Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/d6c525-4a39-4db8-8c5d-46810613538a/1/tL_HQnCyLBLYm5mCggOtHaHOMzE.roa
File: tL_HQnCyLBLYm5mCggOtHaHOMzE.roa (raw, json)
Hash identifier: 5EU5YltSHp0JBeua9Uk5PcGkt8XLlUpNejPu2h2PERI=
Subject key identifier: B4:BF:C7:42:70:B2:2C:12:D8:9B:99:82:82:03:AD:1D:A1:CE:33:31
Certificate issuer: /CN=34958a58d17cab8ff9a79156f66bed5a78799f7e
Certificate serial: 0185718C20B5931692CFB6A60F615972987B
Authority key identifier: 34:95:8A:58:D1:7C:AB:8F:F9:A7:91:56:F6:6B:ED:5A:78:79:9F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJWKWNF8q4_5p5FW9mvtWnh5n34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/d6c525-4a39-4db8-8c5d-46810613538a/1/tL_HQnCyLBLYm5mCggOtHaHOMzE.roa
Signing time: Mon 02 Jan 2023 08:14:46 +0000
ROA not before: Mon 02 Jan 2023 08:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39122
IP address blocks: 85.159.16.0/21 maxlen: 21
2a01:4d8::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:20:b5:93:16:92:cf:b6:a6:0f:61:59:72:98:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34958a58d17cab8ff9a79156f66bed5a78799f7e
Validity
Not Before: Jan 2 08:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4bfc74270b22c12d89b99828203ad1da1ce3331
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:ec:90:b2:78:e9:c8:68:68:98:f1:1d:cb:67:
c8:e6:5e:f3:bb:8a:ec:ee:f8:3f:9c:3e:f1:3f:2e:
ce:f8:f8:ba:31:90:f3:b0:ae:fb:f6:86:26:0e:e9:
3c:ea:6b:a1:28:b7:c7:af:1e:bd:fb:26:cc:26:53:
47:64:b2:c1:b7:c1:10:d2:cd:dc:a2:d1:ba:b6:99:
06:45:0f:8c:9c:98:af:6c:1d:ba:4c:26:75:c1:20:
1f:1e:f8:3b:f8:52:b3:e0:7a:a2:e7:2c:64:c2:35:
95:03:e8:a9:63:4a:6b:ea:f0:ba:50:67:e4:53:37:
70:40:86:d9:fe:1d:86:f2:69:f6:e8:cf:11:42:62:
8e:6a:35:96:97:3b:01:df:07:1e:af:75:75:c8:69:
e0:ac:13:cb:a4:eb:12:00:c0:0e:c7:f0:da:b1:48:
96:95:77:41:e7:60:a0:e5:06:1f:79:72:ce:66:fa:
72:22:66:c5:46:80:8e:09:ec:96:ad:6f:e8:a0:0c:
d9:8d:ae:c4:6e:f0:6a:a7:f9:37:65:0a:03:d0:8b:
aa:35:03:63:8d:a6:db:fe:7c:ee:f9:87:53:80:ed:
2a:56:fa:fb:05:71:73:d9:17:3f:f4:84:87:a6:90:
c5:38:1b:12:4a:20:17:99:7e:11:94:18:26:4d:fe:
c1:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:BF:C7:42:70:B2:2C:12:D8:9B:99:82:82:03:AD:1D:A1:CE:33:31
X509v3 Authority Key Identifier:
keyid:34:95:8A:58:D1:7C:AB:8F:F9:A7:91:56:F6:6B:ED:5A:78:79:9F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJWKWNF8q4_5p5FW9mvtWnh5n34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/d6c525-4a39-4db8-8c5d-46810613538a/1/tL_HQnCyLBLYm5mCggOtHaHOMzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/d6c525-4a39-4db8-8c5d-46810613538a/1/NJWKWNF8q4_5p5FW9mvtWnh5n34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.159.16.0/21
