Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/4cc2ff-2104-49df-9e0e-662c41673d69/1/TdqTHdq4K_pRekP-hMxYfryJLJA.roa
File: TdqTHdq4K_pRekP-hMxYfryJLJA.roa (raw, json)
Hash identifier: 32DEzzdWm0jfQz7qRK1ww2hYqiYItdmPAJlAszCbBuA=
Subject key identifier: 4D:DA:93:1D:DA:B8:2B:FA:51:7A:43:FE:84:CC:58:7E:BC:89:2C:90
Certificate issuer: /CN=a312d1d87d7d48f0ef51fc912b9672c3f73ecbe7
Certificate serial: 01856F14E73F8F4F54ACF0B8B1A663C522AC
Authority key identifier: A3:12:D1:D8:7D:7D:48:F0:EF:51:FC:91:2B:96:72:C3:F7:3E:CB:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oxLR2H19SPDvUfyRK5Zyw_c-y-c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/4cc2ff-2104-49df-9e0e-662c41673d69/1/TdqTHdq4K_pRekP-hMxYfryJLJA.roa
Signing time: Sun 01 Jan 2023 20:45:18 +0000
ROA not before: Sun 01 Jan 2023 20:45:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50959
IP address blocks: 91.216.134.0/24 maxlen: 24
2a12:5740::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:e7:3f:8f:4f:54:ac:f0:b8:b1:a6:63:c5:22:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a312d1d87d7d48f0ef51fc912b9672c3f73ecbe7
Validity
Not Before: Jan 1 20:45:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4dda931ddab82bfa517a43fe84cc587ebc892c90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:11:86:c1:2a:05:ac:b5:70:a0:52:b4:8e:f2:
a1:c8:f7:8e:9a:d0:6b:81:36:65:ad:83:cf:e3:67:
ef:8a:29:2c:32:61:8c:eb:44:f6:80:d4:cc:a1:54:
8c:05:2b:1e:09:da:91:84:12:9b:e8:64:85:f5:6f:
a6:5b:ff:e2:db:a3:2a:ca:b4:38:0b:41:6e:88:af:
e7:3c:de:be:a3:e8:de:e0:75:da:bb:a6:87:da:3d:
27:65:d0:9a:47:ba:9c:94:32:1b:34:12:cc:69:61:
f1:cc:e2:a7:90:36:bc:5f:c8:cb:f8:f6:90:75:ea:
dd:49:9b:81:d7:29:88:df:59:aa:de:d4:7b:21:68:
e0:1a:65:dc:34:73:32:a2:5f:9b:77:e1:e7:92:b8:
22:64:04:53:8e:bd:a1:09:56:d1:40:d1:f7:39:61:
c2:3e:60:96:69:4b:09:c9:e8:fb:4d:13:b2:dd:cc:
d3:d3:f9:38:f7:b9:19:aa:8d:6c:2d:ce:15:d6:f1:
df:44:b3:a4:1f:0f:a8:5b:c1:78:2b:9c:19:16:c7:
8b:1d:d2:91:46:0c:65:9f:6c:32:8a:8d:43:a7:8d:
4d:d0:dd:e1:b3:46:ab:b3:cb:a4:b4:08:82:50:cd:
62:69:61:e6:c4:d9:88:8c:8a:5e:34:79:53:da:01:
48:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:DA:93:1D:DA:B8:2B:FA:51:7A:43:FE:84:CC:58:7E:BC:89:2C:90
X509v3 Authority Key Identifier:
keyid:A3:12:D1:D8:7D:7D:48:F0:EF:51:FC:91:2B:96:72:C3:F7:3E:CB:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oxLR2H19SPDvUfyRK5Zyw_c-y-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/4cc2ff-2104-49df-9e0e-662c41673d69/1/TdqTHdq4K_pRekP-hMxYfryJLJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/4cc2ff-2104-49df-9e0e-662c41673d69/1/oxLR2H19SPDvUfyRK5Zyw_c-y-c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.134.0/24
