Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/TTj79PdqhKyil8nDzqsZG9cbgvU.roa
File: TTj79PdqhKyil8nDzqsZG9cbgvU.roa (raw, json)
Hash identifier: CypWnekJn9csmEngobzzU3udpL1i+LdGsVtjhTJNGJk=
Subject key identifier: 4D:38:FB:F4:F7:6A:84:AC:A2:97:C9:C3:CE:AB:19:1B:D7:1B:82:F5
Certificate issuer: /CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Certificate serial: 0192D8450DC56871D3F4A41E6C72A8D67FCF
Authority key identifier: 12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/TTj79PdqhKyil8nDzqsZG9cbgvU.roa
Signing time: Tue 29 Oct 2024 12:34:16 +0000
ROA not before: Tue 29 Oct 2024 12:34:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198160
IP address blocks: 89.36.32.0/24 maxlen: 24
89.36.33.0/24 maxlen: 24
185.121.133.0/24 maxlen: 24
185.121.135.0/24 maxlen: 24
2a14:6780::/29 maxlen: 48
2a14:6780::/32 maxlen: 32
2a14:6781::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 29 Oct 2024 15:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d8:45:0d:c5:68:71:d3:f4:a4:1e:6c:72:a8:d6:7f:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Validity
Not Before: Oct 29 12:34:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d38fbf4f76a84aca297c9c3ceab191bd71b82f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ee:e3:71:c3:50:25:b0:04:83:58:b9:50:e6:
0e:d1:2e:9b:bf:d8:f6:5b:74:83:ee:72:8f:5c:a8:
84:78:99:c4:c6:4d:47:60:31:f0:62:e5:63:f7:83:
69:11:79:1b:74:54:40:50:35:dd:2d:54:6e:bc:0a:
86:61:ce:2e:e6:26:04:f3:ff:ae:96:1e:20:56:13:
59:5d:65:d6:9f:a7:e2:45:e7:e8:f0:c3:fa:b5:ef:
ca:54:b4:66:7a:2f:86:bd:0b:16:c9:77:0f:ee:0b:
a1:ee:ac:a4:1f:ee:c1:44:e7:d8:55:32:c5:7a:8b:
7d:f2:07:66:96:41:c4:bd:dd:70:99:92:a7:b8:9f:
88:bc:4f:5f:8b:8b:6b:06:c1:55:4a:bc:1d:f3:64:
2e:01:4f:ca:2a:47:3c:18:45:06:51:64:c0:3d:cb:
dd:53:6c:6d:de:41:dd:1f:d2:1d:82:39:3c:7d:76:
db:51:b9:d8:82:24:d4:ba:74:56:76:a6:21:7c:af:
32:32:3f:9b:2b:95:88:4b:89:2c:10:52:f1:23:23:
77:e3:06:ef:ba:a3:f6:4d:7d:a6:96:51:fb:24:3f:
1f:25:76:9f:a1:b5:f1:15:e6:27:f5:33:96:a9:06:
b2:2e:d6:7d:38:42:89:7e:b7:58:0a:c1:7e:88:8a:
f6:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:38:FB:F4:F7:6A:84:AC:A2:97:C9:C3:CE:AB:19:1B:D7:1B:82:F5
X509v3 Authority Key Identifier:
keyid:12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/TTj79PdqhKyil8nDzqsZG9cbgvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.32.0/23
185.121.133.0/24
185.121.135.0/24
IPv6:
2a14:6780::/29
