Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/tnbx_mLGyWUMdh_7IA0mPx2pBNQ.roa
File: tnbx_mLGyWUMdh_7IA0mPx2pBNQ.roa (raw, json)
Hash identifier: LGvxobocEb2yRr2yFaOhOGe+AZ0B0x5MwxhawtPORNo=
Subject key identifier: B6:76:F1:FE:62:C6:C9:65:0C:76:1F:FB:20:0D:26:3F:1D:A9:04:D4
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01856F02378E935C93387102E479D416BE48
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/tnbx_mLGyWUMdh_7IA0mPx2pBNQ.roa
Signing time: Sun 01 Jan 2023 20:24:54 +0000
ROA not before: Sun 01 Jan 2023 20:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20548
IP address blocks: 159.148.23.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:37:8e:93:5c:93:38:71:02:e4:79:d4:16:be:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 1 20:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b676f1fe62c6c9650c761ffb200d263f1da904d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ad:84:af:d8:fc:1d:56:57:dc:f4:4e:12:ca:
2a:71:6c:21:f6:fc:bf:aa:f7:f5:be:50:50:38:69:
5b:2f:d2:1e:93:72:6e:9a:c0:0e:c2:99:ef:79:37:
05:53:5f:06:48:75:9d:da:fb:eb:30:60:53:b0:05:
f0:eb:40:a0:13:df:59:e5:dd:90:f4:07:6a:3c:f0:
7d:c3:3c:c4:8d:c9:fa:ac:65:db:5b:b2:05:5e:a9:
35:c6:7d:8b:b5:4c:bd:0f:4e:85:c8:31:df:ae:a0:
ec:fe:a6:fe:6b:dc:31:df:42:83:bf:e5:d1:fb:66:
5c:4a:39:cc:8f:47:f5:e8:4a:de:0c:c6:7d:a7:66:
5b:60:e3:ad:cc:87:c6:c4:c4:bb:f4:a4:68:bc:33:
5e:4d:88:0d:4b:c2:c1:af:61:e6:79:4a:4d:60:eb:
11:0e:bd:b3:86:82:28:55:ea:21:08:7b:1c:e6:4f:
94:ef:dd:c0:80:e6:4e:1f:a4:37:fd:cf:a7:38:c3:
66:56:2d:7b:c3:56:3f:84:0a:72:87:a7:41:fe:aa:
a5:e2:6e:fe:05:30:1d:ea:63:bd:d9:58:d2:68:76:
11:a2:ef:70:ce:a9:7c:7c:d9:65:46:1f:f8:73:ce:
d7:0d:bd:ae:00:a0:a2:31:a8:fe:ef:30:ff:b3:ad:
5f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:76:F1:FE:62:C6:C9:65:0C:76:1F:FB:20:0D:26:3F:1D:A9:04:D4
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/tnbx_mLGyWUMdh_7IA0mPx2pBNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.23.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:93:c0:3d:89:16:5e:cd:0d:8b:18:11:1f:a7:37:f6:70:b7:
6c:03:75:b0:f3:16:d9:f5:92:c6:6b:05:36:0d:7a:55:00:63:
33:c7:33:a9:78:76:ce:6c:27:84:04:10:84:59:77:fa:f7:23:
63:71:62:ee:b0:39:84:55:b5:fb:07:4e:7f:c1:31:95:cb:24:
28:70:00:a8:f2:ba:d9:69:95:58:07:e1:5a:6b:c0:33:fd:5a:
4e:3b:82:88:49:07:97:d8:45:6e:28:a3:9a:9e:41:dc:76:f4:
67:2f:fb:57:b2:d9:21:33:72:11:f7:0e:92:83:5d:81:fa:33:
04:07:c7:e5:65:b0:ab:3e:56:65:a9:df:ac:14:c5:77:07:1e:
30:8e:31:b6:2f:49:76:31:f0:3f:e7:c2:4c:2b:3e:7c:1a:a8:
a6:7d:62:eb:b7:82:88:88:13:c2:00:bb:17:62:01:98:91:bd:
62:af:5e:53:4a:7e:fa:7d:71:46:98:8a:fd:ee:30:76:87:58:
ab:2b:43:f5:00:06:dc:5b:29:2a:b4:bc:a6:40:d7:d9:95:40:
11:a2:9f:3d:08:9d:58:65:5a:71:61:3e:d9:aa:53:13:49:93:
e2:04:b8:90:69:71:9e:7c:a8:c1:5a:4b:f2:a9:3a:0f:e0:9f:
9a:8c:38:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAjeOk1yTOHEC5HnUFr5IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMwMTAxMjAyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjc2ZjFmZTYyYzZjOTY1MGM3NjFmZmIyMDBkMjYzZjFkYTkwNGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA162Er9j8HVZX3PROEsoqcWwh9vy/
qvf1vlBQOGlbL9Iek3JumsAOwpnveTcFU18GSHWd2vvrMGBTsAXw60CgE99Z5d2Q
9AdqPPB9wzzEjcn6rGXbW7IFXqk1xn2LtUy9D06FyDHfrqDs/qb+a9wx30KDv+XR
+2ZcSjnMj0f16EreDMZ9p2ZbYOOtzIfGxMS79KRovDNeTYgNS8LBr2HmeUpNYOsR
Dr2zhoIoVeohCHsc5k+U793AgOZOH6Q3/c+nOMNmVi17w1Y/hApyh6dB/qql4m7+
BTAd6mO92VjSaHYRou9wzql8fNllRh/4c87XDb2uAKCiMaj+7zD/s61fcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLZ28f5ixsllDHYf+yANJj8dqQTUMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvdG5ieF9tTEd5V1VNZGhfN0lBMG1QeDJwQk5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAn5QXMA0G
CSqGSIb3DQEBCwUAA4IBAQCfk8A9iRZezQ2LGBEfpzf2cLdsA3Ww8xbZ9ZLGawU2
DXpVAGMzxzOpeHbObCeEBBCEWXf69yNjcWLusDmEVbX7B05/wTGVyyQocACo8rrZ
aZVYB+Faa8Az/VpOO4KISQeX2EVuKKOankHcdvRnL/tXstkhM3IR9w6Sg12B+jME
B8flZbCrPlZlqd+sFMV3Bx4wjjG2L0l2MfA/58JMKz58GqimfWLrt4KIiBPCALsX
YgGYkb1ir15TSn76fXFGmIr97jB2h1irK0P1AAbcWykqtLymQNfZlUARop89CJ1Y
ZVpxYT7ZqlMTSZPiBLiQaXGefKjBWkvyqToP4J+ajDgc
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:31:48 2024 by rpki-client on console-ams.rpki-client.org