Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/7f765d-d07e-4a66-92a5-7a94c7c36217/1/TNN8_jqwFfj2TLIf3Ioc20PGxeM.roa
File: TNN8_jqwFfj2TLIf3Ioc20PGxeM.roa (raw, json)
Hash identifier: hGHG9vwwtPNfVaXcMlt6gMb29hejVh59RSBO9w8Jt5I=
Subject key identifier: 4C:D3:7C:FE:3A:B0:15:F8:F6:4C:B2:1F:DC:8A:1C:DB:43:C6:C5:E3
Certificate issuer: /CN=b3e60d38bb37794e72e87e6870d071f2a7dd3e57
Certificate serial: 018774807727CAE1B4A661227564D3BE4DEA
Authority key identifier: B3:E6:0D:38:BB:37:79:4E:72:E8:7E:68:70:D0:71:F2:A7:DD:3E:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s-YNOLs3eU5y6H5ocNBx8qfdPlc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/7f765d-d07e-4a66-92a5-7a94c7c36217/1/TNN8_jqwFfj2TLIf3Ioc20PGxeM.roa
Signing time: Wed 12 Apr 2023 08:06:28 +0000
ROA not before: Wed 12 Apr 2023 08:06:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42326
IP address blocks: 158.146.129.0/24 maxlen: 24
158.146.128.0/24 maxlen: 24
158.146.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:30:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:74:80:77:27:ca:e1:b4:a6:61:22:75:64:d3:be:4d:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3e60d38bb37794e72e87e6870d071f2a7dd3e57
Validity
Not Before: Apr 12 08:06:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4cd37cfe3ab015f8f64cb21fdc8a1cdb43c6c5e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:d1:94:11:f4:50:29:51:3f:04:72:3e:d1:24:
90:5c:e4:9c:20:10:d6:c4:0d:63:5c:82:4f:55:d0:
ff:e3:07:6b:ca:54:db:e4:0b:ba:19:3e:b9:c5:3c:
6a:e1:57:14:72:f1:fb:e4:70:a9:b1:d0:69:78:5f:
66:59:28:29:0e:79:62:bf:4f:91:fe:58:1f:d8:71:
bd:36:89:6b:83:2a:c5:53:a9:fd:10:a9:d8:0e:b1:
48:c0:95:5f:21:16:92:8a:c8:3b:ae:27:61:ec:07:
5c:b1:b2:93:2c:48:3e:ec:0b:a6:65:b7:f9:3b:9a:
04:cd:bf:e3:78:1d:0d:8e:2f:41:6b:49:38:44:9f:
a3:8b:af:ff:9d:76:12:81:ff:bb:23:f3:6d:71:78:
c0:7e:f5:a2:b5:cc:b3:0e:1d:d6:ce:13:05:9f:89:
7f:59:4c:39:e2:9e:b1:5d:b1:60:ab:49:35:36:f6:
8e:b5:33:30:fd:90:2d:b8:6b:33:04:c0:0c:b0:a4:
dd:2a:30:9b:da:e5:96:25:c8:52:69:34:ec:af:a1:
a9:47:7a:d5:3b:b6:d5:29:fb:13:68:74:a1:2a:f9:
70:33:fd:f1:38:30:db:95:37:1d:df:69:eb:a6:c7:
fb:83:ef:df:50:93:21:0d:70:45:d4:cb:df:c6:d5:
3c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:D3:7C:FE:3A:B0:15:F8:F6:4C:B2:1F:DC:8A:1C:DB:43:C6:C5:E3
X509v3 Authority Key Identifier:
keyid:B3:E6:0D:38:BB:37:79:4E:72:E8:7E:68:70:D0:71:F2:A7:DD:3E:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s-YNOLs3eU5y6H5ocNBx8qfdPlc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/7f765d-d07e-4a66-92a5-7a94c7c36217/1/TNN8_jqwFfj2TLIf3Ioc20PGxeM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/7f765d-d07e-4a66-92a5-7a94c7c36217/1/s-YNOLs3eU5y6H5ocNBx8qfdPlc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.146.128.0/23
