Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/d2aab0-8363-4b14-9cc2-c8bb8ea39804/1/tkSW09ZyyfqCeMXulOj-dpfL-bM.roa
File: tkSW09ZyyfqCeMXulOj-dpfL-bM.roa (raw, json)
Hash identifier: xEeUbes0K/sSBfAngFbufPsnNZl2xDnVbD/GC9rGkaU=
Subject key identifier: B6:44:96:D3:D6:72:C9:FA:82:78:C5:EE:94:E8:FE:76:97:CB:F9:B3
Certificate issuer: /CN=77b020308865c3360dab19f3a5703341864e9f50
Certificate serial: 01856E144547DBFC57E54276723080727ED8
Authority key identifier: 77:B0:20:30:88:65:C3:36:0D:AB:19:F3:A5:70:33:41:86:4E:9F:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d7AgMIhlwzYNqxnzpXAzQYZOn1A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/d2aab0-8363-4b14-9cc2-c8bb8ea39804/1/tkSW09ZyyfqCeMXulOj-dpfL-bM.roa
Signing time: Sun 01 Jan 2023 16:05:00 +0000
ROA not before: Sun 01 Jan 2023 16:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210841
IP address blocks: 91.232.198.0/24 maxlen: 24
91.232.208.0/24 maxlen: 24
91.232.235.0/24 maxlen: 24
91.232.129.0/24 maxlen: 24
80.73.219.0/24 maxlen: 24
80.73.220.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:45:47:db:fc:57:e5:42:76:72:30:80:72:7e:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77b020308865c3360dab19f3a5703341864e9f50
Validity
Not Before: Jan 1 16:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b64496d3d672c9fa8278c5ee94e8fe7697cbf9b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:db:fe:1d:4d:ad:5d:86:b1:40:56:99:24:01:
d4:9b:43:1c:9d:ba:2a:e3:3a:15:ba:7e:bb:5d:83:
1f:91:44:c7:12:ff:ac:a8:04:0b:7d:10:ab:42:74:
ae:f6:bf:c4:c4:31:d6:27:9d:fb:0c:eb:cf:9a:28:
7e:99:16:ea:90:2f:fb:45:f5:27:d5:77:b5:de:4f:
48:65:9b:88:f2:5e:f0:e9:9e:2d:e4:8b:2f:29:d8:
41:6e:7c:3b:13:1c:46:5a:5d:37:bd:de:91:13:f9:
b0:75:21:3b:fe:37:8c:62:d5:bb:3a:3f:8d:89:d4:
09:c2:06:63:6f:97:5d:ed:1f:5d:21:36:dc:0e:08:
0a:51:1f:ac:8b:c3:18:b9:9e:a5:32:34:8e:33:54:
fd:79:5c:3c:b4:9c:15:89:34:a0:9b:95:af:24:3c:
a1:77:6a:a4:3d:f7:fa:68:f7:18:69:42:88:2c:c5:
cc:61:37:99:67:9b:b1:ad:68:03:e6:32:da:fe:bf:
1d:0c:56:6e:79:a9:62:88:22:34:ed:4c:aa:15:dc:
01:d6:bd:e6:ae:9c:a9:eb:63:a4:8d:f2:0d:f9:43:
c8:83:06:70:1f:82:ab:4b:93:f8:71:af:8b:97:65:
aa:91:a7:29:81:e6:fc:00:d8:b2:b2:5b:0e:79:63:
44:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:44:96:D3:D6:72:C9:FA:82:78:C5:EE:94:E8:FE:76:97:CB:F9:B3
X509v3 Authority Key Identifier:
keyid:77:B0:20:30:88:65:C3:36:0D:AB:19:F3:A5:70:33:41:86:4E:9F:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7AgMIhlwzYNqxnzpXAzQYZOn1A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d2aab0-8363-4b14-9cc2-c8bb8ea39804/1/tkSW09ZyyfqCeMXulOj-dpfL-bM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d2aab0-8363-4b14-9cc2-c8bb8ea39804/1/d7AgMIhlwzYNqxnzpXAzQYZOn1A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.73.219.0-80.73.223.255
