Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/754af9-78df-4bd1-b480-527c81958649/1/TaxpWba5PsI2jyMj86vw-AANcns.roa
File: TaxpWba5PsI2jyMj86vw-AANcns.roa (raw, json)
Hash identifier: C+5NY72+tLTmwVdxuRwu8e7/+iooph7vZpIUfOKKKNs=
Subject key identifier: 4D:AC:69:59:B6:B9:3E:C2:36:8F:23:23:F3:AB:F0:F8:00:0D:72:7B
Certificate issuer: /CN=56bd7f6adfec6d44d16d3e3f798e3f2bd20da3ff
Certificate serial: 018570CBD26E8ABBAAB4F4FD3F6C5F1014CC
Authority key identifier: 56:BD:7F:6A:DF:EC:6D:44:D1:6D:3E:3F:79:8E:3F:2B:D2:0D:A3:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vr1_at_sbUTRbT4_eY4_K9INo_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/754af9-78df-4bd1-b480-527c81958649/1/TaxpWba5PsI2jyMj86vw-AANcns.roa
Signing time: Mon 02 Jan 2023 04:44:43 +0000
ROA not before: Mon 02 Jan 2023 04:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33182
IP address blocks: 185.38.44.0/22 maxlen: 22
109.73.160.0/24 maxlen: 24
109.73.164.0/24 maxlen: 24
109.73.163.0/24 maxlen: 24
109.73.162.0/24 maxlen: 24
109.73.161.0/24 maxlen: 24
109.73.166.0/24 maxlen: 24
109.73.165.0/24 maxlen: 24
109.73.171.0/24 maxlen: 24
109.73.170.0/24 maxlen: 24
109.73.169.0/24 maxlen: 24
109.73.168.0/24 maxlen: 24
109.73.172.0/24 maxlen: 24
109.73.167.0/24 maxlen: 24
109.73.174.0/24 maxlen: 24
109.73.173.0/24 maxlen: 24
109.73.175.0/24 maxlen: 24
212.18.224.0/20 maxlen: 20
212.18.230.0/24 maxlen: 24
212.18.232.0/24 maxlen: 24
212.18.235.0/24 maxlen: 24
212.18.234.0/24 maxlen: 24
212.18.234.0/23 maxlen: 23
212.18.237.0/24 maxlen: 24
86.111.176.0/22 maxlen: 22
86.111.176.0/20 maxlen: 20
86.111.182.0/23 maxlen: 23
86.111.180.0/23 maxlen: 23
86.111.184.0/21 maxlen: 21
2a04:840:10::/44 maxlen: 44
2a04:840::/44 maxlen: 44
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cb:d2:6e:8a:bb:aa:b4:f4:fd:3f:6c:5f:10:14:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56bd7f6adfec6d44d16d3e3f798e3f2bd20da3ff
Validity
Not Before: Jan 2 04:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4dac6959b6b93ec2368f2323f3abf0f8000d727b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5f:3e:9b:44:55:00:74:85:2a:53:f5:38:54:
e6:f5:2f:f5:c4:ed:69:27:52:a5:a6:a4:68:e5:4b:
42:23:ce:09:e8:31:c7:87:b3:3c:91:99:c9:4b:d3:
80:9b:b7:f6:0d:d9:e2:6e:6c:ef:bf:24:b3:10:9d:
ac:ec:6c:c6:87:c4:df:4a:4e:b5:b4:65:3f:ad:71:
16:8e:ba:16:2f:b7:3c:42:9a:90:5c:bf:4c:ba:fc:
64:b6:5c:20:95:00:bb:1a:83:6d:e8:bb:9e:75:b2:
3c:01:69:2b:c1:0a:97:af:74:fe:bc:fb:e0:38:76:
21:d4:ce:bb:cc:13:68:bb:6e:99:1f:8d:da:fe:a9:
46:a8:49:a5:f2:d9:1f:92:1c:51:68:95:b4:f5:c3:
be:ae:bc:88:3f:e8:fa:56:a2:44:cd:c1:50:f8:b3:
5b:0e:9a:b6:bf:cb:d2:9f:21:8d:e9:31:7b:ca:35:
49:e7:7c:f2:b8:dc:01:eb:b7:28:10:af:4a:e1:c7:
c6:88:7c:b6:75:9f:b3:c3:51:1e:83:b0:fa:b9:80:
3b:5c:0b:62:d6:09:d0:5f:ad:39:26:2a:1a:2f:03:
6b:3e:49:39:18:97:c0:1d:db:e7:91:52:2f:0d:f3:
fd:ba:7e:e9:87:e8:77:82:b1:a8:82:5f:b6:e7:77:
29:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:AC:69:59:B6:B9:3E:C2:36:8F:23:23:F3:AB:F0:F8:00:0D:72:7B
X509v3 Authority Key Identifier:
