Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/4f2367-73f3-4816-bea8-a045ff8e2ac0/1/tc-PwP3lO2S_IKCUn5NyvXNEAeA.roa
File: tc-PwP3lO2S_IKCUn5NyvXNEAeA.roa (raw, json)
Hash identifier: 7nb32GOIc3F2N/uYc6qHxAo0fVbutoS/VEPwobmrBHA=
Subject key identifier: B5:CF:8F:C0:FD:E5:3B:64:BF:20:A0:94:9F:93:72:BD:73:44:01:E0
Certificate issuer: /CN=9cce3b1197d0cf9511540572a58fd372dcc07489
Certificate serial: 01856CAEF8D88EC29B4BE38F79A7B39528EE
Authority key identifier: 9C:CE:3B:11:97:D0:CF:95:11:54:05:72:A5:8F:D3:72:DC:C0:74:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nM47EZfQz5URVAVypY_TctzAdIk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/4f2367-73f3-4816-bea8-a045ff8e2ac0/1/tc-PwP3lO2S_IKCUn5NyvXNEAeA.roa
Signing time: Sun 01 Jan 2023 09:34:44 +0000
ROA not before: Sun 01 Jan 2023 09:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202636
IP address blocks: 217.67.160.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ae:f8:d8:8e:c2:9b:4b:e3:8f:79:a7:b3:95:28:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cce3b1197d0cf9511540572a58fd372dcc07489
Validity
Not Before: Jan 1 09:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5cf8fc0fde53b64bf20a0949f9372bd734401e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2c:64:e0:57:b3:7b:cf:d5:fa:b1:bb:4b:2f:
c2:fd:73:f1:e3:93:d6:e5:44:58:60:ed:7d:bd:7b:
3c:4d:7f:7b:ba:79:57:38:d5:d1:b2:96:6e:ce:c8:
e4:83:0b:10:92:36:b2:e1:0c:fc:d7:9e:aa:c1:ea:
b6:54:64:19:9f:95:38:ea:69:9a:ad:48:e3:63:b4:
21:23:80:3d:1b:ff:02:aa:56:98:a2:26:c3:00:92:
14:11:5e:f2:54:8a:df:f2:f4:5c:78:f3:d7:b3:1f:
a6:c8:86:1c:fc:af:a5:2e:b2:89:9a:87:52:e9:58:
5e:1b:c3:fa:9b:41:9b:0e:e7:41:63:98:51:8f:9d:
f4:6c:de:7c:3e:40:28:12:a9:ad:37:17:84:6a:f9:
11:6a:cf:3f:10:58:ed:40:32:3a:c5:61:90:da:c0:
21:f0:6c:d2:75:7e:76:90:cd:52:9e:07:2e:83:96:
d0:55:37:d6:de:68:e6:52:be:52:1f:61:89:f8:0d:
00:ab:48:13:cb:05:c9:02:93:93:db:ac:ae:8d:ac:
f4:a7:4b:73:6d:c3:3d:5b:bf:78:e9:73:46:cf:e8:
db:22:a3:e6:92:48:d8:16:83:f8:05:47:af:c4:8e:
90:c2:20:0d:40:e5:44:73:44:65:1a:3e:0e:91:af:
3b:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:CF:8F:C0:FD:E5:3B:64:BF:20:A0:94:9F:93:72:BD:73:44:01:E0
X509v3 Authority Key Identifier:
keyid:9C:CE:3B:11:97:D0:CF:95:11:54:05:72:A5:8F:D3:72:DC:C0:74:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nM47EZfQz5URVAVypY_TctzAdIk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/4f2367-73f3-4816-bea8-a045ff8e2ac0/1/tc-PwP3lO2S_IKCUn5NyvXNEAeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/4f2367-73f3-4816-bea8-a045ff8e2ac0/1/nM47EZfQz5URVAVypY_TctzAdIk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.67.160.0/24
