Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/TTfiSZm3hz60d4TNeoluJnEej2U.roa
File: TTfiSZm3hz60d4TNeoluJnEej2U.roa (raw, json)
Hash identifier: 0hld25MZOIwKCyatOWfkfIbP/XAJUR2JeQnnoduKY2c=
Subject key identifier: 4D:37:E2:49:99:B7:87:3E:B4:77:84:CD:7A:89:6E:26:71:1E:8F:65
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 018571154C44BCF97518830B664A017B2497
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/TTfiSZm3hz60d4TNeoluJnEej2U.roa
Signing time: Mon 02 Jan 2023 06:04:59 +0000
ROA not before: Mon 02 Jan 2023 06:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34254
IP address blocks: 217.8.175.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:15:4c:44:bc:f9:75:18:83:0b:66:4a:01:7b:24:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 2 06:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d37e24999b7873eb47784cd7a896e26711e8f65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:4b:cc:a3:62:8f:b2:d8:e3:5b:58:b0:5e:f4:
5d:d2:7a:1f:85:71:bf:28:97:29:7a:3d:3b:27:b6:
60:1e:9e:46:ca:9c:0b:f1:b8:4d:9e:28:d3:fd:77:
40:30:e1:64:3d:bc:e2:70:f7:f1:5f:5d:c5:99:36:
67:91:33:e7:e8:43:1d:90:75:4b:32:bd:37:d3:e4:
58:53:30:f0:cd:cf:0d:f1:df:6a:af:a5:c5:44:d2:
47:c7:ab:44:56:86:90:98:e8:73:2f:01:20:43:c1:
48:3d:70:2d:88:7c:c0:38:18:ff:21:b8:d4:9f:33:
89:59:31:03:98:29:0f:c7:4a:c3:8b:a9:6a:01:9c:
ed:85:f4:38:2c:6d:09:8e:de:01:b8:cc:e0:88:d4:
8a:31:04:31:dc:93:9f:57:26:83:3b:c2:bf:17:1f:
22:a3:17:f9:90:1a:03:47:6d:fa:66:98:32:eb:fc:
fd:55:8d:e7:37:15:76:fa:32:9f:9c:6a:39:71:78:
e9:6e:90:1c:6e:6f:13:90:98:97:1d:b1:84:86:a4:
3b:5a:11:8e:b5:45:c6:fe:d1:94:7e:a9:00:90:f1:
ec:d9:a9:f9:37:45:0d:76:9e:c6:11:89:07:0d:6c:
0a:5b:0f:57:e2:5b:4a:ec:07:45:90:e9:cc:33:3b:
f5:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:37:E2:49:99:B7:87:3E:B4:77:84:CD:7A:89:6E:26:71:1E:8F:65
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/TTfiSZm3hz60d4TNeoluJnEej2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.8.175.0/24
Signature Algorithm: sha256WithRSAEncryption
99:0e:f8:b5:35:8c:6b:55:0f:a9:c6:db:9b:53:25:ce:9e:9c:
13:42:9f:57:5f:c1:bd:86:82:c4:17:1e:06:6c:af:ad:bb:54:
6c:f9:8c:43:7e:4a:f9:f9:4e:9c:de:6d:f3:09:28:f1:fa:06:
d1:23:56:9c:28:20:d6:2e:1b:08:71:bb:78:c5:c6:25:85:7a:
3f:53:d4:f6:9d:f2:f3:47:19:d4:4c:0d:45:72:6b:67:c9:61:
6c:0f:4e:bd:f7:8e:02:fc:0c:7b:9e:5b:ca:f9:17:95:c0:a1:
4c:6d:c6:14:b2:9e:9c:52:c0:f9:b8:fd:18:6c:01:ff:da:bb:
d0:0f:65:40:d1:7d:3e:39:02:ea:c7:7d:e8:d2:3d:36:16:b1:
b9:a5:07:2e:e0:6d:7e:66:29:85:94:fc:0a:d2:3e:3f:95:f8:
e1:68:23:52:33:56:ef:ec:a0:b9:77:6c:6a:8d:f9:16:a7:b7:
c8:69:14:1a:5e:18:80:d8:fe:ab:a6:74:d2:79:95:9f:b2:f1:
62:90:01:e1:4a:42:d3:73:07:dc:94:f7:b7:c1:ef:79:d5:87:
09:25:0e:bf:b9:37:00:8f:a2:09:47:bc:88:88:b3:17:f3:43:
5f:b1:27:ac:e2:fa:c4:41:53:51:a9:7c:e5:6a:8f:d2:87:da:
18:4c:f3:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxFUxEvPl1GIMLZkoBeySXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjMwMTAyMDYwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDM3ZTI0OTk5Yjc4NzNlYjQ3Nzg0Y2Q3YTg5NmUyNjcxMWU4ZjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhEvMo2KPstjjW1iwXvRd0nofhXG/
KJcpej07J7ZgHp5GypwL8bhNnijT/XdAMOFkPbzicPfxX13FmTZnkTPn6EMdkHVL
Mr030+RYUzDwzc8N8d9qr6XFRNJHx6tEVoaQmOhzLwEgQ8FIPXAtiHzAOBj/IbjU
nzOJWTEDmCkPx0rDi6lqAZzthfQ4LG0Jjt4BuMzgiNSKMQQx3JOfVyaDO8K/Fx8i
oxf5kBoDR236Zpgy6/z9VY3nNxV2+jKfnGo5cXjpbpAcbm8TkJiXHbGEhqQ7WhGO
tUXG/tGUfqkAkPHs2an5N0UNdp7GEYkHDWwKWw9X4ltK7AdFkOnMMzv13QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE034kmZt4c+tHeEzXqJbiZxHo9lMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvVFRmaVNabTNoejYwZDRUTmVvbHVKbkVlajJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2QivMA0G
CSqGSIb3DQEBCwUAA4IBAQCZDvi1NYxrVQ+pxtubUyXOnpwTQp9XX8G9hoLEFx4G
bK+tu1Rs+YxDfkr5+U6c3m3zCSjx+gbRI1acKCDWLhsIcbt4xcYlhXo/U9T2nfLz
RxnUTA1FcmtnyWFsD069944C/Ax7nlvK+ReVwKFMbcYUsp6cUsD5uP0YbAH/2rvQ
D2VA0X0+OQLqx33o0j02FrG5pQcu4G1+ZimFlPwK0j4/lfjhaCNSM1bv7KC5d2xq
jfkWp7fIaRQaXhiA2P6rpnTSeZWfsvFikAHhSkLTcwfclPe3we951YcJJQ6/uTcA
j6IJR7yIiLMX80NfsSes4vrEQVNRqXzlao/Sh9oYTPMv
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:41:22 2024 by rpki-client on console-ams.rpki-client.org