Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/tnjZnflQUoPsjQunCyp1nqwJlzo.roa
File: tnjZnflQUoPsjQunCyp1nqwJlzo.roa (raw, json)
Hash identifier: RnExaP5LBng1kdOmJftRee5brSy384IGevS3kttnY+Q=
Subject key identifier: B6:78:D9:9D:F9:50:52:83:EC:8D:0B:A7:0B:2A:75:9E:AC:09:97:3A
Certificate issuer: /CN=a088b0547f09fe9224050d70a523da5bedbe0738
Certificate serial: 018C8C57DF6EA3744180A864254A60A295BA
Authority key identifier: A0:88:B0:54:7F:09:FE:92:24:05:0D:70:A5:23:DA:5B:ED:BE:07:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oIiwVH8J_pIkBQ1wpSPaW-2-Bzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/tnjZnflQUoPsjQunCyp1nqwJlzo.roa
Signing time: Thu 21 Dec 2023 12:26:58 +0000
ROA not before: Thu 21 Dec 2023 12:26:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212027
IP address blocks: 37.230.138.0/24 maxlen: 24
81.16.176.0/24 maxlen: 24
81.16.177.0/24 maxlen: 24
91.208.92.0/24 maxlen: 24
194.213.3.0/24 maxlen: 24
213.170.135.0/24 maxlen: 24
188.64.33.0/24 maxlen: 24
45.143.196.0/22 maxlen: 24
2a10:e780::/40 maxlen: 40
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8c:57:df:6e:a3:74:41:80:a8:64:25:4a:60:a2:95:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a088b0547f09fe9224050d70a523da5bedbe0738
Validity
Not Before: Dec 21 12:26:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b678d99df9505283ec8d0ba70b2a759eac09973a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:e1:dc:e2:31:31:29:99:34:e9:60:54:6d:84:
c2:3b:7a:0a:6b:d2:a4:18:0e:75:cb:1a:1b:df:04:
f9:55:91:05:7f:d7:07:2d:1b:41:10:5d:ac:c4:96:
99:e5:74:4f:51:9c:83:c9:38:6c:db:6f:74:9c:d5:
34:6a:ee:0c:64:98:f2:37:d8:9d:01:70:79:51:77:
c1:01:6e:6d:83:10:a0:5d:3a:c3:ad:24:e8:3a:10:
c7:03:ea:ba:f9:1a:df:0e:7e:72:94:c3:97:79:68:
a3:9e:c2:c3:37:51:87:04:88:e8:4e:2c:98:ae:39:
0f:f4:ed:0b:62:6b:26:5e:11:f5:1a:e4:fa:ec:38:
a1:3e:4b:c6:2d:d1:27:4c:23:d1:f8:e1:96:62:24:
1a:27:5a:5d:12:b3:09:ab:cd:04:1d:53:a8:39:63:
52:b0:b7:a3:a7:15:e8:26:61:e6:70:c2:2c:04:e1:
b0:2c:98:eb:98:52:84:9e:44:77:01:68:9e:27:21:
1b:ab:a4:8c:05:0e:10:69:76:67:b8:38:4a:c4:d9:
b2:71:92:62:e3:3b:41:34:36:59:9a:a2:28:00:a6:
47:99:be:92:f0:3a:35:b6:6d:ec:93:57:a5:60:9c:
3f:dc:36:49:24:de:16:0a:6b:97:d5:d9:2a:e7:81:
f0:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:78:D9:9D:F9:50:52:83:EC:8D:0B:A7:0B:2A:75:9E:AC:09:97:3A
X509v3 Authority Key Identifier:
keyid:A0:88:B0:54:7F:09:FE:92:24:05:0D:70:A5:23:DA:5B:ED:BE:07:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oIiwVH8J_pIkBQ1wpSPaW-2-Bzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/tnjZnflQUoPsjQunCyp1nqwJlzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/oIiwVH8J_pIkBQ1wpSPaW-2-Bzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.230.138.0/24
45.143.196.0/22
