Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/cde757-7672-4720-8ce1-6e26b91f6910/1/TsmJWSFH4yX2zNCr57QVwMk-9-U.roa
File: TsmJWSFH4yX2zNCr57QVwMk-9-U.roa (raw, json)
Hash identifier: /ow8Qe6Vb4TNWHCDdhsOvlsGs563ZAkGL5Cq73UvQYA=
Subject key identifier: 4E:C9:89:59:21:47:E3:25:F6:CC:D0:AB:E7:B4:15:C0:C9:3E:F7:E5
Certificate issuer: /CN=d94bddafb5df098419020a8fbc7a90b16e341d63
Certificate serial: 018572CCBE2E659F898292960C4DE49AB00E
Authority key identifier: D9:4B:DD:AF:B5:DF:09:84:19:02:0A:8F:BC:7A:90:B1:6E:34:1D:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Uvdr7XfCYQZAgqPvHqQsW40HWM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/cde757-7672-4720-8ce1-6e26b91f6910/1/TsmJWSFH4yX2zNCr57QVwMk-9-U.roa
Signing time: Mon 02 Jan 2023 14:04:58 +0000
ROA not before: Mon 02 Jan 2023 14:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24875
IP address blocks: 2.58.21.0/24 maxlen: 24
2.58.22.0/24 maxlen: 24
46.182.108.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:be:2e:65:9f:89:82:92:96:0c:4d:e4:9a:b0:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d94bddafb5df098419020a8fbc7a90b16e341d63
Validity
Not Before: Jan 2 14:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ec989592147e325f6ccd0abe7b415c0c93ef7e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:08:89:9c:6b:0b:bb:c8:db:de:f1:d6:e0:c9:
7e:01:9f:22:82:f0:7b:6b:39:c3:41:cb:45:5b:9d:
1c:98:70:6b:07:99:90:e9:a8:c0:a2:67:2d:ec:c4:
0d:60:3d:73:eb:42:d6:5d:48:c0:81:8e:87:c9:d7:
8f:0f:6d:ff:b7:0c:6c:e0:4b:fd:4f:56:49:e9:80:
f2:18:d6:30:65:3f:83:a6:2c:4e:c4:e9:ec:f4:09:
9e:ac:84:28:7f:e2:4c:a7:d2:7d:cc:26:b6:07:e1:
80:e5:1f:98:7c:38:62:48:c0:4c:b2:de:cc:db:76:
e6:71:1a:10:00:46:d8:46:02:26:d4:9c:2d:b4:e5:
a9:69:98:b6:dc:c2:bf:ae:eb:bb:16:99:fd:4c:e5:
93:87:84:b7:9e:66:42:2f:34:3d:fb:c0:3f:22:d2:
1c:15:f8:d6:97:19:9b:e6:87:c3:21:c1:3c:ac:25:
fc:b1:37:65:a2:fe:14:94:31:df:bc:97:d5:7f:ef:
a2:c8:7b:9c:30:56:28:11:e4:56:96:d1:01:c4:9e:
15:f5:e9:2b:b4:7d:bf:62:f6:4e:8e:21:41:8b:cc:
29:c7:33:03:ac:06:9c:4c:dc:20:15:38:a6:f9:84:
e8:41:aa:9a:47:04:ff:d2:99:f7:4c:d5:ec:9c:5a:
80:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:C9:89:59:21:47:E3:25:F6:CC:D0:AB:E7:B4:15:C0:C9:3E:F7:E5
X509v3 Authority Key Identifier:
keyid:D9:4B:DD:AF:B5:DF:09:84:19:02:0A:8F:BC:7A:90:B1:6E:34:1D:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Uvdr7XfCYQZAgqPvHqQsW40HWM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/cde757-7672-4720-8ce1-6e26b91f6910/1/TsmJWSFH4yX2zNCr57QVwMk-9-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/cde757-7672-4720-8ce1-6e26b91f6910/1/2Uvdr7XfCYQZAgqPvHqQsW40HWM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.21.0-2.58.22.255
