Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f32454-3ef9-4412-8570-5cf43d35908e/1/T5qbreSQmtK1mKck0r_8dAU-bJg.roa
File: T5qbreSQmtK1mKck0r_8dAU-bJg.roa (raw, json)
Hash identifier: 0x+E6NWkV8e0lmkzgWhQg9UZPnz23f8a2PdyFAhuQeI=
Subject key identifier: 4F:9A:9B:AD:E4:90:9A:D2:B5:98:A7:24:D2:BF:FC:74:05:3E:6C:98
Certificate issuer: /CN=38482b1320b980f46d6e404fe7d58bdb11d50fd3
Certificate serial: 018572D5BEBBE6BCB4F20591C962DCBA6FA6
Authority key identifier: 38:48:2B:13:20:B9:80:F4:6D:6E:40:4F:E7:D5:8B:DB:11:D5:0F:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OEgrEyC5gPRtbkBP59WL2xHVD9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f32454-3ef9-4412-8570-5cf43d35908e/1/T5qbreSQmtK1mKck0r_8dAU-bJg.roa
Signing time: Mon 02 Jan 2023 14:14:48 +0000
ROA not before: Mon 02 Jan 2023 14:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59780
IP address blocks: 185.71.120.0/22 maxlen: 24
185.177.84.0/22 maxlen: 24
2a05:3240::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:d5:be:bb:e6:bc:b4:f2:05:91:c9:62:dc:ba:6f:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38482b1320b980f46d6e404fe7d58bdb11d50fd3
Validity
Not Before: Jan 2 14:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f9a9bade4909ad2b598a724d2bffc74053e6c98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:45:06:e4:dc:87:5f:01:4a:d6:d5:a7:e0:80:
32:0b:ae:2a:96:37:f3:f6:26:95:ce:e4:d0:a7:c8:
a2:7a:02:2c:49:82:fc:55:f8:78:4e:1c:06:b0:12:
bc:72:2c:65:ea:f5:cb:d3:5b:0a:80:14:3c:74:9b:
86:78:38:7a:80:94:71:02:40:e8:7f:e3:06:e0:77:
25:c5:a2:85:22:32:6e:d3:57:23:00:40:ea:40:2e:
f9:ce:e8:ac:7b:a5:e9:79:85:ed:ba:e4:59:68:ed:
49:61:b7:67:d8:58:87:a9:b3:91:ca:c0:d5:58:6d:
06:9f:83:ff:4f:c5:d9:d6:52:1f:6e:44:ed:25:2a:
91:2c:3d:68:85:94:8b:d3:ee:9e:d9:14:98:81:63:
eb:a0:4c:03:11:f6:33:cd:fd:3e:19:dd:30:98:08:
be:0f:1d:37:d1:e2:55:a9:0a:6a:53:ef:df:cd:c3:
ae:1a:0a:bb:e5:55:a2:8b:c1:f0:c1:46:fb:d9:e8:
67:94:b0:cc:fa:c1:c4:34:ab:06:ea:bb:6c:db:ae:
be:f9:74:a6:97:18:f7:26:9f:8f:86:68:0a:0e:14:
0c:73:ed:43:1e:c8:18:0f:d8:1a:aa:d9:3c:eb:17:
f4:03:16:19:59:92:ed:41:36:e0:b3:6a:5b:e7:9f:
0d:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:9A:9B:AD:E4:90:9A:D2:B5:98:A7:24:D2:BF:FC:74:05:3E:6C:98
X509v3 Authority Key Identifier:
keyid:38:48:2B:13:20:B9:80:F4:6D:6E:40:4F:E7:D5:8B:DB:11:D5:0F:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OEgrEyC5gPRtbkBP59WL2xHVD9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f32454-3ef9-4412-8570-5cf43d35908e/1/T5qbreSQmtK1mKck0r_8dAU-bJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f32454-3ef9-4412-8570-5cf43d35908e/1/OEgrEyC5gPRtbkBP59WL2xHVD9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.120.0/22
