Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/a32567-780f-4509-b710-97eaf9aa786f/1/tyhAoiCZAt6AdQ4IoEtzGLmptUc.roa
File: tyhAoiCZAt6AdQ4IoEtzGLmptUc.roa (raw, json)
Hash identifier: mQygSitxLpCidJPJYio2tKByQN3qNbzYDaTF8+1uY9s=
Subject key identifier: B7:28:40:A2:20:99:02:DE:80:75:0E:08:A0:4B:73:18:B9:A9:B5:47
Certificate issuer: /CN=6d555e6c14b94d756d93a83a502c7f1577f9af49
Certificate serial: 01874AF182BC4C471C1BCE291A784BEA99BE
Authority key identifier: 6D:55:5E:6C:14:B9:4D:75:6D:93:A8:3A:50:2C:7F:15:77:F9:AF:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bVVebBS5TXVtk6g6UCx_FXf5r0k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/a32567-780f-4509-b710-97eaf9aa786f/1/tyhAoiCZAt6AdQ4IoEtzGLmptUc.roa
Signing time: Tue 04 Apr 2023 06:25:54 +0000
ROA not before: Tue 04 Apr 2023 06:25:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42307
IP address blocks: 194.55.248.0/22 maxlen: 22
91.192.28.0/22 maxlen: 22
2001:67c:274::/48 maxlen: 48
2a0c:ccc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4a:f1:82:bc:4c:47:1c:1b:ce:29:1a:78:4b:ea:99:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d555e6c14b94d756d93a83a502c7f1577f9af49
Validity
Not Before: Apr 4 06:25:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b72840a2209902de80750e08a04b7318b9a9b547
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:af:ea:11:d3:35:ab:6f:92:04:e9:54:69:4f:
3e:a9:e6:0b:6f:73:02:8c:de:70:90:8a:61:4b:68:
9b:0b:63:fd:d0:89:94:63:21:d1:94:eb:74:4d:79:
a1:ed:7d:e4:a8:fb:5c:7b:40:df:bd:db:36:10:d8:
5f:c3:61:c7:59:63:46:4b:bb:01:b0:88:7d:96:cf:
29:31:80:50:3f:85:27:fb:6a:4a:4c:ef:f5:82:69:
b2:be:a6:1e:0a:0b:9a:33:d2:bd:af:66:b4:38:e1:
12:4b:6c:45:29:d8:94:f5:8b:4e:ed:49:b4:d7:6d:
0a:e3:a6:7d:72:92:49:4f:93:c8:7b:3b:69:a7:89:
31:d6:00:13:a3:ea:5d:96:da:3f:9f:c6:9f:de:10:
7c:77:d5:3c:ac:a6:9e:af:41:9c:73:a6:c6:32:34:
15:e9:75:d7:7c:11:18:f1:77:b3:b7:94:ac:9c:73:
9b:8a:97:9c:65:bf:ad:a4:9e:69:fb:67:a7:0d:54:
19:63:c2:9c:88:78:68:ce:09:26:93:75:b5:63:e9:
9d:a8:33:73:88:11:05:23:0d:b3:8c:8e:85:96:fe:
08:bb:7a:0b:f0:7b:05:11:f3:e7:fa:13:5a:b5:02:
c1:74:2a:aa:44:e0:93:1b:80:32:a6:43:b5:df:b9:
fe:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:28:40:A2:20:99:02:DE:80:75:0E:08:A0:4B:73:18:B9:A9:B5:47
X509v3 Authority Key Identifier:
keyid:6D:55:5E:6C:14:B9:4D:75:6D:93:A8:3A:50:2C:7F:15:77:F9:AF:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bVVebBS5TXVtk6g6UCx_FXf5r0k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/a32567-780f-4509-b710-97eaf9aa786f/1/tyhAoiCZAt6AdQ4IoEtzGLmptUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/a32567-780f-4509-b710-97eaf9aa786f/1/bVVebBS5TXVtk6g6UCx_FXf5r0k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.192.28.0/22
