Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/TfzkPMMOJsWB7KUFs8wreTaB6Lo.roa
File: TfzkPMMOJsWB7KUFs8wreTaB6Lo.roa (raw, json)
Hash identifier: IG7tAOWUJf7RmVcRo1qpXn74ffSRRrV8vhaCld8THPo=
Subject key identifier: 4D:FC:E4:3C:C3:0E:26:C5:81:EC:A5:05:B3:CC:2B:79:36:81:E8:BA
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 018572CCA2A7DEE449CD770685724BB7C2C9
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/TfzkPMMOJsWB7KUFs8wreTaB6Lo.roa
Signing time: Mon 02 Jan 2023 14:04:51 +0000
ROA not before: Mon 02 Jan 2023 14:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210636
IP address blocks: 85.203.17.0/24 maxlen: 24
85.203.18.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:a2:a7:de:e4:49:cd:77:06:85:72:4b:b7:c2:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 2 14:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4dfce43cc30e26c581eca505b3cc2b793681e8ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d3:7b:13:4c:13:a5:5a:ac:9e:90:c1:46:d7:
e6:74:4f:2f:b1:e9:6c:68:f7:f3:d4:94:91:8e:fe:
6a:df:c8:0e:c3:69:3d:3f:4b:01:b5:d2:1d:61:48:
2a:69:f1:75:7e:3a:98:d0:32:f8:4b:89:36:19:67:
a2:53:ea:42:44:ab:8f:e0:cc:16:d8:bb:54:a2:b3:
19:0a:a5:98:74:2c:40:b5:d9:07:83:93:62:87:62:
c8:95:b4:47:14:88:43:ad:d0:57:42:81:db:7a:c7:
49:ec:05:b9:3b:d3:1a:7e:74:35:64:0e:ef:ac:ba:
71:09:4e:ea:48:3d:a0:53:df:e0:49:47:55:0c:b6:
54:51:2c:0f:46:35:f8:51:98:c1:7f:3f:40:35:5a:
0d:8f:88:a6:95:7c:ef:01:6c:39:fc:b0:58:50:3a:
0f:ff:9b:ed:40:89:a3:f7:1c:80:a1:d6:af:e5:f6:
56:c9:83:bc:b0:9e:e6:fe:4f:7d:22:af:85:26:b3:
27:27:97:41:b8:a7:c6:04:f5:34:2f:ad:3a:88:ce:
5d:4b:e8:64:e6:4f:36:d6:b2:39:23:ee:68:49:67:
c2:2f:fb:4c:73:34:7b:ea:e7:a1:73:49:55:f2:81:
85:87:2d:e6:38:97:71:7c:a3:1e:13:cd:10:06:48:
38:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:FC:E4:3C:C3:0E:26:C5:81:EC:A5:05:B3:CC:2B:79:36:81:E8:BA
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/TfzkPMMOJsWB7KUFs8wreTaB6Lo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.17.0-85.203.18.255
Signature Algorithm: sha256WithRSAEncryption
6b:eb:c9:62:d7:95:7b:b4:b1:dd:46:4a:87:85:a8:8e:9b:6c:
b3:c8:ad:08:9e:39:78:b7:8a:7c:a9:5f:24:09:72:a5:1e:20:
9c:f7:b3:16:d5:01:27:6b:42:65:8a:28:bd:6d:32:30:62:e8:
ea:34:cb:22:66:44:47:bd:27:8c:ee:19:37:d3:7d:79:ef:3c:
f1:d1:65:ee:f6:d2:40:2c:57:b1:98:62:85:14:e9:75:4d:b9:
5f:b5:c9:78:a0:f6:fb:f6:2a:b9:14:f3:4e:79:92:14:bc:16:
d2:a3:22:b1:91:22:52:4e:1a:27:3c:43:87:d3:37:3b:24:8a:
e9:61:65:91:2a:f9:e4:1b:2f:77:de:bc:d1:d0:f1:77:97:66:
07:db:05:58:6a:06:05:37:f5:c2:bb:cb:81:71:88:f7:77:03:
75:0b:ca:21:76:5d:54:a3:b9:1f:15:61:62:d3:98:39:41:a8:
20:21:0d:87:93:6d:5f:c8:fb:8c:12:44:a9:55:a8:63:99:e9:
a1:c2:0b:87:21:73:5b:83:a0:c6:94:ca:63:7c:ef:de:fb:d7:
e2:dd:51:ee:ab:71:33:a2:5c:0c:5b:3b:97:99:ac:64:54:77:
66:df:58:bb:46:7f:a1:dc:2e:fb:32:f6:0a:0d:52:d9:cb:36:
03:7e:5e:78
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVyzKKn3uRJzXcGhXJLt8LJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjMwMTAyMTQwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGZjZTQzY2MzMGUyNmM1ODFlY2E1MDViM2NjMmI3OTM2ODFlOGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dN7E0wTpVqsnpDBRtfmdE8vsels
aPfz1JSRjv5q38gOw2k9P0sBtdIdYUgqafF1fjqY0DL4S4k2GWeiU+pCRKuP4MwW
2LtUorMZCqWYdCxAtdkHg5Nih2LIlbRHFIhDrdBXQoHbesdJ7AW5O9MafnQ1ZA7v
rLpxCU7qSD2gU9/gSUdVDLZUUSwPRjX4UZjBfz9ANVoNj4imlXzvAWw5/LBYUDoP
/5vtQImj9xyAodav5fZWyYO8sJ7m/k99Iq+FJrMnJ5dBuKfGBPU0L606iM5dS+hk
5k821rI5I+5oSWfCL/tMczR76uehc0lV8oGFhy3mOJdxfKMeE80QBkg42QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFE385DzDDibFgeylBbPMK3k2gei6MB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvVGZ6a1BNTU9Kc1dCN0tVRnM4d3JlVGFCNkxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABVyxED
BABVyxIwDQYJKoZIhvcNAQELBQADggEBAGvryWLXlXu0sd1GSoeFqI6bbLPIrQie
OXi3inypXyQJcqUeIJz3sxbVASdrQmWKKL1tMjBi6Oo0yyJmREe9J4zuGTfTfXnv
PPHRZe720kAsV7GYYoUU6XVNuV+1yXig9vv2KrkU8055khS8FtKjIrGRIlJOGic8
Q4fTNzskiulhZZEq+eQbL3fevNHQ8XeXZgfbBVhqBgU39cK7y4FxiPd3A3ULyiF2
XVSjuR8VYWLTmDlBqCAhDYeTbV/I+4wSRKlVqGOZ6aHCC4chc1uDoMaUymN87977
1+LdUe6rcTOiXAxbO5eZrGRUd2bfWLtGf6HcLvsy9goNUtnLNgN+Xng=
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:33 2024 by rpki-client on console-ams.rpki-client.org