Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/TRNJwSA6wY5wTw8rJPhKalfvWvU.roa
File: TRNJwSA6wY5wTw8rJPhKalfvWvU.roa (raw, json)
Hash identifier: igECMJ04H8KYF4KCc81m+T/Om6NkJxsUyXXYeba+MZI=
Subject key identifier: 4D:13:49:C1:20:3A:C1:8E:70:4F:0F:2B:24:F8:4A:6A:57:EF:5A:F5
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01933438FD60F786B01FBA833BFFFEC1615B
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/TRNJwSA6wY5wTw8rJPhKalfvWvU.roa
Signing time: Sat 16 Nov 2024 09:06:10 +0000
ROA not before: Sat 16 Nov 2024 09:06:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25198
IP address blocks: 195.177.92.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
2a01:7120:6::/48 maxlen: 48
2a01:7120:7::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 19 Nov 2024 21:57:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:34:38:fd:60:f7:86:b0:1f:ba:83:3b:ff:fe:c1:61:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Nov 16 09:06:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d1349c1203ac18e704f0f2b24f84a6a57ef5af5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:85:b5:74:e3:f6:4c:ad:78:14:60:0b:ef:28:
ca:2a:5f:41:fd:e2:71:b1:71:4c:5f:68:8e:ad:90:
21:5a:1d:b2:3f:0a:95:c1:35:cf:fe:59:4d:96:b3:
59:92:13:4b:28:65:c9:4c:b3:44:96:48:65:8c:59:
33:07:42:8d:9e:cd:83:cc:55:4e:71:35:57:ef:2d:
2f:c2:9c:bd:33:6b:b0:99:8e:5e:55:b3:34:b0:c5:
2b:68:f7:af:bd:4f:49:30:a1:84:6c:20:66:53:72:
04:a8:a1:6b:af:f1:2b:3a:77:93:b8:fd:3c:ca:a7:
88:71:35:40:19:d4:3b:73:aa:b9:d0:f5:68:d3:31:
f4:9e:e5:cf:5f:77:ae:51:11:f2:d3:ce:ed:bf:e3:
1c:8c:48:63:9c:e3:de:6a:be:a6:8f:51:bd:fc:6f:
cb:56:f6:82:18:72:df:55:33:37:2d:0e:5c:14:12:
c2:01:b3:1d:1e:86:7f:b4:98:2b:3e:b9:e8:b4:84:
0e:47:d6:e2:43:91:4f:df:c4:cc:59:73:eb:8a:96:
d5:68:22:28:a7:e2:54:4f:20:78:b5:f3:97:15:39:
28:77:9b:13:be:77:b9:3e:c2:20:3b:be:4c:f5:32:
57:c9:b0:6e:1a:63:f8:f7:f8:64:8f:41:ce:8a:0d:
35:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:13:49:C1:20:3A:C1:8E:70:4F:0F:2B:24:F8:4A:6A:57:EF:5A:F5
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/TRNJwSA6wY5wTw8rJPhKalfvWvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.177.92.0/23
IPv6:
2a01:7120:6::/47
Signature Algorithm: sha256WithRSAEncryption
17:03:21:35:1b:a5:ba:1d:a4:9e:7c:76:86:d7:e3:69:4d:62:
f7:50:66:c6:69:44:6d:7d:0f:ae:6a:45:63:e2:51:e0:58:f6:
42:0e:0c:b4:f7:61:0d:7c:82:d2:d2:6b:d8:64:34:5f:a8:a6:
37:9f:8c:d5:40:8e:4d:b8:3b:07:cf:13:d5:71:2a:56:63:55:
b8:82:4e:28:42:07:ae:29:e3:05:10:96:6c:9e:56:5e:68:0a:
b0:72:e6:81:ef:1e:46:87:1f:d0:28:47:82:4b:69:f6:ec:33:
ef:45:9e:54:91:7c:3e:2a:a9:82:e2:9e:2c:bf:64:ec:ee:a2:
18:7f:d6:05:4c:92:7d:96:d6:a0:91:f3:d0:ae:11:98:94:78:
f0:47:d9:ad:94:d4:4b:80:59:6c:5f:5d:14:d5:29:5b:c6:e4:
c1:51:cc:45:f7:76:0b:dd:85:fb:1a:40:78:c3:33:aa:93:e0:
b5:2f:21:e4:16:41:22:37:76:fd:26:d6:8c:03:24:5e:4d:0e:
92:a2:cb:df:32:e9:f4:d0:1b:8c:78:c9:bb:a2:12:be:ba:cc:
29:64:5f:20:74:e4:a8:8b:04:d6:9e:c2:20:a2:75:fe:0c:a1:
79:f0:17:34:ac:6e:cc:8b:85:1d:11:25:cd:c3:99:27:68:6d:
0d:ba:92:46
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZM0OP1g94awH7qDO//+wWFbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQxMTE2MDkwNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDEzNDljMTIwM2FjMThlNzA0ZjBmMmIyNGY4NGE2YTU3ZWY1YWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoW1dOP2TK14FGAL7yjKKl9B/eJx
sXFMX2iOrZAhWh2yPwqVwTXP/llNlrNZkhNLKGXJTLNElkhljFkzB0KNns2DzFVO
cTVX7y0vwpy9M2uwmY5eVbM0sMUraPevvU9JMKGEbCBmU3IEqKFrr/ErOneTuP08
yqeIcTVAGdQ7c6q50PVo0zH0nuXPX3euURHy087tv+McjEhjnOPear6mj1G9/G/L
VvaCGHLfVTM3LQ5cFBLCAbMdHoZ/tJgrPrnotIQOR9biQ5FP38TMWXPripbVaCIo
p+JUTyB4tfOXFTkod5sTvne5PsIgO75M9TJXybBuGmP49/hkj0HOig01kwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE0TScEgOsGOcE8PKyT4SmpX71r1MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvVFJOSndTQTZ3WTV3VHc4ckpQaEthbGZ2V3ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBw7FcMA8E
AgACMAkDBwEqAXEgAAYwDQYJKoZIhvcNAQELBQADggEBABcDITUbpbodpJ58dobX
42lNYvdQZsZpRG19D65qRWPiUeBY9kIODLT3YQ18gtLSa9hkNF+opjefjNVAjk24
OwfPE9VxKlZjVbiCTihCB64p4wUQlmyeVl5oCrBy5oHvHkaHH9AoR4JLafbsM+9F
nlSRfD4qqYLiniy/ZOzuohh/1gVMkn2W1qCR89CuEZiUePBH2a2U1EuAWWxfXRTV
KVvG5MFRzEX3dgvdhfsaQHjDM6qT4LUvIeQWQSI3dv0m1owDJF5NDpKiy98y6fTQ
G4x4ybuiEr66zClkXyB05KiLBNaewiCidf4MoXnwFzSsbsyLhR0RJc3DmSdobQ26
kkY=
-----END CERTIFICATE-----
Generated at Wed Nov 20 00:06:56 2024 by rpki-client on console-ams.rpki-client.org