Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/9dcc25-5b0a-4c3e-9149-5a8230e7643a/1/TSjalW8mm4TSw519xVCUJApFj_c.roa
File: TSjalW8mm4TSw519xVCUJApFj_c.roa (raw, json)
Hash identifier: fF8FM9dhg9mVIZLLdHGLOpE7qdP6o2WDUfjc3YBpkxM=
Subject key identifier: 4D:28:DA:95:6F:26:9B:84:D2:C3:9D:7D:C5:50:94:24:0A:45:8F:F7
Certificate issuer: /CN=1502af713e36e52c71866c8a9ebdacf3d8629b68
Certificate serial: 0185707077A96BA47EBEAEF81F5C9476AF20
Authority key identifier: 15:02:AF:71:3E:36:E5:2C:71:86:6C:8A:9E:BD:AC:F3:D8:62:9B:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FQKvcT425SxxhmyKnr2s89him2g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/9dcc25-5b0a-4c3e-9149-5a8230e7643a/1/TSjalW8mm4TSw519xVCUJApFj_c.roa
Signing time: Mon 02 Jan 2023 03:04:56 +0000
ROA not before: Mon 02 Jan 2023 03:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29208
IP address blocks: 193.84.68.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:77:a9:6b:a4:7e:be:ae:f8:1f:5c:94:76:af:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1502af713e36e52c71866c8a9ebdacf3d8629b68
Validity
Not Before: Jan 2 03:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d28da956f269b84d2c39d7dc55094240a458ff7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d9:bc:f1:b4:17:b7:47:37:ca:3e:3a:35:0c:
77:42:23:55:34:5f:88:c1:ac:02:22:1f:41:79:29:
3d:2f:28:64:3c:aa:1e:1c:af:85:b0:be:de:fd:af:
a1:c9:2f:0d:2c:ff:48:e4:d5:9b:b3:19:02:6c:3d:
51:e7:d3:22:f7:ad:1a:2a:c2:4e:26:58:f3:ec:6e:
80:d9:92:54:40:29:30:59:54:6f:0e:95:d6:86:43:
b9:98:f2:f7:e9:2f:b4:fe:e6:af:3d:09:88:a2:aa:
ad:79:0f:79:53:7a:4c:a7:5f:ba:bd:59:00:32:75:
4e:39:37:f7:d9:63:15:ab:93:f8:e1:03:38:ac:85:
a6:67:45:63:aa:1c:5c:f2:8b:79:9a:23:c4:cd:49:
7e:cf:f4:5d:a3:bb:f3:6e:5b:60:10:36:d6:fe:90:
f2:16:70:7c:1f:36:c3:2a:7b:5d:9c:05:44:9c:3c:
86:8d:0f:3c:24:69:c4:49:89:de:c3:9b:10:6f:df:
2d:01:66:61:d5:b3:db:fd:26:55:2e:17:6d:ec:cd:
6a:66:6a:3f:6b:59:95:37:1f:32:bd:f3:d1:08:f4:
4e:e9:2f:c2:a0:33:a4:8a:cb:bf:17:8a:0d:95:4a:
08:a2:25:40:57:fc:b6:0d:a6:00:8b:8f:61:17:97:
01:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:28:DA:95:6F:26:9B:84:D2:C3:9D:7D:C5:50:94:24:0A:45:8F:F7
X509v3 Authority Key Identifier:
keyid:15:02:AF:71:3E:36:E5:2C:71:86:6C:8A:9E:BD:AC:F3:D8:62:9B:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FQKvcT425SxxhmyKnr2s89him2g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/9dcc25-5b0a-4c3e-9149-5a8230e7643a/1/TSjalW8mm4TSw519xVCUJApFj_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/9dcc25-5b0a-4c3e-9149-5a8230e7643a/1/FQKvcT425SxxhmyKnr2s89him2g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.84.68.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:e5:4b:05:97:d1:5f:0c:e2:a0:a0:fe:d8:ff:b5:aa:f2:f7:
