Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/tiG0a50hrccOEE600zuPwSPykQk.roa
File: tiG0a50hrccOEE600zuPwSPykQk.roa (raw, json)
Hash identifier: rZA3FzKZr4IFZ0u5kYfYl4WtqupwnMUis583+ce+iKk=
Subject key identifier: B6:21:B4:6B:9D:21:AD:C7:0E:10:4E:B4:D3:3B:8F:C1:23:F2:91:09
Certificate issuer: /CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd
Certificate serial: 018C11B322511EEE3E0B593F82D955FB7BDC
Authority key identifier: 4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/tiG0a50hrccOEE600zuPwSPykQk.roa
Signing time: Mon 27 Nov 2023 16:53:21 +0000
ROA not before: Mon 27 Nov 2023 16:53:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198335
IP address blocks: 213.198.104.0/24 maxlen: 24
213.198.104.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:11:b3:22:51:1e:ee:3e:0b:59:3f:82:d9:55:fb:7b:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d5a2921fbeb8a448e7ae1ec5a11b8ab898d22fd
Validity
Not Before: Nov 27 16:53:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b621b46b9d21adc70e104eb4d33b8fc123f29109
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:12:bb:ec:10:e3:fe:68:46:29:57:d8:ba:15:
90:ae:5d:54:7f:61:92:f5:df:2c:cc:06:3f:f6:3c:
d3:bc:32:54:2c:0a:4c:4b:40:95:f9:ec:3f:e8:3c:
44:c3:0f:34:ee:cd:8a:53:7e:e6:17:f5:c4:3f:50:
7b:3a:2d:6b:10:ff:05:f7:33:b0:cd:61:33:41:6a:
9b:85:a1:0c:fb:a0:92:dd:86:68:89:9e:0a:1a:27:
7b:ce:77:8a:03:29:99:f5:e5:40:27:45:44:43:d5:
41:a9:30:13:68:43:11:3d:cd:ef:f9:60:c1:14:d0:
04:5e:c7:44:5e:51:70:ff:c7:e3:3a:8c:47:b2:8d:
e9:be:df:49:68:6d:c0:1f:d1:eb:13:7c:0b:22:0b:
1c:80:16:03:2c:73:a0:ac:3d:4f:d7:0c:bc:2d:97:
28:de:dc:94:c6:14:06:0d:d4:e0:c9:c3:cf:c3:15:
33:89:ca:64:17:c1:2c:63:0b:8f:6b:07:8a:0d:f5:
91:16:89:00:60:38:86:32:a3:8e:2e:b9:61:ba:f7:
a0:f3:7a:cb:a1:74:c1:97:1c:38:85:1d:a7:de:15:
d2:4c:e2:74:38:d6:ff:65:07:42:ba:86:ab:72:e2:
1f:b6:fc:14:4d:f6:89:6d:bf:19:8c:aa:60:49:3b:
39:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:21:B4:6B:9D:21:AD:C7:0E:10:4E:B4:D3:3B:8F:C1:23:F2:91:09
X509v3 Authority Key Identifier:
keyid:4D:5A:29:21:FB:EB:8A:44:8E:7A:E1:EC:5A:11:B8:AB:89:8D:22:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TVopIfvrikSOeuHsWhG4q4mNIv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/tiG0a50hrccOEE600zuPwSPykQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ee8b98-7240-4b62-acc5-780a25cd0dd9/1/TVopIfvrikSOeuHsWhG4q4mNIv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.198.104.0/21
