Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tlX85ks68G1gVD7mvCuFuwxOXpc.roa
File: tlX85ks68G1gVD7mvCuFuwxOXpc.roa (raw, json)
Hash identifier: iN83+GP0rkj4KAPHEXA3MjoeerbT1W6yulxAbvRNxOw=
Subject key identifier: B6:55:FC:E6:4B:3A:F0:6D:60:54:3E:E6:BC:2B:85:BB:0C:4E:5E:97
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01928F7DB0A31471E39048A9FE057C091273
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tlX85ks68G1gVD7mvCuFuwxOXpc.roa
Signing time: Tue 15 Oct 2024 09:23:51 +0000
ROA not before: Tue 15 Oct 2024 09:23:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 185.121.122.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Oct 2024 12:03:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8f:7d:b0:a3:14:71:e3:90:48:a9:fe:05:7c:09:12:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 15 09:23:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b655fce64b3af06d60543ee6bc2b85bb0c4e5e97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ba:24:ca:44:fa:4d:a3:48:d7:39:89:67:b5:
c9:0a:bc:aa:9c:aa:90:b2:d5:37:1d:35:d3:4d:9a:
21:38:74:c4:cb:34:5d:bb:6d:16:91:6b:3e:1f:cf:
03:eb:b1:4b:6c:ec:8b:8e:1e:2e:01:91:14:71:1a:
19:14:d1:c2:d2:2d:57:ce:22:08:08:35:a5:d0:5f:
0f:b7:cd:cb:e7:47:3c:06:b7:fd:55:db:a3:ea:53:
a0:cd:d1:f8:08:81:0f:02:15:6c:54:97:44:20:10:
61:d7:da:ef:d7:36:27:c2:d1:23:4d:da:05:8d:4e:
1e:5f:9f:32:ac:9f:31:50:b9:03:de:8f:cf:b7:32:
df:b8:b9:3d:ba:25:60:77:b5:f2:19:aa:d9:21:44:
74:af:3e:a2:4e:24:55:44:ca:f7:4d:0b:64:59:b1:
b3:d4:47:39:6e:b9:8d:5a:a2:73:df:11:0d:4d:37:
a5:b3:f7:a5:2d:cf:b1:60:bd:33:29:c3:72:7e:2b:
23:45:d5:da:19:a2:89:05:8a:3b:8b:7c:11:f3:fe:
9d:4d:f8:fa:0c:c8:30:3e:22:f6:72:93:61:7e:6a:
6d:c1:ef:7b:c3:c0:b1:c5:bb:83:e8:e4:40:2c:93:
d3:d4:77:6b:2a:33:30:96:30:db:b5:83:5a:90:98:
fb:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:55:FC:E6:4B:3A:F0:6D:60:54:3E:E6:BC:2B:85:BB:0C:4E:5E:97
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tlX85ks68G1gVD7mvCuFuwxOXpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.122.0/23
Signature Algorithm: sha256WithRSAEncryption
96:5c:40:52:52:b5:74:19:ef:a5:57:4b:ef:1a:df:e0:85:75:
8a:77:07:0c:38:eb:a9:c8:c6:c8:47:44:ed:5e:bb:5b:bc:29:
2c:7b:72:a9:7e:6b:2d:75:60:b0:ad:bb:2e:36:44:9d:0f:d2:
27:4a:73:f5:fb:53:c4:94:5c:71:61:86:e2:b8:42:2c:1f:17:
86:34:b4:d3:e7:06:cd:08:c6:fd:16:24:66:13:3c:f7:57:94:
08:e7:04:a1:60:45:0e:13:be:99:51:b9:6a:c6:aa:73:fe:ae:
f1:60:7d:f9:7d:c0:59:f2:fb:79:95:1b:59:c0:f5:af:d4:54:
fe:da:8a:26:dd:a2:c7:17:36:ae:af:31:f4:81:7d:c1:63:c1:
34:ba:59:e1:6a:31:ba:c7:22:40:f5:e3:6a:54:87:85:ea:87:
48:6d:9f:01:31:6e:f9:38:72:5e:d2:8b:c2:e8:cd:e6:38:18:
ee:80:79:7b:20:6e:5f:86:97:1e:ab:fc:48:18:fc:94:c7:aa:
54:f6:c7:53:88:fd:9f:17:46:8b:ea:8f:49:1c:15:38:6e:6d:
2a:09:58:c8:10:d7:c0:35:cc:dd:1a:6e:45:80:3b:d3:d4:0e:
ac:a8:85:6a:cf:42:c5:0e:f9:a9:40:5f:a0:0b:62:a6:1f:c6:
b7:84:de:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKPfbCjFHHjkEip/gV8CRJzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQxMDE1MDkyMzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjU1ZmNlNjRiM2FmMDZkNjA1NDNlZTZiYzJiODViYjBjNGU1ZTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbokykT6TaNI1zmJZ7XJCryqnKqQ
stU3HTXTTZohOHTEyzRdu20WkWs+H88D67FLbOyLjh4uAZEUcRoZFNHC0i1XziII
CDWl0F8Pt83L50c8Brf9Vduj6lOgzdH4CIEPAhVsVJdEIBBh19rv1zYnwtEjTdoF
jU4eX58yrJ8xULkD3o/PtzLfuLk9uiVgd7XyGarZIUR0rz6iTiRVRMr3TQtkWbGz
1Ec5brmNWqJz3xENTTels/elLc+xYL0zKcNyfisjRdXaGaKJBYo7i3wR8/6dTfj6
DMgwPiL2cpNhfmptwe97w8CxxbuD6ORALJPT1HdrKjMwljDbtYNakJj72wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLZV/OZLOvBtYFQ+5rwrhbsMTl6XMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdGxYODVrczY4RzFnVkQ3bXZDdUZ1d3hPWHBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuXl6MA0G
CSqGSIb3DQEBCwUAA4IBAQCWXEBSUrV0Ge+lV0vvGt/ghXWKdwcMOOupyMbIR0Tt
XrtbvCkse3KpfmstdWCwrbsuNkSdD9InSnP1+1PElFxxYYbiuEIsHxeGNLTT5wbN
CMb9FiRmEzz3V5QI5wShYEUOE76ZUblqxqpz/q7xYH35fcBZ8vt5lRtZwPWv1FT+
2oom3aLHFzaurzH0gX3BY8E0ulnhajG6xyJA9eNqVIeF6odIbZ8BMW75OHJe0ovC
6M3mOBjugHl7IG5fhpceq/xIGPyUx6pU9sdTiP2fF0aL6o9JHBU4bm0qCVjIENfA
NczdGm5FgDvT1A6sqIVqz0LFDvmpQF+gC2KmH8a3hN7D
-----END CERTIFICATE-----
Generated at Wed Oct 16 15:43:23 2024 by rpki-client on console-ams.rpki-client.org