Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/080530-3f81-4479-b5a0-9a38159b794e/1/TynxdrT5VzuWj8WHOo1XRS0Z13s.roa
File: TynxdrT5VzuWj8WHOo1XRS0Z13s.roa (raw, json)
Hash identifier: J3JkwutOmj9YNsnmhcA5cf/13sSzN7btcNgCYwc8zgM=
Subject key identifier: 4F:29:F1:76:B4:F9:57:3B:96:8F:C5:87:3A:8D:57:45:2D:19:D7:7B
Certificate issuer: /CN=773110a43704d9549df7156e3a789e62285b1693
Certificate serial: 01856BD3778A45A3D7FAFBBD95360C009E60
Authority key identifier: 77:31:10:A4:37:04:D9:54:9D:F7:15:6E:3A:78:9E:62:28:5B:16:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dzEQpDcE2VSd9xVuOnieYihbFpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/080530-3f81-4479-b5a0-9a38159b794e/1/TynxdrT5VzuWj8WHOo1XRS0Z13s.roa
Signing time: Sun 01 Jan 2023 05:34:58 +0000
ROA not before: Sun 01 Jan 2023 05:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59626
IP address blocks: 185.139.100.0/22 maxlen: 22
2a07:1480::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:d3:77:8a:45:a3:d7:fa:fb:bd:95:36:0c:00:9e:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=773110a43704d9549df7156e3a789e62285b1693
Validity
Not Before: Jan 1 05:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f29f176b4f9573b968fc5873a8d57452d19d77b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f4:2d:f5:1b:ee:1b:dd:ac:77:8d:52:e3:c2:
de:40:ed:31:62:02:aa:fe:d5:5c:57:65:8f:9b:4e:
85:f6:a7:86:52:20:54:80:29:50:4d:2f:cc:76:1e:
0d:6b:b9:79:62:10:17:60:d6:c6:a8:13:70:42:68:
3a:24:5b:6d:24:4a:87:15:ae:cf:f5:0f:f8:2e:57:
0e:14:88:49:97:25:cf:37:d0:78:4b:84:61:b9:b1:
18:7b:d0:6e:fe:05:1f:0b:2d:01:06:57:a4:cf:21:
c9:5f:47:e1:32:48:54:78:da:6d:f8:b1:d4:90:f3:
80:a3:0e:c4:88:d7:6c:78:ae:ae:28:8c:80:c8:f5:
29:ad:79:9d:e2:ad:17:e3:97:35:b7:e0:5b:87:2c:
a0:ff:87:db:a4:e1:12:6b:40:f6:1a:52:1a:7b:14:
98:9d:5a:bb:92:2d:7e:80:c5:b6:0f:39:5a:0d:fa:
b8:ba:1c:e2:ec:49:01:45:8f:d0:85:fd:85:cf:a7:
1a:67:ce:07:00:e4:6b:30:1d:55:ce:e5:79:75:23:
38:b6:d9:b3:72:ec:18:ff:d5:02:7d:8f:49:7d:cf:
83:f9:7d:64:7c:d9:d4:96:9c:63:f9:b0:fc:23:9c:
4f:b8:14:f1:15:1c:f6:8f:46:54:b2:33:e6:c8:03:
04:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:29:F1:76:B4:F9:57:3B:96:8F:C5:87:3A:8D:57:45:2D:19:D7:7B
X509v3 Authority Key Identifier:
keyid:77:31:10:A4:37:04:D9:54:9D:F7:15:6E:3A:78:9E:62:28:5B:16:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dzEQpDcE2VSd9xVuOnieYihbFpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/080530-3f81-4479-b5a0-9a38159b794e/1/TynxdrT5VzuWj8WHOo1XRS0Z13s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/080530-3f81-4479-b5a0-9a38159b794e/1/dzEQpDcE2VSd9xVuOnieYihbFpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.139.100.0/22
