Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/c010dc-0910-4341-8b33-2e694b339933/1/tbYKFV9y2XWX4c7IVdB6VTIRtks.roa
File: tbYKFV9y2XWX4c7IVdB6VTIRtks.roa (raw, json)
Hash identifier: dme9uuxlCK6Cb1/nWuUAD1V3NWypHCTNgXJKDHrRy5k=
Subject key identifier: B5:B6:0A:15:5F:72:D9:75:97:E1:CE:C8:55:D0:7A:55:32:11:B6:4B
Certificate issuer: /CN=4a9c5e56aacd01ffb2825a931ed5ede41c3f92e6
Certificate serial: 018B4D2B29597B18DFF1B6F6200CC723E7A9
Authority key identifier: 4A:9C:5E:56:AA:CD:01:FF:B2:82:5A:93:1E:D5:ED:E4:1C:3F:92:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SpxeVqrNAf-yglqTHtXt5Bw_kuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/c010dc-0910-4341-8b33-2e694b339933/1/tbYKFV9y2XWX4c7IVdB6VTIRtks.roa
Signing time: Fri 20 Oct 2023 12:59:16 +0000
ROA not before: Fri 20 Oct 2023 12:59:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201454
IP address blocks: 45.140.0.0/22 maxlen: 24
185.73.24.0/22 maxlen: 22
2a05:3f00::/29 maxlen: 29
2a02:c340::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4d:2b:29:59:7b:18:df:f1:b6:f6:20:0c:c7:23:e7:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a9c5e56aacd01ffb2825a931ed5ede41c3f92e6
Validity
Not Before: Oct 20 12:59:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5b60a155f72d97597e1cec855d07a553211b64b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:48:b4:b1:7e:8d:2a:ba:e6:91:7a:6d:20:c1:
0a:9f:c4:8f:e1:4b:2d:ba:70:07:cb:2b:c6:93:8d:
49:5d:e1:5f:c5:38:f3:36:f0:82:be:1e:c6:04:da:
fb:39:c8:ab:f3:c4:5a:87:fb:84:f9:16:fc:ac:b6:
33:32:f9:34:0e:2d:1b:81:a1:73:61:b8:3b:31:fc:
e1:b0:bf:36:c4:ab:69:ef:9a:6c:63:f1:e1:87:00:
4f:29:f3:e6:6e:60:2a:e3:bf:38:e2:32:74:fd:5f:
d1:f7:74:0d:02:f4:b8:ba:47:50:f1:94:93:89:cc:
5b:c5:06:9f:93:db:74:c5:71:70:95:91:fb:73:c9:
e3:4c:3e:e8:00:1b:99:e3:b2:56:af:a2:64:8d:c3:
fd:18:e0:30:ff:81:3f:93:d1:3a:6e:31:4b:70:72:
12:d6:a4:a0:f8:ef:66:a9:ab:1f:90:c3:15:23:f5:
ed:80:45:a3:ce:cf:c6:70:13:f2:45:5c:79:38:5e:
94:65:76:58:3b:10:67:16:22:a4:74:e9:b5:83:f2:
37:8e:cf:f2:42:ef:df:6f:1a:b1:b8:b2:17:5d:04:
0e:4f:df:3e:a7:55:80:56:c8:04:fa:46:e7:a6:94:
5e:c8:f1:19:6a:c2:97:56:a9:1e:64:84:cb:f3:48:
c2:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:B6:0A:15:5F:72:D9:75:97:E1:CE:C8:55:D0:7A:55:32:11:B6:4B
X509v3 Authority Key Identifier:
keyid:4A:9C:5E:56:AA:CD:01:FF:B2:82:5A:93:1E:D5:ED:E4:1C:3F:92:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SpxeVqrNAf-yglqTHtXt5Bw_kuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c010dc-0910-4341-8b33-2e694b339933/1/tbYKFV9y2XWX4c7IVdB6VTIRtks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c010dc-0910-4341-8b33-2e694b339933/1/SpxeVqrNAf-yglqTHtXt5Bw_kuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.0.0/22
