Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/9c1b02-e678-4e86-9905-07df016c41b8/1/TJwBYBzW0hZYJRS9DtboeCKNWwM.roa
File: TJwBYBzW0hZYJRS9DtboeCKNWwM.roa (raw, json)
Hash identifier: quD2r86z7P9k9tRncgEx33tkw0ffGWd037+W+U+MoK8=
Subject key identifier: 4C:9C:01:60:1C:D6:D2:16:58:25:14:BD:0E:D6:E8:78:22:8D:5B:03
Certificate issuer: /CN=d99ea9587e5ea4e963ad7ae7f125761c0e292563
Certificate serial: 01856F94A58368439590B82AEAC85CB76B10
Authority key identifier: D9:9E:A9:58:7E:5E:A4:E9:63:AD:7A:E7:F1:25:76:1C:0E:29:25:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Z6pWH5epOljrXrn8SV2HA4pJWM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/9c1b02-e678-4e86-9905-07df016c41b8/1/TJwBYBzW0hZYJRS9DtboeCKNWwM.roa
Signing time: Sun 01 Jan 2023 23:04:50 +0000
ROA not before: Sun 01 Jan 2023 23:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20802
IP address blocks: 185.111.220.0/22 maxlen: 24
2a06:6000::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:a5:83:68:43:95:90:b8:2a:ea:c8:5c:b7:6b:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d99ea9587e5ea4e963ad7ae7f125761c0e292563
Validity
Not Before: Jan 1 23:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c9c01601cd6d216582514bd0ed6e878228d5b03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:99:3e:66:f5:c4:4f:4b:e0:13:a3:1d:ad:a2:
3e:05:b0:0f:db:09:5b:55:1a:d3:53:a0:5f:f0:97:
99:b8:07:fc:c0:f2:b2:c1:f6:d4:fb:d7:62:46:4d:
dd:7c:8a:70:57:a9:5a:22:7c:30:5b:65:09:36:5a:
87:99:05:1d:28:7a:b8:a3:17:e9:de:30:28:ac:d5:
73:e7:a9:31:e4:93:71:92:e3:6b:ab:ff:99:7d:20:
af:5f:86:7a:99:c6:be:79:77:a7:fa:0b:ed:23:3e:
6e:ad:65:97:c2:29:bf:c5:0f:ee:60:fb:42:98:ca:
8d:a2:39:13:89:fb:96:71:98:5f:0d:13:c8:4a:6b:
95:42:ef:9c:32:f6:5b:fd:6e:68:5c:fd:f4:3e:4f:
71:63:66:e0:c5:ef:08:26:a6:db:a0:72:f0:65:a4:
0d:2b:00:45:4e:26:07:fe:2f:1b:15:1a:04:db:29:
d3:3a:35:c8:94:1c:dc:38:80:a6:f0:fb:cf:af:92:
6a:df:08:2c:ac:09:3d:9b:c6:aa:c3:88:20:c1:e0:
ed:74:8e:a7:c0:31:6a:30:92:fc:8a:3a:3a:0b:e8:
49:6f:a1:47:92:7e:b5:ad:6c:24:1a:a2:3c:d3:f6:
d0:6b:77:9a:5d:6c:69:58:59:8f:ac:56:0b:73:3b:
1d:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:9C:01:60:1C:D6:D2:16:58:25:14:BD:0E:D6:E8:78:22:8D:5B:03
X509v3 Authority Key Identifier:
keyid:D9:9E:A9:58:7E:5E:A4:E9:63:AD:7A:E7:F1:25:76:1C:0E:29:25:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Z6pWH5epOljrXrn8SV2HA4pJWM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9c1b02-e678-4e86-9905-07df016c41b8/1/TJwBYBzW0hZYJRS9DtboeCKNWwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9c1b02-e678-4e86-9905-07df016c41b8/1/2Z6pWH5epOljrXrn8SV2HA4pJWM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.220.0/22
