Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/TuBMsMWJqAEuoTxKRjPvFVJDnTo.roa
File: TuBMsMWJqAEuoTxKRjPvFVJDnTo.roa (raw, json)
Hash identifier: xNrzyxV1YM9hSSH4JHfJlXFNeJ8kw1UMwXm+iwZ6QJM=
Subject key identifier: 4E:E0:4C:B0:C5:89:A8:01:2E:A1:3C:4A:46:33:EF:15:52:43:9D:3A
Certificate issuer: /CN=70f9b16adf2fd31988859922b4457481dd7eef40
Certificate serial: 018C343165DDD4D131053A67C4C671D97820
Authority key identifier: 70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/TuBMsMWJqAEuoTxKRjPvFVJDnTo.roa
Signing time: Mon 04 Dec 2023 09:38:21 +0000
ROA not before: Mon 04 Dec 2023 09:38:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42689
IP address blocks: 141.226.240.0/24 maxlen: 24
141.226.244.0/24 maxlen: 24
141.226.247.0/24 maxlen: 24
213.137.80.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:31:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:34:31:65:dd:d4:d1:31:05:3a:67:c4:c6:71:d9:78:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70f9b16adf2fd31988859922b4457481dd7eef40
Validity
Not Before: Dec 4 09:38:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ee04cb0c589a8012ea13c4a4633ef1552439d3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:78:1e:9e:8f:43:4f:34:5e:81:2f:40:70:bc:
9f:89:e6:6c:71:0f:d2:25:5b:29:89:36:4b:2c:e3:
ec:a6:ec:a7:92:62:10:b4:2d:c7:1f:bc:e5:6a:d5:
f2:87:e0:40:ab:b7:d7:19:73:66:14:59:11:d5:76:
a8:03:7a:94:45:57:4a:61:51:c6:30:44:b4:89:51:
59:f9:12:55:fb:bb:02:93:42:27:f1:20:4f:84:df:
d6:7e:3a:27:61:7c:fe:ae:0f:e1:8b:2e:6d:8b:65:
e8:0c:d4:2a:94:f3:8f:fa:22:dd:7f:36:c2:0e:b3:
79:a6:af:77:fe:d0:50:a3:c0:76:77:4e:c9:28:a2:
ce:88:53:8a:fa:e0:59:cc:81:a8:cf:d8:b4:e4:83:
10:1f:76:6b:a6:53:7a:b1:a8:1b:b5:88:f7:b2:b3:
9e:b7:76:3d:02:78:61:7a:d0:10:6e:e3:87:f4:f3:
a9:fa:b6:46:68:bb:a9:aa:11:b9:d2:2e:8d:69:31:
7d:13:65:05:59:3f:47:0b:4e:ce:57:23:e9:f6:e5:
4e:29:70:1c:dc:e9:56:ac:0b:57:64:06:f2:84:d1:
2e:b4:aa:a1:32:62:27:f8:2b:36:64:84:02:61:2b:
85:93:ef:b8:10:ff:85:d5:a3:fb:cd:29:0b:f4:be:
95:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:E0:4C:B0:C5:89:A8:01:2E:A1:3C:4A:46:33:EF:15:52:43:9D:3A
X509v3 Authority Key Identifier:
keyid:70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/TuBMsMWJqAEuoTxKRjPvFVJDnTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/cPmxat8v0xmIhZkitEV0gd1-70A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.226.240.0/24
141.226.244.0/24
141.226.247.0/24
213.137.80.0/23
