Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/13ff49-74a5-4f01-bc6f-c4bcf1471b5a/1/TKj55N7yUh1k3ggeXrBkbF49_es.roa
File: TKj55N7yUh1k3ggeXrBkbF49_es.roa (raw, json)
Hash identifier: W/5m9Qpi1nLxPO2YsAb21b0d5XGXcloQMef0DD3QC7E=
Subject key identifier: 4C:A8:F9:E4:DE:F2:52:1D:64:DE:08:1E:5E:B0:64:6C:5E:3D:FD:EB
Certificate issuer: /CN=fc072ee2515a07c667e1c5cfdc0210e6581b097b
Certificate serial: 0185727139C497CB77635E1824310C30A31B
Authority key identifier: FC:07:2E:E2:51:5A:07:C6:67:E1:C5:CF:DC:02:10:E6:58:1B:09:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Acu4lFaB8Zn4cXP3AIQ5lgbCXs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/13ff49-74a5-4f01-bc6f-c4bcf1471b5a/1/TKj55N7yUh1k3ggeXrBkbF49_es.roa
Signing time: Mon 02 Jan 2023 12:25:01 +0000
ROA not before: Mon 02 Jan 2023 12:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31437
IP address blocks: 91.197.80.0/22 maxlen: 22
91.197.81.0/24 maxlen: 24
91.197.83.0/24 maxlen: 24
91.197.80.0/24 maxlen: 24
91.197.82.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:71:39:c4:97:cb:77:63:5e:18:24:31:0c:30:a3:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc072ee2515a07c667e1c5cfdc0210e6581b097b
Validity
Not Before: Jan 2 12:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ca8f9e4def2521d64de081e5eb0646c5e3dfdeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:aa:bc:9b:91:80:32:ab:d2:ea:e8:93:5a:f4:
85:7c:16:04:da:9f:bd:31:05:5a:20:7d:40:ac:12:
bd:63:b2:be:26:92:6d:b6:28:43:96:2d:4a:6b:69:
41:52:76:98:01:07:fd:8b:ba:6e:5f:2c:f6:14:27:
7a:92:1c:f6:4b:7b:eb:c8:79:e0:e3:1a:ee:9e:57:
c5:e3:7c:0b:0c:8b:53:00:55:12:c4:3e:b8:d8:cc:
5a:ef:ba:bc:76:7b:f9:08:41:dc:d3:9b:20:98:81:
2d:6c:47:ab:63:74:ee:00:d4:07:0b:c5:d1:b1:89:
53:c5:81:a6:86:d1:e2:03:2e:43:85:67:f4:66:5c:
b9:65:79:e5:76:58:b3:4c:d8:1c:58:fe:47:39:1b:
55:80:7a:65:58:06:a4:ac:60:3c:37:be:5a:77:1b:
a0:01:31:f8:db:6c:e5:dc:10:81:78:a3:aa:a2:76:
68:6f:e6:97:f1:3c:c5:d9:66:74:3b:b4:22:5f:d8:
cf:5d:2d:87:6c:51:ca:df:18:63:c0:1e:82:c8:41:
6c:75:b1:09:63:75:ed:5f:06:27:50:d8:d1:11:0e:
5a:d7:e5:b2:83:be:12:9a:0a:cd:6c:83:02:79:0f:
1b:1f:0f:bd:42:f4:00:0d:93:49:2a:a1:35:6a:10:
bb:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:A8:F9:E4:DE:F2:52:1D:64:DE:08:1E:5E:B0:64:6C:5E:3D:FD:EB
X509v3 Authority Key Identifier:
keyid:FC:07:2E:E2:51:5A:07:C6:67:E1:C5:CF:DC:02:10:E6:58:1B:09:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Acu4lFaB8Zn4cXP3AIQ5lgbCXs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/13ff49-74a5-4f01-bc6f-c4bcf1471b5a/1/TKj55N7yUh1k3ggeXrBkbF49_es.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/13ff49-74a5-4f01-bc6f-c4bcf1471b5a/1/_Acu4lFaB8Zn4cXP3AIQ5lgbCXs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.80.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:7e:f8:e6:06:5b:c2:55:76:25:6c:5d:80:47:25:9c:0d:2d:
