Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/TQjpb5HJW-iFcJHJI-EVfQduV6A.roa
File: TQjpb5HJW-iFcJHJI-EVfQduV6A.roa (raw, json)
Hash identifier: p2fUwfMWP2aqCZkpN/F2+q3/kfMmmv8YUdiMKQgyxfw=
Subject key identifier: 4D:08:E9:6F:91:C9:5B:E8:85:70:91:C9:23:E1:15:7D:07:6E:57:A0
Certificate issuer: /CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Certificate serial: 0188DDF8E7FDAB31019F47DE4F5B245FB564
Authority key identifier: 00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/TQjpb5HJW-iFcJHJI-EVfQduV6A.roa
Signing time: Wed 21 Jun 2023 12:40:56 +0000
ROA not before: Wed 21 Jun 2023 12:40:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.243.179.0/24 maxlen: 24
91.243.176.0/24 maxlen: 24
93.114.60.0/24 maxlen: 24
93.114.61.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Jul 2023 07:29:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:dd:f8:e7:fd:ab:31:01:9f:47:de:4f:5b:24:5f:b5:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Validity
Not Before: Jun 21 12:40:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d08e96f91c95be8857091c923e1157d076e57a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:72:b3:71:d7:ed:33:1a:a2:cc:45:e8:6d:7a:
60:a3:43:37:86:c1:7f:41:44:fc:6e:e2:54:0a:1e:
2f:8a:8a:6f:bd:c4:10:19:c3:3c:09:de:5c:eb:94:
29:04:13:88:1f:a1:41:43:9a:f4:7b:36:fe:58:30:
19:4d:1d:85:b0:0f:38:8f:59:4d:82:df:75:77:46:
74:93:5e:42:90:1c:b9:b1:cb:3c:3c:08:a2:5e:4e:
35:fd:2e:c3:ca:ed:b7:a8:87:b2:ea:8b:e0:03:1d:
a5:eb:e4:a1:2e:38:90:c0:8d:76:e9:5c:0d:4e:f6:
cb:0a:b9:4e:cf:2f:4c:45:c6:7e:f9:c0:98:a9:0a:
3f:6f:1f:d0:6c:58:5d:69:30:36:84:d7:ba:c3:bb:
1e:6b:d6:7d:56:d1:90:3f:cd:df:97:24:7e:b5:2c:
bf:95:69:90:2e:fa:9d:dd:df:9a:3f:b1:0d:20:75:
89:da:6a:80:5e:97:06:18:9b:23:c5:ab:2a:dc:82:
38:3d:dd:18:ee:62:ff:be:fa:37:23:a5:53:10:72:
b5:d1:0a:e1:81:a3:b6:30:18:e5:a8:d7:a6:61:46:
ad:fa:85:32:b8:ab:b5:48:fc:32:dc:a7:96:90:6b:
01:ee:12:04:58:39:33:f4:b2:ca:71:5c:98:d1:b5:
d1:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:08:E9:6F:91:C9:5B:E8:85:70:91:C9:23:E1:15:7D:07:6E:57:A0
X509v3 Authority Key Identifier:
keyid:00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/TQjpb5HJW-iFcJHJI-EVfQduV6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.243.176.0/24
91.243.179.0/24
93.114.60.0/23
Signature Algorithm: sha256WithRSAEncryption
65:93:ec:21:1a:39:13:9a:89:c7:c6:be:25:46:f5:0d:96:9d:
7e:6b:66:90:c6:3f:93:ff:1e:7a:fc:66:8a:a0:3e:7d:c9:6c:
7b:26:e5:d7:01:7a:61:a7:0b:5f:d8:18:40:9c:d6:cd:2b:12:
ff:b8:c2:55:12:ed:bd:d8:03:d9:1f:9f:3a:94:4b:f8:ad:1b:
28:20:9f:cf:98:cb:01:f3:ab:b0:f1:a7:fc:6b:16:3e:20:fd:
d7:fd:45:22:67:ea:d8:a6:df:f0:67:b2:a9:33:c5:08:29:70:
7a:5b:2f:3e:52:c6:4f:d1:4f:61:f9:5e:53:55:5d:7b:96:b4:
68:c3:2b:b4:5f:b1:97:f0:52:c7:3b:b7:f8:92:14:a2:79:a6:
fe:a7:02:d1:82:ad:84:68:2c:5c:71:46:78:33:8b:69:14:f9:
30:14:b4:4a:1d:4e:92:6d:68:3f:fa:7d:d1:a9:ca:c2:6a:1d:
7d:20:a8:b8:ca:bf:57:ef:58:f2:3a:a3:75:79:ab:7a:06:73:
91:7a:49:7b:fc:ff:93:15:0a:f3:9a:51:ee:e0:57:16:2e:2b:
04:60:aa:ff:7c:00:f2:33:e4:2e:b7:ea:c6:5b:27:76:f3:64:
e7:56:4f:8a:05:18:e1:50:bc:84:37:c8:81:6a:52:85:a7:35:
99:66:b1:97
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYjd+Of9qzEBn0feT1skX7VkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWZmNmI0ZWZmZTdjMzYzZWYyMDBmNmYzZTU4ODhiOTE1
YmE2ODEwHhcNMjMwNjIxMTI0MDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDA4ZTk2ZjkxYzk1YmU4ODU3MDkxYzkyM2UxMTU3ZDA3NmU1N2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3KzcdftMxqizEXobXpgo0M3hsF/
QUT8buJUCh4viopvvcQQGcM8Cd5c65QpBBOIH6FBQ5r0ezb+WDAZTR2FsA84j1lN
gt91d0Z0k15CkBy5scs8PAiiXk41/S7Dyu23qIey6ovgAx2l6+ShLjiQwI126VwN
TvbLCrlOzy9MRcZ++cCYqQo/bx/QbFhdaTA2hNe6w7sea9Z9VtGQP83flyR+tSy/
lWmQLvqd3d+aP7ENIHWJ2mqAXpcGGJsjxasq3II4Pd0Y7mL/vvo3I6VTEHK10Qrh
gaO2MBjlqNemYUat+oUyuKu1SPwy3KeWkGsB7hIEWDkz9LLKcVyY0bXReQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE0I6W+RyVvohXCRySPhFX0HblegMB8GA1UdIwQY
MBaAFACv9rTv/nw2PvIA9vPliIuRW6aBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMt
YTg3NzNkZTc2OGY3LzEvVFFqcGI1SEpXLWlGY0pISkktRVZmUWR1VjZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMtYTg3NzNkZTc2OGY3
LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW/OwAwQA
W/OzAwQBXXI8MA0GCSqGSIb3DQEBCwUAA4IBAQBlk+whGjkTmonHxr4lRvUNlp1+
a2aQxj+T/x56/GaKoD59yWx7JuXXAXphpwtf2BhAnNbNKxL/uMJVEu292APZH586
lEv4rRsoIJ/PmMsB86uw8af8axY+IP3X/UUiZ+rYpt/wZ7KpM8UIKXB6Wy8+UsZP
0U9h+V5TVV17lrRowyu0X7GX8FLHO7f4khSieab+pwLRgq2EaCxccUZ4M4tpFPkw
FLRKHU6SbWg/+n3RqcrCah19IKi4yr9X71jyOqN1eat6BnORekl7/P+TFQrzmlHu
4FcWLisEYKr/fADyM+Qut+rGWyd282TnVk+KBRjhULyEN8iBalKFpzWZZrGX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:14 2024 by rpki-client on console-ams.rpki-client.org