Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/TJjyFX171DuLLNA5hkTS2GYO96s.roa
File: TJjyFX171DuLLNA5hkTS2GYO96s.roa (raw, json)
Hash identifier: gY1GbDD0djD9FnMWlHS2YmkxNF9Am9nGQwmugJmyyeU=
Subject key identifier: 4C:98:F2:15:7D:7B:D4:3B:8B:2C:D0:39:86:44:D2:D8:66:0E:F7:AB
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018E8A33A95ACEC55385B8F5F9EBB3293A63
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/TJjyFX171DuLLNA5hkTS2GYO96s.roa
Signing time: Fri 29 Mar 2024 12:33:45 +0000
ROA not before: Fri 29 Mar 2024 12:33:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34267
IP address blocks: 84.42.32.0/19 maxlen: 24
84.42.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Apr 2024 10:53:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:8a:33:a9:5a:ce:c5:53:85:b8:f5:f9:eb:b3:29:3a:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Mar 29 12:33:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c98f2157d7bd43b8b2cd0398644d2d8660ef7ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:fe:f4:b3:e2:3a:f3:c1:db:0b:9c:94:34:b9:
aa:d1:03:5d:ea:87:74:c7:f6:2e:20:bb:bd:7b:5b:
ee:6c:f7:59:3d:0c:c2:2a:2f:74:60:4e:b8:d2:f3:
51:f3:b2:4e:b0:68:a5:36:a5:11:a1:a8:03:98:cc:
52:ce:ae:9a:fe:11:b4:d1:16:d3:81:4f:6a:2d:af:
d5:41:e0:81:8c:cf:ba:1b:b2:45:ef:49:da:95:9e:
ad:14:63:8f:d5:cd:e6:07:00:8f:ed:8d:f0:57:01:
3c:28:b5:e5:e4:70:7f:99:8a:ce:79:4c:d1:74:3a:
c0:df:eb:8d:d5:c3:ca:23:9e:55:6c:c1:aa:8c:f6:
a1:b4:ee:8c:32:e0:81:a6:16:8a:d9:3f:4a:65:44:
70:8d:02:1b:86:95:24:29:08:c1:14:e3:e1:5f:86:
08:07:35:5f:9a:aa:39:6d:5c:86:8b:72:d6:11:a8:
60:1d:ca:7f:3f:0d:8e:48:47:93:f5:2b:8f:7a:0f:
de:2c:29:f9:4c:b0:43:1c:74:94:1c:2a:ca:c3:72:
27:ec:f4:77:9d:eb:75:12:67:75:fa:2b:93:f1:29:
fd:0a:b9:25:f2:79:34:5a:e8:3d:a2:82:fa:28:57:
f3:05:be:40:66:68:61:53:47:b1:2f:99:86:7a:e2:
4e:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:98:F2:15:7D:7B:D4:3B:8B:2C:D0:39:86:44:D2:D8:66:0E:F7:AB
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/TJjyFX171DuLLNA5hkTS2GYO96s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.42.32.0/19
84.42.72.0/21
Signature Algorithm: sha256WithRSAEncryption
08:09:b8:01:cc:90:7a:8d:9e:3d:c2:76:d0:35:43:80:ee:8d:
81:c9:02:d7:41:1c:5a:3e:7c:c3:a6:e5:6b:d3:7d:8d:da:f8:
6a:7c:78:50:e5:97:a1:21:5c:16:7b:ed:a6:ad:40:e8:3a:35:
d5:0f:8a:d9:ad:5b:c5:29:c5:c6:17:e6:f9:03:04:a3:2b:29:
b1:7b:36:04:83:29:82:00:3d:0d:ce:b9:1a:19:dc:a1:16:f5:
0d:9a:7e:3c:17:2f:6f:a6:af:b0:c4:5e:8d:fc:0b:d3:21:e7:
9c:55:95:34:19:e3:d0:47:1c:6b:45:67:0a:91:38:df:85:40:
f1:e7:0b:47:78:10:3c:77:4e:79:f7:ed:1e:ce:d2:28:3e:db:
24:97:30:d7:78:12:24:72:01:39:37:d3:3d:ad:17:f0:69:dd:
7f:fe:76:08:c1:3e:26:ef:9c:9a:ef:e2:e1:2c:d6:5b:a5:09:
f8:9a:e7:0c:e0:aa:75:46:af:17:8a:cf:cc:fb:87:6e:b3:16:
de:03:0f:30:af:1d:db:54:55:b4:41:ab:98:5e:c0:c8:ae:54:
dc:f6:00:b2:49:50:2e:43:6d:1d:b7:0c:e9:33:dc:70:49:dd:
86:66:a5:28:43:74:cd:72:59:07:ba:a5:a6:ca:84:e3:d1:2d:
d8:e4:53:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6KM6lazsVThbj1+euzKTpjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwMzI5MTIzMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yzk4ZjIxNTdkN2JkNDNiOGIyY2QwMzk4NjQ0ZDJkODY2MGVmN2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArP70s+I688HbC5yUNLmq0QNd6od0
x/YuILu9e1vubPdZPQzCKi90YE640vNR87JOsGilNqURoagDmMxSzq6a/hG00RbT
gU9qLa/VQeCBjM+6G7JF70nalZ6tFGOP1c3mBwCP7Y3wVwE8KLXl5HB/mYrOeUzR
dDrA3+uN1cPKI55VbMGqjPahtO6MMuCBphaK2T9KZURwjQIbhpUkKQjBFOPhX4YI
BzVfmqo5bVyGi3LWEahgHcp/Pw2OSEeT9SuPeg/eLCn5TLBDHHSUHCrKw3In7PR3
net1Emd1+iuT8Sn9Crkl8nk0Wug9ooL6KFfzBb5AZmhhU0exL5mGeuJO+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEyY8hV9e9Q7iyzQOYZE0thmDverMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvVEpqeUZYMTcxRHVMTE5BNWhrVFMyR1lPOTZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFVCogAwQD
VCpIMA0GCSqGSIb3DQEBCwUAA4IBAQAICbgBzJB6jZ49wnbQNUOA7o2ByQLXQRxa
PnzDpuVr032N2vhqfHhQ5ZehIVwWe+2mrUDoOjXVD4rZrVvFKcXGF+b5AwSjKymx
ezYEgymCAD0NzrkaGdyhFvUNmn48Fy9vpq+wxF6N/AvTIeecVZU0GePQRxxrRWcK
kTjfhUDx5wtHeBA8d0559+0eztIoPtsklzDXeBIkcgE5N9M9rRfwad1//nYIwT4m
75ya7+LhLNZbpQn4mucM4Kp1Rq8Xis/M+4dusxbeAw8wrx3bVFW0QauYXsDIrlTc
9gCySVAuQ20dtwzpM9xwSd2GZqUoQ3TNclkHuqWmyoTj0S3Y5FMb
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:55 2024 by rpki-client on console-fra.rpki-client.org