Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/6788f5-4889-4be7-bb19-a9b8de611a96/1/TgzPTO81JcrEy8_5de-nQl_Q-mw.roa
File: TgzPTO81JcrEy8_5de-nQl_Q-mw.roa (raw, json)
Hash identifier: /83fPljbYEMe5kM4/NNHv0L1jXhsIpaVsjQzQhkfTkU=
Subject key identifier: 4E:0C:CF:4C:EF:35:25:CA:C4:CB:CF:F9:75:EF:A7:42:5F:D0:FA:6C
Certificate issuer: /CN=925069a5d764da255954db2ee9d1243de16b9101
Certificate serial: 01856F8B963DCDF9037ACED0BD3CDB2FBED5
Authority key identifier: 92:50:69:A5:D7:64:DA:25:59:54:DB:2E:E9:D1:24:3D:E1:6B:91:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/klBppddk2iVZVNsu6dEkPeFrkQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/6788f5-4889-4be7-bb19-a9b8de611a96/1/TgzPTO81JcrEy8_5de-nQl_Q-mw.roa
Signing time: Sun 01 Jan 2023 22:54:56 +0000
ROA not before: Sun 01 Jan 2023 22:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39622
IP address blocks: 193.168.140.0/24 maxlen: 24
193.168.143.0/24 maxlen: 24
193.168.142.0/24 maxlen: 24
193.168.141.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Jul 2023 13:32:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:96:3d:cd:f9:03:7a:ce:d0:bd:3c:db:2f:be:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=925069a5d764da255954db2ee9d1243de16b9101
Validity
Not Before: Jan 1 22:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e0ccf4cef3525cac4cbcff975efa7425fd0fa6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:7e:0b:eb:0b:59:1c:a4:16:8e:70:ae:0d:ca:
e2:3a:e3:ff:dc:6c:d2:b7:c2:7c:94:fe:0b:3e:71:
b1:fd:dd:a2:2e:ce:f5:42:c8:7a:f8:56:da:c2:51:
52:62:88:e0:8a:3c:4f:3f:eb:fb:60:bf:72:78:1c:
31:1d:e6:16:09:16:75:f0:0e:37:da:f4:91:08:80:
4a:e0:79:b0:d2:f8:54:ec:a3:a6:ee:4d:d3:87:76:
22:f7:f6:95:8b:e3:51:e8:47:49:79:08:80:a6:a7:
df:7a:1c:1e:e0:52:9c:f2:c1:01:d5:be:6a:3a:2c:
4f:bf:d9:27:53:07:65:9c:7d:99:da:f3:21:b2:f1:
06:68:ce:f7:cb:97:82:e8:13:fc:b0:b0:52:7b:91:
ca:94:4d:56:4d:f6:0e:d0:6a:75:2b:f0:62:79:95:
f4:82:d6:cd:6e:0c:f9:0a:98:d5:a5:2d:33:09:ee:
34:7a:5d:58:4d:10:3c:05:30:39:5e:35:9f:06:c3:
2c:01:cb:e9:ba:2c:db:41:63:d1:fb:50:50:28:58:
00:1d:ad:9a:67:83:c3:be:05:60:74:50:4b:23:0c:
16:bc:ce:77:d5:ba:5a:19:db:2f:76:9f:b0:cc:6a:
24:f0:fc:5b:77:f6:9a:a6:7e:52:2a:13:2d:ca:15:
12:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:0C:CF:4C:EF:35:25:CA:C4:CB:CF:F9:75:EF:A7:42:5F:D0:FA:6C
X509v3 Authority Key Identifier:
keyid:92:50:69:A5:D7:64:DA:25:59:54:DB:2E:E9:D1:24:3D:E1:6B:91:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/klBppddk2iVZVNsu6dEkPeFrkQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/6788f5-4889-4be7-bb19-a9b8de611a96/1/TgzPTO81JcrEy8_5de-nQl_Q-mw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/6788f5-4889-4be7-bb19-a9b8de611a96/1/klBppddk2iVZVNsu6dEkPeFrkQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.140.0/22