Signature Algorithm: sha256WithRSAEncryption
a2:08:27:dc:15:b2:4a:ab:54:e3:6a:d1:f4:56:10:3e:16:70:
cb:9e:0c:ff:ec:30:bc:e7:b4:2f:10:f5:a8:50:f0:e9:18:e6:
3e:85:33:2a:3d:0e:e0:77:38:6d:20:7f:bd:6a:f1:b5:47:bd:
fc:49:8e:3e:8f:5d:bf:fe:92:eb:f3:f0:66:ff:76:5c:6a:81:
27:28:38:fd:d6:80:77:55:71:35:14:b6:85:6f:2d:d9:d5:b7:
43:0c:f4:ae:a8:c5:9d:f9:52:d2:96:75:f9:33:96:d1:eb:c4:
e1:8c:72:11:5a:17:2a:31:47:5d:28:20:6f:96:59:1c:b3:36:
0a:f2:1c:4a:cf:2d:49:8e:b8:cf:67:6f:59:0d:31:dd:1f:96:
1e:24:81:59:a9:87:08:17:0d:f1:7e:d9:c6:e9:12:c4:9b:75:
6d:5e:b9:7a:db:b5:73:5f:83:86:d8:70:ad:a8:9f:b1:49:d2:
42:20:59:2a:8b:f3:05:28:ee:cd:e0:02:ce:a2:3e:dc:4e:54:
25:76:c9:5a:07:8e:a5:20:a9:e1:fc:0b:5b:53:23:42:d5:9e:
23:76:49:c1:e3:02:a7:2b:62:55:ec:8e:3d:e6:1b:c9:d5:0c:
70:bd:ee:e3:3a:bf:53:ab:cc:86:ee:3d:a0:11:41:97:f6:38:
e4:28:06:8f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYw0MWXd1NExBTpnxMZx2XggMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZjliMTZhZGYyZmQzMTk4ODg1OTkyMmI0NDU3NDgxZGQ3
ZWVmNDAwHhcNMjMxMjA0MDkzODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWUwNGNiMGM1ODlhODAxMmVhMTNjNGE0NjMzZWYxNTUyNDM5ZDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhngeno9DTzRegS9AcLyfieZscQ/S
JVspiTZLLOPspuynkmIQtC3HH7zlatXyh+BAq7fXGXNmFFkR1XaoA3qURVdKYVHG
MES0iVFZ+RJV+7sCk0In8SBPhN/WfjonYXz+rg/hiy5ti2XoDNQqlPOP+iLdfzbC
DrN5pq93/tBQo8B2d07JKKLOiFOK+uBZzIGoz9i05IMQH3ZrplN6sagbtYj3srOe
t3Y9AnhhetAQbuOH9POp+rZGaLupqhG50i6NaTF9E2UFWT9HC07OVyPp9uVOKXAc
3OlWrAtXZAbyhNEutKqhMmIn+Cs2ZIQCYSuFk++4EP+F1aP7zSkL9L6VQQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFE7gTLDFiagBLqE8SkYz7xVSQ506MB8GA1UdIwQY
MBaAFHD5sWrfL9MZiIWZIrRFdIHdfu9AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUt
YmM2ZGI3MjQ4YWRkLzEvVHVCTXNNV0pxQUV1b1R4S1JqUHZGVkpEblRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUtYmM2ZGI3MjQ4YWRk
LzEvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAjeLwAwQA
jeL0AwQAjeL3AwQB1YlQMA0GCSqGSIb3DQEBCwUAA4IBAQCiCCfcFbJKq1TjatH0
VhA+FnDLngz/7DC857QvEPWoUPDpGOY+hTMqPQ7gdzhtIH+9avG1R738SY4+j12/
/pLr8/Bm/3ZcaoEnKDj91oB3VXE1FLaFby3Z1bdDDPSuqMWd+VLSlnX5M5bR68Th
jHIRWhcqMUddKCBvllkcszYK8hxKzy1JjrjPZ29ZDTHdH5YeJIFZqYcIFw3xftnG
6RLEm3VtXrl627VzX4OG2HCtqJ+xSdJCIFkqi/MFKO7N4ALOoj7cTlQldslaB46l
IKnh/AtbUyNC1Z4jdknB4wKnK2JV7I495hvJ1Qxwve7jOr9Tq8yG7j2gEUGX9jjk
KAaP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:38 2024 by rpki-client on console-ams.rpki-client.org