Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/TGH7bOM2PdLoEx4ucashAg86Lok.roa
File: TGH7bOM2PdLoEx4ucashAg86Lok.roa (raw, json)
Hash identifier: q3Esi4LzUL/IxOPtU89LzeCW8pkl57M9n4kJDblQZU8=
Subject key identifier: 4C:61:FB:6C:E3:36:3D:D2:E8:13:1E:2E:71:AB:21:02:0F:3A:2E:89
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 0191926D9CB0EA71BDC03C4DCB4CB1D4604D
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/TGH7bOM2PdLoEx4ucashAg86Lok.roa
Signing time: Tue 27 Aug 2024 06:02:22 +0000
ROA not before: Tue 27 Aug 2024 06:02:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137409
IP address blocks: 45.130.141.0/24 maxlen: 24
2a0f:2740::/29 maxlen: 48
2a0f:e383::/32 maxlen: 48
2a0f:e384::/32 maxlen: 48
2a0f:e385::/32 maxlen: 48
2a0f:e387::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 27 Aug 2024 07:58:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:92:6d:9c:b0:ea:71:bd:c0:3c:4d:cb:4c:b1:d4:60:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Aug 27 06:02:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c61fb6ce3363dd2e8131e2e71ab21020f3a2e89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1e:f0:2b:7e:3d:da:b6:b7:94:6e:67:f8:b6:
44:50:a7:af:e9:13:ac:ea:c6:4b:35:1f:58:8a:3a:
50:5e:fe:d8:b5:a1:50:6d:ec:e1:0a:e2:9e:9e:d4:
e4:f5:af:1a:a7:66:63:82:95:77:4b:ef:92:10:6c:
a2:97:ba:64:4a:f0:38:a9:d7:ff:b2:33:4c:5b:dc:
f6:62:4f:b2:7b:53:e2:34:13:36:e8:cf:04:1c:29:
e7:a9:35:64:5c:46:f7:a2:31:33:26:32:b4:4f:45:
a1:50:d2:47:fb:bb:58:78:46:5e:a9:2d:a6:66:c1:
ce:df:42:e0:f2:4f:4e:f6:b9:b4:4f:df:8d:e9:d4:
02:c3:85:d9:95:a8:8f:c8:00:e7:24:83:19:6f:15:
74:f7:eb:ea:15:d0:44:8c:02:cb:93:e0:c9:ab:d0:
43:ee:55:ba:07:88:a9:c0:a4:b4:b3:25:39:6e:56:
03:93:ce:76:c0:c5:04:47:34:03:f9:ae:05:88:6e:
95:14:7c:23:9e:65:1f:fe:80:e7:a2:6f:4d:f6:23:
e6:f6:16:2d:9a:07:4c:27:fb:ff:e9:ed:3f:65:49:
07:37:53:02:05:10:4b:f9:11:3e:b1:9b:de:e6:bc:
75:68:c4:ac:97:bf:31:df:f3:e4:cd:d3:c9:d9:f5:
47:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:61:FB:6C:E3:36:3D:D2:E8:13:1E:2E:71:AB:21:02:0F:3A:2E:89
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/TGH7bOM2PdLoEx4ucashAg86Lok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.141.0/24
IPv6:
2a0f:2740::/29
2a0f:e383::-2a0f:e385:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:e387::/32
Signature Algorithm: sha256WithRSAEncryption
5c:f2:21:68:19:b6:8b:d4:f8:93:0d:17:e0:7f:31:18:f8:53:
67:9f:1f:be:56:e1:ff:6b:e0:7c:89:46:50:bd:3d:37:a3:94:
18:c6:32:e3:71:19:52:40:b6:b2:f2:40:e5:bc:8c:9a:b8:38:
ea:17:52:27:4a:24:61:c9:60:08:67:f0:41:ac:4d:42:7c:d5:
cf:49:f6:26:33:23:55:57:1a:27:d1:b5:40:ad:fc:7a:56:1b:
37:1a:03:fb:8a:3a:39:b8:e7:02:5a:a7:1f:4d:f3:23:11:48:
6e:f0:f5:66:c9:1d:00:70:c7:d5:a3:ce:b8:83:67:df:8f:42:
53:82:81:c9:99:9c:c4:dc:5e:8b:d9:f2:6b:5c:e2:aa:6f:a6:
38:d9:af:81:b0:73:6a:f2:85:f9:76:4f:df:2a:6b:1e:a3:67:
c8:65:7f:e9:dd:27:21:9e:df:a4:10:8a:c5:7f:33:ea:6d:aa:
ff:63:30:73:05:bd:5d:ba:e7:b3:ff:2f:cf:29:8b:af:c6:e2:
df:76:5e:7f:5e:b5:46:a5:15:37:ca:2a:82:1b:09:dd:a9:21:
ef:cc:34:85:38:3d:8a:95:ed:b8:f7:4b:12:c1:d6:7c:59:58:
50:34:61:f7:eb:64:65:78:5c:83:1a:e2:10:ba:c3:f0:39:bd:
2e:db:b5:17
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZGSbZyw6nG9wDxNy0yx1GBNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwODI3MDYwMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzYxZmI2Y2UzMzYzZGQyZTgxMzFlMmU3MWFiMjEwMjBmM2EyZTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArx7wK3492ra3lG5n+LZEUKev6ROs
6sZLNR9YijpQXv7YtaFQbezhCuKentTk9a8ap2ZjgpV3S++SEGyil7pkSvA4qdf/
sjNMW9z2Yk+ye1PiNBM26M8EHCnnqTVkXEb3ojEzJjK0T0WhUNJH+7tYeEZeqS2m
ZsHO30Lg8k9O9rm0T9+N6dQCw4XZlaiPyADnJIMZbxV09+vqFdBEjALLk+DJq9BD
7lW6B4ipwKS0syU5blYDk852wMUERzQD+a4FiG6VFHwjnmUf/oDnom9N9iPm9hYt
mgdMJ/v/6e0/ZUkHN1MCBRBL+RE+sZve5rx1aMSsl78x3/PkzdPJ2fVH3wIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFExh+2zjNj3S6BMeLnGrIQIPOi6JMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvVEdIN2JPTTJQZExvRXg0dWNhc2hBZzg2TG9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAMBAIAATAGAwQALYKNMCQE
AgACMB4DBQMqDydAMA4DBQAqD+ODAwUBKg/jhAMFACoP44cwDQYJKoZIhvcNAQEL
BQADggEBAFzyIWgZtovU+JMNF+B/MRj4U2efH75W4f9r4HyJRlC9PTejlBjGMuNx
GVJAtrLyQOW8jJq4OOoXUidKJGHJYAhn8EGsTUJ81c9J9iYzI1VXGifRtUCt/HpW
GzcaA/uKOjm45wJapx9N8yMRSG7w9WbJHQBwx9WjzriDZ9+PQlOCgcmZnMTcXovZ
8mtc4qpvpjjZr4Gwc2ryhfl2T98qax6jZ8hlf+ndJyGe36QQisV/M+ptqv9jMHMF
vV2657P/L88pi6/G4t92Xn9etUalFTfKKoIbCd2pIe/MNIU4PYqV7bj3SxLB1nxZ
WFA0YffrZGV4XIMa4hC6w/A5vS7btRc=
-----END CERTIFICATE-----
Generated at Tue Aug 27 09:43:39 2024 by rpki-client on console-fra.rpki-client.org