Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/TE1fuv-3FvX6uXbjHqmyoN_EmbU.roa
File: TE1fuv-3FvX6uXbjHqmyoN_EmbU.roa (raw, json)
Hash identifier: sZJ/qWqpG07y2shurBUBHqsyDbgQmLt6OJ5kXCXcBXA=
Subject key identifier: 4C:4D:5F:BA:FF:B7:16:F5:FA:B9:76:E3:1E:A9:B2:A0:DF:C4:99:B5
Certificate issuer: /CN=3bfa6636fe6440acf293b75705a7a1dcada8420b
Certificate serial: 0187CD6995EE8E5612073FC12A1C69033F8A
Authority key identifier: 3B:FA:66:36:FE:64:40:AC:F2:93:B7:57:05:A7:A1:DC:AD:A8:42:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O_pmNv5kQKzyk7dXBaeh3K2oQgs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/TE1fuv-3FvX6uXbjHqmyoN_EmbU.roa
Signing time: Sat 29 Apr 2023 14:27:41 +0000
ROA not before: Sat 29 Apr 2023 14:27:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209640
IP address blocks: 149.3.190.0/24 maxlen: 24
149.3.189.0/24 maxlen: 24
149.3.191.0/24 maxlen: 24
79.140.173.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:cd:69:95:ee:8e:56:12:07:3f:c1:2a:1c:69:03:3f:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bfa6636fe6440acf293b75705a7a1dcada8420b
Validity
Not Before: Apr 29 14:27:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c4d5fbaffb716f5fab976e31ea9b2a0dfc499b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:0b:40:34:1d:94:d4:ce:40:21:1b:2d:90:d4:
dc:a5:16:fc:4e:ae:9d:64:da:84:63:39:04:b9:81:
f6:00:12:75:74:36:61:db:5c:f0:06:d3:73:93:c0:
c3:96:dd:56:ba:cd:7e:77:37:87:19:51:91:09:e9:
25:c0:1e:45:0b:2a:66:7c:9b:b8:a3:5b:2d:9b:f4:
ee:e2:0b:0f:e2:a7:78:ee:44:70:86:8d:f1:05:f9:
06:d6:f6:e2:84:a3:ca:cb:53:9b:78:e1:24:6c:ab:
1e:4f:73:73:4a:27:85:ed:b6:53:fc:3e:6b:b0:b1:
43:b9:ef:0a:df:2e:68:99:e8:7e:cd:f2:0a:b8:77:
0b:0b:2b:c7:18:37:ae:48:43:6e:c6:dc:66:db:51:
81:d3:3f:df:ee:bb:07:1e:40:cc:4b:1d:cd:c2:c5:
02:fe:4f:09:75:ad:fe:94:1a:71:ba:c8:8f:f1:3d:
c1:93:7b:5f:b4:75:22:04:78:bd:ff:f1:1e:bc:6f:
50:0e:88:0a:94:29:9d:81:e4:a5:d9:fd:25:b7:23:
5b:6b:c9:82:ae:b2:fe:a7:de:be:8d:53:eb:55:1c:
96:50:48:5c:cb:7c:b0:8c:b6:c0:e0:0e:21:15:fc:
00:c3:6b:a0:1a:ce:6d:a1:e9:cf:48:2f:10:ab:73:
a6:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:4D:5F:BA:FF:B7:16:F5:FA:B9:76:E3:1E:A9:B2:A0:DF:C4:99:B5
X509v3 Authority Key Identifier:
keyid:3B:FA:66:36:FE:64:40:AC:F2:93:B7:57:05:A7:A1:DC:AD:A8:42:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O_pmNv5kQKzyk7dXBaeh3K2oQgs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/TE1fuv-3FvX6uXbjHqmyoN_EmbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/O_pmNv5kQKzyk7dXBaeh3K2oQgs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.140.173.0/24
149.3.189.0-149.3.191.255
