Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/e47510-294f-4f05-abe1-ad59557e28c2/1/tkMK_S8yzXQP7m0qfL49qK6pHRY.roa
File: tkMK_S8yzXQP7m0qfL49qK6pHRY.roa (raw, json)
Hash identifier: OCczj16S3Pd8L/2hwGacZl9rIPWCLiN8+Bq+De/vizo=
Subject key identifier: B6:43:0A:FD:2F:32:CD:74:0F:EE:6D:2A:7C:BE:3D:A8:AE:A9:1D:16
Certificate issuer: /CN=67d16781bca64c2b236434edeffe6e452e7162d4
Certificate serial: 0185712785F4E9D5EE63E1E61FDF44BEB0AA
Authority key identifier: 67:D1:67:81:BC:A6:4C:2B:23:64:34:ED:EF:FE:6E:45:2E:71:62:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z9FngbymTCsjZDTt7_5uRS5xYtQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/e47510-294f-4f05-abe1-ad59557e28c2/1/tkMK_S8yzXQP7m0qfL49qK6pHRY.roa
Signing time: Mon 02 Jan 2023 06:24:53 +0000
ROA not before: Mon 02 Jan 2023 06:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15600
IP address blocks: 185.74.156.0/22 maxlen: 24
5.145.0.0/19 maxlen: 24
2a00:d520::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:85:f4:e9:d5:ee:63:e1:e6:1f:df:44:be:b0:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67d16781bca64c2b236434edeffe6e452e7162d4
Validity
Not Before: Jan 2 06:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b6430afd2f32cd740fee6d2a7cbe3da8aea91d16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:30:93:ab:50:70:29:61:bf:dc:10:36:03:cc:
71:a2:92:73:86:d6:17:17:b6:70:7c:a3:de:71:90:
71:fd:a3:8e:f1:a1:6d:5e:74:d2:61:a0:3a:85:27:
60:9a:bf:6a:69:1f:b2:35:9c:c3:f4:a9:6f:cb:c7:
e3:37:d2:3b:98:51:2b:fe:c0:c4:ca:ae:93:d3:2b:
13:11:c4:d0:ca:01:ad:c9:45:02:80:d6:85:4c:86:
a8:53:e9:65:06:ab:8d:52:17:44:c6:90:bb:e6:1f:
52:86:96:c1:b0:d2:8a:92:1b:2f:08:d5:36:ff:14:
9b:75:0a:e6:ea:a4:00:e1:74:09:9c:66:7b:ad:37:
66:88:11:7a:c3:2d:6d:52:78:47:d2:07:eb:58:ec:
24:e2:c9:e7:3f:8f:a4:78:ed:c9:e9:1e:dd:9f:a1:
fd:5f:37:f0:74:2e:fe:ea:13:cd:6e:88:41:7c:25:
73:2b:34:d3:80:59:46:54:94:74:f9:48:74:1b:5d:
11:b5:a4:b3:31:63:fe:12:70:ec:66:52:5c:b4:f0:
04:5e:b7:15:4c:3e:3a:36:84:74:1b:bf:42:1d:be:
8d:e1:31:ce:d0:17:3d:77:f0:77:26:c6:9b:e8:47:
03:93:c4:80:41:34:c8:d3:19:63:80:0a:a0:70:bf:
32:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:43:0A:FD:2F:32:CD:74:0F:EE:6D:2A:7C:BE:3D:A8:AE:A9:1D:16
X509v3 Authority Key Identifier:
keyid:67:D1:67:81:BC:A6:4C:2B:23:64:34:ED:EF:FE:6E:45:2E:71:62:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z9FngbymTCsjZDTt7_5uRS5xYtQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/e47510-294f-4f05-abe1-ad59557e28c2/1/tkMK_S8yzXQP7m0qfL49qK6pHRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/e47510-294f-4f05-abe1-ad59557e28c2/1/Z9FngbymTCsjZDTt7_5uRS5xYtQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.0.0/19
