Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/b35c9a-8495-4169-8c50-3692f7841619/1/TBj-5bdV0Z-_Q3G-Nr-0IRnPFiw.roa
File: TBj-5bdV0Z-_Q3G-Nr-0IRnPFiw.roa (raw, json)
Hash identifier: Ym2Tz3UUjQtD7o96DVQPUQgdT+1gbY2oIpFYh+U/ixM=
Subject key identifier: 4C:18:FE:E5:B7:55:D1:9F:BF:43:71:BE:36:BF:B4:21:19:CF:16:2C
Certificate issuer: /CN=90d5822d3c7bbf7ab5404dda88fd9da92138de21
Certificate serial: 018B91F63FF6A1205AC245E97532DD57D8B4
Authority key identifier: 90:D5:82:2D:3C:7B:BF:7A:B5:40:4D:DA:88:FD:9D:A9:21:38:DE:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kNWCLTx7v3q1QE3aiP2dqSE43iE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/b35c9a-8495-4169-8c50-3692f7841619/1/TBj-5bdV0Z-_Q3G-Nr-0IRnPFiw.roa
Signing time: Thu 02 Nov 2023 21:35:16 +0000
ROA not before: Thu 02 Nov 2023 21:35:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42779
IP address blocks: 77.244.116.0/23 maxlen: 23
77.244.112.0/20 maxlen: 20
77.244.118.0/23 maxlen: 23
77.244.124.0/23 maxlen: 23
77.244.126.0/23 maxlen: 23
2a02:4380::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:91:f6:3f:f6:a1:20:5a:c2:45:e9:75:32:dd:57:d8:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90d5822d3c7bbf7ab5404dda88fd9da92138de21
Validity
Not Before: Nov 2 21:35:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c18fee5b755d19fbf4371be36bfb42119cf162c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:26:41:e3:bb:80:d2:da:34:f1:5c:29:79:02:
da:85:a3:5d:08:76:b6:f7:dd:3f:70:c6:a9:ab:44:
1d:bc:ad:01:59:2a:d3:a7:22:da:c6:dd:e3:4c:ce:
16:c0:d0:7d:fd:40:eb:7b:81:58:40:e3:af:04:52:
49:08:be:57:70:6f:40:4a:c6:8c:d2:ac:d8:a8:b3:
23:28:26:42:45:f8:4b:aa:00:92:b8:0a:d8:40:9e:
14:fe:4f:5d:87:5f:9d:96:eb:55:a3:04:07:cf:91:
c1:47:77:d4:90:11:5a:5f:e4:82:72:f2:43:82:39:
e8:5e:22:7b:94:b9:91:23:0a:8d:b4:8f:08:33:0f:
63:03:9b:a9:92:46:9d:84:9e:b5:d0:66:64:53:4e:
6e:ef:a0:35:14:1e:26:9f:be:f8:0c:12:ea:89:51:
3e:28:b2:15:a8:88:2b:b8:c0:f2:2a:e9:63:b1:04:
7b:e1:b4:35:79:19:b3:9a:0c:63:9a:92:6e:84:89:
48:9a:67:4f:22:74:69:ea:a8:be:ed:92:3a:21:04:
d0:fb:ce:7f:2a:c0:55:52:b6:d2:ec:0c:74:8c:3a:
c7:04:67:95:55:0e:cb:e2:25:f3:a0:00:b6:72:e8:
32:2f:2b:43:04:47:0d:f6:31:57:f8:7b:29:30:3e:
ab:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:18:FE:E5:B7:55:D1:9F:BF:43:71:BE:36:BF:B4:21:19:CF:16:2C
X509v3 Authority Key Identifier:
keyid:90:D5:82:2D:3C:7B:BF:7A:B5:40:4D:DA:88:FD:9D:A9:21:38:DE:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kNWCLTx7v3q1QE3aiP2dqSE43iE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/b35c9a-8495-4169-8c50-3692f7841619/1/TBj-5bdV0Z-_Q3G-Nr-0IRnPFiw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/b35c9a-8495-4169-8c50-3692f7841619/1/kNWCLTx7v3q1QE3aiP2dqSE43iE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.244.112.0/20