Signature Algorithm: sha256WithRSAEncryption
78:4e:93:4e:92:fc:83:15:ea:7e:d6:ad:f0:96:1b:76:aa:49:
bf:0b:ce:a3:13:8a:6f:66:a0:cf:06:f5:c7:e5:6a:c5:d8:a8:
d6:93:a5:3d:0a:2a:4e:32:fa:b9:f8:4d:c7:da:0b:e1:d7:f6:
03:1d:e8:94:4c:e5:6e:6b:93:16:88:d6:59:ed:a4:69:20:af:
29:2d:23:f9:55:99:bc:39:44:ab:c5:dd:26:f5:a2:71:a2:24:
0f:0e:a3:9d:32:d0:6c:18:8b:d7:b4:fc:df:5c:d0:fe:19:1d:
f0:d6:aa:85:c9:3d:43:ee:8d:6d:38:c4:dd:e1:bf:72:27:a1:
c1:37:d7:8c:a7:76:64:e2:b0:88:d5:69:5d:7d:46:e9:63:96:
6c:03:36:8a:bf:0e:21:74:cf:53:3a:8d:54:b8:bb:58:76:05:
c1:55:3e:38:3e:c9:32:ae:46:b9:96:2a:e1:4d:f7:d4:ce:e3:
78:f9:42:10:5b:bf:40:16:bc:cb:c0:c8:83:40:51:2a:4d:93:
24:86:e8:53:b1:18:5a:50:b1:2d:0d:b6:28:74:f2:75:b9:97:
72:49:ed:b5:1a:a2:f2:84:11:2d:55:9a:6c:2b:c4:78:7e:11:
1d:e3:2c:0b:f4:58:21:bc:b8:60:32:dd:d8:ef:a1:c5:16:43:
62:77:1f:85
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZLYRQ3FaHHT9KQebHKo1n/PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYmUyOWM5NTY4OTRjNDljNmQ0YmUwZWQ5ODg4MmI5MGQx
YmM3N2YwHhcNMjQxMDI5MTIzNDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDM4ZmJmNGY3NmE4NGFjYTI5N2M5YzNjZWFiMTkxYmQ3MWI4MmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAle7jccNQJbAEg1i5UOYO0S6bv9j2
W3SD7nKPXKiEeJnExk1HYDHwYuVj94NpEXkbdFRAUDXdLVRuvAqGYc4u5iYE8/+u
lh4gVhNZXWXWn6fiRefo8MP6te/KVLRmei+GvQsWyXcP7guh7qykH+7BROfYVTLF
eot98gdmlkHEvd1wmZKnuJ+IvE9fi4trBsFVSrwd82QuAU/KKkc8GEUGUWTAPcvd
U2xt3kHdH9Idgjk8fXbbUbnYgiTUunRWdqYhfK8yMj+bK5WIS4ksEFLxIyN34wbv
uqP2TX2mllH7JD8fJXafobXxFeYn9TOWqQayLtZ9OEKJfrdYCsF+iIr2fQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFE04+/T3aoSsopfJw86rGRvXG4L1MB8GA1UdIwQY
MBaAFBK+KclWiUxJxtS+DtmIgrkNG8d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjIt
YWE2ZWQ0ZGFmYjNiLzEvVFRqNzlQZHFoS3lpbDhuRHpxc1pHOWNiZ3ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjItYWE2ZWQ0ZGFmYjNi
LzEvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBWSQgAwQA
uXmFAwQAuXmHMA0EAgACMAcDBQMqFGeAMA0GCSqGSIb3DQEBCwUAA4IBAQB4TpNO
kvyDFep+1q3wlht2qkm/C86jE4pvZqDPBvXH5WrF2KjWk6U9CipOMvq5+E3H2gvh
1/YDHeiUTOVua5MWiNZZ7aRpIK8pLSP5VZm8OUSrxd0m9aJxoiQPDqOdMtBsGIvX
tPzfXND+GR3w1qqFyT1D7o1tOMTd4b9yJ6HBN9eMp3Zk4rCI1WldfUbpY5ZsAzaK
vw4hdM9TOo1UuLtYdgXBVT44Pskyrka5lirhTffUzuN4+UIQW79AFrzLwMiDQFEq
TZMkhuhTsRhaULEtDbYodPJ1uZdySe21GqLyhBEtVZpsK8R4fhEd4ywL9FghvLhg
Mt3Y76HFFkNidx+F
-----END CERTIFICATE-----
Generated at Tue Oct 29 20:19:37 2024 by rpki-client on console-ams.rpki-client.org