Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/94a062-8510-44d5-9e4b-c32a9a085ae0/1/TbqNFstf7N5HbuZ92m3sBenYsr0.roa
File: TbqNFstf7N5HbuZ92m3sBenYsr0.roa (raw, json)
Hash identifier: +hTYr78jvBwJfbHu/ci3WG3JxuGsrfBk33w8O2XrsF0=
Subject key identifier: 4D:BA:8D:16:CB:5F:EC:DE:47:6E:E6:7D:DA:6D:EC:05:E9:D8:B2:BD
Certificate issuer: /CN=bf1d5974b4e599ca72dcc4dac066d7714202efc9
Certificate serial: 018570302A35198585B847A194AA950D504B
Authority key identifier: BF:1D:59:74:B4:E5:99:CA:72:DC:C4:DA:C0:66:D7:71:42:02:EF:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vx1ZdLTlmcpy3MTawGbXcUIC78k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/94a062-8510-44d5-9e4b-c32a9a085ae0/1/TbqNFstf7N5HbuZ92m3sBenYsr0.roa
Signing time: Mon 02 Jan 2023 01:54:42 +0000
ROA not before: Mon 02 Jan 2023 01:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12843
IP address blocks: 194.180.204.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:2a:35:19:85:85:b8:47:a1:94:aa:95:0d:50:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf1d5974b4e599ca72dcc4dac066d7714202efc9
Validity
Not Before: Jan 2 01:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4dba8d16cb5fecde476ee67dda6dec05e9d8b2bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:4f:12:1f:8e:da:0c:f4:5c:ee:92:37:6f:86:
b7:33:3b:76:7c:1a:37:2c:78:9d:63:2d:b7:f2:73:
9a:c8:4d:55:3e:bb:74:05:5f:7d:e2:ca:bf:49:e5:
99:79:0d:db:88:c9:6d:91:fb:8f:50:e3:e7:ca:a0:
6e:ca:ad:e6:2f:f6:a7:71:89:35:90:b6:65:f0:90:
2c:36:f6:30:e3:81:a7:7d:da:21:c4:4c:f1:2a:5f:
64:8f:36:d7:c1:2b:52:2a:4e:e9:f8:11:7d:7c:e5:
f4:e4:c0:d0:18:5d:05:03:59:98:ce:9c:e4:3c:23:
89:67:85:db:24:58:9f:a5:89:a4:0b:d8:0b:ee:21:
18:d4:41:bc:8a:0a:91:b8:09:2d:ea:d0:b9:42:2d:
0d:ca:58:f2:60:b1:42:b9:fb:21:29:a4:7c:f6:38:
83:04:37:d2:dd:7b:49:a3:f9:3e:a4:2f:47:0f:18:
af:46:d0:d5:45:27:3b:f5:84:ea:99:49:64:7d:16:
fa:f7:f5:e0:70:56:3c:a7:26:36:fa:d9:7a:65:8b:
3b:3e:7d:39:81:f0:11:d8:44:14:ba:95:de:49:fa:
87:e9:08:b8:dc:27:ee:ef:83:1b:8c:ee:32:f5:a8:
61:8c:22:f6:58:b3:83:b7:f4:9a:0c:b4:2b:0d:78:
5f:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:BA:8D:16:CB:5F:EC:DE:47:6E:E6:7D:DA:6D:EC:05:E9:D8:B2:BD
X509v3 Authority Key Identifier:
keyid:BF:1D:59:74:B4:E5:99:CA:72:DC:C4:DA:C0:66:D7:71:42:02:EF:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vx1ZdLTlmcpy3MTawGbXcUIC78k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/94a062-8510-44d5-9e4b-c32a9a085ae0/1/TbqNFstf7N5HbuZ92m3sBenYsr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/94a062-8510-44d5-9e4b-c32a9a085ae0/1/vx1ZdLTlmcpy3MTawGbXcUIC78k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.180.204.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:a4:7a:c0:90:58:22:45:67:7f:bf:5f:03:9f:af:63:ce:75:
