Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/TDs9Y03BapHR1MPJi70Sd2gm-1s.roa
File: TDs9Y03BapHR1MPJi70Sd2gm-1s.roa (raw, json)
Hash identifier: QhZ4e3a9M0lCFH4x7e26XVaaM4xtMYo9wV3rHOrHNh4=
Subject key identifier: 4C:3B:3D:63:4D:C1:6A:91:D1:D4:C3:C9:8B:BD:12:77:68:26:FB:5B
Certificate issuer: /CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Certificate serial: 019099190E97177462DE6A3FBAF94956ECD2
Authority key identifier: 12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/TDs9Y03BapHR1MPJi70Sd2gm-1s.roa
Signing time: Tue 09 Jul 2024 20:04:34 +0000
ROA not before: Tue 09 Jul 2024 20:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215245
IP address blocks: 185.121.133.0/24 maxlen: 24
2a14:6782::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 09 Jul 2024 20:46:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:99:19:0e:97:17:74:62:de:6a:3f:ba:f9:49:56:ec:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Validity
Not Before: Jul 9 20:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c3b3d634dc16a91d1d4c3c98bbd12776826fb5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:89:83:10:fe:7e:3e:e1:10:3c:13:3a:60:38:
6a:62:9a:f9:e4:ed:e1:d4:9a:7d:e4:05:0a:15:5e:
63:01:58:1f:4d:d2:3e:5f:92:cf:07:e7:2c:f3:38:
fa:6b:7d:15:af:fb:1c:09:5a:6d:ed:a1:b6:25:f5:
70:64:3d:ee:33:52:0f:56:36:1d:23:ed:33:f7:3e:
87:6e:dd:6e:5b:b1:ad:a5:c7:02:3d:ad:57:f9:ab:
d3:76:c0:26:2c:8a:46:77:cf:5c:12:39:06:1b:be:
12:f8:5a:37:83:30:cb:11:36:42:f5:4c:e1:20:02:
1f:06:08:fd:a0:3e:13:ae:f6:d4:3a:0a:f2:17:0d:
cd:b8:4e:09:2a:f6:57:6f:d5:56:f0:94:f7:df:f4:
38:66:cc:74:55:cf:d5:da:7a:83:38:10:5b:5f:16:
14:cc:0b:1d:86:cc:4c:bf:62:99:0b:c4:9e:a8:c7:
ed:db:a2:13:c6:22:c5:0a:a8:8a:f1:26:a6:fe:81:
67:fd:30:ae:3b:3c:2e:0c:7f:d2:9b:33:4e:fc:e8:
16:9c:32:c7:2f:41:7c:c1:88:c1:20:42:c1:45:f6:
47:f7:7a:36:57:7c:9e:e1:90:57:de:fd:af:60:60:
06:3d:92:1e:aa:2c:5b:43:58:61:fb:b1:f4:ef:dd:
e2:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:3B:3D:63:4D:C1:6A:91:D1:D4:C3:C9:8B:BD:12:77:68:26:FB:5B
X509v3 Authority Key Identifier:
keyid:12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/TDs9Y03BapHR1MPJi70Sd2gm-1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.133.0/24
IPv6:
2a14:6782::/32
Signature Algorithm: sha256WithRSAEncryption
0c:ff:de:8f:e5:6b:e7:ce:9a:ad:de:bb:fc:99:f7:40:4a:55:
ac:0b:83:7b:fe:2f:65:79:3c:34:1d:e9:f1:f9:a8:7b:f6:92:
87:bb:be:9b:fe:c5:e2:df:1e:39:dc:e6:75:9c:a1:65:8c:30:
d8:dc:6f:f3:b5:d0:a3:72:b8:0b:5d:3c:b4:38:66:78:b7:a6:
dd:02:c5:41:f5:d8:70:eb:89:87:e9:e3:e6:ac:6c:24:b1:2b:
23:71:59:0a:ea:79:ac:74:ac:31:2c:9d:16:4f:5b:97:67:b6:
ee:00:7f:f7:57:fc:99:63:30:8f:52:d3:6e:81:66:a7:cb:ec:
a5:a3:71:94:c0:8a:2c:d9:12:c7:5d:36:e1:09:3c:a1:be:b5:
e1:0f:5b:48:65:0a:21:d1:64:c2:aa:cb:f7:46:0f:6a:a2:92:
83:ad:2e:80:cd:a4:ec:dc:37:59:80:d6:7e:a0:01:3e:90:e4:
b5:e3:1a:7d:ed:0d:97:11:e3:c9:9e:36:95:54:52:a8:95:2a:
09:b2:35:9e:d9:a6:32:90:a1:6c:94:86:27:01:93:0d:99:e5:
2e:98:b2:d0:01:ec:7c:65:64:75:80:59:16:16:37:74:1f:26:
fe:17:bc:cf:8b:34:c3:f8:05:e8:02:23:a7:bc:c1:fd:0a:4a:
1a:92:12:c8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZCZGQ6XF3Ri3mo/uvlJVuzSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYmUyOWM5NTY4OTRjNDljNmQ0YmUwZWQ5ODg4MmI5MGQx
YmM3N2YwHhcNMjQwNzA5MjAwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzNiM2Q2MzRkYzE2YTkxZDFkNGMzYzk4YmJkMTI3NzY4MjZmYjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ImDEP5+PuEQPBM6YDhqYpr55O3h
1Jp95AUKFV5jAVgfTdI+X5LPB+cs8zj6a30Vr/scCVpt7aG2JfVwZD3uM1IPVjYd
I+0z9z6Hbt1uW7GtpccCPa1X+avTdsAmLIpGd89cEjkGG74S+Fo3gzDLETZC9Uzh
IAIfBgj9oD4TrvbUOgryFw3NuE4JKvZXb9VW8JT33/Q4Zsx0Vc/V2nqDOBBbXxYU
zAsdhsxMv2KZC8SeqMft26ITxiLFCqiK8Sam/oFn/TCuOzwuDH/SmzNO/OgWnDLH
L0F8wYjBIELBRfZH93o2V3ye4ZBX3v2vYGAGPZIeqixbQ1hh+7H0793iBwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEw7PWNNwWqR0dTDyYu9EndoJvtbMB8GA1UdIwQY
MBaAFBK+KclWiUxJxtS+DtmIgrkNG8d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjIt
YWE2ZWQ0ZGFmYjNiLzEvVERzOVkwM0JhcEhSMU1QSmk3MFNkMmdtLTFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjItYWE2ZWQ0ZGFmYjNi
LzEvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuXmFMA0E
AgACMAcDBQAqFGeCMA0GCSqGSIb3DQEBCwUAA4IBAQAM/96P5Wvnzpqt3rv8mfdA
SlWsC4N7/i9leTw0Henx+ah79pKHu76b/sXi3x453OZ1nKFljDDY3G/ztdCjcrgL
XTy0OGZ4t6bdAsVB9dhw64mH6ePmrGwksSsjcVkK6nmsdKwxLJ0WT1uXZ7buAH/3
V/yZYzCPUtNugWany+ylo3GUwIos2RLHXTbhCTyhvrXhD1tIZQoh0WTCqsv3Rg9q
opKDrS6AzaTs3DdZgNZ+oAE+kOS14xp97Q2XEePJnjaVVFKolSoJsjWe2aYykKFs
lIYnAZMNmeUumLLQAex8ZWR1gFkWFjd0Hyb+F7zPizTD+AXoAiOnvMH9CkoakhLI
-----END CERTIFICATE-----
Generated at Tue Jul 9 22:11:51 2024 by rpki-client on console-ams.rpki-client.org