Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/53d56a-096e-458a-9a94-08a68632a63a/1/tvJZshdd4Th33Evi8IZ6LlUB3gE.roa
File: tvJZshdd4Th33Evi8IZ6LlUB3gE.roa (raw, json)
Hash identifier: Ycqu02qTvLQ86z/ZnvyJWvPKX7hFkrh4qtqWsXhYRHM=
Subject key identifier: B6:F2:59:B2:17:5D:E1:38:77:DC:4B:E2:F0:86:7A:2E:55:01:DE:01
Certificate issuer: /CN=709d69957d333432accac810231e289388e302e2
Certificate serial: 01856D4AA4ACB2A3B0C8E37A9B641698FBFF
Authority key identifier: 70:9D:69:95:7D:33:34:32:AC:CA:C8:10:23:1E:28:93:88:E3:02:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cJ1plX0zNDKsysgQIx4ok4jjAuI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/53d56a-096e-458a-9a94-08a68632a63a/1/tvJZshdd4Th33Evi8IZ6LlUB3gE.roa
Signing time: Sun 01 Jan 2023 12:24:46 +0000
ROA not before: Sun 01 Jan 2023 12:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197183
IP address blocks: 185.114.175.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:a4:ac:b2:a3:b0:c8:e3:7a:9b:64:16:98:fb:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=709d69957d333432accac810231e289388e302e2
Validity
Not Before: Jan 1 12:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b6f259b2175de13877dc4be2f0867a2e5501de01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d3:8d:6d:c2:95:17:53:db:33:10:8d:c1:be:
b1:af:06:fb:9d:ad:5e:e6:c2:2d:9e:a9:2f:3c:c7:
ec:ad:26:11:5a:b2:ef:91:46:d0:47:d7:a4:be:65:
e1:41:91:45:a3:78:70:ba:e9:80:65:76:b9:96:2a:
4b:51:57:c7:b6:66:2e:9b:f4:95:82:de:9e:30:21:
d0:7f:9e:2a:ca:22:51:19:d5:c7:37:fb:5a:12:26:
ff:6d:64:4e:0f:0a:81:e9:65:ab:f1:26:53:6b:e8:
88:ef:b0:f5:95:d5:02:f7:de:6c:dc:d2:64:29:5d:
7a:b6:83:21:45:84:74:76:fe:6c:de:f6:3d:97:ea:
35:15:37:0a:0e:73:fc:59:9c:47:ed:a2:67:8c:ec:
e3:3c:da:83:c5:f9:0f:c0:5e:40:d3:cc:e5:48:19:
60:fb:de:f8:7b:ec:b4:2d:59:6c:95:45:97:fc:12:
09:7a:0c:db:47:a3:21:6e:bb:f3:20:85:4c:c9:44:
7e:7f:d1:45:87:51:4b:b4:53:77:bb:b2:3a:9f:4d:
60:30:16:2a:63:8c:54:84:87:14:08:ec:e2:42:6b:
88:c1:52:a7:2e:75:c6:49:d9:32:22:31:4b:43:8e:
c9:f6:e5:db:6c:9a:60:30:12:4b:e3:07:45:63:a4:
4a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:F2:59:B2:17:5D:E1:38:77:DC:4B:E2:F0:86:7A:2E:55:01:DE:01
X509v3 Authority Key Identifier:
keyid:70:9D:69:95:7D:33:34:32:AC:CA:C8:10:23:1E:28:93:88:E3:02:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJ1plX0zNDKsysgQIx4ok4jjAuI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/53d56a-096e-458a-9a94-08a68632a63a/1/tvJZshdd4Th33Evi8IZ6LlUB3gE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/53d56a-096e-458a-9a94-08a68632a63a/1/cJ1plX0zNDKsysgQIx4ok4jjAuI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.114.175.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:28:8d:5b:44:c0:07:ac:8a:fd:3f:e8:f3:42:9c:dd:61:36:
