Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bd0d13-e983-4ff9-b507-5e656f1b4876/1/TVP1woOF2EnIpBezaKnxgFkqtQg.roa
File: TVP1woOF2EnIpBezaKnxgFkqtQg.roa (raw, json)
Hash identifier: kS6wEyfsvcJRAO6yyOjvGO1+jY7/9F3JKXrx9bzLHic=
Subject key identifier: 4D:53:F5:C2:83:85:D8:49:C8:A4:17:B3:68:A9:F1:80:59:2A:B5:08
Certificate issuer: /CN=be49fb190f4bd0f5815a8e579f366ad58d5d41f9
Certificate serial: 01856D41993C5CFA2857C6194AF0421AE1EB
Authority key identifier: BE:49:FB:19:0F:4B:D0:F5:81:5A:8E:57:9F:36:6A:D5:8D:5D:41:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vkn7GQ9L0PWBWo5XnzZq1Y1dQfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bd0d13-e983-4ff9-b507-5e656f1b4876/1/TVP1woOF2EnIpBezaKnxgFkqtQg.roa
Signing time: Sun 01 Jan 2023 12:14:53 +0000
ROA not before: Sun 01 Jan 2023 12:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 133398
IP address blocks: 91.224.92.0/24 maxlen: 24
185.36.81.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:99:3c:5c:fa:28:57:c6:19:4a:f0:42:1a:e1:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be49fb190f4bd0f5815a8e579f366ad58d5d41f9
Validity
Not Before: Jan 1 12:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d53f5c28385d849c8a417b368a9f180592ab508
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:74:f9:f2:89:1a:26:fa:57:4d:fa:a3:c7:32:
91:6d:f2:e4:e9:75:ce:dd:aa:19:90:1a:ef:8c:38:
ba:d5:4d:c4:23:ce:97:a3:c7:d6:02:e1:c1:49:b2:
93:c0:38:35:a5:6a:d7:87:b7:37:29:3b:f9:4b:fa:
dc:56:f6:9b:c6:63:f5:4f:15:7a:c6:c3:a1:d8:ce:
ec:32:05:61:b8:b0:53:10:06:24:f0:aa:10:4b:85:
80:54:05:3d:bf:dd:3d:f7:b9:3f:ae:16:0a:cc:0a:
c4:d9:ad:41:49:1e:f6:9c:6c:a7:f6:80:c6:ce:aa:
f1:21:4f:2b:43:8e:4d:50:e4:e4:aa:21:05:16:da:
7f:d0:dd:ba:77:fa:f4:e7:e1:85:83:b6:db:1a:33:
00:47:99:44:df:29:55:60:ca:0f:8f:d2:aa:50:36:
b2:02:00:ac:3f:81:f9:21:f3:cb:cf:9a:47:3f:6e:
0a:f9:87:d7:17:88:2b:49:2a:93:2a:08:95:64:bb:
8a:dd:19:2b:19:d7:6e:31:6c:6a:56:d6:20:29:34:
be:84:03:85:2b:fd:58:35:f1:03:fb:03:16:54:56:
da:a6:df:7d:ae:27:4f:94:61:97:1e:61:36:37:75:
b8:34:c5:6d:a3:92:7e:8c:6a:5e:24:c5:d3:2d:02:
2d:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:53:F5:C2:83:85:D8:49:C8:A4:17:B3:68:A9:F1:80:59:2A:B5:08
X509v3 Authority Key Identifier:
keyid:BE:49:FB:19:0F:4B:D0:F5:81:5A:8E:57:9F:36:6A:D5:8D:5D:41:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vkn7GQ9L0PWBWo5XnzZq1Y1dQfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bd0d13-e983-4ff9-b507-5e656f1b4876/1/TVP1woOF2EnIpBezaKnxgFkqtQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bd0d13-e983-4ff9-b507-5e656f1b4876/1/vkn7GQ9L0PWBWo5XnzZq1Y1dQfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.92.0/24