keyid:56:BD:7F:6A:DF:EC:6D:44:D1:6D:3E:3F:79:8E:3F:2B:D2:0D:A3:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vr1_at_sbUTRbT4_eY4_K9INo_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/754af9-78df-4bd1-b480-527c81958649/1/TaxpWba5PsI2jyMj86vw-AANcns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/754af9-78df-4bd1-b480-527c81958649/1/Vr1_at_sbUTRbT4_eY4_K9INo_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.111.176.0/20
109.73.160.0/20
185.38.44.0/22
212.18.224.0/20
IPv6:
2a04:840::/43
Signature Algorithm: sha256WithRSAEncryption
70:00:e0:3b:41:d1:54:68:3a:21:86:8a:f2:6f:22:e2:4b:8e:
97:ef:30:24:14:10:c7:dc:af:46:58:44:41:d1:0b:c7:7f:0b:
81:25:66:05:78:52:5a:ef:4c:08:11:b1:51:cc:aa:c1:77:81:
49:5f:4a:81:09:f9:69:21:7c:6b:20:db:ad:12:9a:fc:d3:0f:
e8:a7:45:ba:70:d5:99:c0:9f:cf:79:4f:cc:f7:93:4d:be:93:
05:4a:ef:69:a1:c0:25:0e:b3:7f:0e:7d:6e:1d:6a:ee:02:cb:
6d:07:2e:e6:ff:11:20:d9:74:a3:74:d9:88:71:23:a4:06:f0:
88:09:04:f0:39:f1:8a:77:82:92:75:49:a3:54:50:ac:9a:da:
04:49:c8:db:39:4e:d5:3f:be:95:57:43:87:f0:c8:f8:9f:8e:
b2:59:d1:c5:43:20:f3:e3:d5:d8:9d:5f:c0:0f:dd:b7:ca:79:
c9:06:6e:00:12:79:e7:39:80:e8:78:6c:61:71:7c:1c:b4:52:
47:84:da:c6:66:c0:2c:1f:81:15:a4:8e:ed:59:3c:39:9a:46:
ac:18:cf:d2:32:1c:d3:e4:25:99:54:b2:00:10:7c:e9:e2:49:
f9:9e:81:93:46:7c:8b:61:19:e3:fe:4a:fd:d5:42:4a:74:07:
67:f2:c3:47
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVwy9JuiruqtPT9P2xfEBTMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YmQ3ZjZhZGZlYzZkNDRkMTZkM2UzZjc5OGUzZjJiZDIw
ZGEzZmYwHhcNMjMwMTAyMDQ0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGFjNjk1OWI2YjkzZWMyMzY4ZjIzMjNmM2FiZjBmODAwMGQ3MjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtF8+m0RVAHSFKlP1OFTm9S/1xO1p
J1KlpqRo5UtCI84J6DHHh7M8kZnJS9OAm7f2DdnibmzvvySzEJ2s7GzGh8TfSk61
tGU/rXEWjroWL7c8QpqQXL9MuvxktlwglQC7GoNt6LuedbI8AWkrwQqXr3T+vPvg
OHYh1M67zBNou26ZH43a/qlGqEml8tkfkhxRaJW09cO+rryIP+j6VqJEzcFQ+LNb
Dpq2v8vSnyGN6TF7yjVJ53zyuNwB67coEK9K4cfGiHy2dZ+zw1Eeg7D6uYA7XAti
1gnQX605JioaLwNrPkk5GJfAHdvnkVIvDfP9un7ph+h3grGogl+253cpHwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFE2saVm2uT7CNo8jI/Or8PgADXJ7MB8GA1UdIwQY
MBaAFFa9f2rf7G1E0W0+P3mOPyvSDaP/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnIxX2F0X3NiVVRSYlQ0X2VZNF9LOUlOb184LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC83NTRhZjktNzhkZi00YmQxLWI0ODAt
NTI3YzgxOTU4NjQ5LzEvVGF4cFdiYTVQc0kyanlNajg2dnctQUFOY25zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC83NTRhZjktNzhkZi00YmQxLWI0ODAtNTI3YzgxOTU4NjQ5
LzEvVnIxX2F0X3NiVVRSYlQ0X2VZNF9LOUlOb184LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQEVm+wAwQE
bUmgAwQCuSYsAwQE1BLgMA8EAgACMAkDBwUqBAhAAAAwDQYJKoZIhvcNAQELBQAD
ggEBAHAA4DtB0VRoOiGGivJvIuJLjpfvMCQUEMfcr0ZYREHRC8d/C4ElZgV4Ulrv
TAgRsVHMqsF3gUlfSoEJ+WkhfGsg260SmvzTD+inRbpw1ZnAn895T8z3k02+kwVK
72mhwCUOs38OfW4dau4Cy20HLub/ESDZdKN02YhxI6QG8IgJBPA58Yp3gpJ1SaNU
UKya2gRJyNs5TtU/vpVXQ4fwyPifjrJZ0cVDIPPj1didX8AP3bfKeckGbgASeec5
gOh4bGFxfBy0UkeE2sZmwCwfgRWkju1ZPDmaRqwYz9IyHNPkJZlUsgAQfOniSfme
gZNGfIthGeP+Sv3VQkp0B2fyw0c=
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:18:57 2024 by rpki-client on console-ams.rpki-client.org