Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/TygjRHo4ygBMXDuCimqcMK_f9p0.roa
File: TygjRHo4ygBMXDuCimqcMK_f9p0.roa (raw, json)
Hash identifier: /4j4eTmlobZdYVrBdAc+cUrh9yAtM+oJdJk4P5v6u3c=
Subject key identifier: 4F:28:23:44:7A:38:CA:00:4C:5C:3B:82:8A:6A:9C:30:AF:DF:F6:9D
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0185AFB58D2A5C27FDA4268FFA0D6A53EA20
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/TygjRHo4ygBMXDuCimqcMK_f9p0.roa
Signing time: Sat 14 Jan 2023 09:56:29 +0000
ROA not before: Sat 14 Jan 2023 09:56:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213220
IP address blocks: 45.8.209.0/24 maxlen: 24
213.108.196.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Sep 2023 08:46:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:af:b5:8d:2a:5c:27:fd:a4:26:8f:fa:0d:6a:53:ea:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 14 09:56:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f2823447a38ca004c5c3b828a6a9c30afdff69d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:47:03:97:ab:e0:64:60:87:ea:d8:4e:49:fe:
36:83:a9:62:62:b6:c4:e0:86:21:63:e8:dd:ea:10:
f6:31:24:87:29:bf:8f:b5:74:56:e8:d1:f8:fa:56:
5e:79:c9:29:dd:8d:df:9b:ac:e3:95:87:66:47:8e:
db:a9:58:79:e8:57:df:f7:84:4a:fb:b8:9c:a1:96:
ee:49:fe:40:32:1f:14:a9:7b:13:e2:01:3d:f4:7d:
5c:e3:e8:92:4a:75:a6:28:7b:3b:f6:af:58:2e:ad:
9c:cb:c6:f5:01:7b:12:c1:3f:9d:3b:c2:ed:73:65:
d8:06:ff:50:d7:13:f4:f4:80:23:99:60:16:49:3d:
d7:a9:cb:fd:73:e6:70:a9:1a:6a:4a:0f:81:fb:79:
b5:a8:7e:ac:96:c2:93:23:19:1f:b6:f6:f7:a3:7e:
cd:8f:b3:0f:d9:86:8f:d7:04:ee:28:9d:64:96:48:
6b:da:b0:3f:ef:4b:37:c1:1f:fc:2c:3d:59:0f:e1:
ce:ea:ba:be:b4:9a:4e:3a:ec:5e:ee:9c:72:2a:7c:
df:9f:e9:b9:49:40:98:d4:9d:82:3a:f2:dd:a8:87:
e3:48:90:99:d8:f4:af:24:a3:2a:46:d7:fe:e4:56:
2b:12:8e:e8:1b:a0:bc:12:cc:69:e4:d5:88:74:60:
b6:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:28:23:44:7A:38:CA:00:4C:5C:3B:82:8A:6A:9C:30:AF:DF:F6:9D
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/TygjRHo4ygBMXDuCimqcMK_f9p0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.209.0/24
213.108.196.0/24
Signature Algorithm: sha256WithRSAEncryption
16:98:7c:ae:75:d5:67:3e:95:4e:e2:97:8d:c5:cb:3b:53:72:
05:2f:16:0d:72:3d:ff:b8:48:dd:0e:8b:8b:b6:c5:f2:43:64:
6c:c0:bf:7c:7f:36:96:32:0a:41:cf:f0:e0:1e:59:3e:c4:fd:
08:45:0b:c9:bd:89:08:e1:c1:55:b1:f5:17:0a:b0:62:89:73:
10:11:3d:f5:8f:9f:93:45:42:e1:8f:79:22:39:c5:59:4a:80:
b4:6f:44:6f:79:d9:44:60:54:14:34:b4:3e:71:33:24:fd:b9:
bd:83:e1:93:d0:52:29:36:30:00:d5:d7:f2:d7:56:bd:36:c0:
27:35:24:c6:f0:af:e2:33:5b:05:a0:cb:fe:fc:e4:50:e0:75:
38:b1:e2:f0:af:45:47:1a:db:5e:2c:6e:a7:ac:1c:54:db:12:
18:f2:28:e9:b1:6d:ce:0d:f9:55:46:03:0e:83:99:f0:4c:3b:
67:17:42:f2:77:ba:01:3f:47:b4:e1:9d:33:5e:88:bb:d2:58:
2a:c3:79:61:4f:7f:4d:09:bf:c7:a8:18:79:ac:45:34:6f:9b:
f4:df:2e:7a:cd:48:fc:00:51:30:d7:e3:a7:65:e4:63:aa:ac:
45:e5:ad:f2:62:65:d8:41:a1:2d:17:8c:bd:59:c8:f8:05:02:
d4:61:0b:a7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYWvtY0qXCf9pCaP+g1qU+ogMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwMTE0MDk1NjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjI4MjM0NDdhMzhjYTAwNGM1YzNiODI4YTZhOWMzMGFmZGZmNjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUcDl6vgZGCH6thOSf42g6liYrbE
4IYhY+jd6hD2MSSHKb+PtXRW6NH4+lZeeckp3Y3fm6zjlYdmR47bqVh56Fff94RK
+7icoZbuSf5AMh8UqXsT4gE99H1c4+iSSnWmKHs79q9YLq2cy8b1AXsSwT+dO8Lt
c2XYBv9Q1xP09IAjmWAWST3Xqcv9c+ZwqRpqSg+B+3m1qH6slsKTIxkftvb3o37N
j7MP2YaP1wTuKJ1klkhr2rA/70s3wR/8LD1ZD+HO6rq+tJpOOuxe7pxyKnzfn+m5
SUCY1J2COvLdqIfjSJCZ2PSvJKMqRtf+5FYrEo7oG6C8Esxp5NWIdGC2CQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE8oI0R6OMoATFw7gopqnDCv3/adMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvVHlnalJIbzR5Z0JNWER1Q2ltcWNNS19mOXAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQjRAwQA
1WzEMA0GCSqGSIb3DQEBCwUAA4IBAQAWmHyuddVnPpVO4peNxcs7U3IFLxYNcj3/
uEjdDouLtsXyQ2RswL98fzaWMgpBz/DgHlk+xP0IRQvJvYkI4cFVsfUXCrBiiXMQ
ET31j5+TRULhj3kiOcVZSoC0b0RvedlEYFQUNLQ+cTMk/bm9g+GT0FIpNjAA1dfy
11a9NsAnNSTG8K/iM1sFoMv+/ORQ4HU4seLwr0VHGtteLG6nrBxU2xIY8ijpsW3O
DflVRgMOg5nwTDtnF0Lyd7oBP0e04Z0zXoi70lgqw3lhT39NCb/HqBh5rEU0b5v0
3y56zUj8AFEw1+OnZeRjqqxF5a3yYmXYQaEtF4y9Wcj4BQLUYQun
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:08 2024 by rpki-client on console-fra.rpki-client.org