Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/53375d-0c9b-453e-9ff1-bb7bb5bf00b1/1/TZSCm7-xLCfMQV6B1r4GKA47EEI.roa
File: TZSCm7-xLCfMQV6B1r4GKA47EEI.roa (raw, json)
Hash identifier: amqfGSkV3j+u1pmaOhw6LqBWNfz6q+qyg1h/Ix+5a5M=
Subject key identifier: 4D:94:82:9B:BF:B1:2C:27:CC:41:5E:81:D6:BE:06:28:0E:3B:10:42
Certificate issuer: /CN=26cca62a35881cae8d2c5812ac58ca07108d70ae
Certificate serial: 01856E1D29542CD5883DFAC2D2F729CD0A46
Authority key identifier: 26:CC:A6:2A:35:88:1C:AE:8D:2C:58:12:AC:58:CA:07:10:8D:70:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JsymKjWIHK6NLFgSrFjKBxCNcK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/53375d-0c9b-453e-9ff1-bb7bb5bf00b1/1/TZSCm7-xLCfMQV6B1r4GKA47EEI.roa
Signing time: Sun 01 Jan 2023 16:14:42 +0000
ROA not before: Sun 01 Jan 2023 16:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15882
IP address blocks: 195.190.159.0/24 maxlen: 24
194.102.200.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:1d:29:54:2c:d5:88:3d:fa:c2:d2:f7:29:cd:0a:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26cca62a35881cae8d2c5812ac58ca07108d70ae
Validity
Not Before: Jan 1 16:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d94829bbfb12c27cc415e81d6be06280e3b1042
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d6:c0:35:82:d6:67:80:28:7b:91:ab:95:99:
5c:0f:1e:73:8a:ab:63:57:42:69:ae:9d:ca:49:80:
51:d4:f2:22:5d:78:1e:01:dd:b8:94:9d:12:a2:0f:
b2:07:6a:58:47:27:7f:4b:c6:d1:f4:c4:32:62:5b:
8b:0b:e3:c7:1b:6a:28:7c:6f:25:2b:6c:57:5e:9f:
a6:9f:78:4f:02:03:9b:6f:cc:33:b7:68:83:a7:1d:
de:15:7c:8e:71:60:4b:38:d8:14:19:da:dd:ee:0c:
fc:08:1c:ad:eb:47:6a:31:9b:d1:1c:b0:7b:d2:91:
eb:cb:9e:ab:1a:d9:5a:fb:f7:c4:66:ba:37:e6:9d:
4a:29:31:f0:dc:03:cc:63:64:1a:cd:a4:17:5a:59:
22:4f:c5:4b:8a:1c:c2:ba:85:89:81:b8:69:6e:e7:
47:55:a8:2a:83:8f:ff:a3:16:7c:c7:b1:b0:3c:50:
2d:9d:77:69:71:a6:52:6a:87:a5:a0:bd:a3:ca:5c:
4a:dc:45:c9:db:53:4c:c9:1e:6b:f8:cd:b6:e9:52:
04:2e:94:b3:86:a5:d9:37:06:57:cd:c2:9e:e0:8c:
e0:da:24:c8:fd:dc:4c:e7:bc:7d:2e:5f:f8:eb:a2:
fd:b5:44:df:b2:de:3c:c8:d1:fc:6f:90:47:3c:20:
ef:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:94:82:9B:BF:B1:2C:27:CC:41:5E:81:D6:BE:06:28:0E:3B:10:42
X509v3 Authority Key Identifier:
keyid:26:CC:A6:2A:35:88:1C:AE:8D:2C:58:12:AC:58:CA:07:10:8D:70:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JsymKjWIHK6NLFgSrFjKBxCNcK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/53375d-0c9b-453e-9ff1-bb7bb5bf00b1/1/TZSCm7-xLCfMQV6B1r4GKA47EEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/53375d-0c9b-453e-9ff1-bb7bb5bf00b1/1/JsymKjWIHK6NLFgSrFjKBxCNcK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.102.200.0/24
