Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/900cbf-477b-46be-8f5d-c911483da78c/1/tj9CbRMGtfCU5c_MbLnDc0FIqz0.roa
File: tj9CbRMGtfCU5c_MbLnDc0FIqz0.roa (raw, json)
Hash identifier: yg6I7ERmN8pOSmhotlRwEHLsWqkhrdsZbUhQz70oQoo=
Subject key identifier: B6:3F:42:6D:13:06:B5:F0:94:E5:CF:CC:6C:B9:C3:73:41:48:AB:3D
Certificate issuer: /CN=75facb07f2ccb92eeba87854c94240e4f5ac8f52
Certificate serial: 01856FD4FB4F4DD9ADE4604B7516400D68E3
Authority key identifier: 75:FA:CB:07:F2:CC:B9:2E:EB:A8:78:54:C9:42:40:E4:F5:AC:8F:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dfrLB_LMuS7rqHhUyUJA5PWsj1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/900cbf-477b-46be-8f5d-c911483da78c/1/tj9CbRMGtfCU5c_MbLnDc0FIqz0.roa
Signing time: Mon 02 Jan 2023 00:15:07 +0000
ROA not before: Mon 02 Jan 2023 00:15:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47927
IP address blocks: 46.28.120.0/21 maxlen: 21
159.255.140.0/22 maxlen: 22
159.255.152.0/22 maxlen: 22
185.63.40.0/22 maxlen: 22
188.95.72.0/21 maxlen: 21
94.126.8.0/21 maxlen: 21
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:35:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d4:fb:4f:4d:d9:ad:e4:60:4b:75:16:40:0d:68:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75facb07f2ccb92eeba87854c94240e4f5ac8f52
Validity
Not Before: Jan 2 00:15:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b63f426d1306b5f094e5cfcc6cb9c3734148ab3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f4:c5:34:f0:3a:f9:d2:1e:d5:d2:0f:eb:21:
7e:d4:bc:26:a0:ca:59:79:ba:cb:79:6d:ee:04:dd:
c9:c0:3f:e0:67:ae:90:a3:29:8d:8b:66:85:9c:a1:
4e:a2:38:03:44:d5:fa:9b:78:cd:33:60:23:c3:dc:
c4:a0:9a:e7:17:23:26:3c:9d:50:63:0e:c9:6f:02:
21:c4:1c:ce:b3:82:da:46:6d:11:78:9b:29:40:0d:
fb:02:19:79:7d:b9:d0:b4:5d:2b:c4:77:29:28:60:
de:d9:39:d3:1b:f1:bd:13:1d:c9:42:72:3c:4a:cf:
09:68:91:39:18:a3:fb:8d:96:82:d5:f7:54:29:94:
ef:dc:43:bf:d0:1d:02:c2:84:e7:51:e6:27:26:f0:
eb:51:d7:71:05:2b:91:4d:69:e6:53:ea:49:cd:93:
83:01:38:df:bb:ae:55:b4:49:36:77:4a:7f:48:be:
55:6a:55:a8:b8:55:4f:4a:4f:b1:71:b1:84:ec:53:
d4:87:63:a1:5d:83:0f:b9:3d:89:08:21:07:8e:64:
98:24:53:4b:ce:a3:3c:b1:80:bc:e8:af:9e:0b:01:
c8:46:5e:6b:58:f9:7d:27:a8:26:b3:dc:27:f9:15:
5c:98:6e:92:d8:52:bf:df:13:74:6c:f4:49:8b:fd:
dc:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:3F:42:6D:13:06:B5:F0:94:E5:CF:CC:6C:B9:C3:73:41:48:AB:3D
X509v3 Authority Key Identifier:
keyid:75:FA:CB:07:F2:CC:B9:2E:EB:A8:78:54:C9:42:40:E4:F5:AC:8F:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dfrLB_LMuS7rqHhUyUJA5PWsj1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/900cbf-477b-46be-8f5d-c911483da78c/1/tj9CbRMGtfCU5c_MbLnDc0FIqz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/900cbf-477b-46be-8f5d-c911483da78c/1/dfrLB_LMuS7rqHhUyUJA5PWsj1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.120.0/21
