Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/936d98-7019-401f-9e2a-3e3660da13a4/1/tkvbL-YpixYR2TzAGx-0EXPxWfg.roa
File: tkvbL-YpixYR2TzAGx-0EXPxWfg.roa (raw, json)
Hash identifier: ISW1HM0kvJB6gp2p/wKi5LH0fpc/2I6m6Tkmz9RA1pQ=
Subject key identifier: B6:4B:DB:2F:E6:29:8B:16:11:D9:3C:C0:1B:1F:B4:11:73:F1:59:F8
Certificate issuer: /CN=7b1f557ee263cb359a19ea2cd7fa0e8c9139eb76
Certificate serial: 01856E2FB1D5015EEB3B61BD365015140CF1
Authority key identifier: 7B:1F:55:7E:E2:63:CB:35:9A:19:EA:2C:D7:FA:0E:8C:91:39:EB:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ex9VfuJjyzWaGeos1_oOjJE563Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/936d98-7019-401f-9e2a-3e3660da13a4/1/tkvbL-YpixYR2TzAGx-0EXPxWfg.roa
Signing time: Sun 01 Jan 2023 16:34:57 +0000
ROA not before: Sun 01 Jan 2023 16:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199907
IP address blocks: 185.42.172.0/24 maxlen: 24
185.42.174.0/24 maxlen: 24
185.42.175.0/24 maxlen: 24
185.42.173.0/24 maxlen: 24
2a01:63a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 28 Feb 2023 08:11:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:b1:d5:01:5e:eb:3b:61:bd:36:50:15:14:0c:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b1f557ee263cb359a19ea2cd7fa0e8c9139eb76
Validity
Not Before: Jan 1 16:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b64bdb2fe6298b1611d93cc01b1fb41173f159f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e2:8b:53:d5:07:99:e5:28:dc:4e:a5:98:3d:
38:9d:52:5b:cd:eb:11:0c:93:c1:fd:9e:22:14:9f:
db:dc:e1:ec:c4:07:40:f5:36:c6:c5:57:e1:d9:53:
c9:88:9b:22:11:b3:d2:8c:0d:a2:64:a6:f0:89:24:
5a:84:c4:bb:27:01:1f:a7:6d:e9:99:98:1f:19:a4:
ff:bb:1c:90:32:e4:62:c9:a3:f8:1d:d6:a1:98:ec:
45:36:39:ac:a5:37:93:b5:48:42:94:ad:45:0a:5b:
54:12:43:df:44:9e:60:c6:e3:5d:72:a7:34:91:23:
c2:07:06:9a:d4:96:d1:7a:14:2b:57:65:98:f4:27:
93:05:7b:78:fa:9f:f5:fc:80:2f:57:60:31:93:d2:
45:1b:17:92:cb:e6:aa:20:73:39:18:fe:10:f7:cf:
19:48:0d:7b:0c:ff:17:05:8f:d0:1e:66:1c:72:9f:
fc:6d:e5:3b:95:e9:6d:09:68:15:69:5e:a5:e3:88:
ac:43:cd:2c:6a:73:58:81:6b:92:77:0f:1c:2c:15:
e3:ef:88:fa:21:45:95:d3:52:3c:81:74:46:42:8a:
3f:1c:ac:5a:2d:cc:4a:dc:ba:41:ab:86:2d:cc:11:
73:9a:11:c9:b5:8e:57:b6:57:67:29:15:8a:b9:a3:
e9:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:4B:DB:2F:E6:29:8B:16:11:D9:3C:C0:1B:1F:B4:11:73:F1:59:F8
X509v3 Authority Key Identifier:
keyid:7B:1F:55:7E:E2:63:CB:35:9A:19:EA:2C:D7:FA:0E:8C:91:39:EB:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ex9VfuJjyzWaGeos1_oOjJE563Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/936d98-7019-401f-9e2a-3e3660da13a4/1/tkvbL-YpixYR2TzAGx-0EXPxWfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/936d98-7019-401f-9e2a-3e3660da13a4/1/ex9VfuJjyzWaGeos1_oOjJE563Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.42.172.0/22
