Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/tgoham7FdpoYGTEajCWs7SPGtkM.roa
File: tgoham7FdpoYGTEajCWs7SPGtkM.roa (raw, json)
Hash identifier: jhfL8Ypa8FgB7kbixXuxmUiStj8ibBeYSFOpgzUinhc=
Subject key identifier: B6:0A:21:6A:6E:C5:76:9A:18:19:31:1A:8C:25:AC:ED:23:C6:B6:43
Certificate issuer: /CN=1e36de27974727aa0046b3e9c8d0624674541255
Certificate serial: 018A5060EF31FBE708AAAD91E6F98B1692C8
Authority key identifier: 1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/tgoham7FdpoYGTEajCWs7SPGtkM.roa
Signing time: Fri 01 Sep 2023 10:54:04 +0000
ROA not before: Fri 01 Sep 2023 10:54:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47844
IP address blocks: 31.130.0.0/19 maxlen: 24
31.130.12.0/22 maxlen: 22
31.130.16.0/20 maxlen: 20
93.157.163.0/24 maxlen: 24
93.157.160.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:50:60:ef:31:fb:e7:08:aa:ad:91:e6:f9:8b:16:92:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e36de27974727aa0046b3e9c8d0624674541255
Validity
Not Before: Sep 1 10:54:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b60a216a6ec5769a1819311a8c25aced23c6b643
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:66:0b:d4:4e:6a:1b:37:11:26:0d:27:8a:d7:
1e:e5:dd:43:32:29:7a:dc:03:b1:86:92:f6:70:46:
46:9f:df:43:1e:6c:19:00:73:3f:ba:2d:76:61:ea:
9f:07:db:2d:4c:90:eb:cc:ca:d3:e2:25:c7:76:d7:
60:c1:08:cc:2b:f8:c8:fc:d0:77:91:42:9d:c3:11:
21:78:d5:0c:d6:66:27:85:81:91:ab:1c:21:90:ac:
2c:b9:d6:d8:ad:08:5e:1b:e5:e3:c2:9c:82:81:fa:
a6:5e:d0:0b:26:ec:18:83:56:12:2a:5d:4a:85:e9:
6e:67:b2:ac:4f:17:c6:69:07:35:94:9b:5d:01:d5:
98:5f:e2:b8:93:44:ca:69:ac:ce:40:5f:88:10:42:
a4:f3:b0:09:e3:ba:28:44:20:62:0b:22:54:7b:ad:
d9:5a:b7:db:1d:8a:95:9d:ce:04:4b:85:94:a6:6f:
d8:f3:d4:97:fa:d3:99:cd:13:7a:43:89:b0:e7:ae:
b0:78:d1:37:91:46:18:37:8c:c1:9c:84:10:6b:97:
9e:b9:23:ec:b4:05:e3:7a:16:ac:91:5e:d2:95:c7:
cf:ad:a2:91:9a:71:e8:c4:25:ee:a2:e0:4c:68:11:
0c:52:d0:f1:41:e9:50:a2:3b:44:73:07:d8:58:ec:
f0:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:0A:21:6A:6E:C5:76:9A:18:19:31:1A:8C:25:AC:ED:23:C6:B6:43
X509v3 Authority Key Identifier:
keyid:1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/tgoham7FdpoYGTEajCWs7SPGtkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.130.0.0/19
93.157.160.0/21
Signature Algorithm: sha256WithRSAEncryption
8d:7a:62:aa:78:f4:ee:02:69:0f:56:41:ae:93:44:0a:24:0a:
0d:80:e3:6b:b7:58:7d:fb:72:ed:19:1e:6f:cd:50:d5:15:b2:
5f:ac:27:26:52:8e:0c:f2:98:9b:bd:19:2a:e8:69:11:d5:25:
e7:4a:4a:45:14:9a:7f:29:a0:57:25:e2:9e:dc:55:94:0c:69:
dd:62:43:53:d9:37:e3:39:2b:7b:aa:6f:a2:d4:df:90:f8:49:
bb:0d:84:7f:d3:5c:17:32:a5:c7:ef:67:1e:f7:c2:3a:95:3f:
df:d8:ac:2f:4e:4a:b4:7f:4a:49:aa:12:2d:c4:a2:0c:41:d8:
64:15:ca:0a:35:13:d9:f0:9c:39:dd:9f:59:e6:57:c6:1a:7d:
32:ac:1f:d5:bf:18:28:10:cf:cb:01:ca:dc:aa:91:c2:69:3b:
62:7d:a0:17:fe:98:67:14:8c:ea:cb:91:f2:24:a8:ce:6c:04:
c3:93:d8:08:6e:d7:6a:27:01:aa:75:4b:38:31:94:5a:29:41:
e8:db:0b:a4:51:d8:0f:35:14:2f:b7:42:2b:bb:ee:21:10:6a:
74:73:d0:4d:ad:e9:b7:5e:46:1e:e2:d3:50:89:74:33:b9:9e:
6b:ef:30:3d:df:98:b3:83:24:e5:d5:f7:9f:df:9d:84:49:8d:
e9:76:ea:13
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYpQYO8x++cIqq2R5vmLFpLIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMzZkZTI3OTc0NzI3YWEwMDQ2YjNlOWM4ZDA2MjQ2NzQ1
NDEyNTUwHhcNMjMwOTAxMTA1NDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjBhMjE2YTZlYzU3NjlhMTgxOTMxMWE4YzI1YWNlZDIzYzZiNjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGYL1E5qGzcRJg0nitce5d1DMil6
3AOxhpL2cEZGn99DHmwZAHM/ui12YeqfB9stTJDrzMrT4iXHdtdgwQjMK/jI/NB3
kUKdwxEheNUM1mYnhYGRqxwhkKwsudbYrQheG+XjwpyCgfqmXtALJuwYg1YSKl1K
heluZ7KsTxfGaQc1lJtdAdWYX+K4k0TKaazOQF+IEEKk87AJ47ooRCBiCyJUe63Z
WrfbHYqVnc4ES4WUpm/Y89SX+tOZzRN6Q4mw566weNE3kUYYN4zBnIQQa5eeuSPs
tAXjehaskV7SlcfPraKRmnHoxCXuouBMaBEMUtDxQelQojtEcwfYWOzw6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLYKIWpuxXaaGBkxGowlrO0jxrZDMB8GA1UdIwQY
MBaAFB423ieXRyeqAEaz6cjQYkZ0VBJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzkt
ZGY3OTNhOTQwYmFiLzEvdGdvaGFtN0ZkcG9ZR1RFYWpDV3M3U1BHdGtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzktZGY3OTNhOTQwYmFi
LzEvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFH4IAAwQD
XZ2gMA0GCSqGSIb3DQEBCwUAA4IBAQCNemKqePTuAmkPVkGuk0QKJAoNgONrt1h9
+3LtGR5vzVDVFbJfrCcmUo4M8pibvRkq6GkR1SXnSkpFFJp/KaBXJeKe3FWUDGnd
YkNT2TfjOSt7qm+i1N+Q+Em7DYR/01wXMqXH72ce98I6lT/f2KwvTkq0f0pJqhIt
xKIMQdhkFcoKNRPZ8Jw53Z9Z5lfGGn0yrB/VvxgoEM/LAcrcqpHCaTtifaAX/phn
FIzqy5HyJKjObATDk9gIbtdqJwGqdUs4MZRaKUHo2wukUdgPNRQvt0Iru+4hEGp0
c9BNrem3XkYe4tNQiXQzuZ5r7zA935izgyTl1fef352ESY3pduoT
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:23:28 2024 by rpki-client on console-fra.rpki-client.org