195.190.159.0/24
Signature Algorithm: sha256WithRSAEncryption
88:37:f2:b1:25:12:86:a7:57:4e:65:fc:89:5f:16:ef:d2:d6:
b6:58:81:d5:08:21:02:ca:67:5b:63:03:26:ff:0c:6d:5d:22:
94:b5:7e:bc:0f:84:59:75:61:f8:6d:92:46:88:b5:e6:65:7a:
1d:a6:8c:4b:8c:7a:dd:c3:94:63:10:51:70:4f:2b:bc:92:6c:
a0:a3:cf:6e:81:59:7e:50:b8:01:73:84:da:60:34:7e:17:32:
62:83:32:cd:65:12:9e:cb:f7:83:8b:b5:94:6b:b9:cf:38:58:
ac:30:bd:c9:44:4f:08:2c:c9:14:70:ab:ce:e9:5e:4d:cf:10:
b4:6a:a9:28:2c:50:e5:2c:17:1c:99:2f:9e:78:99:fb:03:f0:
e6:75:50:a3:ba:1b:62:39:6f:14:4b:29:c9:df:b7:6d:33:e6:
e1:03:cc:dd:7b:87:98:7a:ae:2e:e0:b6:98:50:a1:c8:d7:b3:
d5:54:04:82:93:5b:ea:54:25:07:2a:aa:e7:31:79:1f:2d:bf:
d7:24:09:20:51:63:b3:55:c6:42:f6:53:cf:3b:50:29:86:24:
35:a8:fa:bc:e9:3b:39:45:d7:bc:ef:7b:81:a4:57:87:bd:15:
f1:c2:32:af:a7:f7:03:93:19:ba:ff:59:1b:2e:97:a9:c8:94:
83:ba:35:a4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuHSlULNWIPfrC0vcpzQpGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2Y2NhNjJhMzU4ODFjYWU4ZDJjNTgxMmFjNThjYTA3MTA4
ZDcwYWUwHhcNMjMwMTAxMTYxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDk0ODI5YmJmYjEyYzI3Y2M0MTVlODFkNmJlMDYyODBlM2IxMDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdbANYLWZ4Aoe5GrlZlcDx5ziqtj
V0Jprp3KSYBR1PIiXXgeAd24lJ0Sog+yB2pYRyd/S8bR9MQyYluLC+PHG2oofG8l
K2xXXp+mn3hPAgObb8wzt2iDpx3eFXyOcWBLONgUGdrd7gz8CByt60dqMZvRHLB7
0pHry56rGtla+/fEZro35p1KKTHw3APMY2QazaQXWlkiT8VLihzCuoWJgbhpbudH
Vagqg4//oxZ8x7GwPFAtnXdpcaZSaoeloL2jylxK3EXJ21NMyR5r+M226VIELpSz
hqXZNwZXzcKe4Izg2iTI/dxM57x9Ll/466L9tUTfst48yNH8b5BHPCDvkQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE2Ugpu/sSwnzEFegda+BigOOxBCMB8GA1UdIwQY
MBaAFCbMpio1iByujSxYEqxYygcQjXCuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnN5bUtqV0lISzZOTEZnU3JGaktCeENOY0s0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy81MzM3NWQtMGM5Yi00NTNlLTlmZjEt
YmI3YmI1YmYwMGIxLzEvVFpTQ203LXhMQ2ZNUVY2QjFyNEdLQTQ3RUVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy81MzM3NWQtMGM5Yi00NTNlLTlmZjEtYmI3YmI1YmYwMGIx
LzEvSnN5bUtqV0lISzZOTEZnU3JGaktCeENOY0s0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwmbIAwQA
w76fMA0GCSqGSIb3DQEBCwUAA4IBAQCIN/KxJRKGp1dOZfyJXxbv0ta2WIHVCCEC
ymdbYwMm/wxtXSKUtX68D4RZdWH4bZJGiLXmZXodpoxLjHrdw5RjEFFwTyu8kmyg
o89ugVl+ULgBc4TaYDR+FzJigzLNZRKey/eDi7WUa7nPOFisML3JRE8ILMkUcKvO
6V5NzxC0aqkoLFDlLBccmS+eeJn7A/DmdVCjuhtiOW8USynJ37dtM+bhA8zde4eY
eq4u4LaYUKHI17PVVASCk1vqVCUHKqrnMXkfLb/XJAkgUWOzVcZC9lPPO1AphiQ1
qPq86Ts5Rde873uBpFeHvRXxwjKvp/cDkxm6/1kbLpepyJSDujWk
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:17:09 2024 by rpki-client on console-ams.rpki-client.org