Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/7f290b-81c7-42b7-947f-d33fa1605ae1/1/tJiJabehWBFFws89KLnaxQPgW-w.roa
File: tJiJabehWBFFws89KLnaxQPgW-w.roa (raw, json)
Hash identifier: 1lnK3VMhPhCg9GJIDP9tUSu9gnX9LBpkiTc3p6YciHs=
Subject key identifier: B4:98:89:69:B7:A1:58:11:45:C2:CF:3D:28:B9:DA:C5:03:E0:5B:EC
Certificate issuer: /CN=29db7ca4eee1e453d26fab99c8201adf894612be
Certificate serial: 018572CCC08C4B7BDE2E569B6A914DF16B60
Authority key identifier: 29:DB:7C:A4:EE:E1:E4:53:D2:6F:AB:99:C8:20:1A:DF:89:46:12:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kdt8pO7h5FPSb6uZyCAa34lGEr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/7f290b-81c7-42b7-947f-d33fa1605ae1/1/tJiJabehWBFFws89KLnaxQPgW-w.roa
Signing time: Mon 02 Jan 2023 14:04:59 +0000
ROA not before: Mon 02 Jan 2023 14:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198623
IP address blocks: 37.77.192.0/21 maxlen: 24
193.104.81.0/24 maxlen: 24
37.123.248.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:c0:8c:4b:7b:de:2e:56:9b:6a:91:4d:f1:6b:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29db7ca4eee1e453d26fab99c8201adf894612be
Validity
Not Before: Jan 2 14:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4988969b7a1581145c2cf3d28b9dac503e05bec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:1b:25:18:fe:a0:ae:d9:4a:67:86:6a:db:54:
2c:90:cd:b0:fe:f0:d3:f1:c1:b0:bb:c9:06:9c:35:
b2:62:d8:bf:d3:e8:f3:9b:7a:1e:83:07:52:ac:ec:
ee:b2:42:47:19:87:28:3e:b0:44:ca:c7:8d:fb:cc:
f0:7b:53:94:28:dc:c0:7a:4a:c1:a9:f1:25:e6:7c:
8f:30:1e:c1:d6:d3:f2:f7:17:52:57:61:4e:ad:45:
32:9e:97:f6:65:e8:e0:cd:44:c0:ac:f9:bd:49:98:
e4:98:7a:53:b9:ff:0d:aa:67:0c:24:16:3a:52:60:
b5:d6:0f:9d:10:a9:92:ca:55:60:b9:49:63:b0:73:
d5:36:90:f6:ff:05:48:13:a5:19:df:5a:3b:00:1d:
48:59:40:a0:df:1d:c8:41:52:94:4f:94:b0:50:17:
84:59:37:ab:b1:80:a1:36:62:79:31:66:af:79:63:
57:d8:7b:a5:e8:60:ca:26:9b:45:7b:b8:02:77:fe:
7d:c3:73:23:49:f6:77:32:0b:7d:ab:01:26:58:87:
9b:b6:03:88:e3:0a:1a:eb:1c:7c:c9:45:44:71:d2:
55:06:13:6f:c3:5b:ad:68:3a:27:7b:8d:2d:6a:29:
ba:7d:46:ee:fb:af:05:d1:92:06:f2:2b:a0:19:44:
26:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:98:89:69:B7:A1:58:11:45:C2:CF:3D:28:B9:DA:C5:03:E0:5B:EC
X509v3 Authority Key Identifier:
keyid:29:DB:7C:A4:EE:E1:E4:53:D2:6F:AB:99:C8:20:1A:DF:89:46:12:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kdt8pO7h5FPSb6uZyCAa34lGEr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/7f290b-81c7-42b7-947f-d33fa1605ae1/1/tJiJabehWBFFws89KLnaxQPgW-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/7f290b-81c7-42b7-947f-d33fa1605ae1/1/Kdt8pO7h5FPSb6uZyCAa34lGEr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.192.0/21
