Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/TSFm-dMFve8WjJYfUONDCMVFaOI.roa
File: TSFm-dMFve8WjJYfUONDCMVFaOI.roa (raw, json)
Hash identifier: OppOi2WzQAK7yurMp9dTWnY4s6YJ4z0InT3Vd4Z+4zk=
Subject key identifier: 4D:21:66:F9:D3:05:BD:EF:16:8C:96:1F:50:E3:43:08:C5:45:68:E2
Certificate issuer: /CN=76670236cd0e038684a33194bde7d4b95adc66f7
Certificate serial: 0188FDD553D51CB52DCA23979698C244DACD
Authority key identifier: 76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/TSFm-dMFve8WjJYfUONDCMVFaOI.roa
Signing time: Tue 27 Jun 2023 17:09:56 +0000
ROA not before: Tue 27 Jun 2023 17:09:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207713
IP address blocks: 2a05:541:125::/48 maxlen: 48
2a05:541:122::/48 maxlen: 48
2a05:541:123::/48 maxlen: 48
2a05:541:129::/48 maxlen: 48
2a05:541:109::/48 maxlen: 48
2a05:541:119::/48 maxlen: 48
2a05:541:121::/48 maxlen: 48
2a05:541:126::/48 maxlen: 48
2a05:541:127::/48 maxlen: 48
2a05:541:114::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:fd:d5:53:d5:1c:b5:2d:ca:23:97:96:98:c2:44:da:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76670236cd0e038684a33194bde7d4b95adc66f7
Validity
Not Before: Jun 27 17:09:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d2166f9d305bdef168c961f50e34308c54568e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:d2:90:34:32:74:6e:fc:0c:21:a7:aa:ff:fc:
63:36:d6:21:d1:b7:c9:c1:fb:e8:60:f2:d9:65:47:
5d:56:9a:0b:d7:a9:38:df:be:13:82:9c:b3:de:a5:
b8:5e:28:90:99:a3:11:7f:49:08:58:2a:bb:d1:6e:
23:63:04:be:ea:10:69:a6:f3:ce:f8:ac:85:0d:9d:
c6:8c:66:4a:4f:ff:a4:2f:80:db:4b:59:88:6b:84:
8e:3b:cd:1f:68:98:51:f3:92:28:bd:bb:0e:5b:63:
ef:3a:66:f9:fa:a8:55:d9:ff:cb:30:05:3e:4c:2d:
87:c0:08:e7:97:2f:53:ba:29:c1:1c:80:85:92:d6:
1e:a8:7f:7f:61:13:e1:d6:8e:05:8b:f2:fe:43:7d:
b7:1e:a2:45:85:ad:ce:e5:30:12:50:ec:a1:7d:d8:
ca:64:59:7e:8e:98:ea:b0:08:db:ca:45:8a:e4:2b:
30:38:f7:43:2c:46:2a:c2:31:be:f3:66:ce:dc:5f:
d7:7e:8a:e4:68:f0:88:03:d6:89:c5:4f:31:74:1c:
00:e8:81:bc:44:4f:5c:54:5c:07:c4:a2:e1:c1:a4:
49:bd:27:1b:87:12:fa:53:11:04:13:5a:e7:ff:12:
0e:0c:3b:bc:56:fb:07:eb:02:d5:b7:92:8a:87:03:
fa:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:21:66:F9:D3:05:BD:EF:16:8C:96:1F:50:E3:43:08:C5:45:68:E2
X509v3 Authority Key Identifier:
keyid:76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/TSFm-dMFve8WjJYfUONDCMVFaOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:541:109::/48
2a05:541:114::/48
2a05:541:119::/48
2a05:541:121::-2a05:541:123:ffff:ffff:ffff:ffff:ffff
2a05:541:125::-2a05:541:127:ffff:ffff:ffff:ffff:ffff