Signature Algorithm: sha256WithRSAEncryption
24:c7:1b:a6:73:65:de:b3:3f:f6:4b:d9:73:8e:70:ac:2b:1e:
b1:37:c3:05:38:b6:14:ed:0f:d2:98:de:b9:3a:a6:21:de:a7:
69:59:17:70:fb:94:01:51:96:d3:24:b0:02:87:c9:ec:3f:16:
e0:f6:8b:85:7e:19:94:d6:eb:68:cd:4c:16:57:43:e4:e7:d6:
70:62:b6:78:07:34:d2:66:5b:b4:26:46:4a:af:44:8c:52:89:
f1:46:0d:26:66:26:77:25:56:1b:fc:8d:3d:e6:c5:01:1c:96:
12:89:0a:da:8d:6b:83:1f:2f:24:91:47:d1:c2:13:94:de:b2:
cb:b8:30:78:e4:b2:0a:c6:82:bd:64:7e:f4:9d:6e:30:f8:9d:
83:ea:10:57:84:94:7b:68:18:7e:92:b5:1e:80:ba:82:14:b2:
77:77:2e:44:ab:f7:cd:1f:f2:e1:30:84:ee:2b:77:47:a0:e8:
06:5c:59:31:43:a6:09:88:2c:64:c6:ec:ca:1f:6e:19:48:e8:
a9:ee:8f:70:39:21:5d:0b:30:f3:ad:c4:99:82:84:ed:69:c4:
72:9e:f3:f8:6d:b3:70:5e:b5:7f:78:aa:bd:0a:c8:14:6f:c5:
d2:22:b7:5e:71:17:cd:1f:a0:59:e1:d4:c1:4a:67:c4:cf:85:
5f:a6:ed:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwRsyJRHu4+C1k/gtlV+3vcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNWEyOTIxZmJlYjhhNDQ4ZTdhZTFlYzVhMTFiOGFiODk4
ZDIyZmQwHhcNMjMxMTI3MTY1MzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjIxYjQ2YjlkMjFhZGM3MGUxMDRlYjRkMzNiOGZjMTIzZjI5MTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRK77BDj/mhGKVfYuhWQrl1Uf2GS
9d8szAY/9jzTvDJULApMS0CV+ew/6DxEww807s2KU37mF/XEP1B7Oi1rEP8F9zOw
zWEzQWqbhaEM+6CS3YZoiZ4KGid7zneKAymZ9eVAJ0VEQ9VBqTATaEMRPc3v+WDB
FNAEXsdEXlFw/8fjOoxHso3pvt9JaG3AH9HrE3wLIgscgBYDLHOgrD1P1wy8LZco
3tyUxhQGDdTgycPPwxUzicpkF8EsYwuPaweKDfWRFokAYDiGMqOOLrlhuveg83rL
oXTBlxw4hR2n3hXSTOJ0ONb/ZQdCuoarcuIftvwUTfaJbb8ZjKpgSTs5jwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLYhtGudIa3HDhBOtNM7j8Ej8pEJMB8GA1UdIwQY
MBaAFE1aKSH764pEjnrh7FoRuKuJjSL9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUt
NzgwYTI1Y2QwZGQ5LzEvdGlHMGE1MGhyY2NPRUU2MDB6dVB3U1B5a1FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9lZThiOTgtNzI0MC00YjYyLWFjYzUtNzgwYTI1Y2QwZGQ5
LzEvVFZvcElmdnJpa1NPZXVIc1doRzRxNG1OSXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD1cZoMA0G
CSqGSIb3DQEBCwUAA4IBAQAkxxumc2Xesz/2S9lzjnCsKx6xN8MFOLYU7Q/SmN65
OqYh3qdpWRdw+5QBUZbTJLACh8nsPxbg9ouFfhmU1utozUwWV0Pk59ZwYrZ4BzTS
Zlu0JkZKr0SMUonxRg0mZiZ3JVYb/I095sUBHJYSiQrajWuDHy8kkUfRwhOU3rLL
uDB45LIKxoK9ZH70nW4w+J2D6hBXhJR7aBh+krUegLqCFLJ3dy5Eq/fNH/LhMITu
K3dHoOgGXFkxQ6YJiCxkxuzKH24ZSOip7o9wOSFdCzDzrcSZgoTtacRynvP4bbNw
XrV/eKq9CsgUb8XSIrdecRfNH6BZ4dTBSmfEz4Vfpu17
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:35:46 2024 by rpki-client on console-fra.rpki-client.org