Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/068cb9-6cba-453d-858a-c5bbf95f8584/1/tQIXX36bKqzM_T56hiw0indMEdE.roa
File: tQIXX36bKqzM_T56hiw0indMEdE.roa (raw, json)
Hash identifier: AC1UzjNKVrKlASP608/APrEAkdK4UsT/K56na+V94HY=
Subject key identifier: B5:02:17:5F:7E:9B:2A:AC:CC:FD:3E:7A:86:2C:34:8A:77:4C:11:D1
Certificate issuer: /CN=700c030930a9d2e4da88d81852a44c3f78bfb440
Certificate serial: 01856DEF761FD3C775AD38553F188E1CD0D2
Authority key identifier: 70:0C:03:09:30:A9:D2:E4:DA:88:D8:18:52:A4:4C:3F:78:BF:B4:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cAwDCTCp0uTaiNgYUqRMP3i_tEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/068cb9-6cba-453d-858a-c5bbf95f8584/1/tQIXX36bKqzM_T56hiw0indMEdE.roa
Signing time: Sun 01 Jan 2023 15:24:47 +0000
ROA not before: Sun 01 Jan 2023 15:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20596
IP address blocks: 185.113.24.0/22 maxlen: 22
2a06:6740::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 25 May 2023 15:17:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ef:76:1f:d3:c7:75:ad:38:55:3f:18:8e:1c:d0:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=700c030930a9d2e4da88d81852a44c3f78bfb440
Validity
Not Before: Jan 1 15:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b502175f7e9b2aacccfd3e7a862c348a774c11d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:40:fe:2e:57:e6:e7:54:0a:4d:c8:5c:30:db:
29:14:da:a3:22:89:0c:f6:fb:e0:43:ac:c4:88:fd:
90:51:1a:b7:a2:94:5f:a6:ed:96:a4:47:e6:5a:db:
f6:dc:de:5f:49:16:96:f4:c3:43:76:e1:f3:dc:14:
02:aa:a4:09:fd:46:e1:48:93:ff:b6:e5:d0:30:0f:
ff:67:d9:36:f8:7f:64:8e:05:d2:64:06:e8:06:41:
29:75:17:c1:84:90:75:7b:9e:5e:c4:da:69:2e:b4:
fe:3a:52:09:30:5a:10:fd:b7:66:2f:51:c8:40:30:
63:f3:c4:67:3a:a8:97:f6:9b:3d:4f:8f:02:7a:43:
09:84:f2:e6:13:f8:a7:5f:fc:e0:7c:1f:da:69:f1:
c9:b4:2e:8f:80:3d:85:c3:83:39:2b:04:63:84:12:
b4:1b:34:f3:e9:4d:e0:ff:0d:de:0a:1c:47:18:71:
03:81:3a:f1:98:2f:8e:c0:95:1c:96:66:ad:39:e0:
ed:39:25:71:43:7a:ec:a3:b1:41:03:c2:ab:04:93:
87:c2:13:10:3d:0b:e4:c1:38:ce:c5:3d:af:5c:f8:
42:6c:db:f3:d8:63:17:97:c0:3f:28:15:7f:9b:90:
5f:9b:ba:9c:b5:85:d7:bf:fa:42:8c:2d:9d:92:90:
a4:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:02:17:5F:7E:9B:2A:AC:CC:FD:3E:7A:86:2C:34:8A:77:4C:11:D1
X509v3 Authority Key Identifier:
keyid:70:0C:03:09:30:A9:D2:E4:DA:88:D8:18:52:A4:4C:3F:78:BF:B4:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cAwDCTCp0uTaiNgYUqRMP3i_tEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/068cb9-6cba-453d-858a-c5bbf95f8584/1/tQIXX36bKqzM_T56hiw0indMEdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/068cb9-6cba-453d-858a-c5bbf95f8584/1/cAwDCTCp0uTaiNgYUqRMP3i_tEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.113.24.0/22
