Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tyyd2mvZiFI4LufrVynnoyjmez4.roa
File: tyyd2mvZiFI4LufrVynnoyjmez4.roa (raw, json)
Hash identifier: KVyw+m4K0wFjJksrCasPwx8bmbQQqO6DN3AAQmtSJkA=
Subject key identifier: B7:2C:9D:DA:6B:D9:88:52:38:2E:E7:EB:57:29:E7:A3:28:E6:7B:3E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018835E0CCBD2FBD0958705E857183FE6C19
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tyyd2mvZiFI4LufrVynnoyjmez4.roa
Signing time: Fri 19 May 2023 21:18:24 +0000
ROA not before: Fri 19 May 2023 21:18:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 46308
IP address blocks: 109.206.242.0/24 maxlen: 24
2.59.255.0/24 maxlen: 24
79.110.49.0/24 maxlen: 24
87.121.47.0/24 maxlen: 24
87.120.88.0/24 maxlen: 24
185.252.179.0/24 maxlen: 24
85.208.139.0/24 maxlen: 24
185.246.222.0/24 maxlen: 24
194.59.31.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:35:e0:cc:bd:2f:bd:09:58:70:5e:85:71:83:fe:6c:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 19 21:18:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b72c9dda6bd98852382ee7eb5729e7a328e67b3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:65:e8:8a:b5:b7:f0:ce:32:e2:e8:8b:de:fb:
25:92:26:e4:64:1c:c1:b2:df:22:7e:fa:1c:01:ef:
4c:0f:f3:3d:4f:3f:cb:49:08:07:46:dd:d4:c4:dd:
2b:f5:8b:71:d0:48:fd:72:32:19:79:5e:3b:fa:24:
b2:9e:40:a3:87:56:8e:74:6e:4d:c3:66:c8:c6:71:
70:af:77:c4:12:24:dd:4f:50:60:ff:1a:0a:90:f9:
98:b1:fd:b0:21:b9:46:e8:52:7e:0f:95:53:70:12:
9b:d2:1c:2b:91:2f:3e:2e:5b:63:0e:b4:25:44:52:
97:b6:ee:62:92:b5:18:bd:db:2c:47:23:09:bc:18:
69:69:83:88:68:52:72:10:61:24:67:9e:f5:46:21:
60:33:2b:f8:eb:fa:1b:df:e5:e2:19:17:79:d7:19:
b5:78:8b:0e:d2:f9:04:25:35:43:14:69:6c:84:4f:
ce:d1:b2:c2:95:c3:3c:cc:de:27:1e:a2:c1:e6:41:
e3:0b:1e:39:9c:90:b1:cb:15:ad:8d:4c:9b:b3:1a:
0f:7f:3e:91:36:b6:79:b2:55:29:6e:fb:d1:58:41:
d0:05:8f:a2:0d:57:1a:73:55:96:ef:00:f5:54:b2:
07:3c:d5:aa:9f:b3:02:b4:89:9b:9a:69:f6:b3:40:
34:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:2C:9D:DA:6B:D9:88:52:38:2E:E7:EB:57:29:E7:A3:28:E6:7B:3E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tyyd2mvZiFI4LufrVynnoyjmez4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.255.0/24
79.110.49.0/24
85.208.139.0/24
87.120.88.0/24
87.121.47.0/24
109.206.242.0/24
185.246.222.0/24
185.252.179.0/24
194.59.31.0/24
Signature Algorithm: sha256WithRSAEncryption
90:c1:b5:d4:47:d9:6a:33:63:ce:b1:fd:65:88:65:c0:ad:f2:
b1:9b:2b:64:cd:ab:9b:a1:7d:b8:0f:36:b0:b6:3f:3d:6f:dd:
2e:0d:10:f2:f0:ae:d3:2b:5b:81:39:11:36:17:4f:c1:ea:d8:
ef:db:1f:47:2f:53:1d:f2:77:54:60:c9:de:fa:c0:5c:49:39:
b0:18:f1:be:33:98:dd:bd:82:77:26:56:0e:6f:1a:54:fe:a0:
2d:8c:b2:5c:5b:fc:f4:d1:9f:f2:b7:06:62:d8:11:4d:b1:02:
13:37:f8:cd:68:89:4e:b0:33:38:1c:57:72:d9:d6:9b:c4:d6:
41:7e:2e:11:c2:b5:6c:8c:16:9b:77:72:a7:84:9f:78:c7:4c:
0d:44:f4:63:66:02:1b:16:27:f8:3d:ca:da:7f:fb:74:5e:fb:
70:08:04:bb:8a:cc:8e:94:a6:d3:91:65:a0:79:20:ce:17:b2:
67:fb:9e:12:ff:9e:42:25:81:e6:af:1c:da:4f:b6:79:7d:f9:
ff:bc:38:71:20:58:fc:cf:59:e5:9b:4e:f0:40:d0:a5:97:24:
ad:27:ea:03:83:ca:4b:f1:b3:9e:8f:6d:d2:a3:d5:3d:89:a7:
1e:9c:b8:53:5a:2d:6f:7d:14:cd:47:e4:b8:4b:d2:72:ef:d0:
b8:8e:db:c9
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYg14My9L70JWHBehXGD/mwZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTE5MjExODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzJjOWRkYTZiZDk4ODUyMzgyZWU3ZWI1NzI5ZTdhMzI4ZTY3YjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmXoirW38M4y4uiL3vslkibkZBzB
st8ifvocAe9MD/M9Tz/LSQgHRt3UxN0r9Ytx0Ej9cjIZeV47+iSynkCjh1aOdG5N
w2bIxnFwr3fEEiTdT1Bg/xoKkPmYsf2wIblG6FJ+D5VTcBKb0hwrkS8+LltjDrQl
RFKXtu5ikrUYvdssRyMJvBhpaYOIaFJyEGEkZ571RiFgMyv46/ob3+XiGRd51xm1
eIsO0vkEJTVDFGlshE/O0bLClcM8zN4nHqLB5kHjCx45nJCxyxWtjUybsxoPfz6R
NrZ5slUpbvvRWEHQBY+iDVcac1WW7wD1VLIHPNWqn7MCtImbmmn2s0A0IQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFLcsndpr2YhSOC7n61cp56Mo5ns+MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdHl5ZDJtdlppRkk0THVmclZ5bm5veWptZXo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAAjv/AwQA
T24xAwQAVdCLAwQAV3hYAwQAV3kvAwQAbc7yAwQAufbeAwQAufyzAwQAwjsfMA0G
CSqGSIb3DQEBCwUAA4IBAQCQwbXUR9lqM2POsf1liGXArfKxmytkzauboX24Dzaw
tj89b90uDRDy8K7TK1uBORE2F0/B6tjv2x9HL1Md8ndUYMne+sBcSTmwGPG+M5jd
vYJ3JlYObxpU/qAtjLJcW/z00Z/ytwZi2BFNsQITN/jNaIlOsDM4HFdy2dabxNZB
fi4RwrVsjBabd3KnhJ94x0wNRPRjZgIbFif4Pcraf/t0XvtwCAS7isyOlKbTkWWg
eSDOF7Jn+54S/55CJYHmrxzaT7Z5ffn/vDhxIFj8z1nlm07wQNCllyStJ+oDg8pL
8bOej23So9U9iacenLhTWi1vfRTNR+S4S9Jy79C4jtvJ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:43 2023 by rpki-client on console-ams.rpki-client.org