Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Tbcd-gOL5FFaLtHgQtrK1UflrtE.roa
File: Tbcd-gOL5FFaLtHgQtrK1UflrtE.roa (raw, json)
Hash identifier: b2oDvGkoOKeKRRPqDgiZAUAkVqlkzLZtMId1CjQYIdo=
Subject key identifier: 4D:B7:1D:FA:03:8B:E4:51:5A:2E:D1:E0:42:DA:CA:D5:47:E5:AE:D1
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0185710C339F71300BA04A5EE933942AD910
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Tbcd-gOL5FFaLtHgQtrK1UflrtE.roa
Signing time: Mon 02 Jan 2023 05:55:03 +0000
ROA not before: Mon 02 Jan 2023 05:55:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 46562
IP address blocks: 104.232.36.0/24 maxlen: 24
2a0c:3ac0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 08 May 2023 21:41:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:33:9f:71:30:0b:a0:4a:5e:e9:33:94:2a:d9:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jan 2 05:55:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4db71dfa038be4515a2ed1e042dacad547e5aed1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:89:2f:7b:95:82:86:2f:ea:75:61:60:84:10:
23:b8:fe:fe:75:e6:b1:da:37:9c:bb:f4:55:09:12:
cb:bd:ea:49:a0:e3:65:0e:47:d2:0b:c3:5e:a1:10:
19:ff:58:15:79:a1:fd:46:8f:3c:0e:19:2b:5b:1e:
77:66:6a:29:4a:09:6e:20:3c:42:a1:a7:04:3c:d8:
1a:da:4a:56:c9:35:55:ca:27:72:00:7b:e1:1f:20:
d2:07:f4:47:60:db:5f:2d:fb:e4:cb:b9:7b:0c:f6:
68:b8:f1:ef:d5:36:99:41:cb:55:d5:98:61:e6:22:
94:5f:0c:fb:f0:d6:ca:fa:12:83:39:8b:fa:ae:5c:
8b:37:60:b5:db:6d:cd:41:d5:5c:64:a7:95:c5:e2:
e0:77:a7:af:e6:8a:ba:96:7c:78:03:a9:b8:56:ff:
29:30:eb:13:c2:c1:61:40:5c:12:79:53:3e:2b:95:
7f:76:66:93:32:92:f8:e7:d1:2c:c6:01:bc:ef:b6:
60:5f:de:b8:fc:a2:b7:51:bd:32:81:2e:67:70:17:
3c:d6:8c:c2:43:e3:ab:e2:47:47:ce:65:17:be:2f:
1a:25:1b:6d:f9:83:59:06:8a:9d:8a:0f:b5:0e:e5:
55:b1:51:a8:ff:db:42:18:49:f9:3f:07:4f:d2:6e:
6a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:B7:1D:FA:03:8B:E4:51:5A:2E:D1:E0:42:DA:CA:D5:47:E5:AE:D1
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Tbcd-gOL5FFaLtHgQtrK1UflrtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.232.36.0/24
IPv6:
2a0c:3ac0::/48
Signature Algorithm: sha256WithRSAEncryption
08:63:e3:02:41:5b:60:54:ae:16:73:51:64:bc:39:56:87:41:
70:d5:66:73:8e:b4:5e:1a:64:32:c3:ed:98:3e:40:bc:18:b5:
8b:3a:1e:2d:52:20:27:af:38:91:ae:21:05:6b:33:a2:17:0b:
b0:27:e5:c9:8f:ab:89:dd:a4:c1:13:30:e2:35:5c:13:d9:b4:
11:9c:4a:a3:89:f3:69:0f:59:98:71:a9:1c:b8:80:9b:49:fc:
11:de:bf:9e:8a:5f:d6:c1:65:37:56:01:95:46:4e:c7:61:dd:
19:8b:15:1e:9d:b9:62:5f:77:e3:58:23:b4:1e:f6:21:7d:f1:
ae:7c:af:b6:2c:94:20:c7:b7:af:94:6b:66:26:f3:51:d2:10:
cd:ba:65:93:c6:dd:ba:f4:e0:8f:7a:29:b9:4c:68:82:68:29:
3b:c6:a1:aa:6d:57:4d:ad:fe:05:29:77:ca:78:dd:89:9e:50:
80:c8:38:f1:f7:5a:f3:8e:6c:2e:49:d9:8c:f2:30:ef:00:e7:
f2:6e:a8:66:bc:6f:21:ff:7c:e8:d1:65:fc:19:71:70:0b:28:
29:a7:63:a9:46:af:dd:8a:0c:0e:72:62:1a:15:b9:eb:d1:b1:
b7:ef:8b:97:be:db:8f:e2:01:12:13:9c:c3:14:38:ac:75:a0:
9f:8e:64:8f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVxDDOfcTALoEpe6TOUKtkQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjMwMTAyMDU1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGI3MWRmYTAzOGJlNDUxNWEyZWQxZTA0MmRhY2FkNTQ3ZTVhZWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAookve5WChi/qdWFghBAjuP7+deax
2jecu/RVCRLLvepJoONlDkfSC8NeoRAZ/1gVeaH9Ro88DhkrWx53ZmopSgluIDxC
oacEPNga2kpWyTVVyidyAHvhHyDSB/RHYNtfLfvky7l7DPZouPHv1TaZQctV1Zhh
5iKUXwz78NbK+hKDOYv6rlyLN2C1223NQdVcZKeVxeLgd6ev5oq6lnx4A6m4Vv8p
MOsTwsFhQFwSeVM+K5V/dmaTMpL459EsxgG877ZgX964/KK3Ub0ygS5ncBc81ozC
Q+Or4kdHzmUXvi8aJRtt+YNZBoqdig+1DuVVsVGo/9tCGEn5PwdP0m5q2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE23HfoDi+RRWi7R4ELaytVH5a7RMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvVGJjZC1nT0w1RkZhTHRIZ1F0cksxVWZscnRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAaOgkMA8E
AgACMAkDBwAqDDrAAAAwDQYJKoZIhvcNAQELBQADggEBAAhj4wJBW2BUrhZzUWS8
OVaHQXDVZnOOtF4aZDLD7Zg+QLwYtYs6Hi1SICevOJGuIQVrM6IXC7An5cmPq4nd
pMETMOI1XBPZtBGcSqOJ82kPWZhxqRy4gJtJ/BHev56KX9bBZTdWAZVGTsdh3RmL
FR6duWJfd+NYI7Qe9iF98a58r7YslCDHt6+Ua2Ym81HSEM26ZZPG3br04I96KblM
aIJoKTvGoaptV02t/gUpd8p43YmeUIDIOPH3WvOObC5J2YzyMO8A5/JuqGa8byH/
fOjRZfwZcXALKCmnY6lGr92KDA5yYhoVuevRsbfvi5e+24/iARITnMMUOKx1oJ+O
ZI8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:55 2024 by rpki-client on console-fra.rpki-client.org