IPv6:
2a01:4d8::/32
Signature Algorithm: sha256WithRSAEncryption
26:19:56:b8:35:0a:7a:78:0f:58:9a:a6:8e:0c:46:5b:74:0a:
83:d8:8d:72:62:6b:ee:3d:33:81:39:f4:db:c4:db:96:d8:c0:
1f:af:25:b7:ab:27:53:71:a0:7e:6a:85:15:14:80:88:cb:12:
cd:0a:8c:92:c2:79:f7:c7:96:54:9b:2d:2c:2d:be:d8:81:95:
bd:1e:af:31:59:82:73:8d:dd:38:fd:c4:e5:38:14:8d:ef:af:
ff:22:c4:b1:80:94:9c:c5:b5:46:3f:7b:81:8f:7e:9e:2f:13:
8d:60:87:9b:72:b8:f4:8c:94:3e:f4:2d:8c:86:b8:d7:67:33:
f4:7d:46:b8:e8:1e:58:e7:a1:1f:75:a2:24:55:2e:6a:bd:27:
27:56:07:3c:40:82:99:f4:6d:af:01:ee:4d:34:16:f2:d3:c7:
c5:72:d9:f6:b7:11:81:10:5b:ba:98:4c:c1:a0:bd:9b:f4:83:
22:ff:0c:56:eb:d4:6c:78:0d:09:ac:ca:d1:24:66:fc:cf:58:
73:84:be:65:c6:7b:fd:62:77:72:c4:8f:dd:43:d5:a5:fc:27:
2b:32:9a:a0:37:ce:af:57:5e:66:60:c3:1e:de:ce:c1:8a:62:
7f:f9:46:46:24:2a:63:7d:65:8a:8d:07:5f:2b:02:ff:8d:3c:
76:d8:3e:f8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxjCC1kxaSz7amD2FZcph7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OTU4YTU4ZDE3Y2FiOGZmOWE3OTE1NmY2NmJlZDVhNzg3
OTlmN2UwHhcNMjMwMTAyMDgxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGJmYzc0MjcwYjIyYzEyZDg5Yjk5ODI4MjAzYWQxZGExY2UzMzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4eyQsnjpyGhomPEdy2fI5l7zu4rs
7vg/nD7xPy7O+Pi6MZDzsK779oYmDuk86muhKLfHrx69+ybMJlNHZLLBt8EQ0s3c
otG6tpkGRQ+MnJivbB26TCZ1wSAfHvg7+FKz4Hqi5yxkwjWVA+ipY0pr6vC6UGfk
UzdwQIbZ/h2G8mn26M8RQmKOajWWlzsB3wcer3V1yGngrBPLpOsSAMAOx/DasUiW
lXdB52Cg5QYfeXLOZvpyImbFRoCOCeyWrW/ooAzZja7EbvBqp/k3ZQoD0IuqNQNj
jabb/nzu+YdTgO0qVvr7BXFz2Rc/9ISHppDFOBsSSiAXmX4RlBgmTf7B7wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLS/x0JwsiwS2JuZgoIDrR2hzjMxMB8GA1UdIwQY
MBaAFDSViljRfKuP+aeRVvZr7Vp4eZ9+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkpXS1dORjhxNF81cDVGVzltdnRXbmg1bjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9kNmM1MjUtNGEzOS00ZGI4LThjNWQt
NDY4MTA2MTM1MzhhLzEvdExfSFFuQ3lMQkxZbTVtQ2dnT3RIYUhPTXpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9kNmM1MjUtNGEzOS00ZGI4LThjNWQtNDY4MTA2MTM1Mzhh
LzEvTkpXS1dORjhxNF81cDVGVzltdnRXbmg1bjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDVZ8QMA0E
AgACMAcDBQAqAQTYMA0GCSqGSIb3DQEBCwUAA4IBAQAmGVa4NQp6eA9YmqaODEZb
dAqD2I1yYmvuPTOBOfTbxNuW2MAfryW3qydTcaB+aoUVFICIyxLNCoySwnn3x5ZU
my0sLb7YgZW9Hq8xWYJzjd04/cTlOBSN76//IsSxgJScxbVGP3uBj36eLxONYIeb
crj0jJQ+9C2MhrjXZzP0fUa46B5Y56EfdaIkVS5qvScnVgc8QIKZ9G2vAe5NNBby
08fFctn2txGBEFu6mEzBoL2b9IMi/wxW69RseA0JrMrRJGb8z1hzhL5lxnv9Yndy
xI/dQ9Wl/CcrMpqgN86vV15mYMMe3s7BimJ/+UZGJCpjfWWKjQdfKwL/jTx22D74
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:01 2024 by rpki-client on console-fra.rpki-client.org