185.36.81.0/24
Signature Algorithm: sha256WithRSAEncryption
27:30:24:f3:32:a8:02:44:cb:39:7e:5a:73:c6:68:b7:a1:5b:
d6:17:cf:7b:96:b8:7c:90:88:26:c1:b8:39:ab:df:30:57:e1:
9a:09:20:1c:19:f0:bf:14:5e:67:bf:d7:c6:91:2e:c7:88:d4:
d9:d4:69:5e:d1:ab:25:f1:ab:94:18:22:bf:b5:48:9e:a1:01:
2b:fe:65:1f:a5:f2:51:b0:9c:70:f8:89:a8:d5:a7:8a:0a:40:
74:7d:87:e5:0e:50:a9:71:1d:56:17:45:31:3d:20:bf:4c:60:
a9:1b:dd:1e:0c:2b:77:9b:a9:15:d9:ad:74:5a:b8:41:fc:7b:
9b:1c:88:a6:f9:be:69:1b:11:60:69:80:33:b3:40:a6:42:d4:
90:22:6c:c0:0b:2a:c5:9e:b1:b7:58:fb:e5:be:dc:e8:52:4c:
43:53:23:9b:d7:d4:ef:a8:b7:45:81:e0:e6:66:14:9a:fa:af:
ee:80:f5:a2:be:1f:35:7b:ff:ae:9c:6f:63:9d:f5:7d:2a:82:
86:8a:4d:ae:71:40:2d:85:46:3a:ff:0b:5e:3f:55:7d:48:64:
da:73:aa:8a:37:7e:53:2f:7c:76:52:d8:67:3d:8b:c5:85:d9:
d5:ff:d9:24:8a:12:73:ef:ec:d0:a8:60:2a:12:df:16:a5:b9:
ad:3d:d5:56
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtQZk8XPooV8YZSvBCGuHrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNDlmYjE5MGY0YmQwZjU4MTVhOGU1NzlmMzY2YWQ1OGQ1
ZDQxZjkwHhcNMjMwMTAxMTIxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDUzZjVjMjgzODVkODQ5YzhhNDE3YjM2OGE5ZjE4MDU5MmFiNTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nT58okaJvpXTfqjxzKRbfLk6XXO
3aoZkBrvjDi61U3EI86Xo8fWAuHBSbKTwDg1pWrXh7c3KTv5S/rcVvabxmP1TxV6
xsOh2M7sMgVhuLBTEAYk8KoQS4WAVAU9v90997k/rhYKzArE2a1BSR72nGyn9oDG
zqrxIU8rQ45NUOTkqiEFFtp/0N26d/r05+GFg7bbGjMAR5lE3ylVYMoPj9KqUDay
AgCsP4H5IfPLz5pHP24K+YfXF4grSSqTKgiVZLuK3RkrGdduMWxqVtYgKTS+hAOF
K/1YNfED+wMWVFbapt99ridPlGGXHmE2N3W4NMVto5J+jGpeJMXTLQItLQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE1T9cKDhdhJyKQXs2ip8YBZKrUIMB8GA1UdIwQY
MBaAFL5J+xkPS9D1gVqOV582atWNXUH5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmtuN0dROUwwUFdCV281WG56WnExWTFkUWZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZDBkMTMtZTk4My00ZmY5LWI1MDct
NWU2NTZmMWI0ODc2LzEvVFZQMXdvT0YyRW5JcEJlemFLbnhnRmtxdFFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZDBkMTMtZTk4My00ZmY5LWI1MDctNWU2NTZmMWI0ODc2
LzEvdmtuN0dROUwwUFdCV281WG56WnExWTFkUWZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+BcAwQA
uSRRMA0GCSqGSIb3DQEBCwUAA4IBAQAnMCTzMqgCRMs5flpzxmi3oVvWF897lrh8
kIgmwbg5q98wV+GaCSAcGfC/FF5nv9fGkS7HiNTZ1Gle0asl8auUGCK/tUieoQEr
/mUfpfJRsJxw+Imo1aeKCkB0fYflDlCpcR1WF0UxPSC/TGCpG90eDCt3m6kV2a10
WrhB/HubHIim+b5pGxFgaYAzs0CmQtSQImzACyrFnrG3WPvlvtzoUkxDUyOb19Tv
qLdFgeDmZhSa+q/ugPWivh81e/+unG9jnfV9KoKGik2ucUAthUY6/wteP1V9SGTa
c6qKN35TL3x2UthnPYvFhdnV/9kkihJz7+zQqGAqEt8WpbmtPdVW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:53 2024 by rpki-client on console-ams.rpki-client.org