Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/TrBVc5ZvoTnJf3SAlYplTMW9XZk.roa
File: TrBVc5ZvoTnJf3SAlYplTMW9XZk.roa (raw, json)
Hash identifier: jvXpiKnFZDG2lkcQrVXXcN2YDJg35IJqWp4q3aypZyY=
Subject key identifier: 4E:B0:55:73:96:6F:A1:39:C9:7F:74:80:95:8A:65:4C:C5:BD:5D:99
Certificate issuer: /CN=b78678bd654ca6b10a5c773bc269754dc234cfd5
Certificate serial: 01929527E18D03F761B50192180C7A99E9DD
Authority key identifier: B7:86:78:BD:65:4C:A6:B1:0A:5C:77:3B:C2:69:75:4D:C2:34:CF:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t4Z4vWVMprEKXHc7wml1TcI0z9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/TrBVc5ZvoTnJf3SAlYplTMW9XZk.roa
Signing time: Wed 16 Oct 2024 11:47:51 +0000
ROA not before: Wed 16 Oct 2024 11:47:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29119
IP address blocks: 2.59.244.0/22 maxlen: 22
89.38.216.0/21 maxlen: 21
103.95.124.0/22 maxlen: 22
103.132.4.0/22 maxlen: 22
103.204.220.0/23 maxlen: 23
185.124.100.0/22 maxlen: 22
185.250.76.0/22 maxlen: 22
192.140.228.0/22 maxlen: 22
193.36.96.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 17 Oct 2024 09:58:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:95:27:e1:8d:03:f7:61:b5:01:92:18:0c:7a:99:e9:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b78678bd654ca6b10a5c773bc269754dc234cfd5
Validity
Not Before: Oct 16 11:47:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4eb05573966fa139c97f7480958a654cc5bd5d99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:8e:2d:d1:71:fa:e9:57:0e:24:11:3d:eb:fa:
44:df:b4:52:66:3a:11:6f:de:c1:83:21:bd:86:ca:
6f:8e:91:3e:58:52:9f:d2:64:a7:bb:fe:5d:36:05:
10:53:be:8c:10:15:9c:1f:c5:d1:e5:96:c2:34:6c:
cf:f4:76:a5:ce:0b:d6:1f:a1:74:ed:fc:d3:e1:2d:
6a:bf:06:58:ab:e5:48:31:d8:5c:0c:e8:7e:17:a8:
8b:0c:29:6f:89:b5:ec:7e:6d:2b:f6:6a:07:88:4e:
ff:52:d5:94:45:58:d0:5a:b4:66:85:b5:92:ed:1d:
cf:2a:6f:99:54:11:2b:cd:2c:62:77:e3:73:6b:33:
df:83:c2:69:ac:dd:36:93:39:d1:c8:60:1e:a9:4a:
1a:a4:38:cd:ab:dc:34:8b:91:dc:b9:c9:2d:a3:85:
92:9b:b5:85:b6:78:5e:98:ac:41:cf:79:4f:b1:a5:
1e:80:51:a4:31:fa:67:6a:2d:fc:91:ff:f0:fb:3b:
a4:ba:93:70:50:94:a8:c0:be:24:75:60:22:1b:d4:
64:67:92:61:b2:18:1b:3d:3f:44:c9:e6:20:32:86:
26:a3:b2:11:9e:74:37:9b:f9:42:16:2b:6d:2e:10:
33:b1:91:15:60:63:53:47:22:a3:50:fd:0c:aa:cf:
5b:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:B0:55:73:96:6F:A1:39:C9:7F:74:80:95:8A:65:4C:C5:BD:5D:99
X509v3 Authority Key Identifier:
keyid:B7:86:78:BD:65:4C:A6:B1:0A:5C:77:3B:C2:69:75:4D:C2:34:CF:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t4Z4vWVMprEKXHc7wml1TcI0z9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/TrBVc5ZvoTnJf3SAlYplTMW9XZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/t4Z4vWVMprEKXHc7wml1TcI0z9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.244.0/22