91.232.129.0/24
91.232.198.0/24
91.232.208.0/24
91.232.235.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:7c:91:9f:c1:56:b0:ef:63:51:df:51:4f:b8:b7:68:32:c3:
bf:96:65:ae:58:e9:09:bf:36:7f:3a:5e:40:ee:46:31:f5:42:
89:3d:0a:15:70:72:e7:15:90:46:e8:3b:ea:2d:26:e3:a4:8e:
0e:c3:28:0a:7a:e0:de:a8:e7:68:29:39:5b:ce:a6:55:3b:15:
32:8e:1f:cc:7a:56:d6:30:a0:04:50:d7:37:dd:70:90:db:d4:
bb:fa:93:0d:09:de:84:a1:e8:4f:11:ac:d0:b5:25:91:c3:f0:
82:28:3b:c9:0e:78:cc:c4:de:a9:44:c2:ed:99:26:30:49:78:
db:61:15:f5:63:c5:98:37:29:5e:0c:ad:24:04:52:2a:76:d5:
77:c8:47:3e:50:69:4b:fd:e2:d5:11:c6:8b:56:8c:87:98:b3:
89:bb:30:1c:67:0f:00:c5:9c:78:bf:13:9e:77:18:2d:cb:b2:
56:e0:4a:0f:5e:06:8a:24:67:96:7c:b9:7d:84:bc:aa:82:04:
13:9e:4b:01:db:fc:24:6e:f5:b2:f5:b3:c7:65:36:5b:91:8c:
8d:ed:a2:3e:b8:d5:0c:d1:fb:ac:05:65:e8:ec:98:53:5d:82:
38:55:d1:f1:56:f7:b7:ce:85:10:57:21:8c:e5:8d:69:c4:c4:
4e:1c:c6:2c
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVuFEVH2/xX5UJ2cjCAcn7YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YjAyMDMwODg2NWMzMzYwZGFiMTlmM2E1NzAzMzQxODY0
ZTlmNTAwHhcNMjMwMTAxMTYwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjQ0OTZkM2Q2NzJjOWZhODI3OGM1ZWU5NGU4ZmU3Njk3Y2JmOWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudv+HU2tXYaxQFaZJAHUm0Mcnboq
4zoVun67XYMfkUTHEv+sqAQLfRCrQnSu9r/ExDHWJ537DOvPmih+mRbqkC/7RfUn
1Xe13k9IZZuI8l7w6Z4t5IsvKdhBbnw7ExxGWl03vd6RE/mwdSE7/jeMYtW7Oj+N
idQJwgZjb5dd7R9dITbcDggKUR+si8MYuZ6lMjSOM1T9eVw8tJwViTSgm5WvJDyh
d2qkPff6aPcYaUKILMXMYTeZZ5uxrWgD5jLa/r8dDFZuealiiCI07UyqFdwB1r3m
rpyp62OkjfIN+UPIgwZwH4KrS5P4ca+Ll2Wqkacpgeb8ANiyslsOeWNEdwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLZEltPWcsn6gnjF7pTo/naXy/mzMB8GA1UdIwQY
MBaAFHewIDCIZcM2DasZ86VwM0GGTp9QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDdBZ01JaGx3ellOcXhuenBYQXpRWVpPbjFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9kMmFhYjAtODM2My00YjE0LTljYzIt
YzhiYjhlYTM5ODA0LzEvdGtTVzA5Wnl5ZnFDZU1YdWxPai1kcGZMLWJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9kMmFhYjAtODM2My00YjE0LTljYzItYzhiYjhlYTM5ODA0
LzEvZDdBZ01JaGx3ellOcXhuenBYQXpRWVpPbjFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBABQSdsD
BAVQScADBABb6IEDBABb6MYDBABb6NADBABb6OswDQYJKoZIhvcNAQELBQADggEB
AI18kZ/BVrDvY1HfUU+4t2gyw7+WZa5Y6Qm/Nn86XkDuRjH1Qok9ChVwcucVkEbo
O+otJuOkjg7DKAp64N6o52gpOVvOplU7FTKOH8x6VtYwoARQ1zfdcJDb1Lv6kw0J
3oSh6E8RrNC1JZHD8IIoO8kOeMzE3qlEwu2ZJjBJeNthFfVjxZg3KV4MrSQEUip2
1XfIRz5QaUv94tURxotWjIeYs4m7MBxnDwDFnHi/E553GC3LslbgSg9eBookZ5Z8
uX2EvKqCBBOeSwHb/CRu9bL1s8dlNluRjI3toj641QzR+6wFZejsmFNdgjhV0fFW
97fOhRBXIYzljWnExE4cxiw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:15 2024 by rpki-client on console-fra.rpki-client.org