81.16.176.0/23
91.208.92.0/24
188.64.33.0/24
194.213.3.0/24
213.170.135.0/24
IPv6:
2a10:e780::/40
Signature Algorithm: sha256WithRSAEncryption
2d:bd:d3:9e:42:fb:27:d3:1a:d8:05:6e:f4:bb:c5:a7:79:0a:
3a:d8:f3:56:80:9f:3c:0f:f1:91:f2:b7:9d:42:44:64:9e:fd:
f3:9a:c6:0b:21:53:1c:e6:b2:fb:d4:84:4f:26:54:30:4c:cf:
c0:29:4b:2a:47:b1:67:e8:6f:03:c9:70:ca:6c:0e:74:2f:ba:
a3:cb:ef:d5:8f:2d:5a:bc:9e:91:12:1c:88:f7:5c:c7:bc:be:
5c:46:e7:a8:a8:17:ab:a1:5c:d5:7c:e4:f8:53:a6:28:2d:2a:
fa:05:b6:34:b2:82:4c:73:ce:6a:4f:46:36:b4:ba:99:af:11:
79:c6:c1:1e:cb:cc:62:86:60:62:ff:df:fb:62:03:6b:c0:67:
8b:76:ab:39:b8:2a:db:c6:81:05:47:e0:c3:c9:f3:7c:8e:1a:
ab:8e:04:94:24:7e:d7:e8:2d:89:14:2b:24:52:85:e7:fb:f1:
59:1c:e9:1d:6d:15:eb:30:3e:a3:f3:65:e2:a7:74:d6:aa:a5:
01:43:7f:7f:b9:1b:a6:24:80:af:94:a8:b1:64:88:9f:5b:ea:
22:76:0f:8f:07:b4:ff:ef:87:9f:6c:8b:5c:b9:e1:ab:05:48:
c4:da:44:d5:f5:aa:0b:c1:43:0e:c4:40:1c:99:60:c9:de:44:
47:6d:15:3c
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYyMV99uo3RBgKhkJUpgopW6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwODhiMDU0N2YwOWZlOTIyNDA1MGQ3MGE1MjNkYTViZWRi
ZTA3MzgwHhcNMjMxMjIxMTIyNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjc4ZDk5ZGY5NTA1MjgzZWM4ZDBiYTcwYjJhNzU5ZWFjMDk5NzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOHc4jExKZk06WBUbYTCO3oKa9Kk
GA51yxob3wT5VZEFf9cHLRtBEF2sxJaZ5XRPUZyDyThs2290nNU0au4MZJjyN9id
AXB5UXfBAW5tgxCgXTrDrSToOhDHA+q6+RrfDn5ylMOXeWijnsLDN1GHBIjoTiyY
rjkP9O0LYmsmXhH1GuT67DihPkvGLdEnTCPR+OGWYiQaJ1pdErMJq80EHVOoOWNS
sLejpxXoJmHmcMIsBOGwLJjrmFKEnkR3AWieJyEbq6SMBQ4QaXZnuDhKxNmycZJi
4ztBNDZZmqIoAKZHmb6S8Do1tm3sk1elYJw/3DZJJN4WCmuX1dkq54Hw+QIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFLZ42Z35UFKD7I0LpwsqdZ6sCZc6MB8GA1UdIwQY
MBaAFKCIsFR/Cf6SJAUNcKUj2lvtvgc4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0lpd1ZIOEpfcElrQlExd3BTUGFXLTItQnpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9kOTA2MzUtYjI4Mi00ZTg2LTllNTMt
ZGY4MmZhODk3MzI2LzEvdG5qWm5mbFFVb1BzalF1bkN5cDFucXdKbHpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9kOTA2MzUtYjI4Mi00ZTg2LTllNTMtZGY4MmZhODk3MzI2
LzEvb0lpd1ZIOEpfcElrQlExd3BTUGFXLTItQnpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAwBAIAATAqAwQAJeaKAwQC
LY/EAwQBURCwAwQAW9BcAwQAvEAhAwQAwtUDAwQA1aqHMA4EAgACMAgDBgAqEOeA
ADANBgkqhkiG9w0BAQsFAAOCAQEALb3TnkL7J9Ma2AVu9LvFp3kKOtjzVoCfPA/x
kfK3nUJEZJ7985rGCyFTHOay+9SETyZUMEzPwClLKkexZ+hvA8lwymwOdC+6o8vv
1Y8tWryekRIciPdcx7y+XEbnqKgXq6Fc1Xzk+FOmKC0q+gW2NLKCTHPOak9GNrS6
ma8RecbBHsvMYoZgYv/f+2IDa8Bni3arObgq28aBBUfgw8nzfI4aq44ElCR+1+gt
iRQrJFKF5/vxWRzpHW0V6zA+o/Nl4qd01qqlAUN/f7kbpiSAr5SosWSIn1vqInYP
jwe0/++Hn2yLXLnhqwVIxNpE1fWqC8FDDsRAHJlgyd5ER20VPA==
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:16:04 2024 by rpki-client on console-ams.rpki-client.org