Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/tcJ3N7oJcZosi11qRXr_QXNcIgk.roa
File: tcJ3N7oJcZosi11qRXr_QXNcIgk.roa (raw, json)
Hash identifier: pwus4bQj+bhAD+tzDjsrPSN3avE3X6rfoisnnPJW1Pg=
Subject key identifier: B5:C2:77:37:BA:09:71:9A:2C:8B:5D:6A:45:7A:FF:41:73:5C:22:09
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018CC86FA2BF087D4DBE5C18F82F1BD6147E
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/tcJ3N7oJcZosi11qRXr_QXNcIgk.roa
Signing time: Tue 02 Jan 2024 04:30:08 +0000
ROA not before: Tue 02 Jan 2024 04:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13213
IP address blocks: 45.128.198.0/24 maxlen: 24
136.144.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Mar 2024 09:16:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:a2:bf:08:7d:4d:be:5c:18:f8:2f:1b:d6:14:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 04:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5c27737ba09719a2c8b5d6a457aff41735c2209
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f8:a2:b1:23:88:bf:da:2a:7c:fa:4b:3b:93:
5b:b0:9b:94:61:ca:fc:28:8e:98:06:9c:9b:76:13:
ff:4f:6d:20:1d:ed:8a:7f:b2:da:83:00:d6:8c:e4:
4b:59:4b:8c:95:66:e2:b0:8d:40:6d:59:a8:20:be:
db:31:b9:bb:c7:7b:2c:62:c0:ba:6e:e7:25:d1:b3:
97:68:52:59:6b:d0:f5:64:5c:b8:c3:1a:aa:ec:6f:
e0:b4:4e:ca:21:fb:09:1c:40:7a:e6:73:9a:98:44:
dd:8f:c0:03:36:0a:9c:d2:62:4a:20:2c:2c:d5:8a:
d2:9d:97:88:12:dc:c5:ed:a2:f5:b7:f0:58:f5:7c:
10:d3:61:c1:21:85:33:1f:ab:63:cf:d3:86:cc:95:
76:e8:67:e7:76:ec:08:2b:57:7c:10:24:77:40:bf:
64:27:c1:31:36:22:f1:3a:7d:41:3c:7f:aa:d8:e8:
b0:c2:79:3c:90:8c:bc:d3:0d:62:f8:9d:72:5e:04:
a9:c6:6c:51:d3:e7:93:0e:84:7b:ac:78:ae:55:d9:
b2:84:07:24:32:83:d3:26:70:f7:6c:a6:51:ab:c2:
1e:e1:71:20:93:9a:a8:c6:33:1e:12:a9:0d:17:49:
5f:29:86:37:67:a3:7c:b1:75:51:15:4c:de:6c:3c:
d7:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:C2:77:37:BA:09:71:9A:2C:8B:5D:6A:45:7A:FF:41:73:5C:22:09
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/tcJ3N7oJcZosi11qRXr_QXNcIgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.198.0/24
136.144.40.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:5d:bd:0e:79:87:c3:58:5d:93:88:e9:99:b7:13:1a:b5:33:
da:79:42:bc:a2:d2:1a:5b:7a:24:51:84:bb:c3:5f:95:c1:e8:
6c:0e:23:98:a9:c4:85:41:e8:80:a4:3d:c0:b6:e8:c5:49:e5:
0c:88:ce:be:a9:fa:05:cb:e4:0f:72:ed:84:4d:d4:e5:e5:53:
e4:15:8f:3e:02:34:ff:83:c3:33:21:1f:8d:01:3b:9f:0a:7d:
1a:43:a9:56:a4:b0:19:78:fb:fb:13:55:03:8c:fd:62:1f:35:
ab:b8:ce:28:29:af:36:a6:66:24:df:20:c0:03:b2:cd:88:28:
45:52:c4:52:e4:eb:fc:b3:bc:31:e6:97:4c:53:bc:f9:62:94:
14:f7:d0:fc:35:ee:f8:f7:44:a9:af:dc:89:f4:5d:eb:0e:c3:
4a:52:9d:e7:2b:60:07:cb:30:6e:38:08:95:78:0f:45:69:e2:
4c:4c:18:e5:ce:eb:d5:75:81:59:b2:78:19:de:ac:a0:07:7a:
c1:31:2c:91:04:58:3b:0f:05:01:ef:47:58:53:3b:1e:1f:30:
e6:10:2a:16:8e:a1:79:f9:60:64:a4:29:b7:cb:ec:a7:7f:7f:
cb:08:31:e1:81:72:e7:e7:2d:98:5b:cd:43:c3:52:8a:df:74:
d0:04:90:41
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIb6K/CH1NvlwY+C8b1hR+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMTAyMDQzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWMyNzczN2JhMDk3MTlhMmM4YjVkNmE0NTdhZmY0MTczNWMyMjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoviisSOIv9oqfPpLO5NbsJuUYcr8
KI6YBpybdhP/T20gHe2Kf7LagwDWjORLWUuMlWbisI1AbVmoIL7bMbm7x3ssYsC6
bucl0bOXaFJZa9D1ZFy4wxqq7G/gtE7KIfsJHEB65nOamETdj8ADNgqc0mJKICws
1YrSnZeIEtzF7aL1t/BY9XwQ02HBIYUzH6tjz9OGzJV26GfnduwIK1d8ECR3QL9k
J8ExNiLxOn1BPH+q2Oiwwnk8kIy80w1i+J1yXgSpxmxR0+eTDoR7rHiuVdmyhAck
MoPTJnD3bKZRq8Ie4XEgk5qoxjMeEqkNF0lfKYY3Z6N8sXVRFUzebDzXVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLXCdze6CXGaLItdakV6/0FzXCIJMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvdGNKM043b0pjWm9zaTExcVJYcl9RWE5jSWdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYDGAwQA
iJAoMA0GCSqGSIb3DQEBCwUAA4IBAQBLXb0OeYfDWF2TiOmZtxMatTPaeUK8otIa
W3okUYS7w1+VwehsDiOYqcSFQeiApD3AtujFSeUMiM6+qfoFy+QPcu2ETdTl5VPk
FY8+AjT/g8MzIR+NATufCn0aQ6lWpLAZePv7E1UDjP1iHzWruM4oKa82pmYk3yDA
A7LNiChFUsRS5Ov8s7wx5pdMU7z5YpQU99D8Ne7490Spr9yJ9F3rDsNKUp3nK2AH
yzBuOAiVeA9FaeJMTBjlzuvVdYFZsngZ3qygB3rBMSyRBFg7DwUB70dYUzseHzDm
ECoWjqF5+WBkpCm3y+ynf3/LCDHhgXLn5y2YW81Dw1KK33TQBJBB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:52 2024 by rpki-client on console-ams.rpki-client.org