Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/TfAPZdF1lBJMU-4_yZcc-xsDE50.roa
File: TfAPZdF1lBJMU-4_yZcc-xsDE50.roa (raw, json)
Hash identifier: eyFxECZ7j0MNdKZWxWyEuV+wiH0XvvkN+O0JorqFL7g=
Subject key identifier: 4D:F0:0F:65:D1:75:94:12:4C:53:EE:3F:C9:97:1C:FB:1B:03:13:9D
Certificate issuer: /CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Certificate serial: 01885D2D88260D388B342133D086C391693C
Authority key identifier: B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/TfAPZdF1lBJMU-4_yZcc-xsDE50.roa
Signing time: Sat 27 May 2023 12:27:24 +0000
ROA not before: Sat 27 May 2023 12:27:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 95.140.148.0/24 maxlen: 24
185.69.220.0/22 maxlen: 24
80.90.178.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Jun 2023 22:17:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:5d:2d:88:26:0d:38:8b:34:21:33:d0:86:c3:91:69:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Validity
Not Before: May 27 12:27:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4df00f65d17594124c53ee3fc9971cfb1b03139d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:3c:19:80:4e:48:fa:e5:c6:23:8a:26:8f:f6:
32:91:2a:99:04:ff:31:75:2e:8c:73:e6:db:c1:36:
7d:92:d3:37:9c:fe:25:ac:ee:9c:31:fd:f4:13:f9:
30:e8:33:93:c0:41:7c:1b:aa:a4:92:0e:ec:cf:a5:
5b:db:0e:86:66:7d:4a:ff:2e:55:6a:5e:51:24:82:
ed:2b:37:1e:6f:6c:75:f6:cf:f1:cb:5e:ad:03:e2:
ab:a8:c0:6e:0a:23:96:89:1d:f5:7a:49:dd:38:0c:
6b:46:a1:1b:a2:42:6a:05:fb:0b:86:4c:9e:46:b8:
39:dc:d0:e6:fd:23:7f:b6:58:ed:d4:84:a0:38:0a:
ba:04:d0:8d:67:2f:b3:29:92:18:7b:8d:e5:e3:96:
a6:38:1a:0c:70:0e:10:a9:ec:a0:75:5e:0e:42:19:
c6:bc:12:15:25:60:03:da:7c:ab:3b:5d:2d:0e:58:
27:07:42:11:6d:c0:00:3e:bd:69:9c:51:aa:d8:8d:
ac:c5:df:19:41:b3:53:8a:ce:2e:57:23:78:2d:c4:
dc:0a:c9:8a:d9:7c:75:22:84:a4:df:a5:ce:5b:ef:
b6:60:17:98:44:02:b7:83:cc:7f:80:10:ef:d5:bc:
d7:cb:3c:a0:c0:4d:19:2e:31:ad:90:92:9f:c0:32:
9c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:F0:0F:65:D1:75:94:12:4C:53:EE:3F:C9:97:1C:FB:1B:03:13:9D
X509v3 Authority Key Identifier:
keyid:B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/TfAPZdF1lBJMU-4_yZcc-xsDE50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueqJNvjlMGO0s73w87FbKuZn7xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.90.178.0/24
95.140.148.0/24
185.69.220.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:af:86:f6:ae:fd:7a:6e:b4:d0:cc:f3:0f:b9:33:9c:69:ad:
4a:95:23:d1:fe:87:1f:85:9e:d7:1b:99:38:22:ad:52:8c:b2:
bf:81:b5:c2:34:82:6e:98:e8:56:e5:6c:3c:94:c2:74:a2:1f:
9a:37:4e:54:4c:d1:54:d8:96:80:c0:d3:b1:73:7c:51:a3:fb:
37:3e:2b:da:ff:9e:fc:3b:9c:58:b4:80:2b:2e:31:92:72:fd:
cd:fa:dc:95:85:89:06:96:b5:d7:31:08:31:c5:2a:95:0a:49:
94:6c:31:80:2a:e2:ea:26:40:6a:be:eb:df:75:66:05:3a:63:
87:87:6b:13:89:6c:e6:db:32:b1:db:13:d9:8e:56:f1:be:b0:
68:ad:47:1d:66:15:61:82:cb:92:7b:f6:b0:59:5f:b6:cd:83:
a9:04:d7:66:ac:85:21:8c:56:0b:51:eb:1f:63:ad:87:df:3c:
14:50:97:71:50:99:d2:bb:1c:85:66:76:96:1b:4d:4f:4b:3c:
c9:47:ec:eb:54:17:c6:88:68:4d:9b:a0:3d:36:4c:05:db:99:
63:d6:34:50:a1:af:ab:e0:ef:1b:21:0a:3c:68:eb:33:d1:d6:
4a:91:32:45:c4:c5:50:31:2f:e2:d1:1e:6f:06:4a:f3:3e:7e:
de:26:a6:84
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYhdLYgmDTiLNCEz0IbDkWk8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZWE4OTM2ZjhlNTMwNjNiNGIzYmRmMGYzYjE1YjJhZTY2
N2VmMTMwHhcNMjMwNTI3MTIyNzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGYwMGY2NWQxNzU5NDEyNGM1M2VlM2ZjOTk3MWNmYjFiMDMxMzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDwZgE5I+uXGI4omj/YykSqZBP8x
dS6Mc+bbwTZ9ktM3nP4lrO6cMf30E/kw6DOTwEF8G6qkkg7sz6Vb2w6GZn1K/y5V
al5RJILtKzceb2x19s/xy16tA+KrqMBuCiOWiR31ekndOAxrRqEbokJqBfsLhkye
Rrg53NDm/SN/tljt1ISgOAq6BNCNZy+zKZIYe43l45amOBoMcA4QqeygdV4OQhnG
vBIVJWAD2nyrO10tDlgnB0IRbcAAPr1pnFGq2I2sxd8ZQbNTis4uVyN4LcTcCsmK
2Xx1IoSk36XOW++2YBeYRAK3g8x/gBDv1bzXyzygwE0ZLjGtkJKfwDKccQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE3wD2XRdZQSTFPuP8mXHPsbAxOdMB8GA1UdIwQY
MBaAFLnqiTb45TBjtLO98POxWyrmZ+8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEt
YjI1MDk5N2ZjNzVkLzEvVGZBUFpkRjFsQkpNVS00X3laY2MteHNERTUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEtYjI1MDk5N2ZjNzVk
LzEvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUFqyAwQA
X4yUAwQCuUXcMA0GCSqGSIb3DQEBCwUAA4IBAQC3r4b2rv16brTQzPMPuTOcaa1K
lSPR/ocfhZ7XG5k4Iq1SjLK/gbXCNIJumOhW5Ww8lMJ0oh+aN05UTNFU2JaAwNOx
c3xRo/s3Piva/578O5xYtIArLjGScv3N+tyVhYkGlrXXMQgxxSqVCkmUbDGAKuLq
JkBqvuvfdWYFOmOHh2sTiWzm2zKx2xPZjlbxvrBorUcdZhVhgsuSe/awWV+2zYOp
BNdmrIUhjFYLUesfY62H3zwUUJdxUJnSuxyFZnaWG01PSzzJR+zrVBfGiGhNm6A9
NkwF25lj1jRQoa+r4O8bIQo8aOsz0dZKkTJFxMVQMS/i0R5vBkrzPn7eJqaE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:23 2024 by rpki-client on console-ams.rpki-client.org