Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/tq80YOkPDtGZ112QfFy1e1hiQ00.roa
File: tq80YOkPDtGZ112QfFy1e1hiQ00.roa (raw, json)
Hash identifier: 5T9u19J5zPirQZ5Vj3Q95wfCL2ghFncL5cXgvM/84VY=
Subject key identifier: B6:AF:34:60:E9:0F:0E:D1:99:D7:5D:90:7C:5C:B5:7B:58:62:43:4D
Certificate issuer: /CN=4d88eb730ab1a501ea36ea3482d764544e141111
Certificate serial: 018C69648F1562D346FC6F114E531C34F3AC
Authority key identifier: 4D:88:EB:73:0A:B1:A5:01:EA:36:EA:34:82:D7:64:54:4E:14:11:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TYjrcwqxpQHqNuo0gtdkVE4UERE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/tq80YOkPDtGZ112QfFy1e1hiQ00.roa
Signing time: Thu 14 Dec 2023 17:34:07 +0000
ROA not before: Thu 14 Dec 2023 17:34:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396982
IP address blocks: 185.56.85.0/24 maxlen: 24
185.56.84.0/24 maxlen: 24
185.56.86.0/24 maxlen: 24
185.56.87.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:69:64:8f:15:62:d3:46:fc:6f:11:4e:53:1c:34:f3:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d88eb730ab1a501ea36ea3482d764544e141111
Validity
Not Before: Dec 14 17:34:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b6af3460e90f0ed199d75d907c5cb57b5862434d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:8f:75:b6:f3:b0:22:14:9e:d0:5b:1d:94:1c:
d1:39:1c:f4:14:89:be:45:ed:0f:06:79:f1:dd:74:
0b:8b:88:a1:c3:f0:5d:17:00:37:84:91:ae:e7:44:
af:4b:b8:20:e3:f0:67:9b:b0:41:e8:fe:32:69:36:
6a:ad:aa:e6:0c:e2:b7:25:f9:76:53:06:bd:84:18:
fe:e9:70:63:23:e7:ec:25:3e:8b:36:5d:e1:0a:c4:
4d:38:23:74:09:dd:c9:a3:3f:68:38:1f:9a:1e:8b:
f5:ed:6a:21:fc:62:a9:c1:27:8f:6b:7f:c4:a3:b1:
a3:c4:3e:89:d1:31:2c:9b:7b:ec:84:fe:aa:2f:80:
ce:ef:5f:a9:4f:29:cd:d5:a7:89:92:71:53:08:74:
8c:07:32:2a:15:3b:94:8c:f7:c3:fa:dd:34:1e:30:
e0:33:98:43:14:0a:bf:c6:c1:01:ce:a9:c7:ea:ab:
94:4a:98:83:42:c1:ad:38:32:6a:cf:06:7d:73:e4:
5b:3c:78:b3:b4:c7:bf:85:9c:51:2d:28:fe:f0:b2:
7c:32:70:22:29:e5:90:e3:fa:32:9a:e3:5f:e8:df:
0c:e7:ab:d2:f5:ef:12:26:44:ee:9b:79:9f:a3:34:
d3:5b:40:73:11:f5:c5:b7:9e:cb:23:05:13:ea:a1:
7e:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:AF:34:60:E9:0F:0E:D1:99:D7:5D:90:7C:5C:B5:7B:58:62:43:4D
X509v3 Authority Key Identifier:
keyid:4D:88:EB:73:0A:B1:A5:01:EA:36:EA:34:82:D7:64:54:4E:14:11:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TYjrcwqxpQHqNuo0gtdkVE4UERE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/tq80YOkPDtGZ112QfFy1e1hiQ00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/TYjrcwqxpQHqNuo0gtdkVE4UERE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.56.84.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:b6:67:75:87:06:bd:49:ad:ae:7b:40:6b:9b:71:ea:02:c2:
