Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/5f217a-de26-4bf0-ac20-4fdae09a677d/1/twBPgrt-7uZ5CzRwBG29jwaWOb4.roa
File: twBPgrt-7uZ5CzRwBG29jwaWOb4.roa (raw, json)
Hash identifier: IU21bhSHsPxmNCiHAlX4wn6XqViUgBZuoHZsXw8nksI=
Subject key identifier: B7:00:4F:82:BB:7E:EE:E6:79:0B:34:70:04:6D:BD:8F:06:96:39:BE
Certificate issuer: /CN=6eef0dc51dfff0103419599906365572b7fe48fe
Certificate serial: 01856CB831264E258DF7A33823A7E144EC78
Authority key identifier: 6E:EF:0D:C5:1D:FF:F0:10:34:19:59:99:06:36:55:72:B7:FE:48:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bu8NxR3_8BA0GVmZBjZVcrf-SP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/5f217a-de26-4bf0-ac20-4fdae09a677d/1/twBPgrt-7uZ5CzRwBG29jwaWOb4.roa
Signing time: Sun 01 Jan 2023 09:44:48 +0000
ROA not before: Sun 01 Jan 2023 09:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61055
IP address blocks: 185.10.73.0/24 maxlen: 24
185.10.72.0/24 maxlen: 24
185.10.72.0/22 maxlen: 22
185.10.75.0/24 maxlen: 24
185.10.74.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Nov 2023 06:17:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:31:26:4e:25:8d:f7:a3:38:23:a7:e1:44:ec:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6eef0dc51dfff0103419599906365572b7fe48fe
Validity
Not Before: Jan 1 09:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7004f82bb7eeee6790b3470046dbd8f069639be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:2f:46:c4:72:aa:c0:63:5a:2a:b8:65:9f:02:
59:7a:b1:f4:2a:46:85:63:9b:b0:16:cb:5a:3f:72:
7b:b9:5c:ae:d9:cc:b7:ff:07:9a:a8:38:e6:e1:fe:
ba:a7:8f:f5:55:33:4c:3d:eb:c0:31:10:23:9f:8f:
bc:ba:6a:f9:2b:7d:8d:da:80:c1:7c:5b:a8:50:4c:
ae:01:58:b5:8f:ed:4f:a1:c9:5a:3a:6d:81:71:75:
34:9a:7c:e3:11:66:30:b9:94:0e:38:86:83:95:b6:
b0:2b:88:07:c3:2f:51:6a:d9:99:fc:74:e1:42:2d:
db:03:0c:6f:a2:25:8b:87:50:b9:6f:6b:43:36:af:
ce:3e:a2:c3:d6:81:4b:1c:f1:73:20:a2:c4:99:08:
e3:ca:19:b8:49:d3:44:54:6b:c3:6a:24:79:70:4e:
17:86:25:e0:a6:17:c3:04:0d:96:69:a6:88:37:f5:
9e:b5:49:66:4d:db:ca:e4:5a:83:8e:9e:7a:ba:e8:
14:c8:28:e9:11:02:38:76:6a:aa:08:28:d4:49:0c:
1f:79:2e:bd:d2:94:96:5a:ff:e1:50:b3:1a:cc:dd:
56:ff:e8:84:b6:b1:26:1e:4a:c5:f5:88:59:d6:86:
4f:f3:a9:b5:75:94:b7:75:29:91:41:a7:b9:0d:9c:
88:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:00:4F:82:BB:7E:EE:E6:79:0B:34:70:04:6D:BD:8F:06:96:39:BE
X509v3 Authority Key Identifier:
keyid:6E:EF:0D:C5:1D:FF:F0:10:34:19:59:99:06:36:55:72:B7:FE:48:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bu8NxR3_8BA0GVmZBjZVcrf-SP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/5f217a-de26-4bf0-ac20-4fdae09a677d/1/twBPgrt-7uZ5CzRwBG29jwaWOb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/5f217a-de26-4bf0-ac20-4fdae09a677d/1/bu8NxR3_8BA0GVmZBjZVcrf-SP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.10.72.0/22
