Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/tXnkihTgkEbQuCkGhsmuaXOGQlw.roa
File: tXnkihTgkEbQuCkGhsmuaXOGQlw.roa (raw, json)
Hash identifier: +JVY1NQt4vvNFLyLHaRS/+jopnv1c1yV+WCNEc7et18=
Subject key identifier: B5:79:E4:8A:14:E0:90:46:D0:B8:29:06:86:C9:AE:69:73:86:42:5C
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0185D01A8605BFA2C9D0B0C5ABDF5D32BD4F
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/tXnkihTgkEbQuCkGhsmuaXOGQlw.roa
Signing time: Fri 20 Jan 2023 16:54:37 +0000
ROA not before: Fri 20 Jan 2023 16:54:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209811
IP address blocks: 94.232.96.0/22 maxlen: 22
91.232.227.0/24 maxlen: 24
91.224.41.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:d0:1a:86:05:bf:a2:c9:d0:b0:c5:ab:df:5d:32:bd:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 20 16:54:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b579e48a14e09046d0b8290686c9ae697386425c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c5:e9:d1:76:0b:5b:e5:c9:20:3b:37:b9:e6:
a0:40:c8:67:a0:43:77:91:d7:14:3c:02:18:e1:39:
0e:5d:69:99:aa:7a:d2:6a:ca:98:5d:62:17:9e:6a:
0d:a3:db:16:ae:82:3b:8b:4e:8a:72:16:9d:4b:33:
12:5e:47:23:ea:73:6f:ea:8a:b8:1d:3a:4a:f9:78:
64:c5:9d:ec:80:1e:bd:ba:a1:22:cc:47:2b:d9:53:
d8:6b:44:0e:6e:d2:99:c8:4a:80:b1:56:44:78:04:
db:d9:b8:eb:0d:89:ad:ed:2d:5e:15:1a:9e:78:73:
98:ba:af:ef:f5:f0:0a:60:9a:96:59:07:bd:45:dc:
b1:03:89:1b:c0:22:4d:1f:a0:e2:5c:e8:72:03:d4:
eb:f5:9b:28:56:a7:b4:64:0c:04:15:31:1a:aa:63:
f9:36:a9:d8:f8:a4:4e:72:b8:9c:25:ea:8a:31:30:
f7:91:45:23:00:29:99:90:3f:28:12:83:6c:e2:10:
12:9a:f9:72:ee:48:bb:d2:06:33:42:7c:a2:b8:ed:
cf:ba:41:ce:a1:79:2f:90:7a:9c:31:f8:56:ec:b4:
40:2c:23:a4:b3:ab:6d:26:1a:70:a6:18:82:cf:8d:
5e:fd:36:18:79:cf:3d:8e:fb:fb:1c:1c:a3:d4:fc:
f6:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:79:E4:8A:14:E0:90:46:D0:B8:29:06:86:C9:AE:69:73:86:42:5C
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/tXnkihTgkEbQuCkGhsmuaXOGQlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.41.0/24
91.232.227.0/24
94.232.96.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:2d:6d:b8:67:6a:35:37:49:00:78:1e:a4:b6:9a:16:75:6a:
64:8d:5f:50:37:dc:05:8d:81:7d:a5:d2:1a:6d:00:ff:1e:a7:
91:96:63:7e:d4:a9:95:03:9a:d2:50:5c:0e:42:aa:8d:d9:9d:
4a:71:a4:b6:8e:31:ab:a8:42:3c:ce:f2:a2:19:cb:05:23:30:
70:79:7d:47:d4:f2:ca:2f:3a:f0:20:a2:a2:dc:62:b9:b4:36:
36:e8:a2:77:49:c1:bf:e3:d9:df:86:29:31:17:4c:5e:0d:58:
86:24:38:4c:1a:8f:04:e1:37:3b:15:c4:8f:43:d0:99:48:fa:
a5:02:b5:71:e0:be:f0:18:cd:a2:ed:d5:2a:8e:5d:66:ec:6e:
8e:d6:2d:23:1e:12:5c:f9:a6:10:35:3c:83:bc:b4:22:24:d2:
49:61:bb:ad:b1:84:a7:a7:67:b3:8b:ba:58:e1:ea:63:77:48:
0e:32:40:3e:f9:bc:55:34:fd:28:72:bf:0e:ac:d6:12:92:36:
ad:b6:85:80:c5:4a:4c:af:cf:d0:8d:db:8f:b5:f8:63:8f:8c:
22:88:7f:04:26:5a:57:75:95:71:ad:26:f3:42:b7:2a:d0:9f:
4b:38:98:75:06:cc:81:99:ec:8e:1b:30:53:e7:31:aa:75:fc:
8e:a2:d9:12
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXQGoYFv6LJ0LDFq99dMr1PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwMTIwMTY1NDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTc5ZTQ4YTE0ZTA5MDQ2ZDBiODI5MDY4NmM5YWU2OTczODY0MjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcXp0XYLW+XJIDs3ueagQMhnoEN3
kdcUPAIY4TkOXWmZqnrSasqYXWIXnmoNo9sWroI7i06KchadSzMSXkcj6nNv6oq4
HTpK+XhkxZ3sgB69uqEizEcr2VPYa0QObtKZyEqAsVZEeATb2bjrDYmt7S1eFRqe
eHOYuq/v9fAKYJqWWQe9RdyxA4kbwCJNH6DiXOhyA9Tr9ZsoVqe0ZAwEFTEaqmP5
NqnY+KROcricJeqKMTD3kUUjACmZkD8oEoNs4hASmvly7ki70gYzQnyiuO3PukHO
oXkvkHqcMfhW7LRALCOks6ttJhpwphiCz41e/TYYec89jvv7HByj1Pz2rwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLV55IoU4JBG0LgpBobJrmlzhkJcMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvdFhua2loVGdrRWJRdUNrR2hzbXVhWE9HUWx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+ApAwQA
W+jjAwQCXuhgMA0GCSqGSIb3DQEBCwUAA4IBAQCaLW24Z2o1N0kAeB6ktpoWdWpk
jV9QN9wFjYF9pdIabQD/HqeRlmN+1KmVA5rSUFwOQqqN2Z1KcaS2jjGrqEI8zvKi
GcsFIzBweX1H1PLKLzrwIKKi3GK5tDY26KJ3ScG/49nfhikxF0xeDViGJDhMGo8E
4Tc7FcSPQ9CZSPqlArVx4L7wGM2i7dUqjl1m7G6O1i0jHhJc+aYQNTyDvLQiJNJJ
YbutsYSnp2ezi7pY4epjd0gOMkA++bxVNP0ocr8OrNYSkjattoWAxUpMr8/QjduP
tfhjj4wiiH8EJlpXdZVxrSbzQrcq0J9LOJh1BsyBmeyOGzBT5zGqdfyOotkS
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:56 2023 by rpki-client on console-fra.rpki-client.org