48:0e:59:1f:45:d4:15:88:b7:8c:40:75:30:a7:8a:3f:77:06:
32:db:23:bb:ea:c4:38:34:b9:35:e7:f5:e8:20:26:bc:4f:f6:
85:7b:6a:38:27:08:9f:4d:50:f8:2a:28:35:51:4f:84:3c:50:
f2:30:85:07:75:b2:db:af:6a:be:4b:0b:bc:2a:d9:8b:e9:b1:
69:ff:46:17:d0:b3:48:ba:36:07:c0:3e:85:bc:bb:91:f6:f3:
60:17:d7:de:6a:4b:ef:49:f5:43:b7:f8:a1:36:c5:ee:ab:35:
bc:ec:fa:e7:b6:ad:04:d7:86:6a:fd:7e:08:38:44:49:27:7c:
40:27:4a:99:52:7b:b8:c1:f5:7b:b3:4f:8a:90:07:4f:69:be:
80:78:9a:61:a4:6a:b1:50:e9:3b:6c:d5:83:7f:56:95:82:4e:
f0:39:54:37:2f:56:ab:05:03:2c:ec:a7:27:f9:68:ce:69:ad:
44:0d:f1:97:de:23:c5:37:9e:db:ab:8c:3a:1a:1b:bd:34:fe:
63:82:39:c2:fd:9a:50:6f:ae:c8:df:d4:91:63:c0:da:e8:07:
01:31:ca:80:1c:26:85:7c:46:e5:66:ff:10:03:f9:5c:94:e3:
7b:25:46:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxpZI8VYtNG/G8RTlMcNPOsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkODhlYjczMGFiMWE1MDFlYTM2ZWEzNDgyZDc2NDU0NGUx
NDExMTEwHhcNMjMxMjE0MTczNDA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmFmMzQ2MGU5MGYwZWQxOTlkNzVkOTA3YzVjYjU3YjU4NjI0MzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgY91tvOwIhSe0FsdlBzRORz0FIm+
Re0PBnnx3XQLi4ihw/BdFwA3hJGu50SvS7gg4/Bnm7BB6P4yaTZqrarmDOK3Jfl2
Uwa9hBj+6XBjI+fsJT6LNl3hCsRNOCN0Cd3Joz9oOB+aHov17Woh/GKpwSePa3/E
o7GjxD6J0TEsm3vshP6qL4DO71+pTynN1aeJknFTCHSMBzIqFTuUjPfD+t00HjDg
M5hDFAq/xsEBzqnH6quUSpiDQsGtODJqzwZ9c+RbPHiztMe/hZxRLSj+8LJ8MnAi
KeWQ4/oymuNf6N8M56vS9e8SJkTum3mfozTTW0BzEfXFt57LIwUT6qF+5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLavNGDpDw7RmdddkHxctXtYYkNNMB8GA1UdIwQY
MBaAFE2I63MKsaUB6jbqNILXZFROFBERMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFlqcmN3cXhwUUhxTnVvMGd0ZGtWRTRVRVJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9jNDkzZWUtZjY2ZS00MjA4LWEzMWQt
NzI2ZjgzZDIzODkyLzEvdHE4MFlPa1BEdEdaMTEyUWZGeTFlMWhpUTAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9jNDkzZWUtZjY2ZS00MjA4LWEzMWQtNzI2ZjgzZDIzODky
LzEvVFlqcmN3cXhwUUhxTnVvMGd0ZGtWRTRVRVJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuThUMA0G
CSqGSIb3DQEBCwUAA4IBAQBftmd1hwa9Sa2ue0Brm3HqAsJIDlkfRdQViLeMQHUw
p4o/dwYy2yO76sQ4NLk15/XoICa8T/aFe2o4JwifTVD4Kig1UU+EPFDyMIUHdbLb
r2q+Swu8KtmL6bFp/0YX0LNIujYHwD6FvLuR9vNgF9feakvvSfVDt/ihNsXuqzW8
7Prntq0E14Zq/X4IOERJJ3xAJ0qZUnu4wfV7s0+KkAdPab6AeJphpGqxUOk7bNWD
f1aVgk7wOVQ3L1arBQMs7Kcn+WjOaa1EDfGX3iPFN57bq4w6Ghu9NP5jgjnC/ZpQ
b67I39SRY8Da6AcBMcqAHCaFfEblZv8QA/lclON7JUYg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:48 2024 by rpki-client on console-fra.rpki-client.org