Signature Algorithm: sha256WithRSAEncryption
50:7c:79:ae:f9:d8:90:19:d7:fc:68:1c:12:99:9b:a8:6f:7e:
a3:e2:c6:19:cc:6e:b5:4c:cb:31:8a:0c:e9:b7:fa:15:9f:1f:
9d:6f:ba:a7:b2:a7:9a:38:37:38:bc:79:5d:91:f0:a1:c0:b4:
ac:42:58:4d:8c:ba:c5:77:ac:f2:7c:44:32:6e:2e:ae:06:d1:
94:36:1a:4f:2e:19:49:c7:cd:09:05:6d:b1:20:c1:ff:e4:8b:
a0:6a:68:ab:fa:88:75:6c:e4:d3:f4:81:2c:fe:66:8b:f7:bb:
69:6d:b6:c8:71:4b:98:b9:f3:2a:ea:f9:34:50:18:fd:2f:5d:
8c:31:ec:d7:1d:33:b6:39:ec:00:4e:44:39:e4:d5:a1:2b:0d:
0c:25:f9:c3:fb:a8:c9:8a:8d:4a:9b:d4:aa:3c:60:e6:d3:e7:
6b:24:5c:a9:e2:52:96:ea:63:22:2f:70:c5:44:66:31:11:b2:
9e:0c:84:21:78:95:1b:7d:97:2b:62:78:87:9a:ea:61:ef:9e:
51:a5:13:56:6f:cd:51:6e:0e:68:71:6c:3d:11:af:a5:65:3f:
c9:01:3b:59:71:c3:83:9b:2f:6d:d9:cb:e8:9a:ad:61:54:19:
d4:c5:f7:8e:f3:37:59:a7:21:82:a6:14:dc:06:ac:74:a1:16:
41:c5:0d:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsuDEmTiWN96M4I6fhROx4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlZWYwZGM1MWRmZmYwMTAzNDE5NTk5OTA2MzY1NTcyYjdm
ZTQ4ZmUwHhcNMjMwMTAxMDk0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzAwNGY4MmJiN2VlZWU2NzkwYjM0NzAwNDZkYmQ4ZjA2OTYzOWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmS9GxHKqwGNaKrhlnwJZerH0KkaF
Y5uwFstaP3J7uVyu2cy3/weaqDjm4f66p4/1VTNMPevAMRAjn4+8umr5K32N2oDB
fFuoUEyuAVi1j+1PoclaOm2BcXU0mnzjEWYwuZQOOIaDlbawK4gHwy9RatmZ/HTh
Qi3bAwxvoiWLh1C5b2tDNq/OPqLD1oFLHPFzIKLEmQjjyhm4SdNEVGvDaiR5cE4X
hiXgphfDBA2WaaaIN/WetUlmTdvK5FqDjp56uugUyCjpEQI4dmqqCCjUSQwfeS69
0pSWWv/hULMazN1W/+iEtrEmHkrF9YhZ1oZP86m1dZS3dSmRQae5DZyIOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLcAT4K7fu7meQs0cARtvY8Gljm+MB8GA1UdIwQY
MBaAFG7vDcUd//AQNBlZmQY2VXK3/kj+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnU4TnhSM184QkEwR1ZtWkJqWlZjcmYtU1A0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS81ZjIxN2EtZGUyNi00YmYwLWFjMjAt
NGZkYWUwOWE2NzdkLzEvdHdCUGdydC03dVo1Q3pSd0JHMjlqd2FXT2I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS81ZjIxN2EtZGUyNi00YmYwLWFjMjAtNGZkYWUwOWE2Nzdk
LzEvYnU4TnhSM184QkEwR1ZtWkJqWlZjcmYtU1A0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQpIMA0G
CSqGSIb3DQEBCwUAA4IBAQBQfHmu+diQGdf8aBwSmZuob36j4sYZzG61TMsxigzp
t/oVnx+db7qnsqeaODc4vHldkfChwLSsQlhNjLrFd6zyfEQybi6uBtGUNhpPLhlJ
x80JBW2xIMH/5Iugamir+oh1bOTT9IEs/maL97tpbbbIcUuYufMq6vk0UBj9L12M
MezXHTO2OewATkQ55NWhKw0MJfnD+6jJio1Km9SqPGDm0+drJFyp4lKW6mMiL3DF
RGYxEbKeDIQheJUbfZcrYniHmuph755RpRNWb81Rbg5ocWw9Ea+lZT/JATtZccOD
my9t2cvomq1hVBnUxfeO8zdZpyGCphTcBqx0oRZBxQ1v
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:45 2024 by rpki-client on console-fra.rpki-client.org