Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TTBTDsNMm9s5tTBxVOBNod3TKYc.roa
File: TTBTDsNMm9s5tTBxVOBNod3TKYc.roa (raw, json)
Hash identifier: oDlEvCRcbKvlyakxGM0bq0T/kERpc16SplNTF6lzFIg=
Subject key identifier: 4D:30:53:0E:C3:4C:9B:DB:39:B5:30:71:54:E0:4D:A1:DD:D3:29:87
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01856F66F0FE2E05AD4F4CA42E5233DC2510
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TTBTDsNMm9s5tTBxVOBNod3TKYc.roa
Signing time: Sun 01 Jan 2023 22:14:55 +0000
ROA not before: Sun 01 Jan 2023 22:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34549
IP address blocks: 194.87.180.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:f0:fe:2e:05:ad:4f:4c:a4:2e:52:33:dc:25:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 1 22:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d30530ec34c9bdb39b5307154e04da1ddd32987
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:54:e5:0c:c5:9b:33:b6:77:67:bf:11:76:02:
18:cd:61:ce:dd:25:a3:ab:73:6c:51:d8:b7:3b:c9:
83:40:bf:a6:03:61:99:c4:8a:e9:5f:49:49:69:9b:
91:38:23:a5:c0:44:db:86:48:ae:65:38:3b:e4:88:
fe:c6:ab:17:80:66:85:e8:9e:38:fa:b2:e4:4c:32:
48:98:ca:77:bd:0d:29:10:b3:66:d5:78:f0:95:f9:
2c:f1:81:3a:8d:45:7a:f0:99:2b:88:a5:5b:3a:9b:
24:dc:dd:98:00:51:90:c6:5b:3a:0d:b5:0d:17:27:
a7:43:32:05:66:4a:08:6a:97:e6:3b:28:c2:6f:a2:
d7:9b:7f:dc:3a:30:0d:54:9b:4a:02:7f:9d:37:6d:
30:ac:f4:c0:2a:f9:29:b9:9d:6b:67:c6:34:2e:a9:
40:b0:25:8a:1b:d4:a1:96:8c:ed:4e:23:5b:a4:5c:
0f:43:d5:1a:6c:a8:e4:13:c2:4f:c9:84:51:8e:f9:
7b:31:99:85:4c:76:cb:14:46:c3:3a:a1:85:4f:94:
55:52:6c:2e:f2:7a:88:f6:70:33:62:ab:ea:2f:08:
13:12:ef:d5:34:ce:6e:62:1c:7b:83:db:e6:be:bd:
a1:1c:bf:10:95:17:c9:86:33:39:8f:3f:1b:97:fc:
7e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:30:53:0E:C3:4C:9B:DB:39:B5:30:71:54:E0:4D:A1:DD:D3:29:87
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TTBTDsNMm9s5tTBxVOBNod3TKYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.180.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:ae:b3:96:a4:be:a7:36:75:eb:a6:3d:96:28:fd:7b:4b:9b:
1d:a3:06:75:b9:c5:94:bc:73:f1:09:46:00:e1:75:12:c6:19:
21:f0:c3:13:31:5c:35:f8:90:bf:a5:b7:6b:af:0f:46:e1:17:
72:51:44:8e:0c:ef:45:61:0d:94:97:ab:1c:6c:77:0e:ae:d4:
aa:d0:f8:9e:eb:05:76:a5:01:fe:54:d4:e6:88:e5:82:9f:8e:
78:2b:c8:23:dd:69:da:06:78:ae:92:fe:68:02:d4:e8:09:8f:
8a:9a:8f:a1:eb:e0:8b:9d:2a:58:07:81:41:70:f1:75:d5:44:
d4:3d:41:23:de:88:f2:e9:8f:98:9e:83:35:d6:15:77:93:3b:
68:5a:de:5f:e7:64:4b:62:ea:b1:be:8c:75:37:2c:74:2b:0e:
8f:62:45:ed:eb:07:f1:aa:f4:51:a4:5e:f2:c3:47:44:d6:ca:
14:d8:3b:cd:fb:ac:19:f3:c8:c5:0b:7b:59:91:33:24:7f:bc:
c3:76:84:5e:85:61:65:72:29:03:c0:e2:f3:f1:57:9d:a1:55:
fe:e1:a1:a5:c8:b9:f7:0d:03:2e:d0:69:a5:9b:35:fd:77:52:
43:df:c4:58:fd:2f:f0:34:a8:ad:ab:8b:35:d0:e0:18:85:e8:
8f:26:64:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvZvD+LgWtT0ykLlIz3CUQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDMwNTMwZWMzNGM5YmRiMzliNTMwNzE1NGUwNGRhMWRkZDMyOTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlTlDMWbM7Z3Z78RdgIYzWHO3SWj
q3NsUdi3O8mDQL+mA2GZxIrpX0lJaZuROCOlwETbhkiuZTg75Ij+xqsXgGaF6J44
+rLkTDJImMp3vQ0pELNm1Xjwlfks8YE6jUV68JkriKVbOpsk3N2YAFGQxls6DbUN
FyenQzIFZkoIapfmOyjCb6LXm3/cOjANVJtKAn+dN20wrPTAKvkpuZ1rZ8Y0LqlA
sCWKG9ShloztTiNbpFwPQ9UabKjkE8JPyYRRjvl7MZmFTHbLFEbDOqGFT5RVUmwu
8nqI9nAzYqvqLwgTEu/VNM5uYhx7g9vmvr2hHL8QlRfJhjM5jz8bl/x+sQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE0wUw7DTJvbObUwcVTgTaHd0ymHMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVFRCVERzTk1tOXM1dFRCeFZPQk5vZDNUS1ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwle0MA0G
CSqGSIb3DQEBCwUAA4IBAQBKrrOWpL6nNnXrpj2WKP17S5sdowZ1ucWUvHPxCUYA
4XUSxhkh8MMTMVw1+JC/pbdrrw9G4RdyUUSODO9FYQ2Ul6scbHcOrtSq0Pie6wV2
pQH+VNTmiOWCn454K8gj3WnaBniukv5oAtToCY+Kmo+h6+CLnSpYB4FBcPF11UTU
PUEj3ojy6Y+YnoM11hV3kztoWt5f52RLYuqxvox1Nyx0Kw6PYkXt6wfxqvRRpF7y
w0dE1soU2DvN+6wZ88jFC3tZkTMkf7zDdoRehWFlcikDwOLz8VedoVX+4aGlyLn3
DQMu0GmlmzX9d1JD38RY/S/wNKitq4s10OAYheiPJmTE
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:18 2024 by rpki-client on console-ams.rpki-client.org