aa:84:a1:f0:e5:40:28:e6:ab:78:33:69:f8:83:33:28:fe:fa:
32:5a:ab:72:0c:33:6e:61:d8:f3:84:af:6d:f3:bc:28:c1:08:
07:e4:30:a3:2f:11:14:65:12:57:fd:63:a4:58:7a:4c:82:c7:
44:af:c3:50:a1:c8:da:ab:fa:0b:cc:99:f1:d1:2f:69:9a:04:
e6:d7:ea:4d:cb:cf:66:e1:54:c9:51:83:c0:f4:5c:e5:dd:7a:
4f:05:44:49:da:69:99:98:4e:94:b0:63:23:17:da:e7:bd:95:
c8:d0:c6:97:01:2e:9c:77:4a:bd:85:32:33:85:ba:3b:3a:d2:
d4:9c:44:66:88:bb:ad:15:ff:6c:08:72:c4:83:17:28:4f:27:
c3:a7:1f:b0:b7:b5:8b:f7:fc:34:7c:d2:94:3b:10:05:4a:cc:
5e:3a:ce:e8:d1:29:73:30:d7:b7:61:aa:53:78:63:df:2d:46:
44:0e:86:82:c3:4c:ee:06:b7:36:e4:e8:1e:6f:ea:ff:c0:e3:
57:91:93:b2:d5:f1:cf:9c:ae:cf:62:23:59:dc:88:ba:5e:e0:
10:75:7f:70:dc:7c:c6:a2:3a:42:fa:c9:2e:05:40:8a:2c:6d:
9a:af:96:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtSqSssqOwyON6m2QWmPv/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwOWQ2OTk1N2QzMzM0MzJhY2NhYzgxMDIzMWUyODkzODhl
MzAyZTIwHhcNMjMwMTAxMTIyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmYyNTliMjE3NWRlMTM4NzdkYzRiZTJmMDg2N2EyZTU1MDFkZTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9ONbcKVF1PbMxCNwb6xrwb7na1e
5sItnqkvPMfsrSYRWrLvkUbQR9ekvmXhQZFFo3hwuumAZXa5lipLUVfHtmYum/SV
gt6eMCHQf54qyiJRGdXHN/taEib/bWRODwqB6WWr8SZTa+iI77D1ldUC995s3NJk
KV16toMhRYR0dv5s3vY9l+o1FTcKDnP8WZxH7aJnjOzjPNqDxfkPwF5A08zlSBlg
+974e+y0LVlslUWX/BIJegzbR6MhbrvzIIVMyUR+f9FFh1FLtFN3u7I6n01gMBYq
Y4xUhIcUCOziQmuIwVKnLnXGSdkyIjFLQ47J9uXbbJpgMBJL4wdFY6RKHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLbyWbIXXeE4d9xL4vCGei5VAd4BMB8GA1UdIwQY
MBaAFHCdaZV9MzQyrMrIECMeKJOI4wLiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0oxcGxYMHpOREtzeXNnUUl4NG9rNGpqQXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81M2Q1NmEtMDk2ZS00NThhLTlhOTQt
MDhhNjg2MzJhNjNhLzEvdHZKWnNoZGQ0VGgzM0V2aThJWjZMbFVCM2dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81M2Q1NmEtMDk2ZS00NThhLTlhOTQtMDhhNjg2MzJhNjNh
LzEvY0oxcGxYMHpOREtzeXNnUUl4NG9rNGpqQXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXKvMA0G
CSqGSIb3DQEBCwUAA4IBAQA7KI1bRMAHrIr9P+jzQpzdYTaqhKHw5UAo5qt4M2n4
gzMo/voyWqtyDDNuYdjzhK9t87wowQgH5DCjLxEUZRJX/WOkWHpMgsdEr8NQocja
q/oLzJnx0S9pmgTm1+pNy89m4VTJUYPA9Fzl3XpPBURJ2mmZmE6UsGMjF9rnvZXI
0MaXAS6cd0q9hTIzhbo7OtLUnERmiLutFf9sCHLEgxcoTyfDpx+wt7WL9/w0fNKU
OxAFSsxeOs7o0SlzMNe3YapTeGPfLUZEDoaCw0zuBrc25Ogeb+r/wONXkZOy1fHP
nK7PYiNZ3Ii6XuAQdX9w3HzGojpC+skuBUCKLG2ar5YT
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:02:49 2024 by rpki-client on console-ams.rpki-client.org