185.74.156.0/22
IPv6:
2a00:d520::/29
Signature Algorithm: sha256WithRSAEncryption
70:90:93:9e:ad:e5:c0:02:32:55:b7:b6:4e:12:f1:48:4f:71:
63:06:f7:dd:b2:d1:2a:a9:8d:9f:49:c0:e1:08:75:64:8e:9f:
76:31:f4:a5:34:15:c9:4a:38:3f:20:70:a8:14:d2:09:5a:55:
fc:48:ee:53:2e:8d:69:c7:0b:08:7f:d8:b4:02:ec:37:91:a2:
aa:41:c3:8f:0a:ad:27:fa:35:3a:de:e9:29:2a:6e:c4:bb:25:
cb:87:07:64:de:6e:0d:03:8e:3f:6e:f4:fc:88:6b:a0:3e:7a:
de:d7:50:dc:29:62:4e:d9:80:6d:da:45:7b:6e:e4:b6:ce:1e:
cb:a5:61:41:35:c0:93:77:96:11:c1:1d:46:8f:d8:84:e0:bd:
3c:7a:0b:c8:6b:7a:be:e4:f5:5f:d2:8a:1c:4c:68:a5:39:83:
30:9a:e8:38:78:14:45:80:bb:85:8f:ce:63:8c:a0:e9:65:b8:
59:53:e2:72:94:1b:69:c5:4b:ef:bd:3c:65:11:d2:a2:71:f1:
6f:28:ae:e1:be:b1:5c:15:75:e4:52:09:43:dc:37:de:22:cb:
36:58:d0:41:f0:1f:d0:b6:96:66:7d:c8:09:d5:b8:db:ec:d9:
ec:10:5c:23:ac:99:d9:09:ba:ee:6f:73:ee:57:d2:5f:a4:11:
57:c8:c0:a3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxJ4X06dXuY+HmH99EvrCqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZDE2NzgxYmNhNjRjMmIyMzY0MzRlZGVmZmU2ZTQ1MmU3
MTYyZDQwHhcNMjMwMTAyMDYyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjQzMGFmZDJmMzJjZDc0MGZlZTZkMmE3Y2JlM2RhOGFlYTkxZDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljCTq1BwKWG/3BA2A8xxopJzhtYX
F7ZwfKPecZBx/aOO8aFtXnTSYaA6hSdgmr9qaR+yNZzD9Klvy8fjN9I7mFEr/sDE
yq6T0ysTEcTQygGtyUUCgNaFTIaoU+llBquNUhdExpC75h9ShpbBsNKKkhsvCNU2
/xSbdQrm6qQA4XQJnGZ7rTdmiBF6wy1tUnhH0gfrWOwk4snnP4+keO3J6R7dn6H9
XzfwdC7+6hPNbohBfCVzKzTTgFlGVJR0+Uh0G10RtaSzMWP+EnDsZlJctPAEXrcV
TD46NoR0G79CHb6N4THO0Bc9d/B3Jsab6EcDk8SAQTTI0xljgAqgcL8yWQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLZDCv0vMs10D+5tKny+PaiuqR0WMB8GA1UdIwQY
MBaAFGfRZ4G8pkwrI2Q07e/+bkUucWLUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjlGbmdieW1UQ3NqWkRUdDdfNXVSUzV4WXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9lNDc1MTAtMjk0Zi00ZjA1LWFiZTEt
YWQ1OTU1N2UyOGMyLzEvdGtNS19TOHl6WFFQN20wcWZMNDlxSzZwSFJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9lNDc1MTAtMjk0Zi00ZjA1LWFiZTEtYWQ1OTU1N2UyOGMy
LzEvWjlGbmdieW1UQ3NqWkRUdDdfNXVSUzV4WXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFBZEAAwQC
uUqcMA0EAgACMAcDBQMqANUgMA0GCSqGSIb3DQEBCwUAA4IBAQBwkJOereXAAjJV
t7ZOEvFIT3FjBvfdstEqqY2fScDhCHVkjp92MfSlNBXJSjg/IHCoFNIJWlX8SO5T
Lo1pxwsIf9i0Auw3kaKqQcOPCq0n+jU63ukpKm7EuyXLhwdk3m4NA44/bvT8iGug
Pnre11DcKWJO2YBt2kV7buS2zh7LpWFBNcCTd5YRwR1Gj9iE4L08egvIa3q+5PVf
0oocTGilOYMwmug4eBRFgLuFj85jjKDpZbhZU+JylBtpxUvvvTxlEdKicfFvKK7h
vrFcFXXkUglD3DfeIss2WNBB8B/QtpZmfcgJ1bjb7NnsEFwjrJnZCbrub3PuV9Jf
pBFXyMCj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:24 2024 by rpki-client on console-fra.rpki-client.org