Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/c9e02c-ad51-4314-90fc-4a7cc75e3e6f/1/TtNyK-rXq9LdRxBzSEJ850U46v8.roa
File: TtNyK-rXq9LdRxBzSEJ850U46v8.roa (raw, json)
Hash identifier: eIT6dIMPVf56TT7gQHsDQlVqn9U0F6lzw5Zdtm1bLhs=
Subject key identifier: 4E:D3:72:2B:EA:D7:AB:D2:DD:47:10:73:48:42:7C:E7:45:38:EA:FF
Certificate issuer: /CN=d7f66a41bca687b2758cfc7bb1c5f4b3469ed870
Certificate serial: 01856F4B7C7F7481669058A14E140BB10AB9
Authority key identifier: D7:F6:6A:41:BC:A6:87:B2:75:8C:FC:7B:B1:C5:F4:B3:46:9E:D8:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1_ZqQbymh7J1jPx7scX0s0ae2HA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/c9e02c-ad51-4314-90fc-4a7cc75e3e6f/1/TtNyK-rXq9LdRxBzSEJ850U46v8.roa
Signing time: Sun 01 Jan 2023 21:44:56 +0000
ROA not before: Sun 01 Jan 2023 21:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213013
IP address blocks: 149.3.169.0/24 maxlen: 24
2a10:a800::/30 maxlen: 30
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:7c:7f:74:81:66:90:58:a1:4e:14:0b:b1:0a:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7f66a41bca687b2758cfc7bb1c5f4b3469ed870
Validity
Not Before: Jan 1 21:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ed3722bead7abd2dd47107348427ce74538eaff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:f8:29:50:14:d3:24:d5:d5:ce:3e:4e:3f:a8:
da:00:dc:b2:8a:59:02:31:7a:0f:83:9a:e0:02:09:
47:06:6e:3d:c5:a5:3a:95:fd:f6:6e:f4:31:0c:15:
2e:4d:cc:8d:d4:36:32:74:b5:e1:38:f9:de:a9:d7:
b8:b7:10:8c:ca:be:07:f5:ec:97:97:59:60:4b:0e:
a8:ef:c4:aa:8d:76:ba:58:09:7a:be:24:7b:e4:3e:
ad:ce:03:e5:a8:1e:35:c3:64:6f:5c:79:0c:5e:6f:
36:cc:a4:8d:7b:dd:1d:8a:37:55:89:e1:e8:92:c7:
cf:55:1c:6d:ed:2b:20:80:8d:c7:c1:3b:69:5f:7b:
5d:ff:1e:17:05:b9:bc:2d:64:b8:b0:3f:a7:11:6d:
dd:d3:ce:f7:03:83:8f:a8:71:f8:65:ef:14:27:cb:
42:7e:c7:03:81:14:12:37:b6:51:ae:85:cf:c6:24:
69:56:7f:42:56:70:37:d5:c2:0e:19:2e:59:f2:aa:
40:ae:c0:2d:0b:f8:e0:a6:3a:08:8f:42:e7:0f:ef:
b1:23:6f:9c:b4:00:88:52:d4:7a:9a:c0:e9:d6:65:
f6:8b:61:7a:92:ef:ca:82:ad:d7:43:99:65:b0:51:
61:e4:d4:f3:c3:01:ed:65:ba:fc:61:6b:bd:bb:51:
01:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:D3:72:2B:EA:D7:AB:D2:DD:47:10:73:48:42:7C:E7:45:38:EA:FF
X509v3 Authority Key Identifier:
keyid:D7:F6:6A:41:BC:A6:87:B2:75:8C:FC:7B:B1:C5:F4:B3:46:9E:D8:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1_ZqQbymh7J1jPx7scX0s0ae2HA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/c9e02c-ad51-4314-90fc-4a7cc75e3e6f/1/TtNyK-rXq9LdRxBzSEJ850U46v8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/c9e02c-ad51-4314-90fc-4a7cc75e3e6f/1/1_ZqQbymh7J1jPx7scX0s0ae2HA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.3.169.0/24
