Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/TbwTG7wKIgwqVWXJDKDNaFMbmx0.roa
File: TbwTG7wKIgwqVWXJDKDNaFMbmx0.roa (raw, json)
Hash identifier: p2Q+GutnqAyPDKo0lWZhcvuTUbixftpsdLmKS5VReOM=
Subject key identifier: 4D:BC:13:1B:BC:0A:22:0C:2A:55:65:C9:0C:A0:CD:68:53:1B:9B:1D
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 018C2CB9C6223C0FE4F683BFE5FB5A92B020
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/TbwTG7wKIgwqVWXJDKDNaFMbmx0.roa
Signing time: Sat 02 Dec 2023 22:50:21 +0000
ROA not before: Sat 02 Dec 2023 22:50:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6079
IP address blocks: 77.223.200.0/23 maxlen: 24
79.139.64.0/23 maxlen: 24
176.222.48.0/22 maxlen: 24
121.127.48.0/21 maxlen: 24
168.75.224.0/20 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2c:b9:c6:22:3c:0f:e4:f6:83:bf:e5:fb:5a:92:b0:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Dec 2 22:50:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4dbc131bbc0a220c2a5565c90ca0cd68531b9b1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:05:b1:59:56:fa:3b:c6:2f:ae:f4:f8:25:6e:
39:71:6b:61:8f:c5:34:38:cb:64:56:3b:67:eb:78:
9f:c3:a0:66:e2:45:7a:5f:1f:31:44:04:4d:c6:3d:
93:28:1a:fd:77:e9:06:56:ac:2d:74:b7:71:d5:a1:
ba:5a:ee:98:5a:44:fc:9d:2f:e2:48:85:a8:53:ae:
98:8f:e2:c5:7e:f4:e2:fc:c4:48:26:2e:d2:fb:76:
58:97:2a:a6:9f:d9:ca:59:f8:07:19:82:2e:84:e0:
88:57:10:bd:27:a1:4f:1d:f5:04:78:21:96:ae:49:
81:ce:d7:ee:50:a5:1d:1f:ba:f6:34:b2:c3:dd:68:
72:7a:3d:64:5d:fc:48:b1:60:89:ca:87:69:e3:58:
64:45:8b:2e:d7:3e:27:6b:cf:3c:6a:87:06:6b:e4:
f1:4a:fb:8c:e5:7a:ba:dc:9b:07:4f:fd:9e:93:85:
83:d9:69:7a:9b:be:7d:31:04:1d:9f:8f:1d:79:2f:
fd:71:fa:79:25:c4:79:be:4b:f9:9e:65:32:3f:57:
45:b5:d6:cf:5d:28:67:98:64:4f:49:37:49:4e:40:
4c:74:df:65:9c:ea:60:ad:de:71:9d:ff:5b:d6:ff:
30:a6:43:e1:97:c9:f4:c1:b1:33:3a:40:03:72:b4:
ef:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:BC:13:1B:BC:0A:22:0C:2A:55:65:C9:0C:A0:CD:68:53:1B:9B:1D
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/TbwTG7wKIgwqVWXJDKDNaFMbmx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.223.200.0/23
79.139.64.0/23
121.127.48.0/21
168.75.224.0/20
176.222.48.0/22
Signature Algorithm: sha256WithRSAEncryption
98:cf:dd:61:f0:97:c8:94:65:e0:57:97:28:d7:a5:20:6e:bf:
d1:a7:bb:1e:e7:da:bf:9f:cf:eb:21:9d:ad:f5:94:e9:64:f2:
63:fe:cf:f8:6b:c8:45:8d:83:80:83:ea:fd:38:38:89:ea:b5:
4c:f5:c4:e4:55:19:de:ee:64:04:68:cd:24:01:86:6d:21:20:
e7:69:c2:fd:98:c0:ad:40:2c:a1:c5:a3:c1:c6:9a:55:1d:61:
06:b1:22:ef:80:f6:55:a1:a1:8b:6a:ea:1d:e4:4b:52:66:cb:
34:c4:2b:e6:54:ad:b5:51:99:5f:c2:6f:ab:9e:b4:67:e1:f8:
b5:d7:4a:c8:75:b8:ba:4e:b0:1e:61:f2:03:ed:e3:f0:cc:46:
26:31:8a:e6:88:46:dd:ac:3d:56:56:1c:cb:f6:77:c3:9e:af:
65:60:c9:c4:b5:32:ae:13:08:f9:d6:2b:71:03:f6:68:a7:e7:
9d:13:84:71:ec:e9:8e:f8:39:2a:77:24:26:22:bb:fa:d1:bc:
61:99:8c:3f:a3:d7:7e:4b:4d:9b:6b:e1:5f:7d:cb:e9:2b:95:
44:c1:ce:3c:e4:02:2f:eb:47:3b:da:28:70:28:9d:f6:39:d6:
a1:db:4b:17:a5:fc:31:cb:d6:e3:81:9e:5c:d7:90:9b:8b:db:
87:5c:61:cd
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYwsucYiPA/k9oO/5ftakrAgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjMxMjAyMjI1MDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGJjMTMxYmJjMGEyMjBjMmE1NTY1YzkwY2EwY2Q2ODUzMWI5YjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhAWxWVb6O8YvrvT4JW45cWthj8U0
OMtkVjtn63ifw6Bm4kV6Xx8xRARNxj2TKBr9d+kGVqwtdLdx1aG6Wu6YWkT8nS/i
SIWoU66Yj+LFfvTi/MRIJi7S+3ZYlyqmn9nKWfgHGYIuhOCIVxC9J6FPHfUEeCGW
rkmBztfuUKUdH7r2NLLD3Whyej1kXfxIsWCJyodp41hkRYsu1z4na888aocGa+Tx
SvuM5Xq63JsHT/2ek4WD2Wl6m759MQQdn48deS/9cfp5JcR5vkv5nmUyP1dFtdbP
XShnmGRPSTdJTkBMdN9lnOpgrd5xnf9b1v8wpkPhl8n0wbEzOkADcrTvIQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFE28Exu8CiIMKlVlyQygzWhTG5sdMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvVGJ3VEc3d0tJZ3dxVldYSkRLRE5hRk1ibXgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBTd/IAwQB
T4tAAwQDeX8wAwQEqEvgAwQCsN4wMA0GCSqGSIb3DQEBCwUAA4IBAQCYz91h8JfI
lGXgV5co16Ugbr/Rp7se59q/n8/rIZ2t9ZTpZPJj/s/4a8hFjYOAg+r9ODiJ6rVM
9cTkVRne7mQEaM0kAYZtISDnacL9mMCtQCyhxaPBxppVHWEGsSLvgPZVoaGLauod
5EtSZss0xCvmVK21UZlfwm+rnrRn4fi110rIdbi6TrAeYfID7ePwzEYmMYrmiEbd
rD1WVhzL9nfDnq9lYMnEtTKuEwj51itxA/Zop+edE4Rx7OmO+DkqdyQmIrv60bxh
mYw/o9d+S02ba+FffcvpK5VEwc485AIv60c72ihwKJ32Odah20sXpfwxy9bjgZ5c
15Cbi9uHXGHN
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:52:35 2024 by rpki-client on console-fra.rpki-client.org