Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/bb8727-78f7-401f-9339-e7ce26884be6/1/TSDfypCm0eiPmiweuaLns_2yP6o.roa
File: TSDfypCm0eiPmiweuaLns_2yP6o.roa (raw, json)
Hash identifier: BmcI1TqcwvtLdWMypr04CwGc5YgK+qqXdAzmbUBiJ98=
Subject key identifier: 4D:20:DF:CA:90:A6:D1:E8:8F:9A:2C:1E:B9:A2:E7:B3:FD:B2:3F:AA
Certificate issuer: /CN=88ea5255f88d4b957189c142f8ac5681c50c68a6
Certificate serial: 018814E0FD656C859C519BC85C4742DBAF6B
Authority key identifier: 88:EA:52:55:F8:8D:4B:95:71:89:C1:42:F8:AC:56:81:C5:0C:68:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iOpSVfiNS5VxicFC-KxWgcUMaKY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/bb8727-78f7-401f-9339-e7ce26884be6/1/TSDfypCm0eiPmiweuaLns_2yP6o.roa
Signing time: Sat 13 May 2023 11:31:09 +0000
ROA not before: Sat 13 May 2023 11:31:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202787
IP address blocks: 185.137.8.0/24 maxlen: 24
185.137.9.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Oct 2023 07:47:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:14:e0:fd:65:6c:85:9c:51:9b:c8:5c:47:42:db:af:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88ea5255f88d4b957189c142f8ac5681c50c68a6
Validity
Not Before: May 13 11:31:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d20dfca90a6d1e88f9a2c1eb9a2e7b3fdb23faa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:bc:9d:81:54:87:d9:11:11:b5:5e:7b:d1:6c:
54:dc:89:df:77:d9:c3:97:f7:99:5e:be:12:41:5d:
42:01:10:02:a0:18:77:5d:93:43:f2:65:18:f0:97:
15:b0:15:d0:79:15:81:46:3a:20:2c:03:7d:ff:65:
dc:d6:66:d9:41:10:cd:87:cd:35:3c:8f:93:4b:7f:
9c:ae:5f:1a:3d:87:4b:f0:76:77:60:80:79:ba:d3:
cf:c5:1d:14:5a:4e:15:bd:8c:ff:a6:c5:0d:0f:c5:
7e:eb:ee:78:b7:e3:22:c2:b7:b8:24:49:16:5a:61:
07:ee:5d:72:a3:fb:9f:92:6d:08:fd:e1:53:e8:46:
a1:49:b7:bf:74:c1:7b:79:4b:6c:36:e0:a7:11:73:
65:c5:3b:72:59:4e:ca:d5:39:38:e1:6a:76:a2:89:
1b:f7:c3:5a:78:45:ef:15:04:5a:33:a3:e0:58:fc:
82:0d:48:fc:d5:f2:6a:ee:d1:8a:b3:3d:bc:ef:85:
cb:b3:0e:2b:77:14:b3:9b:a5:5b:4c:e6:fb:4b:2d:
bf:42:17:2e:25:98:f8:fa:d7:7b:7d:7b:4e:2f:7b:
af:3c:52:fb:ad:93:92:f9:1b:39:ea:83:7c:6e:c6:
01:14:52:ca:5a:65:21:b7:9b:94:33:5a:cc:f5:2d:
41:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:20:DF:CA:90:A6:D1:E8:8F:9A:2C:1E:B9:A2:E7:B3:FD:B2:3F:AA
X509v3 Authority Key Identifier:
keyid:88:EA:52:55:F8:8D:4B:95:71:89:C1:42:F8:AC:56:81:C5:0C:68:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iOpSVfiNS5VxicFC-KxWgcUMaKY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/bb8727-78f7-401f-9339-e7ce26884be6/1/TSDfypCm0eiPmiweuaLns_2yP6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/bb8727-78f7-401f-9339-e7ce26884be6/1/iOpSVfiNS5VxicFC-KxWgcUMaKY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.8.0/23