IPv6:
2a01:63a0::/32
Signature Algorithm: sha256WithRSAEncryption
92:4c:21:d7:24:68:6f:74:d6:b5:c9:3d:a6:9d:ac:5e:88:91:
9f:2d:6f:67:15:8f:32:62:fd:0b:93:b8:6d:4e:97:90:22:8e:
f9:7e:73:6d:9f:2d:ea:11:ad:01:6c:68:9d:d0:bb:a9:11:0f:
1d:13:a0:b1:52:76:eb:65:d2:c5:c7:79:c3:c1:2c:80:25:49:
79:29:e7:ad:f5:2b:ce:20:5f:f5:17:ef:2e:05:0e:43:2f:03:
63:97:2b:15:52:93:ab:6a:66:c1:50:d1:6c:d1:a2:cf:35:69:
fb:90:4c:55:4f:86:cf:d2:84:18:24:e4:1b:e5:c8:e2:f4:39:
6a:e8:d5:51:16:fc:6d:87:5f:fc:7a:26:e0:40:5d:02:d3:ae:
cd:6d:67:ab:1b:77:93:0f:23:8c:bc:9d:8c:b0:cb:62:ad:ae:
d9:21:e5:d2:26:2d:28:24:1b:a1:c0:43:be:3a:c6:93:66:f9:
1c:63:5a:b3:25:f6:e1:b5:a1:ce:61:85:c5:9d:76:3b:fd:91:
b8:b1:98:c5:71:32:ab:2f:66:76:8a:89:c5:7b:f4:57:48:f2:
93:f1:c3:f7:27:4b:48:f9:1b:41:e9:37:3f:5a:69:88:ae:44:
c8:49:26:ce:ff:59:ae:da:28:1f:60:ef:40:65:07:2f:bf:d7:
bf:ef:df:4f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuL7HVAV7rO2G9NlAVFAzxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiMWY1NTdlZTI2M2NiMzU5YTE5ZWEyY2Q3ZmEwZThjOTEz
OWViNzYwHhcNMjMwMTAxMTYzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjRiZGIyZmU2Mjk4YjE2MTFkOTNjYzAxYjFmYjQxMTczZjE1OWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseKLU9UHmeUo3E6lmD04nVJbzesR
DJPB/Z4iFJ/b3OHsxAdA9TbGxVfh2VPJiJsiEbPSjA2iZKbwiSRahMS7JwEfp23p
mZgfGaT/uxyQMuRiyaP4HdahmOxFNjmspTeTtUhClK1FCltUEkPfRJ5gxuNdcqc0
kSPCBwaa1JbRehQrV2WY9CeTBXt4+p/1/IAvV2Axk9JFGxeSy+aqIHM5GP4Q988Z
SA17DP8XBY/QHmYccp/8beU7leltCWgVaV6l44isQ80sanNYgWuSdw8cLBXj74j6
IUWV01I8gXRGQoo/HKxaLcxK3LpBq4YtzBFzmhHJtY5XtldnKRWKuaPpoQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLZL2y/mKYsWEdk8wBsftBFz8Vn4MB8GA1UdIwQY
MBaAFHsfVX7iY8s1mhnqLNf6DoyROet2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXg5VmZ1Smp5eldhR2VvczFfb09qSkU1NjNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy85MzZkOTgtNzAxOS00MDFmLTllMmEt
M2UzNjYwZGExM2E0LzEvdGt2YkwtWXBpeFlSMlR6QUd4LTBFWFB4V2ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy85MzZkOTgtNzAxOS00MDFmLTllMmEtM2UzNjYwZGExM2E0
LzEvZXg5VmZ1Smp5eldhR2VvczFfb09qSkU1NjNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSqsMA0E
AgACMAcDBQAqAWOgMA0GCSqGSIb3DQEBCwUAA4IBAQCSTCHXJGhvdNa1yT2mnaxe
iJGfLW9nFY8yYv0Lk7htTpeQIo75fnNtny3qEa0BbGid0LupEQ8dE6CxUnbrZdLF
x3nDwSyAJUl5Keet9SvOIF/1F+8uBQ5DLwNjlysVUpOrambBUNFs0aLPNWn7kExV
T4bP0oQYJOQb5cji9Dlq6NVRFvxth1/8eibgQF0C067NbWerG3eTDyOMvJ2MsMti
ra7ZIeXSJi0oJBuhwEO+OsaTZvkcY1qzJfbhtaHOYYXFnXY7/ZG4sZjFcTKrL2Z2
ionFe/RXSPKT8cP3J0tI+RtB6Tc/WmmIrkTISSbO/1mu2igfYO9AZQcvv9e/799P
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:30 2024 by rpki-client on console-ams.rpki-client.org