IPv6:
2a12:5740::/29
Signature Algorithm: sha256WithRSAEncryption
58:96:16:c4:7b:21:e9:1b:73:9e:18:c9:2f:fb:26:27:b3:20:
95:1f:16:a3:9a:f9:82:a4:e7:e1:fb:be:46:55:dd:47:3d:bf:
98:69:b1:92:b8:d1:68:26:9f:a3:7e:18:ad:6f:3e:78:a6:57:
67:6d:64:2a:dd:79:b0:c0:3b:bd:fe:4f:b5:51:5e:e2:c9:a6:
08:0c:45:74:d1:b8:17:7d:9c:42:1e:db:af:74:8e:e0:56:64:
53:f0:4d:c7:4a:a0:db:31:9e:77:0e:bd:2a:b1:a3:51:b0:60:
1f:10:de:0b:f6:6c:26:06:27:e2:b8:54:05:ac:77:2f:bf:23:
90:a9:ff:b8:eb:4d:9f:11:cf:49:f1:b7:bc:c3:3d:da:0f:6f:
b3:8b:eb:83:28:09:9a:c4:14:85:67:b9:41:c9:14:65:e6:9a:
9b:60:3e:78:69:15:e4:82:f8:d8:4c:11:86:9d:85:b4:c8:9b:
13:11:90:a7:a0:bb:2e:a1:19:e7:d7:4b:d1:28:d6:d2:ff:46:
eb:00:28:b4:e3:69:53:2a:03:b7:09:60:f9:d1:10:34:f3:3d:
93:79:db:c3:6d:b1:32:f9:f2:1e:96:59:96:72:90:73:6f:56:
b8:ca:1f:61:a5:93:d8:b4:17:cf:80:c4:c2:dd:b7:9d:2f:85:
78:c2:d1:fb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvFOc/j09UrPC4saZjxSKsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMTJkMWQ4N2Q3ZDQ4ZjBlZjUxZmM5MTJiOTY3MmMzZjcz
ZWNiZTcwHhcNMjMwMTAxMjA0NTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGRhOTMxZGRhYjgyYmZhNTE3YTQzZmU4NGNjNTg3ZWJjODkyYzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBGGwSoFrLVwoFK0jvKhyPeOmtBr
gTZlrYPP42fviiksMmGM60T2gNTMoVSMBSseCdqRhBKb6GSF9W+mW//i26MqyrQ4
C0FuiK/nPN6+o+je4HXau6aH2j0nZdCaR7qclDIbNBLMaWHxzOKnkDa8X8jL+PaQ
derdSZuB1ymI31mq3tR7IWjgGmXcNHMyol+bd+HnkrgiZARTjr2hCVbRQNH3OWHC
PmCWaUsJyej7TROy3czT0/k497kZqo1sLc4V1vHfRLOkHw+oW8F4K5wZFseLHdKR
Rgxln2wyio1Dp41N0N3hs0ars8uktAiCUM1iaWHmxNmIjIpeNHlT2gFIOQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE3akx3auCv6UXpD/oTMWH68iSyQMB8GA1UdIwQY
MBaAFKMS0dh9fUjw71H8kSuWcsP3PsvnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3hMUjJIMTlTUER2VWZ5Uks1Wnl3X2MteS1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy80Y2MyZmYtMjEwNC00OWRmLTllMGUt
NjYyYzQxNjczZDY5LzEvVGRxVEhkcTRLX3BSZWtQLWhNeFlmcnlKTEpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy80Y2MyZmYtMjEwNC00OWRmLTllMGUtNjYyYzQxNjczZDY5
LzEvb3hMUjJIMTlTUER2VWZ5Uks1Wnl3X2MteS1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW9iGMA0E
AgACMAcDBQMqEldAMA0GCSqGSIb3DQEBCwUAA4IBAQBYlhbEeyHpG3OeGMkv+yYn
syCVHxajmvmCpOfh+75GVd1HPb+YabGSuNFoJp+jfhitbz54pldnbWQq3XmwwDu9
/k+1UV7iyaYIDEV00bgXfZxCHtuvdI7gVmRT8E3HSqDbMZ53Dr0qsaNRsGAfEN4L
9mwmBifiuFQFrHcvvyOQqf+4602fEc9J8be8wz3aD2+zi+uDKAmaxBSFZ7lByRRl
5pqbYD54aRXkgvjYTBGGnYW0yJsTEZCnoLsuoRnn10vRKNbS/0brACi042lTKgO3
CWD50RA08z2TedvDbbEy+fIellmWcpBzb1a4yh9hpZPYtBfPgMTC3bedL4V4wtH7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:50 2024 by rpki-client on console-fra.rpki-client.org