Signature Algorithm: sha256WithRSAEncryption
65:38:69:d6:23:c7:b8:78:6c:31:65:59:99:a9:1e:0a:5a:98:
15:8c:5b:e3:32:3a:be:d5:1c:d5:85:ed:1f:f4:71:67:47:a1:
73:73:5d:98:85:e5:0e:c4:5d:70:a5:5b:44:43:16:b3:d2:d2:
5b:6c:94:68:24:fb:5e:0e:1a:3e:35:99:c4:e5:1c:1f:dd:d3:
36:0c:73:4c:f4:ce:e1:bf:f6:96:18:ec:b6:35:05:76:6b:d4:
df:60:b4:90:0a:ff:fe:44:7c:39:de:0a:87:a5:43:b6:aa:14:
e7:7d:60:f2:dc:b1:93:a2:00:f8:74:bc:22:21:a6:9b:f5:65:
fa:67:d2:48:f3:73:e2:9a:a9:3e:06:9a:e3:dd:10:82:05:63:
7d:3a:f8:56:f5:ca:14:56:f9:b1:ad:7f:2c:c6:61:6c:35:fa:
08:8d:ba:9c:a5:64:b1:f9:0e:a9:ca:84:8b:c4:03:0b:a7:6b:
47:c9:b4:12:c1:5f:99:43:be:54:3f:56:53:4a:f9:f9:4f:b5:
a3:5c:ce:c4:db:4e:28:8f:7f:4c:19:b7:46:84:df:16:c5:e5:
46:3f:fc:4a:cf:65:ed:ad:1b:88:de:61:4f:61:dc:31:b8:14:
51:f8:05:14:e9:bd:b4:e1:4e:e5:c3:8a:99:ef:05:54:d1:41:
a8:77:c0:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgU4P1lbIWcUZvIXEdC269rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZWE1MjU1Zjg4ZDRiOTU3MTg5YzE0MmY4YWM1NjgxYzUw
YzY4YTYwHhcNMjMwNTEzMTEzMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDIwZGZjYTkwYTZkMWU4OGY5YTJjMWViOWEyZTdiM2ZkYjIzZmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbydgVSH2RERtV570WxU3Infd9nD
l/eZXr4SQV1CARACoBh3XZND8mUY8JcVsBXQeRWBRjogLAN9/2Xc1mbZQRDNh801
PI+TS3+crl8aPYdL8HZ3YIB5utPPxR0UWk4VvYz/psUND8V+6+54t+Miwre4JEkW
WmEH7l1yo/ufkm0I/eFT6EahSbe/dMF7eUtsNuCnEXNlxTtyWU7K1Tk44Wp2ookb
98NaeEXvFQRaM6PgWPyCDUj81fJq7tGKsz2874XLsw4rdxSzm6VbTOb7Sy2/Qhcu
JZj4+td7fXtOL3uvPFL7rZOS+Rs56oN8bsYBFFLKWmUht5uUM1rM9S1BgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE0g38qQptHoj5osHrmi57P9sj+qMB8GA1UdIwQY
MBaAFIjqUlX4jUuVcYnBQvisVoHFDGimMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaU9wU1ZmaU5TNVZ4aWNGQy1LeFdnY1VNYUtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9iYjg3MjctNzhmNy00MDFmLTkzMzkt
ZTdjZTI2ODg0YmU2LzEvVFNEZnlwQ20wZWlQbWl3ZXVhTG5zXzJ5UDZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9iYjg3MjctNzhmNy00MDFmLTkzMzktZTdjZTI2ODg0YmU2
LzEvaU9wU1ZmaU5TNVZ4aWNGQy1LeFdnY1VNYUtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuYkIMA0G
CSqGSIb3DQEBCwUAA4IBAQBlOGnWI8e4eGwxZVmZqR4KWpgVjFvjMjq+1RzVhe0f
9HFnR6Fzc12YheUOxF1wpVtEQxaz0tJbbJRoJPteDho+NZnE5Rwf3dM2DHNM9M7h
v/aWGOy2NQV2a9TfYLSQCv/+RHw53gqHpUO2qhTnfWDy3LGTogD4dLwiIaab9WX6
Z9JI83Pimqk+Bprj3RCCBWN9OvhW9coUVvmxrX8sxmFsNfoIjbqcpWSx+Q6pyoSL
xAMLp2tHybQSwV+ZQ75UP1ZTSvn5T7WjXM7E204oj39MGbdGhN8WxeVGP/xKz2Xt
rRuI3mFPYdwxuBRR+AUU6b204U7lw4qZ7wVU0UGod8Ag
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:06 2024 by rpki-client on console-fra.rpki-client.org