Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/TJlsK-hpURFOHyQad20OXsmwQAo.roa
File: TJlsK-hpURFOHyQad20OXsmwQAo.roa (raw, json)
Hash identifier: a6wANBFTTCxFkSC8q4VWN1eYH7jwbVw1MgMLkY7wm78=
Subject key identifier: 4C:99:6C:2B:E8:69:51:11:4E:1F:24:1A:77:6D:0E:5E:C9:B0:40:0A
Certificate issuer: /CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Certificate serial: 0185718303BCF9C9DDC4B67FA420F9B0419D
Authority key identifier: 37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/TJlsK-hpURFOHyQad20OXsmwQAo.roa
Signing time: Mon 02 Jan 2023 08:04:49 +0000
ROA not before: Mon 02 Jan 2023 08:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30781
IP address blocks: 91.209.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:03:bc:f9:c9:dd:c4:b6:7f:a4:20:f9:b0:41:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Validity
Not Before: Jan 2 08:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c996c2be86951114e1f241a776d0e5ec9b0400a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:78:4a:be:3f:ea:02:55:14:bd:2b:8c:67:b4:
62:da:5b:43:83:ee:ed:03:b3:13:07:90:76:0d:f2:
6a:84:12:bd:e9:f3:43:e9:6c:5c:88:ca:92:57:de:
b0:44:b8:a7:93:5c:b6:2e:0c:88:9c:79:31:f3:d7:
e8:0c:63:b6:87:d0:33:08:10:0d:e7:60:51:45:c2:
c9:b7:2d:c6:eb:ab:d5:cb:2c:51:24:1d:f7:46:e6:
ae:a4:bd:dc:fd:2d:08:b9:65:2e:20:c0:c0:49:a3:
93:d0:44:ce:34:ad:2d:3f:6f:b0:ab:af:c7:a7:07:
8a:1a:a1:29:d7:b8:da:3a:01:f5:59:75:1c:c6:88:
e2:a4:0b:9b:e4:24:a5:f8:f4:e1:a6:6c:0f:c4:dc:
23:df:79:17:e3:1c:a7:a4:b0:f9:b1:39:7b:1c:46:
e3:4a:bb:f2:44:7a:98:1a:5a:af:56:d1:f2:49:24:
ce:90:1d:59:a1:a0:de:d0:3d:0d:2d:e0:7c:d0:c3:
91:d9:81:bc:19:9f:bb:2c:de:0d:48:77:c8:24:09:
a8:0b:4b:4b:16:3f:4b:64:62:05:a7:ec:ee:fa:68:
e2:1d:f5:56:a4:a1:51:d7:e8:ca:2f:d7:2e:a0:46:
d1:f7:f9:6d:be:ae:d9:c1:a3:fd:5c:8d:2e:ab:1d:
d5:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:99:6C:2B:E8:69:51:11:4E:1F:24:1A:77:6D:0E:5E:C9:B0:40:0A
X509v3 Authority Key Identifier:
keyid:37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/TJlsK-hpURFOHyQad20OXsmwQAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.107.0/24
Signature Algorithm: sha256WithRSAEncryption
af:68:62:5a:15:3c:27:8b:e9:2e:50:7f:35:77:72:f1:bd:43:
d0:73:f6:62:0a:c5:ff:5e:5e:85:dc:6a:bf:c6:82:81:b0:12:
e1:b4:70:22:55:dc:5d:1b:33:e7:4c:05:8e:13:30:c5:61:e3:
87:e5:13:9f:d1:fb:dc:aa:f1:18:86:39:ec:c3:0b:24:f4:59:
64:da:d7:b5:96:dd:38:6b:4b:b8:cc:e4:46:76:67:b4:52:54:
4f:a7:6e:e2:05:a1:05:85:a6:01:58:23:d1:ab:3d:e2:c0:53:
d5:ca:70:9a:41:65:d2:11:db:6c:57:28:ac:b1:d9:f7:c9:e1:
cc:12:b8:bd:64:60:07:95:82:c5:41:14:55:80:97:75:36:2c:
57:bf:0a:80:7e:fc:ce:fc:25:d9:1c:0c:13:95:ec:06:ae:47:
60:81:32:8e:30:75:c6:8c:6d:ec:e8:c6:e5:6b:4f:08:35:d3:
96:26:7e:eb:91:58:85:d1:66:2b:1d:e0:5c:7f:e9:4f:50:d2:
3c:6b:72:f0:57:6b:39:9d:ba:11:50:c3:e9:b4:72:d2:f0:93:
da:53:91:f2:3f:a3:63:56:a9:fa:3c:78:1d:f6:78:38:49:b6:
9e:a2:68:fe:51:97:8a:b0:5e:6d:ea:3a:53:86:7a:f5:c3:5a:
db:44:56:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxgwO8+cndxLZ/pCD5sEGdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3OTQ5YWM4NGQwYjg2OTEwZjRmZDNjZjU5NjI5MjdkODM0
NTBhZWIwHhcNMjMwMTAyMDgwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yzk5NmMyYmU4Njk1MTExNGUxZjI0MWE3NzZkMGU1ZWM5YjA0MDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknhKvj/qAlUUvSuMZ7Ri2ltDg+7t
A7MTB5B2DfJqhBK96fND6WxciMqSV96wRLink1y2LgyInHkx89foDGO2h9AzCBAN
52BRRcLJty3G66vVyyxRJB33RuaupL3c/S0IuWUuIMDASaOT0ETONK0tP2+wq6/H
pweKGqEp17jaOgH1WXUcxojipAub5CSl+PThpmwPxNwj33kX4xynpLD5sTl7HEbj
SrvyRHqYGlqvVtHySSTOkB1ZoaDe0D0NLeB80MOR2YG8GZ+7LN4NSHfIJAmoC0tL
Fj9LZGIFp+zu+mjiHfVWpKFR1+jKL9cuoEbR9/ltvq7ZwaP9XI0uqx3VWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEyZbCvoaVERTh8kGndtDl7JsEAKMB8GA1UdIwQY
MBaAFDeUmshNC4aRD0/Tz1likn2DRQrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgt
YTRkYjM5NmM4OTg3LzEvVEpsc0staHBVUkZPSHlRYWQyME9Yc213UUFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgtYTRkYjM5NmM4OTg3
LzEvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9FrMA0G
CSqGSIb3DQEBCwUAA4IBAQCvaGJaFTwni+kuUH81d3LxvUPQc/ZiCsX/Xl6F3Gq/
xoKBsBLhtHAiVdxdGzPnTAWOEzDFYeOH5ROf0fvcqvEYhjnswwsk9Flk2te1lt04
a0u4zORGdme0UlRPp27iBaEFhaYBWCPRqz3iwFPVynCaQWXSEdtsVyissdn3yeHM
Eri9ZGAHlYLFQRRVgJd1NixXvwqAfvzO/CXZHAwTlewGrkdggTKOMHXGjG3s6Mbl
a08INdOWJn7rkViF0WYrHeBcf+lPUNI8a3LwV2s5nboRUMPptHLS8JPaU5HyP6Nj
Vqn6PHgd9ng4Sbaeomj+UZeKsF5t6jpThnr1w1rbRFaS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:51 2024 by rpki-client on console-fra.rpki-client.org