158.146.137.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:b0:52:05:dc:1d:65:f9:38:62:fa:89:9c:65:0b:d1:ad:d4:
ba:71:f9:e5:b3:30:ef:f7:da:3a:31:79:cf:20:ea:1d:4e:d3:
9e:6e:3f:0f:97:f1:d5:8c:c0:92:47:40:7c:cd:13:98:a3:c0:
9d:ec:42:85:d3:e5:19:87:97:dc:1f:91:e2:8b:7d:5c:5c:34:
44:fa:e8:da:c5:06:15:c1:5e:9f:29:61:8d:cb:13:a6:18:91:
19:45:5a:2e:30:f1:59:50:4f:94:eb:7c:53:ae:82:7f:d5:e0:
b7:95:87:d7:37:63:4f:11:dc:6d:a0:9f:77:b5:31:7a:b9:26:
09:3f:61:c0:13:00:7b:ba:15:37:27:d3:6f:91:ee:94:5d:c0:
c0:3c:04:85:91:c5:31:a5:4f:8c:39:72:c7:76:dc:2c:38:4c:
47:08:2e:f0:78:ef:ca:0b:f3:5c:cb:06:31:91:bd:6b:5d:5d:
39:d9:ff:bb:3b:8e:c6:09:13:6e:34:2f:3a:78:1c:15:2f:12:
db:8b:f0:21:ad:19:4a:ee:fe:5d:9c:05:1e:eb:ac:92:2f:68:
88:e5:78:26:21:9f:07:28:fc:ee:5b:af:f1:13:47:96:40:56:
f2:b6:94:ec:36:7e:5c:b1:2f:f7:3d:e9:5f:d2:9f:e0:14:05:
e4:04:38:b3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYd0gHcnyuG0pmEidWTTvk3qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZTYwZDM4YmIzNzc5NGU3MmU4N2U2ODcwZDA3MWYyYTdk
ZDNlNTcwHhcNMjMwNDEyMDgwNjI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2QzN2NmZTNhYjAxNWY4ZjY0Y2IyMWZkYzhhMWNkYjQzYzZjNWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA29GUEfRQKVE/BHI+0SSQXOScIBDW
xA1jXIJPVdD/4wdrylTb5Au6GT65xTxq4VcUcvH75HCpsdBpeF9mWSgpDnliv0+R
/lgf2HG9NolrgyrFU6n9EKnYDrFIwJVfIRaSisg7ridh7AdcsbKTLEg+7AumZbf5
O5oEzb/jeB0Nji9Ba0k4RJ+ji6//nXYSgf+7I/NtcXjAfvWitcyzDh3WzhMFn4l/
WUw54p6xXbFgq0k1NvaOtTMw/ZAtuGszBMAMsKTdKjCb2uWWJchSaTTsr6GpR3rV
O7bVKfsTaHShKvlwM/3xODDblTcd32nrpsf7g+/fUJMhDXBF1MvfxtU8CwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEzTfP46sBX49kyyH9yKHNtDxsXjMB8GA1UdIwQY
MBaAFLPmDTi7N3lOcuh+aHDQcfKn3T5XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcy1ZTk9MczNlVTV5Nkg1b2NOQng4cWZkUGxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC83Zjc2NWQtZDA3ZS00YTY2LTkyYTUt
N2E5NGM3YzM2MjE3LzEvVE5OOF9qcXdGZmoyVExJZjNJb2MyMFBHeGVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC83Zjc2NWQtZDA3ZS00YTY2LTkyYTUtN2E5NGM3YzM2MjE3
LzEvcy1ZTk9MczNlVTV5Nkg1b2NOQng4cWZkUGxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBnpKAAwQA
npKJMA0GCSqGSIb3DQEBCwUAA4IBAQBMsFIF3B1l+Thi+omcZQvRrdS6cfnlszDv
99o6MXnPIOodTtOebj8Pl/HVjMCSR0B8zROYo8Cd7EKF0+UZh5fcH5Hii31cXDRE
+ujaxQYVwV6fKWGNyxOmGJEZRVouMPFZUE+U63xTroJ/1eC3lYfXN2NPEdxtoJ93
tTF6uSYJP2HAEwB7uhU3J9Nvke6UXcDAPASFkcUxpU+MOXLHdtwsOExHCC7weO/K
C/NcywYxkb1rXV052f+7O47GCRNuNC86eBwVLxLbi/AhrRlK7v5dnAUe66ySL2iI
5XgmIZ8HKPzuW6/xE0eWQFbytpTsNn5csS/3Pelf0p/gFAXkBDiz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:47 2024 by rpki-client on console-fra.rpki-client.org