Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/4b7ef8-8643-4dbb-92aa-0740115b5a52/1/tlux_XEIaSgsMnOxNXMhRaH6Ceo.roa
File: tlux_XEIaSgsMnOxNXMhRaH6Ceo.roa (raw, json)
Hash identifier: ATcOaqtfiutgwzLeNktFd62eojMaOKYt85LIfxwPRIQ=
Subject key identifier: B6:5B:B1:FD:71:08:69:28:2C:32:73:B1:35:73:21:45:A1:FA:09:EA
Certificate issuer: /CN=e32bcd40c6774677d2c3702ef59edf49d0b36c6c
Certificate serial: 018ACE5E8D07E877CB324F1F5CD45CE11FBB
Authority key identifier: E3:2B:CD:40:C6:77:46:77:D2:C3:70:2E:F5:9E:DF:49:D0:B3:6C:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4yvNQMZ3RnfSw3Au9Z7fSdCzbGw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/4b7ef8-8643-4dbb-92aa-0740115b5a52/1/tlux_XEIaSgsMnOxNXMhRaH6Ceo.roa
Signing time: Mon 25 Sep 2023 22:03:37 +0000
ROA not before: Mon 25 Sep 2023 22:03:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6453
IP address blocks: 89.148.0.0/18 maxlen: 18
185.165.176.0/22 maxlen: 22
193.188.107.0/24 maxlen: 24
88.201.37.0/24 maxlen: 24
77.69.128.0/17 maxlen: 17
82.194.32.0/19 maxlen: 19
77.69.148.0/24 maxlen: 24
88.201.99.0/24 maxlen: 24
88.201.0.0/17 maxlen: 17
193.188.96.0/19 maxlen: 19
217.17.224.0/19 maxlen: 19
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ce:5e:8d:07:e8:77:cb:32:4f:1f:5c:d4:5c:e1:1f:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e32bcd40c6774677d2c3702ef59edf49d0b36c6c
Validity
Not Before: Sep 25 22:03:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b65bb1fd710869282c3273b135732145a1fa09ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:89:37:05:79:99:04:ba:ca:0d:00:14:e2:72:
f4:a5:ad:f8:b4:6b:e5:a0:e0:a0:ea:d8:3d:6d:11:
2e:02:bb:c7:ea:1f:d7:8a:4e:29:40:ce:37:51:f3:
e2:38:cf:ab:b6:6d:58:6f:63:20:fb:b7:dc:de:e6:
35:2e:d0:2e:33:15:f9:ca:3b:ad:8c:17:e5:28:d8:
68:cd:0f:ab:d3:0f:5f:10:69:b5:e6:70:33:f7:38:
9a:4f:53:17:e7:ea:ee:e4:fb:ae:f4:56:1e:09:dd:
56:bd:7b:f8:6f:49:6a:f8:0d:12:50:ab:fe:d5:48:
3d:80:03:4e:c0:27:8f:14:7f:65:91:f6:7a:17:56:
0c:58:85:cc:97:0b:5c:ff:24:ab:0e:e7:1b:16:e8:
27:02:59:c4:e9:e4:fb:f5:43:1a:44:1a:85:66:63:
de:1a:7c:f3:7e:f3:ed:54:cc:64:c9:6c:9b:78:6a:
59:1f:2c:5d:7e:3b:00:e3:7c:93:e8:c4:b3:6d:4b:
66:bb:c5:e7:6d:e9:b1:3f:5a:84:58:72:6d:6a:e1:
2a:30:ad:e3:60:f8:4d:85:06:d0:01:14:b7:0b:d8:
e3:25:cf:c0:35:ca:ad:9b:5d:d2:9c:c7:a7:da:27:
1f:ae:b0:cd:87:9f:08:00:fe:e9:77:0c:77:0b:4f:
c8:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:5B:B1:FD:71:08:69:28:2C:32:73:B1:35:73:21:45:A1:FA:09:EA
X509v3 Authority Key Identifier:
keyid:E3:2B:CD:40:C6:77:46:77:D2:C3:70:2E:F5:9E:DF:49:D0:B3:6C:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4yvNQMZ3RnfSw3Au9Z7fSdCzbGw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/4b7ef8-8643-4dbb-92aa-0740115b5a52/1/tlux_XEIaSgsMnOxNXMhRaH6Ceo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/4b7ef8-8643-4dbb-92aa-0740115b5a52/1/4yvNQMZ3RnfSw3Au9Z7fSdCzbGw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.69.128.0/17
