b:c9:81:2b:65:0c:1f:
82:0d:e0:66:93:15:fe:00:87:49:29:7c:6d:e1:c1:fc:06:96:
65:5e:39:91:f6:56:7f:38:0e:8e:97:e2:f4:f1:4a:ae:95:a5:
55:80:a2:0e:db:65:f4:1e:70:c7:0a:ba:26:21:53:55:1e:04:
3c:38:ef:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYt/+g6JOXseEsvNBlz9aG16MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMxMDMwMDk0NjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGE2NDg3ZTZkMjVmNjUxOGJmMTM0MTZlOGY0ZGZhZjQ3ZjZlNjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6UpMsthNz7y+MmD7sbSMxNYC3hrP
c2CCa7omAJe9ZiBe/7Gz2oiJcGcH8OA0p7qRe2YcibeloIZ6vViLSym1gexptccO
Kh0pwun6Ag0a+l7M0uC6VV1PLz1QDIcmfS2kjKIdJ9cP67a8acWS2K5JtarSMU8B
0xP4lBHAgVdSh9IL1W/rLHhZ9wkCVod6WLpn2uiROYenlzMqBraDhwUwg6gnNFns
UVC2Hl02UQBgP7fwiTp1rePwGDF74vCyDlOha2Z7385umZTQg2z3dpv0QHnuLmNU
M7UEZLRMWXHX/TeXq94YvFGqM32Kyb2Dd22wZwvoS99BNT/b94tK+oIEdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE2mSH5tJfZRi/E0Fuj0369H9uZMMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvVGFaSWZtMGw5bEdMOFRRVzZQVGZyMGYyNWt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBAjrGMA0G
CSqGSIb3DQEBCwUAA4IBAQBJZBLbisQk+GQ+y3aCPZs9xjLdra0I9hedIPepNt79
Q79/NdBQbLnETr/HQO3i2jaTf8zAH4PYrN5hanSLH5JxGDyBResqKQZ28YRvlcna
UJRhUMVNPa0j+2BHe9+KrsjKI5FDJw7z7qcGUTF9OrtKOtWnPmKghqrw3dcQDzER
RlK+DvhTMAwdqzmS9n0pA1EAs+zRVA4lbKkAiy/TmUIWtIsRJL052hGK6uv/got/
bEtlZLXN1tPg/H08TuAB62vJgStlDB+CDeBmkxX+AIdJKXxt4cH8BpZlXjmR9lZ/
OA6Ol+L08UqulaVVgKIO22X0HnDHCromIVNVHgQ8OO+/
-----END CERTIFICATE-----
Generated at Thu Nov 2 15:41:40 2023 by rpki-client on console-fra.rpki-client.org