Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/764b34-0d98-454c-85a2-306045efcd68/1/TX900woZFvw2g4pmyIqkeRZrqxc.roa
File: TX900woZFvw2g4pmyIqkeRZrqxc.roa (raw, json)
Hash identifier: jK+iC3rysUMlKEFolHYT7bjrqC2TUNjF0OzaKGT48Ww=
Subject key identifier: 4D:7F:74:D3:0A:19:16:FC:36:83:8A:66:C8:8A:A4:79:16:6B:AB:17
Certificate issuer: /CN=be43995289b6a5ca972c4b87b5e3149c32cb4430
Certificate serial: 0185700278377EE0955E7BF653E41C37D5DB
Authority key identifier: BE:43:99:52:89:B6:A5:CA:97:2C:4B:87:B5:E3:14:9C:32:CB:44:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vkOZUom2pcqXLEuHteMUnDLLRDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/764b34-0d98-454c-85a2-306045efcd68/1/TX900woZFvw2g4pmyIqkeRZrqxc.roa
Signing time: Mon 02 Jan 2023 01:04:48 +0000
ROA not before: Mon 02 Jan 2023 01:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5607
IP address blocks: 94.119.8.0/21 maxlen: 21
91.103.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Jan 2023 11:36:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:78:37:7e:e0:95:5e:7b:f6:53:e4:1c:37:d5:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be43995289b6a5ca972c4b87b5e3149c32cb4430
Validity
Not Before: Jan 2 01:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d7f74d30a1916fc36838a66c88aa479166bab17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:7d:5a:77:58:a8:f6:f3:43:ef:7b:3f:00:92:
78:13:d9:2d:6f:ed:95:1c:70:9b:4e:32:c7:26:1f:
26:64:4c:44:b6:c1:5a:10:ec:fd:62:5b:7b:bc:03:
65:56:e8:81:ab:74:32:96:57:d2:c2:50:ef:87:2c:
88:78:79:00:65:db:77:52:35:ca:a0:7d:b5:e1:dc:
8c:c3:7c:22:a6:da:3e:37:5f:92:c0:d8:54:33:fb:
7b:8f:73:08:f7:98:71:04:e6:b8:41:51:c0:d8:fa:
2c:2a:fc:0f:e6:66:b1:c5:47:b7:7b:e4:1a:f6:92:
62:a3:2b:25:ec:98:3c:4d:3d:1c:e3:d9:ba:6a:21:
52:dd:4f:db:c3:2e:51:47:0d:71:d0:47:7c:2a:52:
bf:15:1a:00:03:da:5b:eb:05:89:e0:85:a2:91:06:
e4:7b:1b:37:2c:f7:12:7d:c3:63:bc:ba:0b:a2:66:
72:20:4c:e8:65:13:da:7f:b3:43:a9:dc:3f:82:a4:
14:75:a3:83:8b:da:07:90:ea:ec:af:2b:36:be:ba:
d3:77:2b:d2:7f:ea:7d:1d:96:00:bb:1b:a5:7f:7b:
ca:37:55:3e:e5:d9:ca:66:3e:7c:e6:26:9c:44:dd:
c1:a3:f8:95:88:97:c6:89:70:5b:ac:a8:ab:79:dd:
51:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:7F:74:D3:0A:19:16:FC:36:83:8A:66:C8:8A:A4:79:16:6B:AB:17
X509v3 Authority Key Identifier:
keyid:BE:43:99:52:89:B6:A5:CA:97:2C:4B:87:B5:E3:14:9C:32:CB:44:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vkOZUom2pcqXLEuHteMUnDLLRDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/764b34-0d98-454c-85a2-306045efcd68/1/TX900woZFvw2g4pmyIqkeRZrqxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/764b34-0d98-454c-85a2-306045efcd68/1/vkOZUom2pcqXLEuHteMUnDLLRDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.34.0/24