37.123.248.0/21
193.104.81.0/24
Signature Algorithm: sha256WithRSAEncryption
02:6e:67:9c:64:1a:5a:d9:00:5b:c6:52:60:e9:c4:5b:07:4f:
ab:b7:92:65:0f:5a:ec:38:b5:59:47:14:dc:41:01:13:4c:aa:
12:9e:20:fe:8e:9c:53:fc:cc:6e:9d:59:cd:cc:96:55:9f:d7:
14:ac:ab:a4:f4:93:92:6f:22:7c:fa:9c:7f:93:d1:3f:49:e9:
d6:83:06:2a:41:7c:c2:62:98:e2:2a:58:82:17:fe:b3:18:c4:
99:0e:a9:a2:7f:1b:d4:5b:8d:b1:5b:2c:19:5b:d9:50:6a:31:
52:17:de:6a:9c:c1:a0:a8:3b:5c:32:bc:1b:66:e1:ee:a1:90:
0f:e7:a6:b6:8f:aa:92:fc:a1:82:5a:5d:d5:c6:6e:fb:df:2b:
7d:c7:c3:12:b6:cc:40:7e:f1:ef:1f:fe:41:3c:68:fe:0f:17:
04:ae:53:df:b5:20:d6:34:83:6e:ea:48:c9:d3:71:09:4b:01:
f5:4a:74:6e:ec:cb:4e:71:ba:7a:d3:65:3e:74:ae:9e:36:d7:
20:17:c2:71:d0:14:b7:6e:01:9d:76:3e:d9:38:f8:03:8b:7c:
2d:47:f2:6f:3f:4d:05:ff:ad:26:ea:f7:55:f9:c0:85:5d:ed:
50:3f:6d:a4:d8:74:a2:6e:67:b2:82:fc:ab:f5:65:89:76:46:
75:0f:85:fc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyzMCMS3veLlabapFN8WtgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZGI3Y2E0ZWVlMWU0NTNkMjZmYWI5OWM4MjAxYWRmODk0
NjEyYmUwHhcNMjMwMTAyMTQwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDk4ODk2OWI3YTE1ODExNDVjMmNmM2QyOGI5ZGFjNTAzZTA1YmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2xslGP6grtlKZ4Zq21QskM2w/vDT
8cGwu8kGnDWyYti/0+jzm3oegwdSrOzuskJHGYcoPrBEyseN+8zwe1OUKNzAekrB
qfEl5nyPMB7B1tPy9xdSV2FOrUUynpf2ZejgzUTArPm9SZjkmHpTuf8NqmcMJBY6
UmC11g+dEKmSylVguUljsHPVNpD2/wVIE6UZ31o7AB1IWUCg3x3IQVKUT5SwUBeE
WTersYChNmJ5MWaveWNX2Hul6GDKJptFe7gCd/59w3MjSfZ3Mgt9qwEmWIebtgOI
4woa6xx8yUVEcdJVBhNvw1utaDone40taim6fUbu+68F0ZIG8iugGUQmQwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLSYiWm3oVgRRcLPPSi52sUD4FvsMB8GA1UdIwQY
MBaAFCnbfKTu4eRT0m+rmcggGt+JRhK+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2R0OHBPN2g1RlBTYjZ1WnlDQWEzNGxHRXI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy83ZjI5MGItODFjNy00MmI3LTk0N2Yt
ZDMzZmExNjA1YWUxLzEvdEppSmFiZWhXQkZGd3M4OUtMbmF4UVBnVy13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy83ZjI5MGItODFjNy00MmI3LTk0N2YtZDMzZmExNjA1YWUx
LzEvS2R0OHBPN2g1RlBTYjZ1WnlDQWEzNGxHRXI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDJU3AAwQD
JXv4AwQAwWhRMA0GCSqGSIb3DQEBCwUAA4IBAQACbmecZBpa2QBbxlJg6cRbB0+r
t5JlD1rsOLVZRxTcQQETTKoSniD+jpxT/MxunVnNzJZVn9cUrKuk9JOSbyJ8+px/
k9E/SenWgwYqQXzCYpjiKliCF/6zGMSZDqmifxvUW42xWywZW9lQajFSF95qnMGg
qDtcMrwbZuHuoZAP56a2j6qS/KGCWl3Vxm773yt9x8MStsxAfvHvH/5BPGj+DxcE
rlPftSDWNINu6kjJ03EJSwH1SnRu7MtOcbp602U+dK6eNtcgF8Jx0BS3bgGddj7Z
OPgDi3wtR/JvP00F/60m6vdV+cCFXe1QP22k2HSibmeygvyr9WWJdkZ1D4X8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:46 2024 by rpki-client on console-ams.rpki-client.org