Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/tbFUsumEMGqNJRxCLLsvdbtOqAA.roa
File: tbFUsumEMGqNJRxCLLsvdbtOqAA.roa (raw, json)
Hash identifier: 3/zGvygiAoxZgHTslnYsaDS4gxp4LnGDgIs4sr1wuQY=
Subject key identifier: B5:B1:54:B2:E9:84:30:6A:8D:25:1C:42:2C:BB:2F:75:BB:4E:A8:00
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 01856FF93D290CB7035FF95462603318FDCE
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/tbFUsumEMGqNJRxCLLsvdbtOqAA.roa
Signing time: Mon 02 Jan 2023 00:54:43 +0000
ROA not before: Mon 02 Jan 2023 00:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39519
IP address blocks: 194.107.165.0/24 maxlen: 24
2001:4ba2::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 03 Feb 2023 08:54:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:3d:29:0c:b7:03:5f:f9:54:62:60:33:18:fd:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Jan 2 00:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5b154b2e984306a8d251c422cbb2f75bb4ea800
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:6c:30:92:2c:e0:9c:35:a7:44:c7:1d:fb:0f:
40:44:64:6b:22:13:c5:5c:e5:78:7b:99:1a:10:6f:
b1:d1:1c:1e:54:72:76:8f:ef:d8:cc:0d:66:49:e3:
42:de:17:ae:01:75:b9:ce:c9:2e:f5:7a:80:e1:fc:
e0:9e:35:ae:46:04:9b:08:cc:9f:f0:37:a1:61:c8:
cb:57:2a:c8:1c:4f:da:d7:2b:a2:97:ad:50:85:4c:
e4:b4:af:fa:b0:f3:e3:f1:23:d4:fb:7d:3e:7a:93:
58:cb:27:99:72:6c:d9:d9:16:13:8b:87:aa:36:7d:
3c:79:83:fb:8c:39:4d:d3:dd:2d:90:70:7a:bf:0a:
4f:00:86:9f:1e:08:b5:ab:af:bd:cb:30:ab:4c:0c:
1c:2c:2c:32:30:65:0b:b2:09:29:6a:a4:ad:ad:57:
d9:5f:d4:ee:9c:f5:40:92:41:27:a2:b8:18:08:9c:
87:f3:ea:72:92:87:32:66:ef:36:d2:73:c6:ee:20:
c4:bb:5f:08:20:10:22:bd:42:c7:29:f2:47:b6:80:
a8:12:7d:ff:14:65:df:c6:85:a5:87:69:b6:6a:90:
cd:45:aa:ca:c6:02:a3:e4:6b:e8:67:3d:e6:72:09:
75:09:b5:91:f1:cc:d2:15:02:82:91:0b:98:f4:d7:
db:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:B1:54:B2:E9:84:30:6A:8D:25:1C:42:2C:BB:2F:75:BB:4E:A8:00
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/tbFUsumEMGqNJRxCLLsvdbtOqAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.107.165.0/24
IPv6:
2001:4ba2::/32
Signature Algorithm: sha256WithRSAEncryption
c2:07:7c:fb:d5:91:a9:a3:62:02:79:51:48:49:a9:99:2b:e9:
67:40:d6:a0:9e:ad:05:b5:31:e1:98:39:89:b4:c2:db:a1:9b:
11:37:26:a6:b1:68:61:c4:d2:22:3d:7f:8b:d6:e0:ca:b5:3d:
bc:5d:99:8b:66:b8:a4:e0:13:72:66:ca:55:1b:6b:72:31:2d:
c4:18:f0:df:f5:a6:bd:89:25:7c:29:c5:eb:44:59:01:df:81:
40:da:fe:71:db:30:4c:ef:87:47:a6:39:41:d1:9b:4f:ba:de:
b7:a2:08:f6:5b:46:a0:18:a8:04:1d:70:1a:80:71:8e:23:94:
4a:43:92:cf:1c:20:df:d4:ce:75:64:ff:a5:97:75:bf:3d:a0:
2c:f6:08:a2:ff:ff:c4:1a:4f:99:c2:f0:91:82:b7:99:4d:3b:
73:00:ab:e3:a5:5c:51:9a:09:ab:fe:28:62:9f:59:29:74:eb:
fa:ac:51:18:99:b6:f5:af:82:3b:0d:33:49:d6:d0:ef:aa:9c:
af:ff:b6:78:ac:a4:40:1c:74:f3:7d:11:f8:35:67:a8:54:79:
eb:47:63:7d:34:f2:dd:2b:fa:84:6b:0d:5e:35:fe:68:c4:5d:
fd:9c:55:60:de:34:f8:a0:eb:42:b4:1f:5a:16:16:fd:85:ad:
cc:20:cc:7a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVv+T0pDLcDX/lUYmAzGP3OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjMwMTAyMDA1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWIxNTRiMmU5ODQzMDZhOGQyNTFjNDIyY2JiMmY3NWJiNGVhODAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzmwwkizgnDWnRMcd+w9ARGRrIhPF
XOV4e5kaEG+x0RweVHJ2j+/YzA1mSeNC3heuAXW5zsku9XqA4fzgnjWuRgSbCMyf
8DehYcjLVyrIHE/a1yuil61QhUzktK/6sPPj8SPU+30+epNYyyeZcmzZ2RYTi4eq
Nn08eYP7jDlN090tkHB6vwpPAIafHgi1q6+9yzCrTAwcLCwyMGULsgkpaqStrVfZ
X9TunPVAkkEnorgYCJyH8+pykocyZu820nPG7iDEu18IIBAivULHKfJHtoCoEn3/
FGXfxoWlh2m2apDNRarKxgKj5GvoZz3mcgl1CbWR8czSFQKCkQuY9NfbaQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLWxVLLphDBqjSUcQiy7L3W7TqgAMB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEvdGJGVXN1bUVNR3FOSlJ4Q0xMc3ZkYnRPcUFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwmulMA0E
AgACMAcDBQAgAUuiMA0GCSqGSIb3DQEBCwUAA4IBAQDCB3z71ZGpo2ICeVFISamZ
K+lnQNagnq0FtTHhmDmJtMLboZsRNyamsWhhxNIiPX+L1uDKtT28XZmLZrik4BNy
ZspVG2tyMS3EGPDf9aa9iSV8KcXrRFkB34FA2v5x2zBM74dHpjlB0ZtPut63ogj2
W0agGKgEHXAagHGOI5RKQ5LPHCDf1M51ZP+ll3W/PaAs9gii///EGk+ZwvCRgreZ
TTtzAKvjpVxRmgmr/ihin1kpdOv6rFEYmbb1r4I7DTNJ1tDvqpyv/7Z4rKRAHHTz
fRH4NWeoVHnrR2N9NPLdK/qEaw1eNf5oxF39nFVg3jT4oOtCtB9aFhb9ha3MIMx6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:21 2024 by rpki-client on console-ams.rpki-client.org