Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TQyGgmZAysjAx4BW4qLEppNnJtU.roa
File: TQyGgmZAysjAx4BW4qLEppNnJtU.roa (raw, json)
Hash identifier: lAIl6JEIxVD9LtDKdB8Rg8zDswc3yH8tTMDypmOcqKs=
Subject key identifier: 4D:0C:86:82:66:40:CA:C8:C0:C7:80:56:E2:A2:C4:A6:93:67:26:D5
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189E672EE11D26CCFD5B1DF8887404A3E1C
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TQyGgmZAysjAx4BW4qLEppNnJtU.roa
Signing time: Fri 11 Aug 2023 21:13:58 +0000
ROA not before: Fri 11 Aug 2023 21:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398373
IP address blocks: 193.124.224.0/23 maxlen: 23
194.87.41.0/24 maxlen: 24
212.192.16.0/21 maxlen: 21
194.87.61.0/24 maxlen: 24
194.87.192.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e6:72:ee:11:d2:6c:cf:d5:b1:df:88:87:40:4a:3e:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Aug 11 21:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d0c86826640cac8c0c78056e2a2c4a6936726d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ab:8c:4c:dc:de:85:b8:7b:b4:42:c3:75:e7:
7c:53:d2:c7:7b:72:ea:05:ed:d3:a3:77:ea:83:5b:
fc:d4:0b:7c:8b:4c:b2:af:8b:18:99:f9:6f:a8:c9:
be:90:76:c7:4a:68:5a:bc:b7:f1:55:9a:b4:ea:bc:
09:ad:6c:8d:bb:33:e9:c6:3a:99:5e:14:b8:00:f7:
3d:26:2a:a9:3f:66:dd:45:6c:e9:ea:a2:60:29:8f:
c8:2b:d8:90:92:70:ca:a6:a6:43:f9:57:4f:b4:bb:
a1:9b:97:01:47:eb:0e:59:76:a1:53:39:41:ab:bd:
c8:96:99:d2:a6:d4:f7:84:54:88:18:92:08:e4:f9:
06:8d:a9:c3:5b:f3:e6:9a:59:6c:39:60:7e:9f:da:
22:52:57:70:df:ec:c6:63:11:94:d5:a2:23:38:6b:
aa:47:99:1f:ed:9e:4d:0a:90:8a:c9:a4:e3:bd:86:
66:63:55:36:a3:19:7e:21:cb:85:80:6d:7b:a2:6a:
be:e0:c7:dd:88:ce:b2:df:d2:96:f4:3f:1a:a2:ed:
1f:70:c8:c8:5d:5e:11:33:83:cf:b6:d0:25:a9:15:
4e:d1:6c:f9:7b:1d:26:f7:75:a6:9f:5b:6c:2d:5d:
af:c9:e2:ae:da:61:2a:9f:de:9d:d7:01:22:ee:cd:
c7:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:0C:86:82:66:40:CA:C8:C0:C7:80:56:E2:A2:C4:A6:93:67:26:D5
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TQyGgmZAysjAx4BW4qLEppNnJtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.224.0/23
194.87.41.0/24
194.87.61.0/24
194.87.192.0/22
212.192.16.0/21
Signature Algorithm: sha256WithRSAEncryption
8c:24:c9:05:29:8e:4b:22:bb:c2:6e:54:ad:e7:24:44:66:69:
e0:17:8a:47:af:f5:14:4b:f6:ea:0f:6c:5c:6f:c6:a9:76:01:
fd:e1:7b:72:32:76:71:61:0a:af:3b:a4:04:a3:07:7a:ac:2e:
29:3f:c1:1a:89:39:b6:f5:d6:6b:01:47:33:fe:82:3b:76:b4:
1e:a1:12:25:e8:83:6f:a3:53:d7:6d:84:f6:c9:bb:4a:18:f2:
05:0c:77:e6:72:5b:2e:31:e8:6e:9a:10:7f:e0:59:c4:89:44:
81:d8:ea:c8:85:55:b0:51:62:c8:1e:03:58:d1:b9:b2:aa:5b:
1a:cd:f4:9e:c6:f6:b4:66:ef:b6:d1:3a:f1:c9:99:9a:9d:e3:
83:80:e5:0f:db:16:c5:e3:e7:18:04:41:41:13:0a:b1:3f:e8:
47:ba:3e:0e:c0:be:36:a7:ad:f1:b9:f8:89:87:d1:b3:6f:ea:
e1:af:5f:58:1c:41:60:ca:22:bf:14:51:e4:75:24:31:d3:9e:
c5:a3:37:b9:35:12:f0:83:5e:71:9c:71:cc:81:42:54:e2:b8:
87:6a:f3:32:e8:fb:b7:a7:c7:28:86:d1:91:3c:ed:b2:9b:dd:
ea:aa:b6:4f:e6:2a:3f:fe:e4:01:84:a1:01:f9:e4:6b:5f:b0:
82:2c:a8:d1
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYnmcu4R0mzP1bHfiIdASj4cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwODExMjExMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDBjODY4MjY2NDBjYWM4YzBjNzgwNTZlMmEyYzRhNjkzNjcyNmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgauMTNzehbh7tELDded8U9LHe3Lq
Be3To3fqg1v81At8i0yyr4sYmflvqMm+kHbHSmhavLfxVZq06rwJrWyNuzPpxjqZ
XhS4APc9JiqpP2bdRWzp6qJgKY/IK9iQknDKpqZD+VdPtLuhm5cBR+sOWXahUzlB
q73IlpnSptT3hFSIGJII5PkGjanDW/PmmllsOWB+n9oiUldw3+zGYxGU1aIjOGuq
R5kf7Z5NCpCKyaTjvYZmY1U2oxl+IcuFgG17omq+4MfdiM6y39KW9D8aou0fcMjI
XV4RM4PPttAlqRVO0Wz5ex0m93Wmn1tsLV2vyeKu2mEqn96d1wEi7s3HbwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFE0MhoJmQMrIwMeAVuKixKaTZybVMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVFF5R2dtWkF5c2pBeDRCVzRxTEVwcE5uSnRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBwXzgAwQA
wlcpAwQAwlc9AwQCwlfAAwQD1MAQMA0GCSqGSIb3DQEBCwUAA4IBAQCMJMkFKY5L
IrvCblSt5yREZmngF4pHr/UUS/bqD2xcb8apdgH94XtyMnZxYQqvO6QEowd6rC4p
P8EaiTm29dZrAUcz/oI7drQeoRIl6INvo1PXbYT2ybtKGPIFDHfmclsuMehumhB/
4FnEiUSB2OrIhVWwUWLIHgNY0bmyqlsazfSexva0Zu+20TrxyZmaneODgOUP2xbF
4+cYBEFBEwqxP+hHuj4OwL42p63xufiJh9Gzb+rhr19YHEFgyiK/FFHkdSQx057F
oze5NRLwg15xnHHMgUJU4riHavMy6Pu3p8cohtGRPO2ym93qqrZP5io//uQBhKEB
+eRrX7CCLKjR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:17 2024 by rpki-client on console-fra.rpki-client.org