Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TBIB-0y1y7lthowRG7oYvViWFQY.roa
File: TBIB-0y1y7lthowRG7oYvViWFQY.roa (raw, json)
Hash identifier: e86laBJ10MwmpNX/8Faa1y5E5S0XI/RDJxJuSE34hrI=
Subject key identifier: 4C:12:01:FB:4C:B5:CB:B9:6D:86:8C:11:1B:BA:18:BD:58:96:15:06
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01875234F4410AC99DF9FB900E45A478B921
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TBIB-0y1y7lthowRG7oYvViWFQY.roa
Signing time: Wed 05 Apr 2023 16:16:54 +0000
ROA not before: Wed 05 Apr 2023 16:16:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 194.135.104.0/24 maxlen: 24
195.133.9.0/24 maxlen: 24
194.135.38.0/24 maxlen: 24
194.135.32.0/24 maxlen: 24
195.133.21.0/24 maxlen: 24
195.133.26.0/23 maxlen: 23
195.133.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Apr 2023 16:39:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:52:34:f4:41:0a:c9:9d:f9:fb:90:0e:45:a4:78:b9:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 5 16:16:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c1201fb4cb5cbb96d868c111bba18bd58961506
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:cc:2f:d8:b3:36:5b:3d:a5:46:47:e5:09:2f:
a3:87:2e:3a:ed:1f:83:a7:ab:bd:5e:c0:fd:d9:c5:
cb:5f:ce:6a:8f:40:ee:41:e1:63:91:c5:b8:29:da:
83:f7:ea:8b:6f:47:72:76:14:c5:e3:ba:87:47:03:
ca:2e:75:29:06:57:bd:17:72:bb:9f:f2:bd:52:22:
bd:3d:fe:0f:94:be:eb:79:3c:bb:d4:b6:b5:44:1b:
70:b9:ec:1f:7e:be:51:9a:c7:80:7f:97:fa:76:29:
ba:c8:68:54:9f:a2:24:0a:7f:ef:09:e4:6f:55:a5:
0a:31:60:2f:e5:bd:b0:6d:43:72:3c:cd:ab:19:10:
f6:af:f5:d4:5f:e0:50:0b:f5:2a:6e:35:f2:cc:8c:
4f:e9:b8:ec:f0:62:7a:7f:54:e5:6d:1b:92:09:08:
31:f9:f5:e1:87:9c:b1:0e:60:1e:3d:73:e8:07:ec:
c7:39:2a:59:a9:9d:a1:b4:05:03:80:d4:07:f2:2d:
77:74:2f:96:4b:a2:db:92:ae:e4:ea:29:00:91:7f:
c2:57:37:ee:b6:51:29:bd:49:60:f1:2e:b5:67:cd:
37:48:1a:17:e8:13:21:ea:65:b2:f5:1d:9a:27:cb:
13:bb:a7:e2:2d:1e:30:d1:60:d1:4d:92:85:1f:9c:
db:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:12:01:FB:4C:B5:CB:B9:6D:86:8C:11:1B:BA:18:BD:58:96:15:06
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TBIB-0y1y7lthowRG7oYvViWFQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.135.32.0/24
194.135.38.0/24
194.135.104.0/24
195.133.9.0/24
195.133.21.0/24
195.133.26.0/23
195.133.59.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:68:18:62:8c:62:71:c1:6e:d4:b7:3e:62:8c:46:a7:95:0c:
ab:48:ee:00:c2:e6:74:95:cd:3d:b0:e7:50:b4:f1:59:e6:eb:
7d:a4:df:7f:42:c9:97:fd:36:ec:45:19:94:1d:54:b1:ef:e0:
cc:95:f3:38:65:f0:15:28:ca:13:8b:fb:7e:d7:66:88:0d:cf:
e6:1a:d3:f8:93:e8:c4:17:ea:0a:51:72:a3:fc:48:60:43:02:
06:a0:95:37:56:68:fe:b7:75:2e:d6:74:fc:b4:43:e6:f5:41:
ce:51:fa:1d:4b:04:28:0f:c7:09:f3:d4:8e:48:45:b0:e8:1c:
b6:ed:68:fa:01:84:f0:11:b1:f1:47:0b:19:ee:ad:29:a1:40:
a3:b6:48:35:5b:6b:71:88:c5:7c:ab:b4:ea:8e:18:33:7a:5e:
f9:ce:a8:ca:55:44:24:60:b8:ae:2a:07:58:09:ca:1f:a2:a7:
65:6c:ac:ae:4d:68:8b:67:9d:ac:17:54:33:d0:cf:43:8f:39:
d4:56:16:e8:41:c7:c9:97:60:15:02:8e:19:4f:49:01:ad:34:
0e:80:bf:8b:6e:38:41:e4:d9:7d:75:19:df:d1:9f:64:cf:0e:
b4:0f:d8:3f:0f:6c:4b:ee:89:e9:07:1f:02:5f:7b:e4:0d:2f:
19:93:12:0e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYdSNPRBCsmd+fuQDkWkeLkhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDA1MTYxNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzEyMDFmYjRjYjVjYmI5NmQ4NjhjMTExYmJhMThiZDU4OTYxNTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8wv2LM2Wz2lRkflCS+jhy467R+D
p6u9XsD92cXLX85qj0DuQeFjkcW4KdqD9+qLb0dydhTF47qHRwPKLnUpBle9F3K7
n/K9UiK9Pf4PlL7reTy71La1RBtwuewffr5RmseAf5f6dim6yGhUn6IkCn/vCeRv
VaUKMWAv5b2wbUNyPM2rGRD2r/XUX+BQC/UqbjXyzIxP6bjs8GJ6f1TlbRuSCQgx
+fXhh5yxDmAePXPoB+zHOSpZqZ2htAUDgNQH8i13dC+WS6Lbkq7k6ikAkX/CVzfu
tlEpvUlg8S61Z803SBoX6BMh6mWy9R2aJ8sTu6fiLR4w0WDRTZKFH5zbMQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFEwSAftMtcu5bYaMERu6GL1YlhUGMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVEJJQi0weTF5N2x0aG93Ukc3b1l2VmlXRlFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwocgAwQA
wocmAwQAwodoAwQAw4UJAwQAw4UVAwQBw4UaAwQAw4U7MA0GCSqGSIb3DQEBCwUA
A4IBAQAOaBhijGJxwW7Utz5ijEanlQyrSO4AwuZ0lc09sOdQtPFZ5ut9pN9/QsmX
/TbsRRmUHVSx7+DMlfM4ZfAVKMoTi/t+12aIDc/mGtP4k+jEF+oKUXKj/EhgQwIG
oJU3Vmj+t3Uu1nT8tEPm9UHOUfodSwQoD8cJ89SOSEWw6By27Wj6AYTwEbHxRwsZ
7q0poUCjtkg1W2txiMV8q7Tqjhgzel75zqjKVUQkYLiuKgdYCcofoqdlbKyuTWiL
Z52sF1Qz0M9DjznUVhboQcfJl2AVAo4ZT0kBrTQOgL+LbjhB5Nl9dRnf0Z9kzw60
D9g/D2xL7onpBx8CX3vkDS8ZkxIO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:17 2024 by rpki-client on console-fra.rpki-client.org