IPv6:
2a10:a800::/30
Signature Algorithm: sha256WithRSAEncryption
1f:1c:4a:fe:d4:8e:4f:40:2b:85:2c:84:17:55:77:97:29:d2:
88:b7:9f:87:3d:c2:39:0c:48:f2:77:f7:35:a5:a5:f8:03:58:
ef:fa:5e:b8:4a:6b:2d:99:51:78:3c:94:18:a9:67:ab:15:40:
41:5c:d2:13:0e:8d:63:9e:c9:7b:d7:ba:c3:d9:e5:4f:8a:95:
13:b7:02:03:1b:d7:42:79:8c:7d:09:98:74:3d:59:eb:22:66:
ba:55:a8:d2:4b:29:6e:d9:73:3d:85:33:83:0f:85:1b:79:99:
ab:28:db:2d:27:94:a9:80:83:75:89:76:02:bf:b8:3c:b2:28:
be:25:ad:64:45:45:cb:77:47:2a:87:30:1e:bc:48:27:0d:38:
00:a3:fa:64:c2:b1:9a:03:df:ff:71:5a:d8:e3:25:85:a5:a7:
8d:81:96:46:30:77:a9:cc:fc:32:49:7f:ba:13:44:b4:81:db:
2d:03:8e:e1:a7:ef:14:ee:da:d9:b4:2f:82:be:02:fe:e4:c7:
f7:b5:8f:dd:4f:7d:cc:17:44:71:84:5d:84:05:40:ce:6c:a3:
20:34:04:30:48:19:ef:89:e4:45:0a:b2:b2:fe:27:c1:0e:95:
1d:83:2c:9a:9f:40:2e:bf:37:5c:33:cd:fa:2d:ba:de:04:12:
b7:7d:82:2c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvS3x/dIFmkFihThQLsQq5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3ZjY2YTQxYmNhNjg3YjI3NThjZmM3YmIxYzVmNGIzNDY5
ZWQ4NzAwHhcNMjMwMTAxMjE0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWQzNzIyYmVhZDdhYmQyZGQ0NzEwNzM0ODQyN2NlNzQ1MzhlYWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPgpUBTTJNXVzj5OP6jaANyyilkC
MXoPg5rgAglHBm49xaU6lf32bvQxDBUuTcyN1DYydLXhOPneqde4txCMyr4H9eyX
l1lgSw6o78SqjXa6WAl6viR75D6tzgPlqB41w2RvXHkMXm82zKSNe90dijdVieHo
ksfPVRxt7SsggI3HwTtpX3td/x4XBbm8LWS4sD+nEW3d0873A4OPqHH4Ze8UJ8tC
fscDgRQSN7ZRroXPxiRpVn9CVnA31cIOGS5Z8qpArsAtC/jgpjoIj0LnD++xI2+c
tACIUtR6msDp1mX2i2F6ku/Kgq3XQ5llsFFh5NTzwwHtZbr8YWu9u1EB/QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE7Tcivq16vS3UcQc0hCfOdFOOr/MB8GA1UdIwQY
MBaAFNf2akG8poeydYz8e7HF9LNGnthwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMV9acVFieW1oN0oxalB4N3NjWDBzMGFlMkhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9jOWUwMmMtYWQ1MS00MzE0LTkwZmMt
NGE3Y2M3NWUzZTZmLzEvVHROeUstclhxOUxkUnhCelNFSjg1MFU0NnY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9jOWUwMmMtYWQ1MS00MzE0LTkwZmMtNGE3Y2M3NWUzZTZm
LzEvMV9acVFieW1oN0oxalB4N3NjWDBzMGFlMkhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAlQOpMA0E
AgACMAcDBQIqEKgAMA0GCSqGSIb3DQEBCwUAA4IBAQAfHEr+1I5PQCuFLIQXVXeX
KdKIt5+HPcI5DEjyd/c1paX4A1jv+l64SmstmVF4PJQYqWerFUBBXNITDo1jnsl7
17rD2eVPipUTtwIDG9dCeYx9CZh0PVnrIma6VajSSylu2XM9hTODD4UbeZmrKNst
J5SpgIN1iXYCv7g8sii+Ja1kRUXLd0cqhzAevEgnDTgAo/pkwrGaA9//cVrY4yWF
paeNgZZGMHepzPwySX+6E0S0gdstA47hp+8U7trZtC+CvgL+5Mf3tY/dT33MF0Rx
hF2EBUDObKMgNAQwSBnvieRFCrKy/ifBDpUdgyyan0AuvzdcM836LbreBBK3fYIs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:58 2024 by rpki-client on console-ams.rpki-client.org