Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/5b1149-647d-4067-9807-445d4588c312/1/TJKE1UGgkTH0Do_6lTZS2tW5CoM.roa
File: TJKE1UGgkTH0Do_6lTZS2tW5CoM.roa (raw, json)
Hash identifier: lrW6sF1qjH9GhA3e7r5VvHkWMflQOr80fu68pKSzGU8=
Subject key identifier: 4C:92:84:D5:41:A0:91:31:F4:0E:8F:FA:95:36:52:DA:D5:B9:0A:83
Certificate issuer: /CN=dac79d2855b897418208d47ba6e51460015b5d7b
Certificate serial: 01856EC1F70EBDF495754691DB8C9F5F7C7A
Authority key identifier: DA:C7:9D:28:55:B8:97:41:82:08:D4:7B:A6:E5:14:60:01:5B:5D:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2sedKFW4l0GCCNR7puUUYAFbXXs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/5b1149-647d-4067-9807-445d4588c312/1/TJKE1UGgkTH0Do_6lTZS2tW5CoM.roa
Signing time: Sun 01 Jan 2023 19:14:43 +0000
ROA not before: Sun 01 Jan 2023 19:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56871
IP address blocks: 185.154.216.0/22 maxlen: 24
213.184.80.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:31:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c1:f7:0e:bd:f4:95:75:46:91:db:8c:9f:5f:7c:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dac79d2855b897418208d47ba6e51460015b5d7b
Validity
Not Before: Jan 1 19:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c9284d541a09131f40e8ffa953652dad5b90a83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ed:45:a5:13:42:fc:41:79:62:d2:a6:14:d8:
43:b4:80:a9:c0:9a:5a:b5:27:3f:9a:6b:0e:5e:56:
0d:c3:47:87:49:b4:5f:39:25:18:93:45:df:71:fd:
f5:68:88:42:35:88:ac:1d:55:34:4c:20:ef:15:5e:
14:2b:2c:b6:56:ed:05:e6:07:f9:4e:a7:e8:2e:b5:
d8:40:d9:b9:29:52:ee:f6:ea:26:b3:cc:10:0e:97:
01:47:8a:b9:e4:f8:e0:26:dc:f7:94:fb:2d:5c:27:
dd:53:8d:24:11:23:48:89:27:28:46:1b:27:4e:8f:
a6:58:d9:d7:97:2b:8c:48:7e:6d:a1:80:69:41:ae:
60:5f:7c:84:99:98:b1:72:87:21:f8:29:b9:28:b8:
5b:9a:00:ac:42:ea:52:a1:6f:59:86:03:69:73:f0:
bf:d6:19:19:56:db:2d:6b:03:a4:37:0e:78:c9:03:
84:bc:57:93:7b:ed:cd:89:86:e9:b7:8d:a9:5f:9b:
d9:8b:1a:80:df:b4:6c:9c:c3:51:1d:46:58:1b:cd:
75:3f:3a:ee:2e:9c:ce:38:56:89:85:40:f6:76:83:
58:cb:f1:e1:6b:a1:16:4a:98:1c:e0:c2:36:2f:41:
30:68:e6:f1:7a:9a:f3:63:57:d6:88:c1:4d:cf:27:
f5:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:92:84:D5:41:A0:91:31:F4:0E:8F:FA:95:36:52:DA:D5:B9:0A:83
X509v3 Authority Key Identifier:
keyid:DA:C7:9D:28:55:B8:97:41:82:08:D4:7B:A6:E5:14:60:01:5B:5D:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2sedKFW4l0GCCNR7puUUYAFbXXs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/5b1149-647d-4067-9807-445d4588c312/1/TJKE1UGgkTH0Do_6lTZS2tW5CoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/5b1149-647d-4067-9807-445d4588c312/1/2sedKFW4l0GCCNR7puUUYAFbXXs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.154.216.0/22