IPv6:
2a06:6000::/29
Signature Algorithm: sha256WithRSAEncryption
3f:97:80:5b:5f:56:78:db:e5:2a:70:8a:73:87:d5:9b:a6:4c:
00:66:cd:ab:4d:ce:2a:e8:b3:16:fb:2b:65:36:b4:f1:27:87:
9c:03:8c:1f:5c:4e:23:35:3e:e7:11:0b:87:29:49:71:ab:e0:
7e:39:3a:b3:ab:ea:29:f7:ec:85:e7:d3:9d:42:9a:34:42:85:
e8:e9:d4:54:67:03:b9:c0:c6:36:00:cc:22:de:ac:04:84:f1:
c3:d5:b2:df:24:5e:27:63:5a:3a:3e:fc:fe:90:91:40:4f:1b:
ad:ab:45:e2:66:75:95:ef:0c:12:2b:99:0f:2e:c3:cd:8b:df:
5d:2c:2d:1e:77:b4:d9:57:43:03:be:b8:41:e6:a4:e8:8e:a0:
20:30:34:80:aa:50:6a:a7:dc:17:9c:b4:4a:b2:86:b9:d6:3c:
41:6e:a0:de:d5:f6:d3:d8:b7:06:ed:bc:53:fb:2a:9f:59:54:
9c:42:21:9a:03:a3:6b:df:9e:49:65:3b:94:b6:e5:d7:d1:7e:
87:b8:5b:42:89:82:01:45:75:a9:23:df:36:99:a1:5f:90:f9:
60:e6:05:10:2a:65:43:a5:b7:71:d5:d9:00:25:f4:62:fc:a5:
04:21:bc:b3:42:f8:40:50:ee:8f:43:49:42:4d:76:a5:8f:9e:
95:90:b3:0a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvlKWDaEOVkLgq6shct2sQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OWVhOTU4N2U1ZWE0ZTk2M2FkN2FlN2YxMjU3NjFjMGUy
OTI1NjMwHhcNMjMwMTAxMjMwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzljMDE2MDFjZDZkMjE2NTgyNTE0YmQwZWQ2ZTg3ODIyOGQ1YjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpk+ZvXET0vgE6MdraI+BbAP2wlb
VRrTU6Bf8JeZuAf8wPKywfbU+9diRk3dfIpwV6laInwwW2UJNlqHmQUdKHq4oxfp
3jAorNVz56kx5JNxkuNrq/+ZfSCvX4Z6mca+eXen+gvtIz5urWWXwim/xQ/uYPtC
mMqNojkTifuWcZhfDRPISmuVQu+cMvZb/W5oXP30Pk9xY2bgxe8IJqbboHLwZaQN
KwBFTiYH/i8bFRoE2ynTOjXIlBzcOICm8PvPr5Jq3wgsrAk9m8aqw4ggweDtdI6n
wDFqMJL8ijo6C+hJb6FHkn61rWwkGqI80/bQa3eaXWxpWFmPrFYLczsdYwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEycAWAc1tIWWCUUvQ7W6HgijVsDMB8GA1UdIwQY
MBaAFNmeqVh+XqTpY6165/EldhwOKSVjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlo2cFdINWVwT2xqclhybjhTVjJIQTRwSldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS85YzFiMDItZTY3OC00ZTg2LTk5MDUt
MDdkZjAxNmM0MWI4LzEvVEp3QllCelcwaFpZSlJTOUR0Ym9lQ0tOV3dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS85YzFiMDItZTY3OC00ZTg2LTk5MDUtMDdkZjAxNmM0MWI4
LzEvMlo2cFdINWVwT2xqclhybjhTVjJIQTRwSldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuW/cMA0E
AgACMAcDBQMqBmAAMA0GCSqGSIb3DQEBCwUAA4IBAQA/l4BbX1Z42+UqcIpzh9Wb
pkwAZs2rTc4q6LMW+ytlNrTxJ4ecA4wfXE4jNT7nEQuHKUlxq+B+OTqzq+op9+yF
59OdQpo0QoXo6dRUZwO5wMY2AMwi3qwEhPHD1bLfJF4nY1o6Pvz+kJFATxutq0Xi
ZnWV7wwSK5kPLsPNi99dLC0ed7TZV0MDvrhB5qTojqAgMDSAqlBqp9wXnLRKsoa5
1jxBbqDe1fbT2LcG7bxT+yqfWVScQiGaA6Nr355JZTuUtuXX0X6HuFtCiYIBRXWp
I982maFfkPlg5gUQKmVDpbdx1dkAJfRi/KUEIbyzQvhAUO6PQ0lCTXalj56VkLMK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:27 2024 by rpki-client on console-fra.rpki-client.org