Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/TbuMPL4RMKhEb54y7NrdYL0GzM4.roa
File: TbuMPL4RMKhEb54y7NrdYL0GzM4.roa (raw, json)
Hash identifier: iHxynSg9l9hmRbtC7e49/V2YFzWO/ktdIN+H/R/b6Bs=
Subject key identifier: 4D:BB:8C:3C:BE:11:30:A8:44:6F:9E:32:EC:DA:DD:60:BD:06:CC:CE
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01856F42D67FFAF4B884230FAB2840DFC738
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/TbuMPL4RMKhEb54y7NrdYL0GzM4.roa
Signing time: Sun 01 Jan 2023 21:35:29 +0000
ROA not before: Sun 01 Jan 2023 21:35:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210714
IP address blocks: 2a0e:8f02:2180::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:d6:7f:fa:f4:b8:84:23:0f:ab:28:40:df:c7:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 21:35:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4dbb8c3cbe1130a8446f9e32ecdadd60bd06ccce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:87:34:e0:21:e2:ed:58:a3:3b:d0:7e:ea:ba:
cf:59:98:21:08:b9:99:fa:be:e3:96:4a:64:15:b8:
86:0c:d4:42:75:57:28:6e:01:db:69:92:e9:a2:9f:
3a:9a:25:00:55:9b:e2:76:7d:5f:3d:1a:0c:9f:0d:
4c:af:3d:16:54:fa:93:7b:0f:08:bc:52:ee:12:8b:
b4:ba:2a:f6:75:7e:d1:0c:83:c6:b7:8d:fd:71:c0:
85:2c:e8:3d:86:58:65:9a:d6:69:46:84:fe:5a:56:
41:d4:f8:68:5d:ee:e4:8d:8a:4b:9a:a6:36:43:3b:
79:da:64:11:f1:af:70:ff:c6:6e:3b:1d:e4:eb:6b:
84:aa:5f:b4:a3:c1:03:1a:2c:d7:f2:13:e9:46:3b:
51:49:99:78:d2:66:57:7b:c4:b0:9d:e1:6c:16:29:
97:90:82:16:a1:ef:e4:4d:a1:87:fd:c6:0f:d2:e8:
9f:7f:8d:4f:93:89:06:14:92:0e:ee:d8:8f:27:e5:
33:76:98:a2:11:64:c3:ff:7f:c6:95:aa:96:7f:bd:
26:5b:07:d1:ae:4a:f5:24:fd:3e:9a:c6:6b:84:d0:
e1:3b:a1:dc:13:35:0f:5d:7d:44:d7:d1:31:ff:d7:
af:dd:f8:44:b0:a3:34:9d:4e:f0:96:53:c7:ef:8e:
d6:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:BB:8C:3C:BE:11:30:A8:44:6F:9E:32:EC:DA:DD:60:BD:06:CC:CE
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/TbuMPL4RMKhEb54y7NrdYL0GzM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:2180::/44
Signature Algorithm: sha256WithRSAEncryption
49:e5:a5:f3:6b:6b:dc:36:55:67:90:76:6e:07:9d:90:31:11:
80:e6:a5:67:e5:b2:16:81:02:e5:41:59:45:97:55:16:54:63:
12:c2:56:9d:22:a4:f5:b9:02:8b:3c:32:25:7b:74:e4:d1:54:
21:e7:f8:62:95:04:00:76:02:96:9d:20:ad:ea:03:e7:4c:43:
c7:ab:cf:e6:87:d6:e8:72:ab:af:b2:ce:56:90:9a:de:8f:47:
51:ac:dd:ef:dd:e9:60:36:c8:47:04:d0:a6:40:75:ff:e0:e7:
7b:bf:31:ca:cd:c2:d2:46:5a:3c:3a:19:17:80:62:e9:65:1b:
e0:e0:bc:d4:12:0e:a6:ef:43:e6:71:83:13:74:6a:3f:03:0b:
03:c3:f1:19:38:e6:75:64:6c:ca:92:e8:83:14:3f:9f:90:81:
7a:f1:9e:5a:24:72:c2:ba:a8:aa:88:4d:e2:7f:9e:48:dc:6a:
bd:20:99:01:48:c2:fb:d6:c6:ae:7d:ca:98:3d:d6:f1:aa:d4:
bc:03:35:cd:3a:09:f7:fc:8e:aa:e0:8f:d6:c7:61:de:d9:3d:
6a:fd:d0:f0:13:d6:8c:80:d9:95:be:e0:07:0f:e2:da:1e:eb:
fb:d2:42:07:a4:f9:f5:e5:75:55:3b:d2:b3:4f:c2:96:30:3d:
83:e4:f9:6e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvQtZ/+vS4hCMPqyhA38c4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjMwMTAxMjEzNTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGJiOGMzY2JlMTEzMGE4NDQ2ZjllMzJlY2RhZGQ2MGJkMDZjY2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYc04CHi7VijO9B+6rrPWZghCLmZ
+r7jlkpkFbiGDNRCdVcobgHbaZLpop86miUAVZvidn1fPRoMnw1Mrz0WVPqTew8I
vFLuEou0uir2dX7RDIPGt439ccCFLOg9hlhlmtZpRoT+WlZB1PhoXe7kjYpLmqY2
Qzt52mQR8a9w/8ZuOx3k62uEql+0o8EDGizX8hPpRjtRSZl40mZXe8SwneFsFimX
kIIWoe/kTaGH/cYP0uiff41Pk4kGFJIO7tiPJ+UzdpiiEWTD/3/GlaqWf70mWwfR
rkr1JP0+msZrhNDhO6HcEzUPXX1E19Ex/9ev3fhEsKM0nU7wllPH747WeQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFE27jDy+ETCoRG+eMuza3WC9BszOMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvVGJ1TVBMNFJNS2hFYjU0eTdOcmRZTDBHek00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6PAiGA
MA0GCSqGSIb3DQEBCwUAA4IBAQBJ5aXza2vcNlVnkHZuB52QMRGA5qVn5bIWgQLl
QVlFl1UWVGMSwladIqT1uQKLPDIle3Tk0VQh5/hilQQAdgKWnSCt6gPnTEPHq8/m
h9bocquvss5WkJrej0dRrN3v3elgNshHBNCmQHX/4Od7vzHKzcLSRlo8OhkXgGLp
ZRvg4LzUEg6m70PmcYMTdGo/AwsDw/EZOOZ1ZGzKkuiDFD+fkIF68Z5aJHLCuqiq
iE3if55I3Gq9IJkBSML71saufcqYPdbxqtS8AzXNOgn3/I6q4I/Wx2He2T1q/dDw
E9aMgNmVvuAHD+LaHuv70kIHpPn15XVVO9KzT8KWMD2D5Plu
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:52 2024 by rpki-client on console-fra.rpki-client.org