Signature Algorithm: sha256WithRSAEncryption
01:01:86:7f:d6:e7:6b:3f:23:9f:11:12:6c:0d:f6:95:23:77:
91:5a:68:c7:0f:5f:86:53:a6:58:ab:86:e0:25:f7:e8:64:ce:
9b:f5:0c:ff:4f:5d:c5:71:d1:56:6a:3d:08:45:5b:df:0f:d1:
7c:bc:34:62:dc:08:8f:46:90:03:2d:44:1f:5e:67:c7:de:6e:
59:00:30:33:f8:6e:ee:aa:35:7b:9d:d3:9f:2e:8e:1c:90:e1:
99:fb:28:f2:92:7f:93:04:32:fc:cd:12:98:a5:be:85:82:e4:
f5:b4:e0:98:1c:8e:33:18:42:1f:27:3f:a6:10:5a:6e:62:4d:
5f:8c:3b:10:f6:4a:50:90:7d:f8:54:65:c8:c4:41:c9:8e:ec:
99:bf:74:2a:2c:60:9d:b0:9f:02:55:f5:2d:69:b3:a4:54:eb:
8a:e3:1d:27:64:81:58:58:30:53:2b:d4:75:ef:ae:29:ed:69:
87:49:6c:42:01:2b:03:80:b7:e5:55:97:8d:d9:a5:57:7d:9c:
12:c4:20:c9:8f:be:ed:6c:2d:87:82:1c:d6:e6:a3:87:ed:87:
06:96:3d:62:c0:56:61:12:31:09:15:70:ff:b5:d2:cf:95:03:
7a:80:fe:71:f4:31:9b:bc:09:e4:71:a5:27:5f:27:47:40:b1:
ff:7b:d7:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvi5Y9zfkDes7QvTzbL77VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNTA2OWE1ZDc2NGRhMjU1OTU0ZGIyZWU5ZDEyNDNkZTE2
YjkxMDEwHhcNMjMwMTAxMjI1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTBjY2Y0Y2VmMzUyNWNhYzRjYmNmZjk3NWVmYTc0MjVmZDBmYTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmH4L6wtZHKQWjnCuDcriOuP/3GzS
t8J8lP4LPnGx/d2iLs71Qsh6+FbawlFSYojgijxPP+v7YL9yeBwxHeYWCRZ18A43
2vSRCIBK4Hmw0vhU7KOm7k3Th3Yi9/aVi+NR6EdJeQiApqffehwe4FKc8sEB1b5q
OixPv9knUwdlnH2Z2vMhsvEGaM73y5eC6BP8sLBSe5HKlE1WTfYO0Gp1K/BieZX0
gtbNbgz5CpjVpS0zCe40el1YTRA8BTA5XjWfBsMsAcvpuizbQWPR+1BQKFgAHa2a
Z4PDvgVgdFBLIwwWvM531bpaGdsvdp+wzGok8Pxbd/aapn5SKhMtyhUSjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE4Mz0zvNSXKxMvP+XXvp0Jf0PpsMB8GA1UdIwQY
MBaAFJJQaaXXZNolWVTbLunRJD3ha5EBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2xCcHBkZGsyaVZaVk5zdTZkRWtQZUZya1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS82Nzg4ZjUtNDg4OS00YmU3LWJiMTkt
YTliOGRlNjExYTk2LzEvVGd6UFRPODFKY3JFeThfNWRlLW5RbF9RLW13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS82Nzg4ZjUtNDg4OS00YmU3LWJiMTktYTliOGRlNjExYTk2
LzEva2xCcHBkZGsyaVZaVk5zdTZkRWtQZUZya1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwaiMMA0G
CSqGSIb3DQEBCwUAA4IBAQABAYZ/1udrPyOfERJsDfaVI3eRWmjHD1+GU6ZYq4bg
JffoZM6b9Qz/T13FcdFWaj0IRVvfD9F8vDRi3AiPRpADLUQfXmfH3m5ZADAz+G7u
qjV7ndOfLo4ckOGZ+yjykn+TBDL8zRKYpb6FguT1tOCYHI4zGEIfJz+mEFpuYk1f
jDsQ9kpQkH34VGXIxEHJjuyZv3QqLGCdsJ8CVfUtabOkVOuK4x0nZIFYWDBTK9R1
764p7WmHSWxCASsDgLflVZeN2aVXfZwSxCDJj77tbC2HghzW5qOH7YcGlj1iwFZh
EjEJFXD/tdLPlQN6gP5x9DGbvAnkcaUnXydHQLH/e9d6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:34 2024 by rpki-client on console-fra.rpki-client.org