Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/tuACSWWBD8Ao3xqzM49iSsinTn0.roa
File: tuACSWWBD8Ao3xqzM49iSsinTn0.roa (raw, json)
Hash identifier: L1XXoZdj+7RGEZGJ9lVWqJzPtJkTKdqm99h40cqNKDk=
Subject key identifier: B6:E0:02:49:65:81:0F:C0:28:DF:1A:B3:33:8F:62:4A:C8:A7:4E:7D
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018CC8027D4493E42ECE0BA1907E10757DE5
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/tuACSWWBD8Ao3xqzM49iSsinTn0.roa
Signing time: Tue 02 Jan 2024 02:30:55 +0000
ROA not before: Tue 02 Jan 2024 02:30:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49981
IP address blocks: 185.126.80.0/24 maxlen: 24
185.251.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Mar 2024 10:23:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:7d:44:93:e4:2e:ce:0b:a1:90:7e:10:75:7d:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 2 02:30:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6e0024965810fc028df1ab3338f624ac8a74e7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:4b:54:e8:a4:4e:70:5c:c3:a3:50:62:8a:fc:
7d:69:93:4a:42:1a:8c:0e:f1:17:68:04:ec:f0:81:
7c:0a:51:60:41:2f:9a:44:06:9d:97:b3:b8:22:26:
a2:a0:30:aa:3d:c1:e9:f2:7e:da:a9:92:b8:13:c3:
64:45:3b:21:4f:f8:b3:e9:d6:fc:11:33:b3:d5:fd:
8b:4c:7b:44:0d:44:70:1c:7c:41:b0:24:1f:0c:53:
a7:28:d5:2b:e3:a8:39:00:a1:36:29:1f:6e:58:5e:
21:4c:ec:2c:2d:b6:89:82:f9:ea:5c:0e:c4:80:44:
14:b7:77:85:26:8e:9e:17:29:d9:3f:54:dc:45:fb:
ff:2a:45:de:f4:5d:3a:04:a7:fb:62:d4:43:f1:71:
cb:30:ed:4b:63:11:f3:9a:67:ee:3c:a9:c4:bc:2c:
73:e5:a5:f4:78:0a:ed:02:e1:4e:2c:7a:70:b5:7a:
89:9d:95:7a:25:27:c0:29:3c:44:d1:8d:a1:b1:84:
a8:41:b8:f9:9e:3f:ca:80:86:76:d0:89:5b:b0:f7:
7f:99:25:95:5e:62:7a:44:a7:f6:3b:d9:93:83:68:
b6:58:39:13:9f:7e:04:eb:21:b2:da:45:f0:30:1c:
79:5e:15:ff:4f:07:dc:da:77:5a:bd:4b:71:45:7d:
aa:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:E0:02:49:65:81:0F:C0:28:DF:1A:B3:33:8F:62:4A:C8:A7:4E:7D
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/tuACSWWBD8Ao3xqzM49iSsinTn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.80.0/24
185.251.230.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:c7:09:99:e8:8b:ea:08:cb:cb:8b:b9:b4:0b:6d:5b:b3:f7:
66:a0:53:3f:80:59:a1:4b:0d:ce:aa:46:a0:7e:7b:8e:fc:67:
f9:73:6a:fb:28:cb:9a:52:12:5c:9a:8c:71:3f:15:53:ef:e2:
52:db:43:d6:5a:b6:2e:7c:5b:cd:3c:d4:24:1b:91:65:7d:28:
b7:cf:47:23:95:d9:79:83:82:9a:2f:49:09:e5:ba:32:5c:b5:
ab:77:c6:b3:f6:38:7d:e7:3c:33:b2:1a:69:b1:34:e6:d5:d8:
ab:67:ba:73:b4:a7:4c:90:50:37:88:c3:9e:54:4f:17:3c:f8:
52:31:59:89:e3:7e:93:86:a8:93:be:98:7c:9a:36:1d:e1:f1:
ab:c7:1c:d1:3c:f2:d7:ac:4e:60:2e:43:a1:18:24:22:a8:46:
6d:e9:58:aa:13:f0:19:02:33:4e:c8:ed:ca:ca:b1:2f:9d:c5:
18:c7:99:67:4b:57:14:91:13:43:3c:89:e8:7e:2e:4b:8a:cc:
5c:39:83:fb:57:d5:bc:8f:43:1f:d2:60:71:a2:49:d4:08:05:
7e:16:dc:1a:89:99:dd:d9:1a:9f:4b:e6:bf:9b:1b:d9:f3:b0:
f0:f3:9e:f3:11:98:a0:dc:ce:5a:6e:46:b8:84:48:51:96:58:
f9:35:62:a6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIAn1Ek+QuzguhkH4QdX3lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTAyMDIzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmUwMDI0OTY1ODEwZmMwMjhkZjFhYjMzMzhmNjI0YWM4YTc0ZTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0tU6KROcFzDo1Biivx9aZNKQhqM
DvEXaATs8IF8ClFgQS+aRAadl7O4IiaioDCqPcHp8n7aqZK4E8NkRTshT/iz6db8
ETOz1f2LTHtEDURwHHxBsCQfDFOnKNUr46g5AKE2KR9uWF4hTOwsLbaJgvnqXA7E
gEQUt3eFJo6eFynZP1TcRfv/KkXe9F06BKf7YtRD8XHLMO1LYxHzmmfuPKnEvCxz
5aX0eArtAuFOLHpwtXqJnZV6JSfAKTxE0Y2hsYSoQbj5nj/KgIZ20IlbsPd/mSWV
XmJ6RKf2O9mTg2i2WDkTn34E6yGy2kXwMBx5XhX/Twfc2ndavUtxRX2qpQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLbgAkllgQ/AKN8aszOPYkrIp059MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvdHVBQ1NXV0JEOEFvM3hxek00OWlTc2luVG4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuX5QAwQA
ufvmMA0GCSqGSIb3DQEBCwUAA4IBAQChxwmZ6IvqCMvLi7m0C21bs/dmoFM/gFmh
Sw3OqkagfnuO/Gf5c2r7KMuaUhJcmoxxPxVT7+JS20PWWrYufFvNPNQkG5FlfSi3
z0cjldl5g4KaL0kJ5boyXLWrd8az9jh95zwzshppsTTm1dirZ7pztKdMkFA3iMOe
VE8XPPhSMVmJ436ThqiTvph8mjYd4fGrxxzRPPLXrE5gLkOhGCQiqEZt6ViqE/AZ
AjNOyO3KyrEvncUYx5lnS1cUkRNDPInofi5LisxcOYP7V9W8j0Mf0mBxoknUCAV+
FtwaiZnd2RqfS+a/mxvZ87Dw857zEZig3M5abka4hEhRllj5NWKm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:43 2024 by rpki-client on console-fra.rpki-client.org