Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/TRBxW2U7DQUly4nTmChzR9Yi4UY.roa
File: TRBxW2U7DQUly4nTmChzR9Yi4UY.roa (raw, json)
Hash identifier: V3lQ+fs3BlRndr8NXPWIUVS94zbPueOdEXMmxLr9YOI=
Subject key identifier: 4D:10:71:5B:65:3B:0D:05:25:CB:89:D3:98:28:73:47:D6:22:E1:46
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0192D849A15E33D53D3B74F4138A956525C9
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/TRBxW2U7DQUly4nTmChzR9Yi4UY.roa
Signing time: Tue 29 Oct 2024 12:39:16 +0000
ROA not before: Tue 29 Oct 2024 12:39:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 2.58.170.0/24 maxlen: 24
77.242.146.0/23 maxlen: 23
88.151.56.0/23 maxlen: 24
88.209.232.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 02 Nov 2024 07:19:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d8:49:a1:5e:33:d5:3d:3b:74:f4:13:8a:95:65:25:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Oct 29 12:39:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d10715b653b0d0525cb89d398287347d622e146
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d2:02:00:15:0b:f1:cd:5e:c0:25:8a:c1:e9:
ec:fc:59:9a:d8:1a:13:e7:d8:05:1d:85:20:1f:3c:
c6:ab:c7:a0:36:1a:ff:28:0b:07:99:2b:aa:08:35:
b3:b0:c4:b2:c4:76:84:b2:30:f5:18:2b:85:41:34:
45:59:96:6b:75:62:ce:e5:56:0c:95:d8:9b:88:08:
31:61:d6:f4:fd:86:44:92:03:51:4c:de:5f:c9:59:
51:a5:67:1d:bc:7f:0c:9f:24:28:35:88:f1:a6:e2:
86:c6:8b:eb:36:dd:b9:86:ec:6e:90:70:42:50:20:
41:60:53:96:9b:a0:27:72:4d:2b:3e:9b:d7:fd:20:
11:5c:29:44:9e:39:af:ea:f9:94:e3:de:2f:98:f4:
fb:88:f1:8d:79:84:9c:90:e7:d2:11:5d:69:c2:a3:
6d:f3:6b:e0:ac:09:e3:f0:13:83:dd:fa:f1:f9:61:
1d:44:74:37:ab:c3:3d:f0:d6:94:38:05:88:9b:b0:
51:2f:21:3f:b8:0a:0e:f3:e2:05:f6:68:de:0b:cf:
45:1c:34:2b:ff:9a:6b:fa:c8:c6:9d:20:eb:51:a0:
b0:4c:0f:b7:60:e4:62:a3:db:8c:19:f8:75:3d:ae:
e3:ff:c3:c1:83:8b:6e:21:6d:e5:96:cb:f0:ed:aa:
2f:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:10:71:5B:65:3B:0D:05:25:CB:89:D3:98:28:73:47:D6:22:E1:46
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/TRBxW2U7DQUly4nTmChzR9Yi4UY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.170.0/24
77.242.146.0/23
88.151.56.0/23
88.209.232.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:78:ac:cb:84:3c:d7:ab:a0:60:ae:37:c5:67:99:5a:62:14:
6a:13:be:13:6c:e8:79:54:68:59:23:f0:ac:ca:6d:a4:ec:14:
8b:06:e1:ba:31:86:92:40:c7:db:f6:58:61:66:e3:58:c7:8d:
fb:4c:83:fb:be:84:9b:e7:89:2c:a0:fe:4e:36:7d:4a:04:91:
1a:c3:32:d1:1d:6e:ae:69:d9:67:c0:c4:26:22:11:64:2a:a6:
91:80:05:7d:b6:85:af:ba:f1:6d:75:2e:27:3a:29:75:1d:69:
c9:67:da:3f:4d:88:1b:37:b6:12:9f:7d:0e:10:85:ac:ba:3b:
82:40:0b:ec:8c:29:0c:ea:84:c2:30:d0:3d:f7:a2:ad:cd:e8:
5d:ab:63:c7:4a:5e:5d:c3:0e:59:79:8e:95:bb:64:f0:59:4d:
56:68:a0:7b:06:8d:3c:7b:fe:5d:4d:d7:f3:0a:20:fc:b9:ed:
d8:5c:1d:4d:e3:ba:f6:a2:99:8d:21:d9:c6:d6:a1:f8:7b:10:
76:1e:9e:1f:ee:6c:ec:cf:0c:ea:d3:39:24:c1:e6:2c:99:7c:
c0:97:6a:5c:84:78:d1:ec:b1:c8:76:72:3b:11:c1:30:6a:f1:
b7:16:4f:88:78:40:79:f5:67:57:07:48:6b:c8:e2:86:40:8c:
23:ca:05:91
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZLYSaFeM9U9O3T0E4qVZSXJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQxMDI5MTIzOTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDEwNzE1YjY1M2IwZDA1MjVjYjg5ZDM5ODI4NzM0N2Q2MjJlMTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodICABUL8c1ewCWKwens/Fma2BoT
59gFHYUgHzzGq8egNhr/KAsHmSuqCDWzsMSyxHaEsjD1GCuFQTRFWZZrdWLO5VYM
ldibiAgxYdb0/YZEkgNRTN5fyVlRpWcdvH8MnyQoNYjxpuKGxovrNt25huxukHBC
UCBBYFOWm6Anck0rPpvX/SARXClEnjmv6vmU494vmPT7iPGNeYSckOfSEV1pwqNt
82vgrAnj8BOD3frx+WEdRHQ3q8M98NaUOAWIm7BRLyE/uAoO8+IF9mjeC89FHDQr
/5pr+sjGnSDrUaCwTA+3YORio9uMGfh1Pa7j/8PBg4tuIW3llsvw7aoveQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFE0QcVtlOw0FJcuJ05goc0fWIuFGMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvVFJCeFcyVTdEUVVseTRuVG1DaHpSOVlpNFVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAjqqAwQB
TfKSAwQBWJc4AwQCWNHoMA0GCSqGSIb3DQEBCwUAA4IBAQCyeKzLhDzXq6BgrjfF
Z5laYhRqE74TbOh5VGhZI/Csym2k7BSLBuG6MYaSQMfb9lhhZuNYx437TIP7voSb
54ksoP5ONn1KBJEawzLRHW6uadlnwMQmIhFkKqaRgAV9toWvuvFtdS4nOil1HWnJ
Z9o/TYgbN7YSn30OEIWsujuCQAvsjCkM6oTCMNA996Ktzehdq2PHSl5dww5ZeY6V
u2TwWU1WaKB7Bo08e/5dTdfzCiD8ue3YXB1N47r2opmNIdnG1qH4exB2Hp4f7mzs
zwzq0zkkweYsmXzAl2pchHjR7LHIdnI7EcEwavG3Fk+IeEB59WdXB0hryOKGQIwj
ygWR
-----END CERTIFICATE-----
Generated at Sat Nov 2 09:06:31 2024 by rpki-client on console-ams.rpki-client.org