bf:bf:3b:51:d9:d5:69:3e:60:76:22:23:91:1e:fb:c7:33:e3:
26:35:74:cb:7b:0f:95:f9:fa:a7:82:cb:50:ca:d6:b0:3c:c2:
01:a6:1b:3a:f1:74:e1:43:fc:37:27:76:c0:b2:51:f4:d9:db:
cd:d1:6d:4e:78:7f:61:fa:71:a3:d9:5c:62:34:49:ab:b7:9e:
14:1f:a8:df:10:64:91:78:d2:36:fc:07:cd:23:8e:13:3b:c3:
92:d8:65:24:85:4c:8d:78:96:ef:32:77:90:01:60:23:62:0e:
6b:ec:7c:e1:83:e5:dc:e1:eb:8b:44:d9:65:33:66:66:0c:3a:
ae:2b:ed:d6:1d:5c:23:6c:34:61:6a:58:81:0b:34:52:fd:f3:
8b:c0:79:c1:af:72:ad:b7:d8:5f:ad:69:67:38:d5:8e:cb:ce:
7e:9a:c1:4f:48:16:8b:58:99:43:43:d3:df:91:62:81:3a:70:
28:c5:6b:bb:65:c7:c9:02:8d:13:e0:27:c4:5a:fe:21:6b:97:
a7:75:26:ce:8c:c3:0b:1c:a9:6c:75:9b:dc:1d:d4:98:e3:85:
19:e9:f1:14:46:66:cf:80:c0:18:5d:ba:e8:a4:b6:2b:0f:f4:
c4:9b:5e:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVycTnEl8t3Y14YJDEMMKMbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjMDcyZWUyNTE1YTA3YzY2N2UxYzVjZmRjMDIxMGU2NTgx
YjA5N2IwHhcNMjMwMTAyMTIyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2E4ZjllNGRlZjI1MjFkNjRkZTA4MWU1ZWIwNjQ2YzVlM2RmZGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKq8m5GAMqvS6uiTWvSFfBYE2p+9
MQVaIH1ArBK9Y7K+JpJttihDli1Ka2lBUnaYAQf9i7puXyz2FCd6khz2S3vryHng
4xrunlfF43wLDItTAFUSxD642Mxa77q8dnv5CEHc05sgmIEtbEerY3TuANQHC8XR
sYlTxYGmhtHiAy5DhWf0Zly5ZXnldlizTNgcWP5HORtVgHplWAakrGA8N75adxug
ATH422zl3BCBeKOqonZob+aX8TzF2WZ0O7QiX9jPXS2HbFHK3xhjwB6CyEFsdbEJ
Y3XtXwYnUNjREQ5a1+Wyg74SmgrNbIMCeQ8bHw+9QvQADZNJKqE1ahC7wQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEyo+eTe8lIdZN4IHl6wZGxePf3rMB8GA1UdIwQY
MBaAFPwHLuJRWgfGZ+HFz9wCEOZYGwl7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0FjdTRsRmFCOFpuNGNYUDNBSVE1bGdiQ1hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xM2ZmNDktNzRhNS00ZjAxLWJjNmYt
YzRiY2YxNDcxYjVhLzEvVEtqNTVON3lVaDFrM2dnZVhyQmtiRjQ5X2VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8xM2ZmNDktNzRhNS00ZjAxLWJjNmYtYzRiY2YxNDcxYjVh
LzEvX0FjdTRsRmFCOFpuNGNYUDNBSVE1bGdiQ1hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8VQMA0G
CSqGSIb3DQEBCwUAA4IBAQCPfvjmBlvCVXYlbF2ARyWcDS2/vztR2dVpPmB2IiOR
HvvHM+MmNXTLew+V+fqngstQytawPMIBphs68XThQ/w3J3bAslH02dvN0W1OeH9h
+nGj2VxiNEmrt54UH6jfEGSReNI2/AfNI44TO8OS2GUkhUyNeJbvMneQAWAjYg5r
7Hzhg+Xc4euLRNllM2ZmDDquK+3WHVwjbDRhaliBCzRS/fOLwHnBr3Ktt9hfrWln
ONWOy85+msFPSBaLWJlDQ9PfkWKBOnAoxWu7ZcfJAo0T4CfEWv4ha5endSbOjMML
HKlsdZvcHdSY44UZ6fEURmbPgMAYXbropLYrD/TEm16e
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:38 2024 by rpki-client on console-fra.rpki-client.org