ad:8a:e6:5d:9f:14:f1:5d:08:0e:e6:28:b2:c7:f1:1e:45:ee:
86:30:d1:6a:12:26:99:2e:df:3b:0e:05:f7:38:56:e1:84:0e:
f1:98:56:fa:52:31:f6:99:44:4a:22:3b:23:7e:a5:9a:ef:4b:
60:8a:e4:3a:4d:9c:b8:75:2d:33:61:ed:cb:b0:29:47:bc:29:
b1:f7:46:1c:98:71:6d:7e:3a:a7:d3:3f:c2:81:26:ca:0d:0b:
98:6c:30:02:88:04:1d:c3:a5:fb:4e:f7:26:7d:53:0e:98:1f:
fd:b3:df:f4:28:dc:1a:80:57:19:e0:9b:9b:0d:32:cb:df:20:
68:88:6b:a6:9d:72:17:c4:d1:86:88:ca:2e:dd:75:cf:b3:d7:
ed:be:1b:cd:e1:be:bc:72:f7:87:35:2d:f5:fe:5d:c8:90:28:
57:e1:c9:ab:d0:d0:96:55:79:84:55:99:91:1c:ed:95:bc:0c:
db:ef:94:82:10:5e:76:cd:52:50:7c:55:da:ca:00:06:c1:14:
95:33:e4:e5:e4:eb:33:a4:6f:27:80:04:60:f7:cc:0f:fe:c4:
e1:9e:95:f2:e7:b4:09:25:cd:d3:45:c6:46:b3:a5:ea:87:34:
c9:78:08:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwMCo1GYWFuEehlKqVDVBLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmMWQ1OTc0YjRlNTk5Y2E3MmRjYzRkYWMwNjZkNzcxNDIw
MmVmYzkwHhcNMjMwMTAyMDE1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGJhOGQxNmNiNWZlY2RlNDc2ZWU2N2RkYTZkZWMwNWU5ZDhiMmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiE8SH47aDPRc7pI3b4a3Mzt2fBo3
LHidYy238nOayE1VPrt0BV994sq/SeWZeQ3biMltkfuPUOPnyqBuyq3mL/ancYk1
kLZl8JAsNvYw44GnfdohxEzxKl9kjzbXwStSKk7p+BF9fOX05MDQGF0FA1mYzpzk
PCOJZ4XbJFifpYmkC9gL7iEY1EG8igqRuAkt6tC5Qi0NyljyYLFCufshKaR89jiD
BDfS3XtJo/k+pC9HDxivRtDVRSc79YTqmUlkfRb69/XgcFY8pyY2+tl6ZYs7Pn05
gfAR2EQUupXeSfqH6Qi43Cfu74MbjO4y9ahhjCL2WLODt/SaDLQrDXhfQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE26jRbLX+zeR27mfdpt7AXp2LK9MB8GA1UdIwQY
MBaAFL8dWXS05ZnKctzE2sBm13FCAu/JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdngxWmRMVGxtY3B5M01UYXdHYlhjVUlDNzhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi85NGEwNjItODUxMC00NGQ1LTllNGIt
YzMyYTlhMDg1YWUwLzEvVGJxTkZzdGY3TjVIYnVaOTJtM3NCZW5Zc3IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi85NGEwNjItODUxMC00NGQ1LTllNGItYzMyYTlhMDg1YWUw
LzEvdngxWmRMVGxtY3B5M01UYXdHYlhjVUlDNzhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwrTMMA0G
CSqGSIb3DQEBCwUAA4IBAQDEpHrAkFgiRWd/v18Dn69jznWtiuZdnxTxXQgO5iiy
x/EeRe6GMNFqEiaZLt87DgX3OFbhhA7xmFb6UjH2mURKIjsjfqWa70tgiuQ6TZy4
dS0zYe3LsClHvCmx90YcmHFtfjqn0z/CgSbKDQuYbDACiAQdw6X7TvcmfVMOmB/9
s9/0KNwagFcZ4JubDTLL3yBoiGumnXIXxNGGiMou3XXPs9ftvhvN4b68cveHNS31
/l3IkChX4cmr0NCWVXmEVZmRHO2VvAzb75SCEF52zVJQfFXaygAGwRSVM+Tl5Osz
pG8ngARg98wP/sThnpXy57QJJc3TRcZGs6XqhzTJeAh8
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:41 2024 by rpki-client on console-fra.rpki-client.org