82.194.32.0/19
88.201.0.0/17
89.148.0.0/18
185.165.176.0/22
193.188.96.0/19
217.17.224.0/19
Signature Algorithm: sha256WithRSAEncryption
24:85:73:ad:cd:5d:1b:bb:25:da:75:17:28:d6:f5:47:07:44:
5d:c5:8d:f5:c6:ca:7f:e9:7d:c2:e4:b8:b6:ff:79:57:0c:40:
4a:32:71:24:5a:19:ea:87:06:e2:e6:49:96:37:31:02:7e:32:
2f:ec:cc:59:e6:a0:95:78:40:f2:16:64:aa:cb:31:aa:0b:83:
40:3e:be:66:36:71:9d:bc:ea:45:5f:f4:88:ee:8a:4a:68:01:
32:6b:56:f2:07:3a:39:4d:14:25:b5:8a:5f:c9:ba:82:24:56:
7f:5d:3b:9b:41:2a:7a:4c:cb:65:8a:5e:f2:ca:51:52:a4:b0:
14:c9:0e:34:94:17:e8:6b:72:ea:db:b1:d0:69:9a:98:66:a0:
5f:4f:a2:32:32:67:06:f0:e7:3a:80:ee:a1:92:2c:96:d6:eb:
0d:0e:96:3a:30:b5:ee:36:23:33:66:42:f8:eb:69:6e:f3:27:
a4:f9:71:f4:2c:aa:77:d7:11:4b:d2:af:23:08:91:9a:69:e3:
8a:4e:23:60:2f:c0:9d:f6:97:34:32:ef:a7:c4:42:a1:c5:d7:
26:28:6f:34:74:fb:a2:d4:bb:78:a1:51:56:8a:c8:3d:99:74:
c0:d2:e3:7b:4f:0a:8c:b7:07:4c:e0:5f:83:51:46:aa:35:5a:
12:00:b6:21
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYrOXo0H6HfLMk8fXNRc4R+7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMmJjZDQwYzY3NzQ2NzdkMmMzNzAyZWY1OWVkZjQ5ZDBi
MzZjNmMwHhcNMjMwOTI1MjIwMzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjViYjFmZDcxMDg2OTI4MmMzMjczYjEzNTczMjE0NWExZmEwOWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiok3BXmZBLrKDQAU4nL0pa34tGvl
oOCg6tg9bREuArvH6h/Xik4pQM43UfPiOM+rtm1Yb2Mg+7fc3uY1LtAuMxX5yjut
jBflKNhozQ+r0w9fEGm15nAz9ziaT1MX5+ru5Puu9FYeCd1WvXv4b0lq+A0SUKv+
1Ug9gANOwCePFH9lkfZ6F1YMWIXMlwtc/ySrDucbFugnAlnE6eT79UMaRBqFZmPe
GnzzfvPtVMxkyWybeGpZHyxdfjsA43yT6MSzbUtmu8XnbemxP1qEWHJtauEqMK3j
YPhNhQbQARS3C9jjJc/ANcqtm13SnMen2icfrrDNh58IAP7pdwx3C0/I/QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFLZbsf1xCGkoLDJzsTVzIUWh+gnqMB8GA1UdIwQY
MBaAFOMrzUDGd0Z30sNwLvWe30nQs2xsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHl2TlFNWjNSbmZTdzNBdTlaN2ZTZEN6Ykd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi80YjdlZjgtODY0My00ZGJiLTkyYWEt
MDc0MDExNWI1YTUyLzEvdGx1eF9YRUlhU2dzTW5PeE5YTWhSYUg2Q2VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi80YjdlZjgtODY0My00ZGJiLTkyYWEtMDc0MDExNWI1YTUy
LzEvNHl2TlFNWjNSbmZTdzNBdTlaN2ZTZEN6Ykd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQHTUWAAwQF
UsIgAwQHWMkAAwQGWZQAAwQCuaWwAwQFwbxgAwQF2RHgMA0GCSqGSIb3DQEBCwUA
A4IBAQAkhXOtzV0buyXadRco1vVHB0RdxY31xsp/6X3C5Li2/3lXDEBKMnEkWhnq
hwbi5kmWNzECfjIv7MxZ5qCVeEDyFmSqyzGqC4NAPr5mNnGdvOpFX/SI7opKaAEy
a1byBzo5TRQltYpfybqCJFZ/XTubQSp6TMtlil7yylFSpLAUyQ40lBfoa3Lq27HQ
aZqYZqBfT6IyMmcG8Oc6gO6hkiyW1usNDpY6MLXuNiMzZkL462lu8yek+XH0LKp3
1xFL0q8jCJGaaeOKTiNgL8Cd9pc0Mu+nxEKhxdcmKG80dPui1Lt4oVFWisg9mXTA
0uN7TwqMtwdM4F+DUUaqNVoSALYh
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:13 2024 by rpki-client on console-ams.rpki-client.org