213.184.80.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:c6:54:84:35:32:29:60:b3:87:f1:ef:c2:1b:5d:97:fe:0a:
8b:84:8f:aa:bb:5e:79:bd:e5:6c:38:dc:2b:fe:3f:6f:6b:00:
93:fd:61:e2:c3:38:24:77:b1:80:1d:82:a0:72:dd:c8:6c:7b:
81:d4:6c:c6:65:6e:c6:c2:a0:ac:ad:eb:b3:68:8b:fe:9b:f7:
ba:eb:82:a6:a8:45:20:a8:13:10:2f:94:08:c8:55:4a:2d:25:
30:22:6d:2e:0d:bf:f0:92:be:b3:35:5e:88:3d:ea:47:fc:1b:
53:ec:c8:54:d3:bb:53:44:71:fb:43:db:63:25:8c:ec:ca:c9:
3c:f7:c1:a9:b1:e7:f5:38:10:1a:2d:23:d6:8a:df:e4:dd:f8:
2e:76:96:fb:59:aa:54:b2:e3:1d:10:48:51:c4:93:17:cf:a2:
ea:63:23:f5:ee:17:a8:9f:b5:5b:f5:ce:ca:11:55:ac:08:0b:
2a:ee:a0:3f:b0:f2:e6:c9:2d:e1:31:8a:4a:d1:cf:a0:a5:ab:
cd:00:af:2c:c0:42:f8:e7:57:0f:0b:c7:c5:03:bf:ab:9b:b8:
46:28:40:09:9e:d5:72:37:6e:fc:b1:1b:10:56:5c:7f:a4:ba:
2d:10:66:e8:9b:0e:36:49:7e:5a:49:20:50:bd:8a:b2:61:52:
93:b4:30:9a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuwfcOvfSVdUaR24yfX3x6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYzc5ZDI4NTViODk3NDE4MjA4ZDQ3YmE2ZTUxNDYwMDE1
YjVkN2IwHhcNMjMwMTAxMTkxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzkyODRkNTQxYTA5MTMxZjQwZThmZmE5NTM2NTJkYWQ1YjkwYTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+1FpRNC/EF5YtKmFNhDtICpwJpa
tSc/mmsOXlYNw0eHSbRfOSUYk0Xfcf31aIhCNYisHVU0TCDvFV4UKyy2Vu0F5gf5
TqfoLrXYQNm5KVLu9uoms8wQDpcBR4q55PjgJtz3lPstXCfdU40kESNIiScoRhsn
To+mWNnXlyuMSH5toYBpQa5gX3yEmZixcoch+Cm5KLhbmgCsQupSoW9ZhgNpc/C/
1hkZVtstawOkNw54yQOEvFeTe+3NiYbpt42pX5vZixqA37RsnMNRHUZYG811Pzru
LpzOOFaJhUD2doNYy/Hha6EWSpgc4MI2L0EwaObxeprzY1fWiMFNzyf1swIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEyShNVBoJEx9A6P+pU2UtrVuQqDMB8GA1UdIwQY
MBaAFNrHnShVuJdBggjUe6blFGABW117MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnNlZEtGVzRsMEdDQ05SN3B1VVVZQUZiWFhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny81YjExNDktNjQ3ZC00MDY3LTk4MDct
NDQ1ZDQ1ODhjMzEyLzEvVEpLRTFVR2drVEgwRG9fNmxUWlMydFc1Q29NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny81YjExNDktNjQ3ZC00MDY3LTk4MDctNDQ1ZDQ1ODhjMzEy
LzEvMnNlZEtGVzRsMEdDQ05SN3B1VVVZQUZiWFhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuZrYAwQC
1bhQMA0GCSqGSIb3DQEBCwUAA4IBAQBuxlSENTIpYLOH8e/CG12X/gqLhI+qu155
veVsONwr/j9vawCT/WHiwzgkd7GAHYKgct3IbHuB1GzGZW7GwqCsreuzaIv+m/e6
64KmqEUgqBMQL5QIyFVKLSUwIm0uDb/wkr6zNV6IPepH/BtT7MhU07tTRHH7Q9tj
JYzsysk898Gpsef1OBAaLSPWit/k3fgudpb7WapUsuMdEEhRxJMXz6LqYyP17heo
n7Vb9c7KEVWsCAsq7qA/sPLmyS3hMYpK0c+gpavNAK8swEL451cPC8fFA7+rm7hG
KEAJntVyN278sRsQVlx/pLotEGbomw42SX5aSSBQvYqyYVKTtDCa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:19 2024 by rpki-client on console-fra.rpki-client.org