aa:10:bc:23:c3:6a:f7:0f:40:69:1f:53:5c:50:2c:db:d9:f8:
3f:c4:15:c5:14:2f:4e:bc:08:a1:59:7d:94:e6:d0:92:fd:c0:
ea:c5:52:ed:0f:74:ee:bd:cd:75:e9:a7:99:e0:0f:89:24:d4:
18:3d:ef:6c:0b:b7:05:ca:07:17:6b:d4:33:0d:31:3b:bb:b7:
65:e3:04:73:78:aa:a3:9e:40:a5:a2:68:a4:e9:05:94:9b:a8:
3d:dc:ac:bc:83:10:2e:4e:d5:16:d6:34:c1:cd:d2:e2:f1:64:
fe:2e:d2:f3:84:6c:cd:65:92:d7:0b:d9:97:14:f1:d5:c0:a4:
68:89:81:1c:c5:08:7d:d7:a0:b6:7a:bf:9e:b0:f3:28:36:37:
07:87:d3:a7:57:4d:ef:cd:44:a0:fb:1c:26:74:89:ea:21:49:
43:07:3e:65:58:97:c5:91:2f:ad:c3:54:6b:0a:79:41:8c:19:
cb:0a:b3:a8:4d:ab:7a:0d:ca:62:f8:a2:9e:05:76:ec:fe:8d:
5e:79:4a:50:6d:b1:43:c0:ff:71:1c:05:31:34:e6:20:93:87:
d6:80:59:47:b4:5d:de:ba:0e:9c:36:44:cb:72:69:33:d8:31:
f4:60:1e:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwcHepa6R+vq74H1yUdq8gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MDJhZjcxM2UzNmU1MmM3MTg2NmM4YTllYmRhY2YzZDg2
MjliNjgwHhcNMjMwMTAyMDMwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDI4ZGE5NTZmMjY5Yjg0ZDJjMzlkN2RjNTUwOTQyNDBhNDU4ZmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9m88bQXt0c3yj46NQx3QiNVNF+I
wawCIh9BeSk9LyhkPKoeHK+FsL7e/a+hyS8NLP9I5NWbsxkCbD1R59Mi960aKsJO
Jljz7G6A2ZJUQCkwWVRvDpXWhkO5mPL36S+0/uavPQmIoqqteQ95U3pMp1+6vVkA
MnVOOTf32WMVq5P44QM4rIWmZ0Vjqhxc8ot5miPEzUl+z/Rdo7vzbltgEDbW/pDy
FnB8HzbDKntdnAVEnDyGjQ88JGnESYnew5sQb98tAWZh1bPb/SZVLhdt7M1qZmo/
a1mVNx8yvfPRCPRO6S/CoDOkisu/F4oNlUoIoiVAV/y2DaYAi49hF5cB2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE0o2pVvJpuE0sOdfcVQlCQKRY/3MB8GA1UdIwQY
MBaAFBUCr3E+NuUscYZsip69rPPYYptoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlFLdmNUNDI1U3h4aG15S25yMnM4OWhpbTJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS85ZGNjMjUtNWIwYS00YzNlLTkxNDkt
NWE4MjMwZTc2NDNhLzEvVFNqYWxXOG1tNFRTdzUxOXhWQ1VKQXBGal9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS85ZGNjMjUtNWIwYS00YzNlLTkxNDktNWE4MjMwZTc2NDNh
LzEvRlFLdmNUNDI1U3h4aG15S25yMnM4OWhpbTJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwVREMA0G
CSqGSIb3DQEBCwUAA4IBAQAu5UsFl9FfDOKgoP7Y/7Wq8veqELwjw2r3D0BpH1Nc
UCzb2fg/xBXFFC9OvAihWX2U5tCS/cDqxVLtD3Tuvc116aeZ4A+JJNQYPe9sC7cF
ygcXa9QzDTE7u7dl4wRzeKqjnkClomik6QWUm6g93Ky8gxAuTtUW1jTBzdLi8WT+
LtLzhGzNZZLXC9mXFPHVwKRoiYEcxQh916C2er+esPMoNjcHh9OnV03vzUSg+xwm
dInqIUlDBz5lWJfFkS+tw1RrCnlBjBnLCrOoTat6Dcpi+KKeBXbs/o1eeUpQbbFD
wP9xHAUxNOYgk4fWgFlHtF3eug6cNkTLcmkz2DH0YB4W
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:09 2024 by rpki-client on console-ams.rpki-client.org