Signature Algorithm: sha256WithRSAEncryption
b3:5f:6e:1a:fb:2d:19:56:2f:29:0e:04:56:5b:49:a8:17:a3:
49:fc:b8:a2:97:40:10:b8:e2:96:22:dc:af:07:6d:a3:36:12:
8c:ce:bd:55:b4:34:77:2b:5a:9e:11:93:44:7d:23:d3:53:7c:
13:0f:36:0d:3f:e0:8f:94:a8:70:89:4b:3d:0d:69:9f:94:11:
d2:8c:fe:c5:3b:df:22:da:06:c1:2f:52:8e:b9:c9:2f:35:0d:
0b:23:86:82:46:28:80:bf:96:34:3b:18:29:0f:55:53:b0:3a:
19:ba:ba:c0:cf:a3:a0:1f:31:3f:a9:94:f6:31:2b:54:11:bc:
a6:72:b2:9d:d2:06:5c:2d:49:9f:a8:49:b3:03:7e:d3:92:c1:
2a:cb:a6:5f:76:e0:c4:11:48:5d:a0:fb:84:7e:34:f8:df:91:
ff:6a:00:64:ff:a2:91:ec:99:44:6c:20:6c:fc:0b:cc:05:3d:
20:12:65:1e:ce:6d:10:be:89:d9:c4:88:6e:c7:c4:4b:0e:fe:
6e:2d:a2:73:32:0d:fd:33:0a:46:b9:90:4c:c9:ab:8f:73:2b:
31:0b:2e:4f:d4:14:5b:47:bc:3d:c4:9d:52:b9:75:2c:fc:4f:
2f:da:ab:0f:68:37:d4:41:73:45:cc:36:01:a1:fe:0e:7c:be:
74:54:de:fd
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYfNaZXujlYSBz/BKhxpAz+KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZmE2NjM2ZmU2NDQwYWNmMjkzYjc1NzA1YTdhMWRjYWRh
ODQyMGIwHhcNMjMwNDI5MTQyNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzRkNWZiYWZmYjcxNmY1ZmFiOTc2ZTMxZWE5YjJhMGRmYzQ5OWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwtANB2U1M5AIRstkNTcpRb8Tq6d
ZNqEYzkEuYH2ABJ1dDZh21zwBtNzk8DDlt1Wus1+dzeHGVGRCeklwB5FCypmfJu4
o1stm/Tu4gsP4qd47kRwho3xBfkG1vbihKPKy1ObeOEkbKseT3NzSieF7bZT/D5r
sLFDue8K3y5omeh+zfIKuHcLCyvHGDeuSENuxtxm21GB0z/f7rsHHkDMSx3NwsUC
/k8Jda3+lBpxusiP8T3Bk3tftHUiBHi9//EevG9QDogKlCmdgeSl2f0ltyNba8mC
rrL+p96+jVPrVRyWUEhcy3ywjLbA4A4hFfwAw2ugGs5toenPSC8Qq3OmOQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFExNX7r/txb1+rl24x6psqDfxJm1MB8GA1UdIwQY
MBaAFDv6Zjb+ZECs8pO3VwWnodytqEILMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT19wbU52NWtRS3p5azdkWEJhZWgzSzJvUWdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hNDdjZGYtZDIxYi00ZjFkLTg5MDEt
OTJlYzUxNWM1OTVhLzEvVEUxZnV2LTNGdlg2dVhiakhxbXlvTl9FbWJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hNDdjZGYtZDIxYi00ZjFkLTg5MDEtOTJlYzUxNWM1OTVh
LzEvT19wbU52NWtRS3p5azdkWEJhZWgzSzJvUWdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAT4ytMAwD
BACVA70DBAaVA4AwDQYJKoZIhvcNAQELBQADggEBALNfbhr7LRlWLykOBFZbSagX
o0n8uKKXQBC44pYi3K8HbaM2EozOvVW0NHcrWp4Rk0R9I9NTfBMPNg0/4I+UqHCJ
Sz0NaZ+UEdKM/sU73yLaBsEvUo65yS81DQsjhoJGKIC/ljQ7GCkPVVOwOhm6usDP
o6AfMT+plPYxK1QRvKZysp3SBlwtSZ+oSbMDftOSwSrLpl924MQRSF2g+4R+NPjf
kf9qAGT/opHsmURsIGz8C8wFPSASZR7ObRC+idnEiG7HxEsO/m4tonMyDf0zCka5
kEzJq49zKzELLk/UFFtHvD3EnVK5dSz8Ty/aqw9oN9RBc0XMNgGh/g58vnRU3v0=
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:02:08 2024 by rpki-client on console-ams.rpki-client.org