94.126.8.0/21
159.255.140.0/22
159.255.152.0/22
185.63.40.0/22
188.95.72.0/21
Signature Algorithm: sha256WithRSAEncryption
94:ee:00:03:d8:e0:50:3d:03:0a:14:ac:6d:f8:f0:a8:12:7c:
a4:67:9a:d6:38:4f:67:b0:56:04:78:50:4b:2f:dd:a3:b3:56:
93:4a:95:7b:11:78:9d:37:ce:14:c7:a0:3f:59:cf:f4:2e:8a:
6f:36:9d:fb:79:62:e3:bf:86:69:9d:cb:d8:ef:1f:6a:2e:fb:
b6:7c:f2:01:5d:fb:39:72:87:f3:84:75:17:39:45:c7:22:d5:
ae:b6:3d:39:4c:92:cd:ea:66:b1:cd:f6:a4:9c:b9:24:fa:df:
40:18:ec:1d:03:32:fd:4f:70:e0:37:0d:bf:be:34:1a:bb:68:
56:a9:45:3b:a6:6a:cb:17:1c:a6:26:bd:2f:46:45:4b:50:72:
bd:6b:c5:d2:61:af:91:ef:9b:9c:43:e0:1c:18:52:6d:74:25:
87:35:6f:07:71:38:0c:cb:df:4f:38:d8:2f:ed:3f:78:af:c2:
27:84:cd:a4:bc:dc:bc:63:47:9b:e1:d1:8f:b8:c8:45:03:25:
70:c1:bd:31:52:cd:3f:86:ab:2d:42:92:db:24:d1:88:f4:53:
24:c1:e1:00:da:6c:1d:a1:3e:46:29:0a:61:11:a9:f9:99:93:
74:4b:91:55:a6:99:e6:a8:3d:46:da:03:99:62:bf:e8:c5:4d:
cb:8f:d5:b3
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVv1PtPTdmt5GBLdRZADWjjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZmFjYjA3ZjJjY2I5MmVlYmE4Nzg1NGM5NDI0MGU0ZjVh
YzhmNTIwHhcNMjMwMTAyMDAxNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjNmNDI2ZDEzMDZiNWYwOTRlNWNmY2M2Y2I5YzM3MzQxNDhhYjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/TFNPA6+dIe1dIP6yF+1LwmoMpZ
ebrLeW3uBN3JwD/gZ66QoymNi2aFnKFOojgDRNX6m3jNM2Ajw9zEoJrnFyMmPJ1Q
Yw7JbwIhxBzOs4LaRm0ReJspQA37Ahl5fbnQtF0rxHcpKGDe2TnTG/G9Ex3JQnI8
Ss8JaJE5GKP7jZaC1fdUKZTv3EO/0B0CwoTnUeYnJvDrUddxBSuRTWnmU+pJzZOD
ATjfu65VtEk2d0p/SL5ValWouFVPSk+xcbGE7FPUh2OhXYMPuT2JCCEHjmSYJFNL
zqM8sYC86K+eCwHIRl5rWPl9J6gms9wn+RVcmG6S2FK/3xN0bPRJi/3cfQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLY/Qm0TBrXwlOXPzGy5w3NBSKs9MB8GA1UdIwQY
MBaAFHX6ywfyzLku66h4VMlCQOT1rI9SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGZyTEJfTE11UzdycUhoVXlVSkE1UFdzajFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC85MDBjYmYtNDc3Yi00NmJlLThmNWQt
YzkxMTQ4M2RhNzhjLzEvdGo5Q2JSTUd0ZkNVNWNfTWJMbkRjMEZJcXowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC85MDBjYmYtNDc3Yi00NmJlLThmNWQtYzkxMTQ4M2RhNzhj
LzEvZGZyTEJfTE11UzdycUhoVXlVSkE1UFdzajFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDLhx4AwQD
Xn4IAwQCn/+MAwQCn/+YAwQCuT8oAwQDvF9IMA0GCSqGSIb3DQEBCwUAA4IBAQCU
7gAD2OBQPQMKFKxt+PCoEnykZ5rWOE9nsFYEeFBLL92js1aTSpV7EXidN84Ux6A/
Wc/0LopvNp37eWLjv4ZpncvY7x9qLvu2fPIBXfs5cofzhHUXOUXHItWutj05TJLN
6maxzfaknLkk+t9AGOwdAzL9T3DgNw2/vjQau2hWqUU7pmrLFxymJr0vRkVLUHK9
a8XSYa+R75ucQ+AcGFJtdCWHNW8HcTgMy99PONgv7T94r8InhM2kvNy8Y0eb4dGP
uMhFAyVwwb0xUs0/hqstQpLbJNGI9FMkweEA2mwdoT5GKQphEan5mZN0S5FVppnm
qD1G2gOZYr/oxU3Lj9Wz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:50 2024 by rpki-client on console-ams.rpki-client.org