Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/Tb2of_GnfVcm9KyAV5tj9NW9yEY.roa
File: Tb2of_GnfVcm9KyAV5tj9NW9yEY.roa (raw, json)
Hash identifier: Cclk3uskO6TN1zQwCfenkuLGfaaR00c1yrXNZ0p9kig=
Subject key identifier: 4D:BD:A8:7F:F1:A7:7D:57:26:F4:AC:80:57:9B:63:F4:D5:BD:C8:46
Certificate issuer: /CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Certificate serial: 018BF03F4A687D790A7D7ABDA3792EA14522
Authority key identifier: 0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/Tb2of_GnfVcm9KyAV5tj9NW9yEY.roa
Signing time: Tue 21 Nov 2023 04:59:21 +0000
ROA not before: Tue 21 Nov 2023 04:59:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200590
IP address blocks: 193.106.98.0/24 maxlen: 24
91.231.66.0/24 maxlen: 24
91.231.67.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f0:3f:4a:68:7d:79:0a:7d:7a:bd:a3:79:2e:a1:45:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Validity
Not Before: Nov 21 04:59:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4dbda87ff1a77d5726f4ac80579b63f4d5bdc846
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:02:f3:37:8f:c4:f8:00:fe:44:a8:b4:e1:10:
bc:33:19:e0:30:ef:3b:8f:a4:0c:6d:bc:38:fb:67:
04:b1:66:d6:6b:d6:f9:06:8d:3f:04:2b:ff:41:84:
10:82:18:e7:be:e5:7a:4c:93:38:8d:74:21:90:6c:
2e:35:ca:b9:f4:ee:cc:3d:f3:5b:0b:90:65:32:81:
6b:1f:de:55:bf:bd:06:34:90:5a:7c:06:dc:48:d7:
ac:cb:27:9a:10:88:12:a5:d0:7e:20:da:54:dc:1b:
e2:c5:8a:ee:5d:af:3f:40:8d:70:4a:ee:55:ea:e0:
d8:6f:19:50:e2:c7:c2:bf:a2:ad:8c:a8:31:7f:ca:
0d:96:2d:b8:9e:dd:6d:e4:42:aa:3f:a3:82:62:67:
be:bf:e6:d9:66:96:6d:00:32:1c:d6:4c:26:93:df:
63:a2:6d:4f:40:ef:06:db:cd:be:bc:f7:ea:3e:9a:
16:ee:4b:73:41:d3:45:45:6b:db:10:78:cf:6f:17:
9f:62:09:41:77:28:c7:5a:35:dc:1a:8b:41:3d:d8:
77:16:b6:c0:c1:33:1c:16:9a:87:6e:4f:51:8e:69:
37:f1:23:ea:6b:03:eb:7f:e1:4f:81:db:14:bb:1e:
58:9d:ec:20:2e:4f:65:61:49:df:f4:bb:e0:68:be:
f4:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:BD:A8:7F:F1:A7:7D:57:26:F4:AC:80:57:9B:63:F4:D5:BD:C8:46
X509v3 Authority Key Identifier:
keyid:0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/Tb2of_GnfVcm9KyAV5tj9NW9yEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.66.0/23
193.106.98.0/24
Signature Algorithm: sha256WithRSAEncryption
20:3a:dc:a0:a7:87:8e:4d:0a:c6:d0:74:3f:3f:81:61:cd:2f:
3a:af:ad:98:90:da:83:19:7e:1e:2d:c6:6d:63:bb:92:f6:a1:
b3:16:e4:27:e9:b2:69:ce:bd:74:8c:9c:df:9c:a2:a7:5e:7b:
7a:8a:4b:4f:44:79:3d:27:3c:5e:2e:45:20:81:03:23:bf:72:
df:e0:ac:ac:00:01:6a:af:11:bc:4a:3f:9f:9d:d0:e0:0c:d2:
16:d5:b8:a4:c1:70:db:aa:ce:fc:9f:0d:87:10:e2:e2:f9:6a:
9f:84:40:60:3a:72:3d:8a:ff:1c:ce:c4:75:83:92:18:b0:47:
af:42:78:eb:14:50:90:c1:fc:a8:31:5e:d2:41:97:f3:43:7d:
cf:49:83:51:cd:ad:d4:63:27:99:99:da:f1:f0:a0:07:ca:17:
95:ef:a4:f4:07:64:8b:8c:cd:a7:c6:53:fc:8e:f1:16:61:10:
91:93:63:6e:72:84:10:34:45:c4:41:b2:5e:ae:eb:7f:3b:41:
e4:c8:23:68:87:37:2b:9e:31:f6:b5:27:be:08:b4:56:f6:51:
51:61:ea:8c:ca:f6:fa:3c:96:1a:1d:c0:61:c6:90:46:7e:d9:
b7:55:1d:6a:73:f3:a9:f3:dc:96:df:45:a1:a3:ea:50:80:67:
66:e7:c1:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvwP0pofXkKfXq9o3kuoUUiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNzMyNzgwNWRmMjBmYjVjMWQ2ZjRlODkwNzQ3NDNjYWVi
MjRhZjcwHhcNMjMxMTIxMDQ1OTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGJkYTg3ZmYxYTc3ZDU3MjZmNGFjODA1NzliNjNmNGQ1YmRjODQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgLzN4/E+AD+RKi04RC8MxngMO87
j6QMbbw4+2cEsWbWa9b5Bo0/BCv/QYQQghjnvuV6TJM4jXQhkGwuNcq59O7MPfNb
C5BlMoFrH95Vv70GNJBafAbcSNesyyeaEIgSpdB+INpU3BvixYruXa8/QI1wSu5V
6uDYbxlQ4sfCv6KtjKgxf8oNli24nt1t5EKqP6OCYme+v+bZZpZtADIc1kwmk99j
om1PQO8G282+vPfqPpoW7ktzQdNFRWvbEHjPbxefYglBdyjHWjXcGotBPdh3FrbA
wTMcFpqHbk9Rjmk38SPqawPrf+FPgdsUux5YnewgLk9lYUnf9LvgaL70cQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE29qH/xp31XJvSsgFebY/TVvchGMB8GA1UdIwQY
MBaAFApzJ4Bd8g+1wdb06JB0dDyuskr3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEt
MTBiYjQ1NzlkNTI4LzEvVGIyb2ZfR25mVmNtOUt5QVY1dGo5Tlc5eUVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEtMTBiYjQ1NzlkNTI4
LzEvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+dCAwQA
wWpiMA0GCSqGSIb3DQEBCwUAA4IBAQAgOtygp4eOTQrG0HQ/P4FhzS86r62YkNqD
GX4eLcZtY7uS9qGzFuQn6bJpzr10jJzfnKKnXnt6iktPRHk9JzxeLkUggQMjv3Lf
4KysAAFqrxG8Sj+fndDgDNIW1bikwXDbqs78nw2HEOLi+WqfhEBgOnI9iv8czsR1
g5IYsEevQnjrFFCQwfyoMV7SQZfzQ33PSYNRza3UYyeZmdrx8KAHyheV76T0B2SL
jM2nxlP8jvEWYRCRk2NucoQQNEXEQbJerut/O0HkyCNohzcrnjH2tSe+CLRW9lFR
YeqMyvb6PJYaHcBhxpBGftm3VR1qc/Op89yW30Who+pQgGdm58Eb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:06 2024 by rpki-client on console-ams.rpki-client.org