Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/TPwxuCAb-JmwLxBxacibqnqDQTM.roa
File: TPwxuCAb-JmwLxBxacibqnqDQTM.roa (raw, json)
Hash identifier: DtDKEaa7bvnRAszqcooyxpSzw0c7O8VA996Mk5l5QTY=
Subject key identifier: 4C:FC:31:B8:20:1B:F8:99:B0:2F:10:71:69:C8:9B:AA:7A:83:41:33
Certificate issuer: /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial: 01856F4B742AFC9E1EDF3ED6EE5398676DAF
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/TPwxuCAb-JmwLxBxacibqnqDQTM.roa
Signing time: Sun 01 Jan 2023 21:44:53 +0000
ROA not before: Sun 01 Jan 2023 21:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25459
IP address blocks: 217.170.1.0/24 maxlen: 24
217.170.12.0/23 maxlen: 23
217.170.14.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:74:2a:fc:9e:1e:df:3e:d6:ee:53:98:67:6d:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Validity
Not Before: Jan 1 21:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4cfc31b8201bf899b02f107169c89baa7a834133
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:31:53:d4:c5:80:73:fb:d6:7e:f1:c2:ea:f4:
4b:35:9b:23:3c:08:d1:30:89:94:7d:5b:12:fe:91:
09:92:a7:c7:5c:69:79:f3:ee:a3:77:ac:85:e5:0f:
d4:05:95:51:33:70:2d:3f:ed:08:0b:25:cb:34:01:
e7:04:d5:99:e8:89:fc:0b:9c:81:05:cc:63:88:9b:
1b:5b:1e:6d:9b:94:61:63:e5:2b:82:e5:06:c6:2b:
06:ea:c8:d3:85:62:0c:93:f5:29:31:40:3f:22:42:
3d:6b:63:da:1a:6a:0b:cf:02:e5:85:da:9f:4f:75:
89:0d:6e:71:65:2d:7c:97:03:97:4e:e1:ca:f3:b1:
97:f2:25:71:c1:b7:e1:5c:c8:f0:84:10:f8:ac:cc:
52:90:f1:a2:0c:9b:ee:b4:2a:c2:7f:c8:6e:b9:21:
f2:e6:a7:23:85:19:6b:b4:21:bc:e4:f5:8f:38:b2:
c7:8b:84:2d:cd:ee:88:8e:92:e2:d1:c3:44:4c:b7:
06:88:fe:4b:09:a7:42:8a:da:78:47:07:d2:aa:f0:
76:83:87:85:ad:a9:89:08:65:e5:20:87:15:ea:7b:
50:f8:b2:59:6b:9c:fd:61:eb:67:77:0c:06:2f:50:
f1:cd:1f:59:86:15:62:98:fb:94:32:81:4c:32:89:
6b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:FC:31:B8:20:1B:F8:99:B0:2F:10:71:69:C8:9B:AA:7A:83:41:33
X509v3 Authority Key Identifier:
keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/TPwxuCAb-JmwLxBxacibqnqDQTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.170.1.0/24
217.170.12.0-217.170.14.255
Signature Algorithm: sha256WithRSAEncryption
09:bf:fe:5b:28:ec:60:54:56:b3:f9:b4:c8:71:d0:23:70:35:
f3:99:15:37:74:51:80:05:54:59:26:e3:28:95:21:44:5e:d0:
7a:8a:cc:55:cd:7f:9d:85:19:7f:5b:8b:13:f9:0b:76:d3:98:
44:85:ee:a3:6a:ac:77:78:99:dd:c8:a0:66:2e:55:71:e3:66:
8f:00:50:1e:59:ed:8b:05:69:b9:58:45:50:15:de:3e:d3:84:
0d:e3:84:3d:d1:c6:85:2d:1a:93:b5:7e:15:34:17:8b:03:e4:
c5:33:e8:3c:f2:42:3d:25:6c:d9:8d:00:c7:ac:64:5e:ee:83:
5e:f0:5f:1b:83:57:1b:0d:7b:b6:5d:c2:3e:ad:9f:cd:34:88:
99:58:5d:3c:f7:b0:5b:0b:12:31:be:30:df:de:66:06:7a:38:
52:25:a3:da:70:0a:5a:3d:0f:0c:2c:17:ee:3d:72:8e:74:0b:
14:35:92:a0:dc:73:ad:f7:32:79:bf:d0:13:90:1b:a9:2a:78:
b4:d2:51:16:2b:86:1d:92:3d:f6:7d:62:7b:31:c9:cf:28:38:
71:f6:96:73:e7:46:89:1d:d0:80:5d:bb:1b:15:be:c8:63:b0:
99:de:b3:b2:7d:ab:28:1e:ed:1d:01:cc:8a:35:08:1c:dd:8f:
8a:13:fd:6a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVvS3Qq/J4e3z7W7lOYZ22vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMWZlMzBmYzZiNGIwZDBmNmRiNGUxYmZiYmQ1MDE5NWRj
YTU3NWMwHhcNMjMwMTAxMjE0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2ZjMzFiODIwMWJmODk5YjAyZjEwNzE2OWM4OWJhYTdhODM0MTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozFT1MWAc/vWfvHC6vRLNZsjPAjR
MImUfVsS/pEJkqfHXGl58+6jd6yF5Q/UBZVRM3AtP+0ICyXLNAHnBNWZ6In8C5yB
BcxjiJsbWx5tm5RhY+UrguUGxisG6sjThWIMk/UpMUA/IkI9a2PaGmoLzwLlhdqf
T3WJDW5xZS18lwOXTuHK87GX8iVxwbfhXMjwhBD4rMxSkPGiDJvutCrCf8huuSHy
5qcjhRlrtCG85PWPOLLHi4Qtze6IjpLi0cNETLcGiP5LCadCitp4RwfSqvB2g4eF
ramJCGXlIIcV6ntQ+LJZa5z9YetndwwGL1DxzR9ZhhVimPuUMoFMMolrNQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFEz8MbggG/iZsC8QcWnIm6p6g0EzMB8GA1UdIwQY
MBaAFCAf4w/GtLDQ9ttOG/u9UBldyldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYt
ZmMxMjFjODAwYjMwLzEvVFB3eHVDQWItSm13THhCeGFjaWJxbnFEUVRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYtZmMxMjFjODAwYjMw
LzEvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQA2aoBMAwD
BALZqgwDBADZqg4wDQYJKoZIhvcNAQELBQADggEBAAm//lso7GBUVrP5tMhx0CNw
NfOZFTd0UYAFVFkm4yiVIURe0HqKzFXNf52FGX9bixP5C3bTmESF7qNqrHd4md3I
oGYuVXHjZo8AUB5Z7YsFablYRVAV3j7ThA3jhD3RxoUtGpO1fhU0F4sD5MUz6Dzy
Qj0lbNmNAMesZF7ug17wXxuDVxsNe7Zdwj6tn800iJlYXTz3sFsLEjG+MN/eZgZ6
OFIlo9pwClo9DwwsF+49co50CxQ1kqDcc633Mnm/0BOQG6kqeLTSURYrhh2SPfZ9
Ynsxyc8oOHH2lnPnRokd0IBduxsVvshjsJnes7J9qyge7R0BzIo1CBzdj4oT/Wo=
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:02 2024 by rpki-client on console-ams.rpki-client.org