IPv6:
2a02:4380::/32
Signature Algorithm: sha256WithRSAEncryption
0d:46:90:ad:b7:dc:c4:26:72:89:fc:d9:d1:80:71:73:b5:20:
88:a2:19:79:27:1c:2f:33:55:8c:d5:6d:a2:36:4b:a2:8f:10:
2e:9d:cd:7e:fe:a7:de:7a:f3:a6:02:1f:95:79:81:58:6b:05:
50:ba:4a:ec:9c:58:8a:bb:a3:15:33:75:83:fd:39:17:5f:0a:
e4:45:1a:f9:69:fd:cb:39:95:c2:b0:17:96:42:d9:04:7c:e1:
ee:81:8a:f0:80:9d:d0:cd:db:c4:58:7b:02:43:99:e2:2e:8c:
ff:36:be:bb:e4:bd:a6:02:cb:ec:c8:16:7f:8d:e6:0f:43:f2:
7e:18:54:cd:1f:95:e7:db:52:78:7e:d1:5f:25:b6:a2:77:0b:
05:c5:9e:fa:83:84:9f:76:e0:e8:2f:53:63:6d:ac:11:86:fd:
46:8f:8d:aa:b1:09:ab:27:bc:54:ba:d4:af:b7:22:ee:c9:37:
66:3c:89:e0:5e:2c:97:96:c7:87:2a:7c:27:6d:e9:6b:1f:32:
4d:ba:86:43:7b:cc:60:c6:97:6b:51:c2:4a:48:8a:21:f7:d4:
06:6a:5c:15:58:66:91:9c:6c:e7:6f:73:74:64:f2:9a:cf:05:
e4:a0:ee:d2:3a:62:42:b5:ff:ac:4e:b6:10:4e:1e:cf:a4:60:
21:43:fb:77
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYuR9j/2oSBawkXpdTLdV9i0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZDU4MjJkM2M3YmJmN2FiNTQwNGRkYTg4ZmQ5ZGE5MjEz
OGRlMjEwHhcNMjMxMTAyMjEzNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzE4ZmVlNWI3NTVkMTlmYmY0MzcxYmUzNmJmYjQyMTE5Y2YxNjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCZB47uA0to08VwpeQLahaNdCHa2
990/cMapq0QdvK0BWSrTpyLaxt3jTM4WwNB9/UDre4FYQOOvBFJJCL5XcG9ASsaM
0qzYqLMjKCZCRfhLqgCSuArYQJ4U/k9dh1+dlutVowQHz5HBR3fUkBFaX+SCcvJD
gjnoXiJ7lLmRIwqNtI8IMw9jA5upkkadhJ610GZkU05u76A1FB4mn774DBLqiVE+
KLIVqIgruMDyKuljsQR74bQ1eRmzmgxjmpJuhIlImmdPInRp6qi+7ZI6IQTQ+85/
KsBVUrbS7Ax0jDrHBGeVVQ7L4iXzoAC2cugyLytDBEcN9jFX+HspMD6r9QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEwY/uW3VdGfv0Nxvja/tCEZzxYsMB8GA1UdIwQY
MBaAFJDVgi08e796tUBN2oj9nakhON4hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva05XQ0xUeDd2M3ExUUUzYWlQMmRxU0U0M2lFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9iMzVjOWEtODQ5NS00MTY5LThjNTAt
MzY5MmY3ODQxNjE5LzEvVEJqLTViZFYwWi1fUTNHLU5yLTBJUm5QRml3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9iMzVjOWEtODQ5NS00MTY5LThjNTAtMzY5MmY3ODQxNjE5
LzEva05XQ0xUeDd2M3ExUUUzYWlQMmRxU0U0M2lFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQETfRwMA0E
AgACMAcDBQAqAkOAMA0GCSqGSIb3DQEBCwUAA4IBAQANRpCtt9zEJnKJ/NnRgHFz
tSCIohl5JxwvM1WM1W2iNkuijxAunc1+/qfeevOmAh+VeYFYawVQukrsnFiKu6MV
M3WD/TkXXwrkRRr5af3LOZXCsBeWQtkEfOHugYrwgJ3QzdvEWHsCQ5niLoz/Nr67
5L2mAsvsyBZ/jeYPQ/J+GFTNH5Xn21J4ftFfJbaidwsFxZ76g4SfduDoL1NjbawR
hv1Gj42qsQmrJ7xUutSvtyLuyTdmPIngXiyXlseHKnwnbelrHzJNuoZDe8xgxpdr
UcJKSIoh99QGalwVWGaRnGznb3N0ZPKazwXkoO7SOmJCtf+sTrYQTh7PpGAhQ/t3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:41 2024 by rpki-client on console-ams.rpki-client.org