Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tfdlyE-Q1xuXO8yRywjwEtpbcrc.roa
File: tfdlyE-Q1xuXO8yRywjwEtpbcrc.roa (raw, json)
Hash identifier: 5c7sVh27kFnfd+/J2764WKSVo3E8ZsN7fEGbrHmwVqI=
Subject key identifier: B5:F7:65:C8:4F:90:D7:1B:97:3B:CC:91:CB:08:F0:12:DA:5B:72:B7
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018843A853D5BBDFBBB2CB15B6AD35019FF7
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tfdlyE-Q1xuXO8yRywjwEtpbcrc.roa
Signing time: Mon 22 May 2023 13:31:24 +0000
ROA not before: Mon 22 May 2023 13:31:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 46308
IP address blocks: 109.206.242.0/24 maxlen: 24
2.59.255.0/24 maxlen: 24
79.110.49.0/24 maxlen: 24
87.121.47.0/24 maxlen: 24
87.120.88.0/24 maxlen: 24
185.252.179.0/24 maxlen: 24
85.208.139.0/24 maxlen: 24
185.246.222.0/24 maxlen: 24
194.59.31.0/24 maxlen: 24
194.59.30.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:43:a8:53:d5:bb:df:bb:b2:cb:15:b6:ad:35:01:9f:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 22 13:31:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5f765c84f90d71b973bcc91cb08f012da5b72b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:31:a4:af:7f:c2:18:5a:43:ed:8b:c4:06:44:
48:85:c0:9e:2a:df:50:83:45:5b:c3:17:05:fa:35:
0d:c7:fc:3f:43:5f:44:f4:45:b8:0e:10:c1:9d:d0:
de:dd:cf:a0:46:7c:81:eb:25:95:e9:51:d3:44:24:
08:c4:d3:e8:65:95:52:20:3c:4c:f3:eb:c8:6a:d6:
6f:7b:22:c9:09:5b:e9:78:12:48:37:98:9d:e9:a2:
eb:9c:84:63:1d:56:4b:75:4a:c9:8b:df:bc:89:4b:
20:12:01:03:9d:5b:c6:5d:c7:43:42:01:75:2c:b0:
33:4f:ce:54:12:3d:66:95:66:29:64:3c:fe:92:3c:
73:1d:d0:b6:f3:39:01:2b:00:ea:9b:29:b7:f6:cf:
d2:f3:d5:f2:ff:0a:25:9f:70:37:3d:e9:84:19:21:
c9:f8:4d:9c:d8:91:bc:21:84:ef:48:53:70:7e:22:
2c:f0:cf:f1:b5:46:47:4c:16:31:3d:ba:fc:fe:1d:
2a:5c:4a:fa:1c:4d:ca:00:10:14:a7:6d:56:c4:cd:
31:7d:98:42:e7:c9:a2:0a:0e:e3:0a:50:19:d9:2a:
50:21:00:ee:a7:97:39:46:76:4c:85:9e:cc:4d:dd:
31:d7:db:89:bd:0f:f9:16:e2:c2:46:41:26:0e:1f:
14:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:F7:65:C8:4F:90:D7:1B:97:3B:CC:91:CB:08:F0:12:DA:5B:72:B7
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tfdlyE-Q1xuXO8yRywjwEtpbcrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.255.0/24
79.110.49.0/24
85.208.139.0/24
87.120.88.0/24
87.121.47.0/24
109.206.242.0/24
185.246.222.0/24
185.252.179.0/24
194.59.30.0/23
Signature Algorithm: sha256WithRSAEncryption
9d:51:82:7c:7a:3e:dd:de:ed:74:9b:4c:86:bf:7d:1a:ea:0e:
d7:40:d8:93:40:c8:d9:28:ee:48:ce:a8:a7:22:60:a1:88:14:
ba:fe:ce:15:ca:cf:2d:c4:c5:5d:45:39:eb:1a:11:7d:1b:5c:
bf:e2:09:3b:fd:14:3c:bd:f7:1a:32:a3:aa:81:57:32:6c:f2:
90:92:e8:99:a5:37:36:a7:b8:6b:0d:4c:f5:bd:ef:0b:f1:a9:
8f:fb:89:5a:7f:6d:11:8a:56:21:1f:a0:e5:91:fc:d8:e9:b8:
0e:49:e5:73:ea:0b:78:21:4b:c8:d6:ca:21:e5:23:7b:54:b3:
be:7f:c3:f2:13:cf:c2:97:51:64:1b:1a:72:90:72:72:b3:2f:
a6:f5:64:53:90:e2:9f:39:f0:d3:5a:1f:ab:2a:fa:0c:e8:4a:
dd:f0:87:53:d2:7d:de:21:ae:ae:49:dd:0f:ee:dd:9b:f8:c0:
7b:7d:1c:40:ee:a4:f5:a6:cd:5e:cd:ae:8d:93:52:9d:52:25:
9a:38:56:f2:7b:1b:88:16:72:58:09:d7:41:dc:39:fd:20:5b:
d8:e0:bd:89:a6:f7:68:4c:ab:0c:d9:ba:24:fb:07:15:30:5c:
41:4c:7e:a2:03:39:49:f1:e5:5a:22:f3:3e:aa:b4:e8:7d:2a:
c9:79:fa:49
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYhDqFPVu9+7sssVtq01AZ/3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTIyMTMzMTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWY3NjVjODRmOTBkNzFiOTczYmNjOTFjYjA4ZjAxMmRhNWI3MmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6jGkr3/CGFpD7YvEBkRIhcCeKt9Q
g0VbwxcF+jUNx/w/Q19E9EW4DhDBndDe3c+gRnyB6yWV6VHTRCQIxNPoZZVSIDxM
8+vIatZveyLJCVvpeBJIN5id6aLrnIRjHVZLdUrJi9+8iUsgEgEDnVvGXcdDQgF1
LLAzT85UEj1mlWYpZDz+kjxzHdC28zkBKwDqmym39s/S89Xy/woln3A3PemEGSHJ
+E2c2JG8IYTvSFNwfiIs8M/xtUZHTBYxPbr8/h0qXEr6HE3KABAUp21WxM0xfZhC
58miCg7jClAZ2SpQIQDup5c5RnZMhZ7MTd0x19uJvQ/5FuLCRkEmDh8URwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFLX3ZchPkNcblzvMkcsI8BLaW3K3MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdGZkbHlFLVExeHVYTzh5Unl3andFdHBiY3JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAAjv/AwQA
T24xAwQAVdCLAwQAV3hYAwQAV3kvAwQAbc7yAwQAufbeAwQAufyzAwQBwjseMA0G
CSqGSIb3DQEBCwUAA4IBAQCdUYJ8ej7d3u10m0yGv30a6g7XQNiTQMjZKO5Izqin
ImChiBS6/s4Vys8txMVdRTnrGhF9G1y/4gk7/RQ8vfcaMqOqgVcybPKQkuiZpTc2
p7hrDUz1ve8L8amP+4laf20RilYhH6DlkfzY6bgOSeVz6gt4IUvI1soh5SN7VLO+
f8PyE8/Cl1FkGxpykHJysy+m9WRTkOKfOfDTWh+rKvoM6Erd8IdT0n3eIa6uSd0P
7t2b+MB7fRxA7qT1ps1eza6Nk1KdUiWaOFbyexuIFnJYCddB3Dn9IFvY4L2Jpvdo
TKsM2bok+wcVMFxBTH6iAzlJ8eVaIvM+qrTofSrJefpJ
-----END CERTIFICATE-----
Generated at Thu Aug 10 09:06:08 2023 by rpki-client on console-ams.rpki-client.org