194.55.248.0/22
IPv6:
2001:67c:274::/48
2a0c:ccc0::/29
Signature Algorithm: sha256WithRSAEncryption
25:f4:3c:f7:b9:8d:b3:3f:ff:42:4e:48:a2:ac:d8:e0:23:d7:
95:b1:3d:74:37:5c:8e:eb:cd:dd:73:02:1e:2a:62:30:2e:d3:
7a:dd:c1:ed:95:8b:98:2a:d7:2c:63:22:6f:9e:27:29:d4:72:
6a:0e:ed:c4:81:a0:b1:c4:7e:e0:a8:6f:80:07:7b:5d:f6:95:
23:3e:59:d9:f7:1e:45:67:10:b2:f4:fc:81:ee:80:a9:9e:f9:
53:b7:45:d5:05:af:0b:bf:b1:65:14:63:f1:5b:82:89:f4:cc:
af:6e:a6:7d:52:78:ba:c2:02:f9:cd:5b:e8:10:81:51:49:ce:
e9:cd:16:79:2c:1c:5b:0d:96:47:55:0f:8e:64:24:18:e0:01:
0c:38:4d:f6:54:ef:00:8a:06:22:f5:e2:17:6b:95:fd:c8:cd:
33:56:09:06:79:84:ee:62:63:b3:df:23:4c:ef:7b:29:db:3c:
1a:11:4d:3a:bc:02:0d:e1:83:ed:43:8a:a0:87:39:ba:40:5a:
0a:29:08:52:bb:72:be:a9:92:b7:cb:63:44:b4:3d:e1:29:2a:
ae:cb:31:ec:27:ad:ea:18:03:a8:4f:b6:ad:f6:41:5d:6d:7c:
fd:6c:9a:9e:9a:e4:ba:f5:dd:29:c3:d3:f1:f9:1e:ee:29:9c:
b8:76:54:eb
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYdK8YK8TEccG84pGnhL6pm+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNTU1ZTZjMTRiOTRkNzU2ZDkzYTgzYTUwMmM3ZjE1Nzdm
OWFmNDkwHhcNMjMwNDA0MDYyNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzI4NDBhMjIwOTkwMmRlODA3NTBlMDhhMDRiNzMxOGI5YTliNTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjq/qEdM1q2+SBOlUaU8+qeYLb3MC
jN5wkIphS2ibC2P90ImUYyHRlOt0TXmh7X3kqPtce0Dfvds2ENhfw2HHWWNGS7sB
sIh9ls8pMYBQP4Un+2pKTO/1gmmyvqYeCguaM9K9r2a0OOESS2xFKdiU9YtO7Um0
120K46Z9cpJJT5PIeztpp4kx1gATo+pdlto/n8af3hB8d9U8rKaer0Gcc6bGMjQV
6XXXfBEY8Xezt5SsnHObipecZb+tpJ5p+2enDVQZY8KciHhozgkmk3W1Y+mdqDNz
iBEFIw2zjI6Flv4Iu3oL8HsFEfPn+hNatQLBdCqqROCTG4AypkO137n+qQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLcoQKIgmQLegHUOCKBLcxi5qbVHMB8GA1UdIwQY
MBaAFG1VXmwUuU11bZOoOlAsfxV3+a9JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlZWZWJCUzVUWFZ0azZnNlVDeF9GWGY1cjBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hMzI1NjctNzgwZi00NTA5LWI3MTAt
OTdlYWY5YWE3ODZmLzEvdHloQW9pQ1pBdDZBZFE0SW9FdHpHTG1wdFVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hMzI1NjctNzgwZi00NTA5LWI3MTAtOTdlYWY5YWE3ODZm
LzEvYlZWZWJCUzVUWFZ0azZnNlVDeF9GWGY1cjBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCW8AcAwQC
wjf4MBYEAgACMBADBwAgAQZ8AnQDBQMqDMzAMA0GCSqGSIb3DQEBCwUAA4IBAQAl
9Dz3uY2zP/9CTkiirNjgI9eVsT10N1yO683dcwIeKmIwLtN63cHtlYuYKtcsYyJv
nicp1HJqDu3EgaCxxH7gqG+AB3td9pUjPlnZ9x5FZxCy9PyB7oCpnvlTt0XVBa8L
v7FlFGPxW4KJ9MyvbqZ9Uni6wgL5zVvoEIFRSc7pzRZ5LBxbDZZHVQ+OZCQY4AEM
OE32VO8AigYi9eIXa5X9yM0zVgkGeYTuYmOz3yNM73sp2zwaEU06vAIN4YPtQ4qg
hzm6QFoKKQhSu3K+qZK3y2NEtD3hKSquyzHsJ63qGAOoT7at9kFdbXz9bJqemuS6
9d0pw9Px+R7uKZy4dlTr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:39 2024 by rpki-client on console-fra.rpki-client.org