185.177.84.0/22
IPv6:
2a05:3240::/29
Signature Algorithm: sha256WithRSAEncryption
70:6c:3c:b5:66:c7:45:69:ea:e3:fc:4e:3d:c1:4f:60:5f:d6:
be:1d:6d:df:71:76:af:fc:9d:2e:4e:7d:3c:54:c9:94:9b:86:
a7:df:e5:8a:2a:69:5c:c9:f7:2d:73:ad:11:4f:1c:38:fb:a6:
3f:7f:8b:ea:71:b9:d1:cf:6b:f9:fa:8d:f3:30:05:87:3e:f5:
5b:df:f6:7e:b2:ba:0a:c6:ca:46:78:52:dd:be:30:50:43:c2:
d9:ee:20:61:05:db:e0:24:83:05:6c:5e:b2:97:be:84:1d:4d:
f0:7e:30:6b:ef:ce:7b:80:f2:26:05:80:29:5c:5d:c4:69:49:
49:0b:14:3d:83:28:2a:ec:39:8a:f8:59:06:ed:82:3c:cd:04:
7f:90:65:16:79:97:c4:ba:f8:07:8f:47:71:99:b6:55:8c:26:
b9:48:ec:5c:00:9b:a5:cc:e3:01:4c:92:cc:f5:2b:82:96:fd:
5f:47:78:fc:65:47:fa:e2:b8:49:e0:95:78:88:e6:a8:8b:22:
1c:ea:2e:cb:c0:5f:60:cb:31:b5:f3:49:fe:5b:54:08:fe:40:
e4:94:ed:c3:04:a5:25:fa:c1:60:a9:89:cd:95:db:bc:45:f4:
9d:c9:f9:80:11:72:52:12:63:9b:42:ef:16:8f:e9:80:6d:c5:
17:c0:df:b8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVy1b675ry08gWRyWLcum+mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NDgyYjEzMjBiOTgwZjQ2ZDZlNDA0ZmU3ZDU4YmRiMTFk
NTBmZDMwHhcNMjMwMTAyMTQxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjlhOWJhZGU0OTA5YWQyYjU5OGE3MjRkMmJmZmM3NDA1M2U2Yzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEUG5NyHXwFK1tWn4IAyC64qljfz
9iaVzuTQp8iiegIsSYL8Vfh4ThwGsBK8cixl6vXL01sKgBQ8dJuGeDh6gJRxAkDo
f+MG4HclxaKFIjJu01cjAEDqQC75zuise6XpeYXtuuRZaO1JYbdn2FiHqbORysDV
WG0Gn4P/T8XZ1lIfbkTtJSqRLD1ohZSL0+6e2RSYgWProEwDEfYzzf0+Gd0wmAi+
Dx030eJVqQpqU+/fzcOuGgq75VWii8HwwUb72ehnlLDM+sHENKsG6rts266++XSm
lxj3Jp+PhmgKDhQMc+1DHsgYD9gaqtk86xf0AxYZWZLtQTbgs2pb558NfQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFE+am63kkJrStZinJNK//HQFPmyYMB8GA1UdIwQY
MBaAFDhIKxMguYD0bW5AT+fVi9sR1Q/TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0VnckV5QzVnUFJ0YmtCUDU5V0wyeEhWRDlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMzI0NTQtM2VmOS00NDEyLTg1NzAt
NWNmNDNkMzU5MDhlLzEvVDVxYnJlU1FtdEsxbUtjazByXzhkQVUtYkpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMzI0NTQtM2VmOS00NDEyLTg1NzAtNWNmNDNkMzU5MDhl
LzEvT0VnckV5QzVnUFJ0YmtCUDU5V0wyeEhWRDlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuUd4AwQC
ubFUMA0EAgACMAcDBQMqBTJAMA0GCSqGSIb3DQEBCwUAA4IBAQBwbDy1ZsdFaerj
/E49wU9gX9a+HW3fcXav/J0uTn08VMmUm4an3+WKKmlcyfctc60RTxw4+6Y/f4vq
cbnRz2v5+o3zMAWHPvVb3/Z+sroKxspGeFLdvjBQQ8LZ7iBhBdvgJIMFbF6yl76E
HU3wfjBr7857gPImBYApXF3EaUlJCxQ9gygq7DmK+FkG7YI8zQR/kGUWeZfEuvgH
j0dxmbZVjCa5SOxcAJulzOMBTJLM9SuClv1fR3j8ZUf64rhJ4JV4iOaoiyIc6i7L
wF9gyzG180n+W1QI/kDklO3DBKUl+sFgqYnNldu8RfSdyfmAEXJSEmObQu8Wj+mA
bcUXwN+4
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:42 2024 by rpki-client on console-ams.rpki-client.org