Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/TLD6luLEwYxjj9hsjE1obLVo99g.roa
File: TLD6luLEwYxjj9hsjE1obLVo99g.roa (raw, json)
Hash identifier: /nQ0MNOKBuxuzn6c0i2FCtc/8grkDv5hGH7jfXiTKm8=
Subject key identifier: 4C:B0:FA:96:E2:C4:C1:8C:63:8F:D8:6C:8C:4D:68:6C:B5:68:F7:D8
Certificate issuer: /CN=68c5f09b3a903950f3fcd1b255086ede4876eb11
Certificate serial: 0185727122002BEF4DD17496A79FA1281D08
Authority key identifier: 68:C5:F0:9B:3A:90:39:50:F3:FC:D1:B2:55:08:6E:DE:48:76:EB:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/TLD6luLEwYxjj9hsjE1obLVo99g.roa
Signing time: Mon 02 Jan 2023 12:24:54 +0000
ROA not before: Mon 02 Jan 2023 12:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21108
IP address blocks: 193.221.84.0/24 maxlen: 24
193.221.85.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:71:22:00:2b:ef:4d:d1:74:96:a7:9f:a1:28:1d:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c5f09b3a903950f3fcd1b255086ede4876eb11
Validity
Not Before: Jan 2 12:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4cb0fa96e2c4c18c638fd86c8c4d686cb568f7d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:5a:f8:00:cd:92:82:1f:02:e3:ef:3b:dd:7f:
8f:e9:84:7c:5e:b4:26:c3:67:c8:4d:54:c7:8b:d3:
37:4f:90:1e:9c:da:06:ff:1f:fa:a0:b7:fd:c4:6d:
85:9a:20:e6:be:9f:8a:03:fa:02:f3:4f:29:58:bd:
84:3c:28:c3:c1:fe:75:96:95:9c:80:e4:51:25:ee:
6a:43:98:0e:6d:60:bc:d5:65:11:60:b7:5d:0b:f6:
ec:98:cc:7f:35:6d:5e:6f:8b:4d:01:50:8a:47:ee:
5b:cb:ce:59:75:ca:69:59:93:29:0e:c7:b8:99:78:
5a:ae:07:3c:bd:8d:da:13:75:80:4f:90:dc:26:57:
38:78:28:49:d0:79:85:2f:41:19:00:45:d1:49:bf:
e4:ce:5a:7d:a7:6c:35:2b:3c:19:ea:81:32:53:23:
20:e2:b8:0e:87:4a:ec:88:1a:6e:73:09:27:4c:b6:
95:9d:a7:90:3b:1d:1f:ec:02:32:c7:41:23:39:dd:
3e:1e:6e:f4:f4:f3:62:ad:85:42:67:77:4e:0b:ef:
bf:e1:77:d9:97:a9:02:3e:ea:bd:76:08:71:b3:1f:
78:7d:21:0d:1a:d1:69:9f:8f:d8:9c:0c:f7:8e:02:
a4:d1:d5:d5:53:f2:8c:1d:f7:47:9d:75:09:de:b7:
66:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:B0:FA:96:E2:C4:C1:8C:63:8F:D8:6C:8C:4D:68:6C:B5:68:F7:D8
X509v3 Authority Key Identifier:
keyid:68:C5:F0:9B:3A:90:39:50:F3:FC:D1:B2:55:08:6E:DE:48:76:EB:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMXwmzqQOVDz_NGyVQhu3kh26xE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/TLD6luLEwYxjj9hsjE1obLVo99g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/efa18d-0907-4593-abb8-94802636bad9/1/aMXwmzqQOVDz_NGyVQhu3kh26xE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.221.84.0/23