IPv6:
2a07:1480::/29
Signature Algorithm: sha256WithRSAEncryption
95:8b:14:3c:cd:e4:6b:ff:35:a4:45:6b:f8:39:4e:e7:67:aa:
31:fb:5e:e4:99:fb:9d:38:e1:21:34:c5:4e:93:72:82:3d:14:
40:fb:46:23:4b:57:8b:2a:6b:42:22:89:fd:42:83:31:1c:66:
fe:92:b8:e0:49:ea:e8:2a:d2:55:34:27:c6:53:ca:38:4d:98:
fc:4c:6d:53:46:3e:15:7d:ad:0b:00:90:8f:5e:24:cb:62:86:
c4:5d:52:da:41:0a:30:7b:e0:4d:49:19:7e:1b:70:9e:a5:52:
af:58:8b:f3:9f:28:9b:88:23:87:25:86:c9:1d:9b:01:0a:5e:
51:2f:35:82:a8:77:c5:b0:53:0e:06:af:89:2f:ce:6a:fe:38:
da:62:b4:59:ae:34:01:c6:b0:88:b7:20:e0:05:3f:a8:35:e7:
4c:00:ee:12:15:82:34:c5:90:eb:c1:87:31:65:85:37:c7:d4:
ed:30:4b:80:e3:08:6f:ca:dc:68:52:59:64:47:d9:2f:32:ff:
92:78:77:ff:e5:71:7d:e8:55:6c:87:ac:4d:5b:4f:a0:c0:0d:
b3:18:9f:ba:67:a3:88:0c:4e:02:39:ab:3e:63:66:7a:77:11:
0d:93:05:c6:f3:08:fa:ff:98:eb:12:4d:1b:d7:7d:e9:de:c9:
ee:36:43:28
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVr03eKRaPX+vu9lTYMAJ5gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MzExMGE0MzcwNGQ5NTQ5ZGY3MTU2ZTNhNzg5ZTYyMjg1
YjE2OTMwHhcNMjMwMTAxMDUzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjI5ZjE3NmI0Zjk1NzNiOTY4ZmM1ODczYThkNTc0NTJkMTlkNzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/Qt9RvuG92sd41S48LeQO0xYgKq
/tVcV2WPm06F9qeGUiBUgClQTS/Mdh4Na7l5YhAXYNbGqBNwQmg6JFttJEqHFa7P
9Q/4LlcOFIhJlyXPN9B4S4RhubEYe9Bu/gUfCy0BBlekzyHJX0fhMkhUeNpt+LHU
kPOAow7EiNdseK6uKIyAyPUprXmd4q0X45c1t+Bbhyyg/4fbpOESa0D2GlIaexSY
nVq7ki1+gMW2DzlaDfq4uhzi7EkBRY/Qhf2Fz6caZ84HAORrMB1VzuV5dSM4ttmz
cuwY/9UCfY9Jfc+D+X1kfNnUlpxj+bD8I5xPuBTxFRz2j0ZUsjPmyAMEqwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE8p8Xa0+Vc7lo/FhzqNV0UtGdd7MB8GA1UdIwQY
MBaAFHcxEKQ3BNlUnfcVbjp4nmIoWxaTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHpFUXBEY0UyVlNkOXhWdU9uaWVZaWhiRnBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8wODA1MzAtM2Y4MS00NDc5LWI1YTAt
OWEzODE1OWI3OTRlLzEvVHlueGRyVDVWenVXajhXSE9vMVhSUzBaMTNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8wODA1MzAtM2Y4MS00NDc5LWI1YTAtOWEzODE1OWI3OTRl
LzEvZHpFUXBEY0UyVlNkOXhWdU9uaWVZaWhiRnBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYtkMA0E
AgACMAcDBQMqBxSAMA0GCSqGSIb3DQEBCwUAA4IBAQCVixQ8zeRr/zWkRWv4OU7n
Z6ox+17kmfudOOEhNMVOk3KCPRRA+0YjS1eLKmtCIon9QoMxHGb+krjgSeroKtJV
NCfGU8o4TZj8TG1TRj4Vfa0LAJCPXiTLYobEXVLaQQowe+BNSRl+G3CepVKvWIvz
nyibiCOHJYbJHZsBCl5RLzWCqHfFsFMOBq+JL85q/jjaYrRZrjQBxrCItyDgBT+o
NedMAO4SFYI0xZDrwYcxZYU3x9TtMEuA4whvytxoUllkR9kvMv+SeHf/5XF96FVs
h6xNW0+gwA2zGJ+6Z6OIDE4COas+Y2Z6dxENkwXG8wj6/5jrEk0b133p3snuNkMo
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:25 2024 by rpki-client on console-ams.rpki-client.org