94.119.8.0/21
Signature Algorithm: sha256WithRSAEncryption
a2:23:24:44:64:63:0a:fd:00:b6:d3:f3:e8:93:1b:70:af:ae:
70:25:f0:a5:3c:80:1e:d7:7a:e9:8f:e4:f3:aa:1c:c8:ef:b9:
74:36:d1:1d:77:8f:9c:5d:0c:d3:f6:b9:95:65:8a:f3:f7:f8:
50:c7:54:e2:21:ea:4a:a1:91:fc:2c:6d:77:fc:dd:0d:3a:4f:
7c:8d:02:52:38:f4:c3:db:0b:df:55:bb:f2:79:ef:01:ab:44:
65:6b:79:d6:83:b4:b7:74:01:88:ff:ca:fb:99:09:4f:52:b4:
64:67:1a:72:75:e0:cc:6a:0d:75:c0:93:d3:62:61:35:43:0d:
82:00:39:e6:88:06:c2:6f:fe:d3:58:d7:35:fe:67:e4:36:a2:
eb:6f:de:37:c7:79:6f:8a:a4:5a:4a:a2:4a:5a:1b:1c:a9:ee:
54:3f:90:e0:bc:3c:61:6b:9d:a7:07:d0:04:6f:4c:c9:55:d5:
76:04:27:9e:56:e3:41:41:4a:73:9c:e3:38:9a:4f:86:70:cf:
93:2f:1c:ee:6e:2f:c4:34:74:c3:4d:98:4f:e0:1e:07:27:16:
b5:e3:b0:b7:c0:46:62:54:83:21:ef:1d:64:e3:dd:5b:a5:cf:
e7:95:df:24:0b:04:b3:c3:4e:f7:ee:ac:f6:e5:25:d5:a1:4b:
1a:c1:67:2f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwAng3fuCVXnv2U+QcN9XbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNDM5OTUyODliNmE1Y2E5NzJjNGI4N2I1ZTMxNDljMzJj
YjQ0MzAwHhcNMjMwMTAyMDEwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDdmNzRkMzBhMTkxNmZjMzY4MzhhNjZjODhhYTQ3OTE2NmJhYjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl31ad1io9vND73s/AJJ4E9ktb+2V
HHCbTjLHJh8mZExEtsFaEOz9Ylt7vANlVuiBq3QyllfSwlDvhyyIeHkAZdt3UjXK
oH214dyMw3wipto+N1+SwNhUM/t7j3MI95hxBOa4QVHA2PosKvwP5maxxUe3e+Qa
9pJioysl7Jg8TT0c49m6aiFS3U/bwy5RRw1x0Ed8KlK/FRoAA9pb6wWJ4IWikQbk
exs3LPcSfcNjvLoLomZyIEzoZRPaf7NDqdw/gqQUdaODi9oHkOrsrys2vrrTdyvS
f+p9HZYAuxulf3vKN1U+5dnKZj585iacRN3Bo/iViJfGiXBbrKired1RnwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE1/dNMKGRb8NoOKZsiKpHkWa6sXMB8GA1UdIwQY
MBaAFL5DmVKJtqXKlyxLh7XjFJwyy0QwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmtPWlVvbTJwY3FYTEV1SHRlTVVuRExMUkRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS83NjRiMzQtMGQ5OC00NTRjLTg1YTIt
MzA2MDQ1ZWZjZDY4LzEvVFg5MDB3b1pGdncyZzRwbXlJcWtlUlpycXhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS83NjRiMzQtMGQ5OC00NTRjLTg1YTItMzA2MDQ1ZWZjZDY4
LzEvdmtPWlVvbTJwY3FYTEV1SHRlTVVuRExMUkRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW2ciAwQD
XncIMA0GCSqGSIb3DQEBCwUAA4IBAQCiIyREZGMK/QC20/Pokxtwr65wJfClPIAe
13rpj+TzqhzI77l0NtEdd4+cXQzT9rmVZYrz9/hQx1TiIepKoZH8LG13/N0NOk98
jQJSOPTD2wvfVbvyee8Bq0Rla3nWg7S3dAGI/8r7mQlPUrRkZxpydeDMag11wJPT
YmE1Qw2CADnmiAbCb/7TWNc1/mfkNqLrb943x3lviqRaSqJKWhscqe5UP5DgvDxh
a52nB9AEb0zJVdV2BCeeVuNBQUpznOM4mk+GcM+TLxzubi/ENHTDTZhP4B4HJxa1
47C3wEZiVIMh7x1k491bpc/nld8kCwSzw0737qz25SXVoUsawWcv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:34 2024 by rpki-client on console-fra.rpki-client.org