89.38.216.0/21
103.95.124.0/22
103.132.4.0/22
103.204.220.0/23
185.124.100.0/22
185.250.76.0/22
192.140.228.0/22
193.36.96.0/22
Signature Algorithm: sha256WithRSAEncryption
53:2c:6b:4b:0a:e2:d5:60:a5:93:7f:cb:41:1c:66:28:a5:45:
be:14:30:10:0c:12:ee:3d:fb:5d:ab:28:56:53:cc:ea:3d:bb:
f0:9b:df:7b:07:b2:7e:08:00:c4:00:56:ad:cd:54:e8:23:5b:
c7:80:77:73:91:75:99:20:a8:3e:f6:fe:1e:4c:ec:2f:f4:cb:
dd:40:7d:79:74:fd:8d:e0:97:4a:69:bb:7d:6d:a4:63:bd:1b:
70:e7:b8:a0:53:56:31:88:c9:5b:f4:96:ec:be:47:28:b3:3c:
56:99:c6:f6:c3:4d:86:fc:c3:53:c3:36:c6:b9:70:b0:29:29:
2b:06:a4:40:f4:65:51:ca:2d:5e:f2:10:67:34:2e:3c:a2:86:
0e:39:04:73:5c:82:ba:16:d2:15:28:81:b9:b1:f7:b2:e6:78:
f5:72:61:2a:a4:64:a6:3e:35:d6:72:77:71:02:03:af:cc:f7:
f5:24:ab:2e:e2:1d:ff:2b:d2:b7:d7:62:ff:5c:11:9b:f9:e8:
7d:2a:fc:49:fd:e9:47:41:6f:cb:97:66:af:b4:3f:8c:49:5c:
88:dc:5e:c8:e8:0c:e5:6f:27:22:89:81:8f:f7:e4:dd:26:be:
f7:b5:4e:85:b2:83:b9:26:39:54:b8:df:1a:a9:56:34:6d:d9:
0a:a0:b8:dc
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZKVJ+GNA/dhtQGSGAx6mendMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ODY3OGJkNjU0Y2E2YjEwYTVjNzczYmMyNjk3NTRkYzIz
NGNmZDUwHhcNMjQxMDE2MTE0NzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWIwNTU3Mzk2NmZhMTM5Yzk3Zjc0ODA5NThhNjU0Y2M1YmQ1ZDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnY4t0XH66VcOJBE96/pE37RSZjoR
b97BgyG9hspvjpE+WFKf0mSnu/5dNgUQU76MEBWcH8XR5ZbCNGzP9HalzgvWH6F0
7fzT4S1qvwZYq+VIMdhcDOh+F6iLDClvibXsfm0r9moHiE7/UtWURVjQWrRmhbWS
7R3PKm+ZVBErzSxid+NzazPfg8JprN02kznRyGAeqUoapDjNq9w0i5Hcuckto4WS
m7WFtnhemKxBz3lPsaUegFGkMfpnai38kf/w+zukupNwUJSowL4kdWAiG9RkZ5Jh
shgbPT9EyeYgMoYmo7IRnnQ3m/lCFittLhAzsZEVYGNTRyKjUP0Mqs9bjQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFE6wVXOWb6E5yX90gJWKZUzFvV2ZMB8GA1UdIwQY
MBaAFLeGeL1lTKaxClx3O8JpdU3CNM/VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDRaNHZXVk1wckVLWEhjN3dtbDFUY0kwejlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS80ODBmNGEtYTkzNy00MTQ5LWFlZTgt
ZTMyOTI0YWM3YjYzLzEvVHJCVmM1WnZvVG5KZjNTQWxZcGxUTVc5WFprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS80ODBmNGEtYTkzNy00MTQ5LWFlZTgtZTMyOTI0YWM3YjYz
LzEvdDRaNHZXVk1wckVLWEhjN3dtbDFUY0kwejlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCAjv0AwQD
WSbYAwQCZ198AwQCZ4QEAwQBZ8zcAwQCuXxkAwQCufpMAwQCwIzkAwQCwSRgMA0G
CSqGSIb3DQEBCwUAA4IBAQBTLGtLCuLVYKWTf8tBHGYopUW+FDAQDBLuPftdqyhW
U8zqPbvwm997B7J+CADEAFatzVToI1vHgHdzkXWZIKg+9v4eTOwv9MvdQH15dP2N
4JdKabt9baRjvRtw57igU1YxiMlb9JbsvkcoszxWmcb2w02G/MNTwzbGuXCwKSkr
BqRA9GVRyi1e8hBnNC48ooYOOQRzXIK6FtIVKIG5sfey5nj1cmEqpGSmPjXWcndx
AgOvzPf1JKsu4h3/K9K312L/XBGb+eh9KvxJ/elHQW/Ll2avtD+MSVyI3F7I6Azl
byciiYGP9+TdJr73tU6FsoO5JjlUuN8aqVY0bdkKoLjc
-----END CERTIFICATE-----
Generated at Thu Oct 17 12:50:58 2024 by rpki-client on console-fra.rpki-client.org