IPv6:
2a06:6740::/29
Signature Algorithm: sha256WithRSAEncryption
9c:99:c1:95:f2:a1:3b:7f:b1:fb:bc:fb:9e:2f:67:5d:d5:4c:
ec:f1:ac:55:31:5c:1d:65:72:13:ac:88:a4:36:91:06:f6:71:
73:e0:c1:64:5b:6e:21:3d:ae:83:1a:7b:ec:84:6d:a0:6b:e1:
1f:33:10:11:d8:76:74:c3:af:ce:db:f7:d9:e4:27:2c:6b:ed:
dd:00:0a:11:41:96:72:b7:1c:ce:3a:0f:c1:65:96:d9:35:23:
7d:6c:20:25:86:c8:a6:ce:cb:ff:6a:2f:fe:49:05:c2:8b:03:
ed:ea:cf:a2:56:20:de:25:02:6f:f9:b6:d1:79:4a:e2:49:73:
f2:91:4e:2d:0e:55:17:57:d0:1b:38:28:35:b3:63:a2:4c:2d:
94:df:39:17:b2:37:6e:ff:56:6f:ef:f6:4d:4c:c5:6d:3c:5b:
61:dc:c2:b9:aa:ba:d9:03:d4:a9:05:ee:48:68:e5:3c:3c:a9:
bb:18:ff:49:a0:91:d9:14:70:f5:84:e0:2a:7e:50:ad:31:d1:
88:26:6a:ce:bf:0e:4f:89:e1:74:72:af:69:a8:41:44:1f:af:
d3:a4:41:b0:6d:3a:59:39:51:be:f0:d8:f3:e3:6b:43:6c:38:
32:99:13:8d:9b:98:b3:5c:af:7b:1e:43:02:d1:75:da:ac:5b:
ae:af:6e:52
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVt73Yf08d1rThVPxiOHNDSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMGMwMzA5MzBhOWQyZTRkYTg4ZDgxODUyYTQ0YzNmNzhi
ZmI0NDAwHhcNMjMwMTAxMTUyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTAyMTc1ZjdlOWIyYWFjY2NmZDNlN2E4NjJjMzQ4YTc3NGMxMWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA10D+Llfm51QKTchcMNspFNqjIokM
9vvgQ6zEiP2QURq3opRfpu2WpEfmWtv23N5fSRaW9MNDduHz3BQCqqQJ/UbhSJP/
tuXQMA//Z9k2+H9kjgXSZAboBkEpdRfBhJB1e55exNppLrT+OlIJMFoQ/bdmL1HI
QDBj88RnOqiX9ps9T48CekMJhPLmE/inX/zgfB/aafHJtC6PgD2Fw4M5KwRjhBK0
GzTz6U3g/w3eChxHGHEDgTrxmC+OwJUclmatOeDtOSVxQ3rso7FBA8KrBJOHwhMQ
PQvkwTjOxT2vXPhCbNvz2GMXl8A/KBV/m5Bfm7qctYXXv/pCjC2dkpCk7wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLUCF19+myqszP0+eoYsNIp3TBHRMB8GA1UdIwQY
MBaAFHAMAwkwqdLk2ojYGFKkTD94v7RAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0F3RENUQ3AwdVRhaU5nWVVxUk1QM2lfdEVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8wNjhjYjktNmNiYS00NTNkLTg1OGEt
YzViYmY5NWY4NTg0LzEvdFFJWFgzNmJLcXpNX1Q1NmhpdzBpbmRNRWRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8wNjhjYjktNmNiYS00NTNkLTg1OGEtYzViYmY5NWY4NTg0
LzEvY0F3RENUQ3AwdVRhaU5nWVVxUk1QM2lfdEVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXEYMA0E
AgACMAcDBQMqBmdAMA0GCSqGSIb3DQEBCwUAA4IBAQCcmcGV8qE7f7H7vPueL2dd
1Uzs8axVMVwdZXITrIikNpEG9nFz4MFkW24hPa6DGnvshG2ga+EfMxAR2HZ0w6/O
2/fZ5Ccsa+3dAAoRQZZytxzOOg/BZZbZNSN9bCAlhsimzsv/ai/+SQXCiwPt6s+i
ViDeJQJv+bbReUriSXPykU4tDlUXV9AbOCg1s2OiTC2U3zkXsjdu/1Zv7/ZNTMVt
PFth3MK5qrrZA9SpBe5IaOU8PKm7GP9JoJHZFHD1hOAqflCtMdGIJmrOvw5PieF0
cq9pqEFEH6/TpEGwbTpZOVG+8Njz42tDbDgymRONm5izXK97HkMC0XXarFuur25S
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:25 2024 by rpki-client on console-ams.rpki-client.org