Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/TRGz40oHBaTgvM7WrZVLdmBFJZo.roa
File: TRGz40oHBaTgvM7WrZVLdmBFJZo.roa (raw, json)
Hash identifier: WDeEf0r6eNslZVO2iIFwkn9cBMrxoI8/zjlNvSwYn/c=
Subject key identifier: 4D:11:B3:E3:4A:07:05:A4:E0:BC:CE:D6:AD:95:4B:76:60:45:25:9A
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 018CC94D0F1917C0AA2FB00F0D634E4E35D9
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/TRGz40oHBaTgvM7WrZVLdmBFJZo.roa
Signing time: Tue 02 Jan 2024 08:31:59 +0000
ROA not before: Tue 02 Jan 2024 08:31:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216393
IP address blocks: 2a0a:280:3000::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 19 Nov 2024 11:42:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:0f:19:17:c0:aa:2f:b0:0f:0d:63:4e:4e:35:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Jan 2 08:31:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d11b3e34a0705a4e0bcced6ad954b766045259a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:21:4d:89:ae:ca:0d:71:b0:8c:b4:15:85:ed:
d6:85:c5:f6:7d:26:b2:97:65:f3:66:a5:25:5b:f5:
78:d2:89:9f:d8:f5:ac:75:6f:9a:1a:14:a8:b7:61:
a7:b9:2a:9d:ee:43:bf:47:e4:94:26:58:7c:9f:ec:
ca:e6:b9:e6:2b:4f:7b:42:03:40:0d:16:4a:49:44:
a1:77:a4:9b:60:5a:3e:d0:0f:41:e6:ec:52:30:9b:
2d:ee:da:bc:29:fd:09:43:f2:81:b2:36:ab:12:da:
7d:b1:62:07:59:a2:29:07:39:07:3c:e6:ef:f0:61:
24:f4:27:ce:51:a7:69:58:ac:ef:d9:88:ee:b6:61:
31:6f:bf:0a:e9:b5:7a:92:a3:fb:ae:33:aa:ae:14:
6c:79:6f:28:6a:51:ca:35:b4:9d:73:e2:99:59:7f:
7d:c8:14:58:13:80:b5:fc:96:f7:58:ba:0e:9a:a7:
d2:e2:16:46:0c:18:d3:8b:fa:16:ce:7c:bb:61:91:
e0:2d:65:14:2c:35:a7:ef:74:28:d0:53:09:2e:47:
7b:91:4c:5b:e0:79:7d:b5:bc:a6:bb:64:e7:64:3a:
d6:0f:f8:c4:0f:56:b9:bb:f4:47:79:a7:04:66:94:
ea:55:1b:f3:f9:8d:02:ec:c4:a0:09:c0:e4:a4:39:
81:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:11:B3:E3:4A:07:05:A4:E0:BC:CE:D6:AD:95:4B:76:60:45:25:9A
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/TRGz40oHBaTgvM7WrZVLdmBFJZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:280:3000::/40
Signature Algorithm: sha256WithRSAEncryption
97:ba:b9:e2:9e:1d:3e:81:de:b0:1c:49:d3:99:ac:58:db:ae:
db:d8:4c:64:6a:03:d5:c6:9e:d7:5a:a1:4a:c4:7e:3b:c1:ed:
8f:18:74:95:01:aa:d1:7e:65:47:0a:18:85:da:2d:a6:63:6d:
d5:56:a8:9e:53:13:ad:57:a6:05:da:11:40:2b:ee:60:c9:62:
87:44:ed:5c:a8:ec:56:94:fe:f7:ec:fe:2d:17:ab:cc:8f:9a:
20:48:85:09:e9:49:0f:b9:6d:b7:3d:aa:4e:36:fc:7c:f3:e8:
fb:fc:33:80:7b:46:91:c9:70:c4:f2:87:a4:68:e1:c4:82:aa:
b7:32:1a:bb:e5:d3:c6:12:34:d6:65:03:34:51:64:a8:a0:ff:
51:83:f8:8e:fa:80:5a:e6:6f:53:15:a4:61:5e:ef:f8:03:57:
29:b8:1e:7a:29:d9:73:25:ec:ee:95:21:94:ab:c9:61:57:00:
d1:7e:3c:ab:a9:fd:5d:27:9a:33:84:a5:72:56:69:ca:33:6a:
d3:69:85:3b:9b:1c:62:1d:9a:7c:17:cb:ce:96:e1:b2:3e:dc:
f1:44:c8:dc:64:2b:0d:c7:06:25:dd:49:6d:fe:e5:3a:3c:37:
7c:ec:b2:a7:9b:99:8b:a2:53:65:ac:21:b7:82:62:d5:3b:70:
de:b2:1f:42
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzJTQ8ZF8CqL7APDWNOTjXZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjQwMTAyMDgzMTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDExYjNlMzRhMDcwNWE0ZTBiY2NlZDZhZDk1NGI3NjYwNDUyNTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSFNia7KDXGwjLQVhe3WhcX2fSay
l2XzZqUlW/V40omf2PWsdW+aGhSot2GnuSqd7kO/R+SUJlh8n+zK5rnmK097QgNA
DRZKSUShd6SbYFo+0A9B5uxSMJst7tq8Kf0JQ/KBsjarEtp9sWIHWaIpBzkHPObv
8GEk9CfOUadpWKzv2YjutmExb78K6bV6kqP7rjOqrhRseW8oalHKNbSdc+KZWX99
yBRYE4C1/Jb3WLoOmqfS4hZGDBjTi/oWzny7YZHgLWUULDWn73Qo0FMJLkd7kUxb
4Hl9tbymu2TnZDrWD/jED1a5u/RHeacEZpTqVRvz+Y0C7MSgCcDkpDmBNwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFE0Rs+NKBwWk4LzO1q2VS3ZgRSWaMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvVFJHejQwb0hCYVRndk03V3JaVkxkbUJGSlpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgoCgDAw
DQYJKoZIhvcNAQELBQADggEBAJe6ueKeHT6B3rAcSdOZrFjbrtvYTGRqA9XGntda
oUrEfjvB7Y8YdJUBqtF+ZUcKGIXaLaZjbdVWqJ5TE61XpgXaEUAr7mDJYodE7Vyo
7FaU/vfs/i0Xq8yPmiBIhQnpSQ+5bbc9qk42/Hzz6Pv8M4B7RpHJcMTyh6Ro4cSC
qrcyGrvl08YSNNZlAzRRZKig/1GD+I76gFrmb1MVpGFe7/gDVym4Hnop2XMl7O6V
IZSryWFXANF+PKup/V0nmjOEpXJWacozatNphTubHGIdmnwXy86W4bI+3PFEyNxk
Kw3HBiXdSW3+5To8N3zssqebmYuiU2WsIbeCYtU7cN6yH0I=
-----END CERTIFICATE-----
Generated at Tue Nov 19 13:48:22 2024 by rpki-client on console-ams.rpki-client.org