185.73.24.0/22
IPv6:
2a02:c340::/29
2a05:3f00::/29
Signature Algorithm: sha256WithRSAEncryption
33:2c:6f:d4:59:44:a9:97:97:e8:e1:4b:38:29:b5:7a:b7:15:
68:75:64:a3:db:ac:ba:5a:c6:c4:6e:49:bd:b0:19:2b:3d:fb:
7c:95:a6:b7:7d:2f:08:23:f6:26:74:b6:54:4a:18:52:48:3f:
7a:a4:e7:65:72:e9:fb:4d:02:b1:8c:06:8f:e0:4c:f7:80:d8:
5a:32:e0:b8:0b:d2:0f:38:c9:e2:6f:db:39:4a:23:02:08:2c:
5b:e0:69:cf:06:38:ce:ec:dc:ac:fe:d5:f6:68:cd:c7:7c:0f:
87:3a:ec:75:a8:65:fe:59:8b:25:6c:d1:2d:b0:42:cc:3d:d7:
34:c9:66:c7:60:fb:ec:09:14:70:66:76:b9:3d:ab:f7:1a:a2:
22:88:59:dc:60:37:35:40:ff:0a:bd:fb:06:21:eb:f7:7c:f0:
9a:b0:ce:96:3b:02:86:5d:bc:ce:1b:07:91:bf:fb:f4:38:c8:
ab:6f:9a:b2:0e:d0:ff:63:2c:2e:27:47:f1:54:d6:83:5d:0c:
98:81:b5:28:82:d9:33:13:7f:8b:a4:ac:4f:ef:60:33:ee:09:
ae:a4:d6:45:8c:26:d6:09:ac:93:94:e8:a0:ee:28:a3:c2:b2:
25:d4:24:a0:c9:17:63:2d:85:3a:bd:9a:23:02:72:2e:b1:ac:
b2:6c:73:a8
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYtNKylZexjf8bb2IAzHI+epMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhOWM1ZTU2YWFjZDAxZmZiMjgyNWE5MzFlZDVlZGU0MWMz
ZjkyZTYwHhcNMjMxMDIwMTI1OTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWI2MGExNTVmNzJkOTc1OTdlMWNlYzg1NWQwN2E1NTMyMTFiNjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiki0sX6NKrrmkXptIMEKn8SP4Ust
unAHyyvGk41JXeFfxTjzNvCCvh7GBNr7Ocir88Rah/uE+Rb8rLYzMvk0Di0bgaFz
Ybg7MfzhsL82xKtp75psY/HhhwBPKfPmbmAq47844jJ0/V/R93QNAvS4ukdQ8ZST
icxbxQafk9t0xXFwlZH7c8njTD7oABuZ47JWr6JkjcP9GOAw/4E/k9E6bjFLcHIS
1qSg+O9mqasfkMMVI/XtgEWjzs/GcBPyRVx5OF6UZXZYOxBnFiKkdOm1g/I3js/y
Qu/fbxqxuLIXXQQOT98+p1WAVsgE+kbnppReyPEZasKXVqkeZITL80jChQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFLW2ChVfctl1l+HOyFXQelUyEbZLMB8GA1UdIwQY
MBaAFEqcXlaqzQH/soJakx7V7eQcP5LmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3B4ZVZxck5BZi15Z2xxVEh0WHQ1Qndfa3VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jMDEwZGMtMDkxMC00MzQxLThiMzMt
MmU2OTRiMzM5OTMzLzEvdGJZS0ZWOXkyWFdYNGM3SVZkQjZWVElSdGtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jMDEwZGMtMDkxMC00MzQxLThiMzMtMmU2OTRiMzM5OTMz
LzEvU3B4ZVZxck5BZi15Z2xxVEh0WHQ1Qndfa3VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLYwAAwQC
uUkYMBQEAgACMA4DBQMqAsNAAwUDKgU/ADANBgkqhkiG9w0BAQsFAAOCAQEAMyxv
1FlEqZeX6OFLOCm1ercVaHVko9usulrGxG5JvbAZKz37fJWmt30vCCP2JnS2VEoY
Ukg/eqTnZXLp+00CsYwGj+BM94DYWjLguAvSDzjJ4m/bOUojAggsW+BpzwY4zuzc
rP7V9mjNx3wPhzrsdahl/lmLJWzRLbBCzD3XNMlmx2D77AkUcGZ2uT2r9xqiIohZ
3GA3NUD/Cr37BiHr93zwmrDOljsChl28zhsHkb/79DjIq2+asg7Q/2MsLidH8VTW
g10MmIG1KILZMxN/i6SsT+9gM+4JrqTWRYwm1gmsk5TooO4oo8KyJdQkoMkXYy2F
Or2aIwJyLrGssmxzqA==
-----END CERTIFICATE-----
Generated at Thu Dec 14 12:34:12 2023 by rpki-client on console-fra.rpki-client.org