Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/TBGaUKzFRXPB5FE51d-eX4pwJss.roa
File: TBGaUKzFRXPB5FE51d-eX4pwJss.roa (raw, json)
Hash identifier: 4y9oSBaxh4778v0UCho/7zdouwUiaY75dZSya6Crql4=
Subject key identifier: 4C:11:9A:50:AC:C5:45:73:C1:E4:51:39:D5:DF:9E:5F:8A:70:26:CB
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 019420D65D9F365AEA7670EE0CB8DC4ADCED
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/TBGaUKzFRXPB5FE51d-eX4pwJss.roa
Signing time: Wed 01 Jan 2025 07:48:27 +0000
ROA not before: Wed 01 Jan 2025 07:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199326
IP address blocks: 89.42.213.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 Jan 2025 00:19:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:5d:9f:36:5a:ea:76:70:ee:0c:b8:dc:4a:dc:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Jan 1 07:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c119a50acc54573c1e45139d5df9e5f8a7026cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:08:5d:c4:9e:57:6c:1d:57:a1:47:e4:c3:04:
49:8f:f6:b3:c0:2a:30:28:55:21:28:48:73:6a:d4:
b1:ff:43:72:ae:c5:24:c4:ea:71:1d:62:1e:e2:38:
6f:37:6b:f9:88:97:f1:f3:82:63:1e:2e:62:68:21:
e0:06:af:5b:dd:78:29:b7:41:15:96:41:cb:dc:31:
93:51:3f:07:b0:80:4a:b5:56:88:e0:bb:1d:64:64:
9b:c0:1b:61:ab:32:83:c9:b2:0f:79:eb:fe:fe:c4:
fd:80:7c:47:66:b2:bd:0a:5c:49:37:c0:8a:af:81:
6e:1a:95:19:c2:01:7a:09:03:cd:c4:10:8c:ca:2b:
49:3d:81:92:6c:d4:05:e0:28:5d:69:2f:ba:ff:c7:
13:4f:d2:cc:74:cf:ad:5f:bc:c3:98:07:0f:5b:7a:
51:e2:09:62:31:34:55:02:7d:cd:b3:1b:ce:c9:76:
91:16:4b:65:e4:0a:6c:69:44:7e:91:2c:3e:4f:27:
73:85:bb:29:95:37:c0:91:44:f9:8c:56:78:b1:8c:
6e:0c:22:10:31:c5:35:be:23:14:4b:f1:f9:43:70:
6e:82:4b:e9:fb:27:36:0d:47:2c:d0:41:2c:31:38:
1e:3a:15:2e:82:47:69:3f:63:b8:4c:de:77:5a:0d:
8f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:11:9A:50:AC:C5:45:73:C1:E4:51:39:D5:DF:9E:5F:8A:70:26:CB
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/TBGaUKzFRXPB5FE51d-eX4pwJss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.213.0/24
Signature Algorithm: sha256WithRSAEncryption
81:bb:1e:ce:46:57:ec:5d:b2:ca:2d:b5:b9:b0:31:57:aa:4a:
5f:dd:4e:84:48:23:81:28:87:b4:87:c5:87:4d:ef:e7:00:f8:
8f:5e:51:b4:3c:85:12:71:73:78:aa:bb:e5:ae:8a:8f:a3:9c:
f1:fa:b0:23:8a:4a:1a:b8:7e:1f:a5:bf:b6:d1:b1:4d:9e:5d:
a0:77:87:95:75:73:50:cc:74:be:b2:7f:c9:e0:cf:72:41:ed:
ad:e8:a1:c2:19:60:f2:2a:ea:8e:5a:33:15:60:bb:a0:49:af:
97:76:7c:ed:e8:98:a1:d1:95:a1:a8:8e:de:84:41:8c:ca:73:
98:fd:59:82:f7:4d:0e:8a:9d:e2:da:41:77:7a:b0:7a:cc:9e:
10:43:2c:76:24:96:f1:c4:3d:39:2e:b8:95:9c:36:cc:58:b4:
a6:9c:4c:44:0a:67:25:38:c0:e5:64:d7:47:65:e1:b7:95:e1:
c8:41:56:38:df:72:e7:b6:dd:fd:c7:7a:2d:be:6b:de:6a:88:
59:78:41:20:9d:2b:65:7f:3c:ee:0e:38:e4:9a:ff:27:e8:20:
1e:9a:61:36:83:86:13:dc:67:7a:9d:25:84:a0:2d:50:77:93:
29:99:e1:cc:8b:83:fb:65:3a:90:28:36:cb:71:d8:2b:04:cf:
bf:cb:a4:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1l2fNlrqdnDuDLjcStztMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjUwMTAxMDc0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzExOWE1MGFjYzU0NTczYzFlNDUxMzlkNWRmOWU1ZjhhNzAyNmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAhdxJ5XbB1XoUfkwwRJj/azwCow
KFUhKEhzatSx/0NyrsUkxOpxHWIe4jhvN2v5iJfx84JjHi5iaCHgBq9b3Xgpt0EV
lkHL3DGTUT8HsIBKtVaI4LsdZGSbwBthqzKDybIPeev+/sT9gHxHZrK9ClxJN8CK
r4FuGpUZwgF6CQPNxBCMyitJPYGSbNQF4ChdaS+6/8cTT9LMdM+tX7zDmAcPW3pR
4gliMTRVAn3NsxvOyXaRFktl5ApsaUR+kSw+TydzhbsplTfAkUT5jFZ4sYxuDCIQ
McU1viMUS/H5Q3Bugkvp+yc2DUcs0EEsMTgeOhUugkdpP2O4TN53Wg2PIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEwRmlCsxUVzweRROdXfnl+KcCbLMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvVEJHYVVLekZSWFBCNUZFNTFkLWVYNHB3SnNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSrVMA0G
CSqGSIb3DQEBCwUAA4IBAQCBux7ORlfsXbLKLbW5sDFXqkpf3U6ESCOBKIe0h8WH
Te/nAPiPXlG0PIUScXN4qrvlroqPo5zx+rAjikoauH4fpb+20bFNnl2gd4eVdXNQ
zHS+sn/J4M9yQe2t6KHCGWDyKuqOWjMVYLugSa+Xdnzt6Jih0ZWhqI7ehEGMynOY
/VmC900Oip3i2kF3erB6zJ4QQyx2JJbxxD05LriVnDbMWLSmnExECmclOMDlZNdH
ZeG3leHIQVY433Lntt39x3otvmveaohZeEEgnStlfzzuDjjkmv8n6CAemmE2g4YT
3Gd6nSWEoC1Qd5MpmeHMi4P7ZTqQKDbLcdgrBM+/y6Tx
-----END CERTIFICATE-----
Generated at Wed Feb 5 11:57:52 2025 by rpki-client