Signature Algorithm: sha256WithRSAEncryption
83:b2:81:16:57:17:c6:74:5a:80:7a:a3:29:4c:9e:58:5f:ac:
c4:2b:b5:bf:88:17:10:50:63:7e:e0:da:e0:4a:d5:95:75:3a:
fb:cf:fc:d7:62:aa:dc:59:86:07:37:4c:b0:e4:19:d9:a2:58:
b2:df:de:37:6a:2e:3d:0f:94:dd:8e:87:ed:4b:df:6f:ef:3e:
8e:66:e7:2b:91:6f:a2:d3:29:bd:f7:3c:d8:6e:5f:61:75:f8:
87:59:32:af:f1:fb:69:25:ec:ac:a9:c6:17:9d:41:52:4e:b7:
00:ee:1a:99:e3:da:30:4d:a5:7f:a5:d3:98:5a:2b:03:51:af:
29:db:c5:e4:0b:2c:bf:83:d1:2b:d3:bb:bb:7e:52:a5:de:9e:
5a:31:85:19:1f:bc:a0:1c:48:7c:fe:ad:9a:b8:ad:60:19:ba:
28:5a:d6:7d:af:a8:b1:15:7a:12:79:4c:22:63:49:1c:78:dc:
09:01:9f:0d:7f:a4:7b:d4:f3:d2:38:47:4c:ae:39:76:b2:0a:
09:c8:d4:50:c7:c1:c1:d7:e3:5f:99:39:f8:51:0e:09:ab:2e:
5d:90:6a:2d:d1:76:45:e2:31:e4:86:78:39:a1:54:0d:a0:23:
f5:9c:a6:6c:8d:f2:ef:6f:aa:0f:ca:0b:fc:7b:2e:a2:a0:17:
23:c5:a4:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsrvjYjsKbS+OPeaezlSjuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljY2UzYjExOTdkMGNmOTUxMTU0MDU3MmE1OGZkMzcyZGNj
MDc0ODkwHhcNMjMwMTAxMDkzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWNmOGZjMGZkZTUzYjY0YmYyMGEwOTQ5ZjkzNzJiZDczNDQwMWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSxk4Feze8/V+rG7Sy/C/XPx45PW
5URYYO19vXs8TX97unlXONXRspZuzsjkgwsQkjay4Qz8156qweq2VGQZn5U46mma
rUjjY7QhI4A9G/8CqlaYoibDAJIUEV7yVIrf8vRcePPXsx+myIYc/K+lLrKJmodS
6VheG8P6m0GbDudBY5hRj530bN58PkAoEqmtNxeEavkRas8/EFjtQDI6xWGQ2sAh
8GzSdX52kM1Sngcug5bQVTfW3mjmUr5SH2GJ+A0Aq0gTywXJApOT26yujaz0p0tz
bcM9W7946XNGz+jbIqPmkkjYFoP4BUevxI6QwiANQOVEc0RlGj4Oka87QQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLXPj8D95TtkvyCglJ+Tcr1zRAHgMB8GA1UdIwQY
MBaAFJzOOxGX0M+VEVQFcqWP03LcwHSJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbk00N0VaZlF6NVVSVkFWeXBZX1RjdHpBZElrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC80ZjIzNjctNzNmMy00ODE2LWJlYTgt
YTA0NWZmOGUyYWMwLzEvdGMtUHdQM2xPMlNfSUtDVW41Tnl2WE5FQWVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC80ZjIzNjctNzNmMy00ODE2LWJlYTgtYTA0NWZmOGUyYWMw
LzEvbk00N0VaZlF6NVVSVkFWeXBZX1RjdHpBZElrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2UOgMA0G
CSqGSIb3DQEBCwUAA4IBAQCDsoEWVxfGdFqAeqMpTJ5YX6zEK7W/iBcQUGN+4Nrg
StWVdTr7z/zXYqrcWYYHN0yw5BnZoliy3943ai49D5TdjoftS99v7z6OZucrkW+i
0ym99zzYbl9hdfiHWTKv8ftpJeysqcYXnUFSTrcA7hqZ49owTaV/pdOYWisDUa8p
28XkCyy/g9Er07u7flKl3p5aMYUZH7ygHEh8/q2auK1gGbooWtZ9r6ixFXoSeUwi
Y0kceNwJAZ8Nf6R71PPSOEdMrjl2sgoJyNRQx8HB1+NfmTn4UQ4Jqy5dkGot0XZF
4jHkhng5oVQNoCP1nKZsjfLvb6oPygv8ey6ioBcjxaRS
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:00 2024 by rpki-client on console-ams.rpki-client.org