Signature Algorithm: sha256WithRSAEncryption
94:aa:f3:81:61:25:eb:3a:89:57:bf:85:dc:92:6d:81:7b:15:
55:6f:5e:49:8b:04:ee:0b:5b:8c:a9:51:85:c1:8b:02:04:f7:
67:f1:6c:ef:1e:35:16:a9:a5:6c:20:41:1c:d0:a7:59:e4:58:
6f:06:0e:05:9b:ae:29:96:27:d5:89:aa:63:20:6f:64:a7:b2:
f8:c5:78:7a:35:95:5f:a8:c9:a6:52:69:dc:60:30:1a:59:e1:
38:9a:e4:62:57:65:1d:53:b5:d1:46:65:a5:d1:36:b3:7d:b8:
41:5a:6c:bd:03:2e:af:a2:01:89:c9:c3:28:21:a5:a6:f8:b3:
71:d2:21:66:2a:38:e3:97:36:2e:c1:80:ee:ec:13:d9:ff:a7:
bc:93:f0:cb:f5:57:46:e7:1c:c6:49:74:04:ce:2b:3a:ef:05:
fc:43:52:d1:c6:fd:c6:cc:4b:84:65:b8:56:02:cc:08:21:aa:
53:70:84:c8:be:43:70:93:a5:cd:55:e5:c9:d7:dd:06:67:8e:
45:8a:88:dc:ac:32:75:4f:2e:a8:5c:08:64:a2:b5:0a:da:e1:
c8:f6:bf:f1:f2:f1:13:92:ea:30:c1:fb:6f:f2:a6:22:8e:9f:
75:91:8a:db:cf:f4:df:e7:2f:1d:ae:08:d2:13:4c:d2:48:80:
67:0b:5a:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVycSIAK+9N0XSWp5+hKB0IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzVmMDliM2E5MDM5NTBmM2ZjZDFiMjU1MDg2ZWRlNDg3
NmViMTEwHhcNMjMwMTAyMTIyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2IwZmE5NmUyYzRjMThjNjM4ZmQ4NmM4YzRkNjg2Y2I1NjhmN2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1r4AM2Sgh8C4+873X+P6YR8XrQm
w2fITVTHi9M3T5AenNoG/x/6oLf9xG2FmiDmvp+KA/oC808pWL2EPCjDwf51lpWc
gORRJe5qQ5gObWC81WURYLddC/bsmMx/NW1eb4tNAVCKR+5by85ZdcppWZMpDse4
mXhargc8vY3aE3WAT5DcJlc4eChJ0HmFL0EZAEXRSb/kzlp9p2w1KzwZ6oEyUyMg
4rgOh0rsiBpucwknTLaVnaeQOx0f7AIyx0EjOd0+Hm709PNirYVCZ3dOC++/4XfZ
l6kCPuq9dghxsx94fSENGtFpn4/YnAz3jgKk0dXVU/KMHfdHnXUJ3rdmDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEyw+pbixMGMY4/YbIxNaGy1aPfYMB8GA1UdIwQY
MBaAFGjF8Js6kDlQ8/zRslUIbt5IdusRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lZmExOGQtMDkwNy00NTkzLWFiYjgt
OTQ4MDI2MzZiYWQ5LzEvVExENmx1TEV3WXhqajloc2pFMW9iTFZvOTlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lZmExOGQtMDkwNy00NTkzLWFiYjgtOTQ4MDI2MzZiYWQ5
LzEvYU1Yd216cVFPVkR6X05HeVZRaHUza2gyNnhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwd1UMA0G
CSqGSIb3DQEBCwUAA4IBAQCUqvOBYSXrOolXv4Xckm2BexVVb15JiwTuC1uMqVGF
wYsCBPdn8WzvHjUWqaVsIEEc0KdZ5FhvBg4Fm64plifViapjIG9kp7L4xXh6NZVf
qMmmUmncYDAaWeE4muRiV2UdU7XRRmWl0TazfbhBWmy9Ay6vogGJycMoIaWm+LNx
0iFmKjjjlzYuwYDu7BPZ/6e8k/DL9VdG5xzGSXQEzis67wX8Q1LRxv3GzEuEZbhW
AswIIapTcITIvkNwk6XNVeXJ190GZ45FiojcrDJ1Ty6oXAhkorUK2uHI9r/x8vET
kuowwftv8qYijp91kYrbz/Tf5y8drgjSE0zSSIBnC1pQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:07 2024 by rpki-client on console-fra.rpki-client.org