2a05:541:129::/48
Signature Algorithm: sha256WithRSAEncryption
92:29:3a:13:0a:b8:55:ef:47:fd:06:19:be:0f:5e:36:e8:8a:
6f:18:37:d7:37:1b:fa:78:35:bf:45:ca:ba:33:31:b6:d2:f2:
61:64:0e:f7:10:6e:94:06:36:de:4b:e3:2a:7f:b5:10:78:ed:
98:8d:b3:f5:ff:33:1c:4e:93:bf:b3:39:f4:c8:d3:5d:48:89:
45:3d:6a:12:a0:c3:fb:25:fd:bb:f5:da:1c:e5:39:ca:3c:49:
a2:56:3a:05:42:80:ed:5e:11:53:ed:7f:80:06:c4:60:b1:e0:
5c:7a:0e:5c:72:f9:6d:3c:52:6a:8a:b5:b3:14:eb:af:07:4e:
2d:dc:1c:e7:69:7e:0a:b7:86:50:61:9b:ea:58:2f:5f:9c:cc:
25:c2:ad:7b:ae:b0:22:59:0d:8d:08:a3:da:e4:ca:0b:4f:f1:
a9:36:d6:4e:3a:23:f5:ab:d9:89:7d:07:77:e2:15:fd:c3:cc:
7f:d8:ff:2c:16:e4:1d:40:a2:36:6c:73:37:93:9c:f0:26:ed:
bd:cf:b0:7f:ab:95:64:8f:e1:ea:2e:ed:53:91:42:bc:0e:f8:
de:ca:d9:f3:c0:3b:66:59:ba:1e:87:57:38:ab:e4:7d:00:2f:
8a:29:9a:6b:27:ed:75:f1:ed:1c:c0:b1:c2:c6:e3:d7:45:75:
41:1b:28:80
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYj91VPVHLUtyiOXlpjCRNrNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NjcwMjM2Y2QwZTAzODY4NGEzMzE5NGJkZTdkNGI5NWFk
YzY2ZjcwHhcNMjMwNjI3MTcwOTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDIxNjZmOWQzMDViZGVmMTY4Yzk2MWY1MGUzNDMwOGM1NDU2OGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNKQNDJ0bvwMIaeq//xjNtYh0bfJ
wfvoYPLZZUddVpoL16k4374Tgpyz3qW4XiiQmaMRf0kIWCq70W4jYwS+6hBppvPO
+KyFDZ3GjGZKT/+kL4DbS1mIa4SOO80faJhR85IovbsOW2PvOmb5+qhV2f/LMAU+
TC2HwAjnly9TuinBHICFktYeqH9/YRPh1o4Fi/L+Q323HqJFha3O5TASUOyhfdjK
ZFl+jpjqsAjbykWK5CswOPdDLEYqwjG+82bO3F/XforkaPCIA9aJxU8xdBwA6IG8
RE9cVFwHxKLhwaRJvScbhxL6UxEEE1rn/xIODDu8VvsH6wLVt5KKhwP64QIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFE0hZvnTBb3vFoyWH1DjQwjFRWjiMB8GA1UdIwQY
MBaAFHZnAjbNDgOGhKMxlL3n1Lla3Gb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgt
YmE0ZmMyMzQ2ODNlLzEvVFNGbS1kTUZ2ZThXakpZZlVPTkRDTVZGYU9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgtYmE0ZmMyMzQ2ODNl
LzEvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMAwcAKgUFQQEJ
AwcAKgUFQQEUAwcAKgUFQQEZMBIDBwAqBQVBASEDBwIqBQVBASAwEgMHACoFBUEB
JQMHAyoFBUEBIAMHACoFBUEBKTANBgkqhkiG9w0BAQsFAAOCAQEAkik6Ewq4Ve9H
/QYZvg9eNuiKbxg31zcb+ng1v0XKujMxttLyYWQO9xBulAY23kvjKn+1EHjtmI2z
9f8zHE6Tv7M59MjTXUiJRT1qEqDD+yX9u/XaHOU5yjxJolY6BUKA7V4RU+1/gAbE
YLHgXHoOXHL5bTxSaoq1sxTrrwdOLdwc52l+CreGUGGb6lgvX5zMJcKte66wIlkN
jQij2uTKC0/xqTbWTjoj9avZiX0Hd+IV/cPMf9j/LBbkHUCiNmxzN5Oc8Cbtvc+w
f6uVZI/h6i7tU5FCvA743srZ88A7Zlm6HodXOKvkfQAviimaayftdfHtHMCxwsbj
10V1QRsogA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:16 2023 by rpki-client on console-ams.rpki-client.org