46.182.108.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:23:00:be:51:61:58:86:a8:d3:7b:29:8c:a8:0f:cd:b7:11:
bc:92:34:43:47:e0:53:13:b8:65:34:de:3d:dd:c9:3a:d2:d4:
56:57:76:25:dc:ce:fb:79:5b:17:9d:02:ea:c2:12:fa:10:64:
07:95:0a:26:dc:ec:1f:c9:74:f2:2a:7a:89:6e:32:d5:eb:05:
53:35:8c:b0:44:2f:a4:f2:72:94:ec:92:c4:89:28:14:76:df:
a7:0f:b0:de:3e:bb:ba:30:f3:83:9f:61:7e:7c:79:cd:cf:b5:
ac:9e:6a:78:14:53:a5:49:a6:06:7a:92:c8:6e:70:e8:97:ba:
8e:84:19:79:62:62:74:c2:b5:ac:9e:49:71:f3:fd:2a:92:82:
02:53:74:8b:68:2b:77:f3:be:4b:32:a4:91:62:30:b5:e8:c3:
a6:b7:5b:83:e3:dd:f9:f7:ef:89:12:66:00:5b:ce:92:8c:c3:
56:5b:c6:a0:61:03:92:3c:16:cf:89:6a:b3:3c:bc:9c:c5:4a:
43:fc:35:8b:94:a5:2d:7b:e0:b9:cb:54:65:c4:7f:22:92:72:
ef:16:ba:37:70:13:35:02:bc:14:da:ec:8c:f7:48:39:2e:02:
a6:ac:29:02:de:0c:bd:23:48:c6:16:a6:5c:47:1a:d0:99:12:
07:00:bb:62
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVyzL4uZZ+JgpKWDE3kmrAOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5NGJkZGFmYjVkZjA5ODQxOTAyMGE4ZmJjN2E5MGIxNmUz
NDFkNjMwHhcNMjMwMTAyMTQwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWM5ODk1OTIxNDdlMzI1ZjZjY2QwYWJlN2I0MTVjMGM5M2VmN2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wiJnGsLu8jb3vHW4Ml+AZ8igvB7
aznDQctFW50cmHBrB5mQ6ajAomct7MQNYD1z60LWXUjAgY6HydePD23/twxs4Ev9
T1ZJ6YDyGNYwZT+DpixOxOns9AmerIQof+JMp9J9zCa2B+GA5R+YfDhiSMBMst7M
23bmcRoQAEbYRgIm1JwttOWpaZi23MK/ruu7Fpn9TOWTh4S3nmZCLzQ9+8A/ItIc
FfjWlxmb5ofDIcE8rCX8sTdlov4UlDHfvJfVf++iyHucMFYoEeRWltEBxJ4V9ekr
tH2/YvZOjiFBi8wpxzMDrAacTNwgFTim+YToQaqaRwT/0pn3TNXsnFqAoQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFE7JiVkhR+Ml9szQq+e0FcDJPvflMB8GA1UdIwQY
MBaAFNlL3a+13wmEGQIKj7x6kLFuNB1jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlV2ZHI3WGZDWVFaQWdxUHZIcVFzVzQwSFdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jZGU3NTctNzY3Mi00NzIwLThjZTEt
NmUyNmI5MWY2OTEwLzEvVHNtSldTRkg0eVgyek5DcjU3UVZ3TWstOS1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jZGU3NTctNzY3Mi00NzIwLThjZTEtNmUyNmI5MWY2OTEw
LzEvMlV2ZHI3WGZDWVFaQWdxUHZIcVFzVzQwSFdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAACOhUD
BAACOhYDBAAutmwwDQYJKoZIhvcNAQELBQADggEBAEojAL5RYViGqNN7KYyoD823
EbySNENH4FMTuGU03j3dyTrS1FZXdiXczvt5WxedAurCEvoQZAeVCibc7B/JdPIq
eoluMtXrBVM1jLBEL6TycpTsksSJKBR236cPsN4+u7ow84OfYX58ec3PtayeangU
U6VJpgZ6kshucOiXuo6EGXliYnTCtayeSXHz/SqSggJTdItoK3fzvksypJFiMLXo
w6a3W4Pj3fn374kSZgBbzpKMw1ZbxqBhA5I8Fs+JarM8vJzFSkP8NYuUpS174LnL
VGXEfyKScu8WujdwEzUCvBTa7Iz3SDkuAqasKQLeDL0jSMYWplxHGtCZEgcAu2I=
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:34:17 2024 by rpki-client on console-fra.rpki-client.org