Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/def095-056b-4dd3-bf1e-e71beda1f299/1/TCF8ffIY2wfGKZWGq5HGPnFbXaU.roa
File: TCF8ffIY2wfGKZWGq5HGPnFbXaU.roa (raw, json)
Hash identifier: OnJ8ZhG5AzN3LAyJLRAPL7jUJH92ybLJACP/wgcB8+c=
Subject key identifier: 4C:21:7C:7D:F2:18:DB:07:C6:29:95:86:AB:91:C6:3E:71:5B:5D:A5
Certificate issuer: /CN=293d1044cd48d61716d759e020ddbdaa814d5cd5
Certificate serial: 01896312EC3A413020E08E6D6312E0AE4700
Authority key identifier: 29:3D:10:44:CD:48:D6:17:16:D7:59:E0:20:DD:BD:AA:81:4D:5C:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KT0QRM1I1hcW11ngIN29qoFNXNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/def095-056b-4dd3-bf1e-e71beda1f299/1/TCF8ffIY2wfGKZWGq5HGPnFbXaU.roa
Signing time: Mon 17 Jul 2023 08:58:51 +0000
ROA not before: Mon 17 Jul 2023 08:58:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35432
IP address blocks: 185.230.112.0/22 maxlen: 24
2a0c:7300::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:63:12:ec:3a:41:30:20:e0:8e:6d:63:12:e0:ae:47:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=293d1044cd48d61716d759e020ddbdaa814d5cd5
Validity
Not Before: Jul 17 08:58:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c217c7df218db07c6299586ab91c63e715b5da5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:37:ea:c0:1c:34:4f:96:af:b8:4f:09:11:c8:
c7:5a:b9:9c:e0:9b:f4:11:79:4a:48:7c:dd:89:4c:
68:f4:53:f7:f2:eb:41:8e:28:c4:63:d6:70:c1:82:
92:c8:11:83:92:ce:c0:5e:a1:db:c4:49:fa:07:60:
bb:f6:11:84:aa:5b:33:0b:80:38:56:48:db:e2:9c:
32:e9:13:c6:bf:5f:df:bd:29:de:11:e5:9f:b3:2b:
09:2d:41:26:32:43:a1:14:69:1b:13:16:fd:9c:5f:
32:60:45:e7:20:ef:62:48:d0:11:8a:6f:ef:8e:f3:
a6:23:c4:56:54:fa:3a:d6:27:d7:b9:d8:cb:5e:4d:
bd:f5:af:55:51:53:1d:b8:da:8f:69:80:cd:e4:04:
ef:c1:74:9f:88:ef:17:84:83:5b:eb:a4:fd:21:b6:
c8:34:e9:77:3c:0e:63:c8:ad:da:35:7e:3a:52:47:
00:fb:5b:27:d3:75:37:0a:51:4f:df:33:31:f0:4e:
2f:d7:08:a3:9f:34:37:40:9b:0a:c6:03:1c:e2:f5:
a4:d5:39:df:d9:43:2f:90:88:eb:c4:83:2c:d5:d1:
65:4a:3f:f0:ce:3b:3f:f0:a8:ef:c9:92:11:54:d7:
0a:5e:47:59:89:cb:54:2e:f8:4d:09:e1:fb:a7:76:
3f:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:21:7C:7D:F2:18:DB:07:C6:29:95:86:AB:91:C6:3E:71:5B:5D:A5
X509v3 Authority Key Identifier:
keyid:29:3D:10:44:CD:48:D6:17:16:D7:59:E0:20:DD:BD:AA:81:4D:5C:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KT0QRM1I1hcW11ngIN29qoFNXNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/def095-056b-4dd3-bf1e-e71beda1f299/1/TCF8ffIY2wfGKZWGq5HGPnFbXaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/def095-056b-4dd3-bf1e-e71beda1f299/1/KT0QRM1I1hcW11ngIN29qoFNXNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.112.0/22
IPv6:
2a0c:7300::/32
Signature Algorithm: sha256WithRSAEncryption
95:48:4e:40:63:3f:77:fa:af:5c:de:52:92:7b:4b:37:46:45:
47:bf:28:8e:3c:fe:3c:02:94:e6:72:ba:96:e2:ca:1d:53:7f:
28:cd:87:9d:6c:59:98:d8:a4:e9:09:85:b5:88:dd:61:91:47:
61:e0:72:b8:c4:fb:58:32:b9:55:cc:c3:95:90:85:a5:03:1f:
11:11:28:62:b6:c5:72:15:d8:6a:02:1e:c9:34:6c:bd:97:39:
98:e6:a3:dd:ff:5f:f1:c4:52:a7:68:40:f8:02:97:ef:a9:31:
02:2f:11:86:6b:f3:fc:c3:79:5d:cf:54:ff:bd:cb:c6:50:91:
93:05:a2:2d:c6:c9:ed:f7:1c:68:85:5a:a7:b7:d6:e7:4e:61:
34:3d:15:1c:16:46:58:90:3c:f0:fa:a4:af:cc:30:b5:0e:4a:
99:ee:42:6d:66:d3:60:90:68:0e:03:db:43:8e:66:2c:a1:45:
2a:dc:5c:1b:b3:c2:a5:16:ea:2a:be:88:81:05:48:02:2e:20:
d9:5e:21:da:05:a4:b6:de:07:c9:d4:d3:2b:a7:61:41:4e:5f:
78:11:a7:18:57:5b:3e:97:d4:ab:67:6b:7d:08:7c:77:de:64:
cb:df:fc:3c:fc:f8:9e:f7:8e:f8:1d:72:8a:79:17:1e:40:57:
6a:2c:ee:b5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYljEuw6QTAg4I5tYxLgrkcAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5M2QxMDQ0Y2Q0OGQ2MTcxNmQ3NTllMDIwZGRiZGFhODE0
ZDVjZDUwHhcNMjMwNzE3MDg1ODUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzIxN2M3ZGYyMThkYjA3YzYyOTk1ODZhYjkxYzYzZTcxNWI1ZGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDfqwBw0T5avuE8JEcjHWrmc4Jv0
EXlKSHzdiUxo9FP38utBjijEY9ZwwYKSyBGDks7AXqHbxEn6B2C79hGEqlszC4A4
Vkjb4pwy6RPGv1/fvSneEeWfsysJLUEmMkOhFGkbExb9nF8yYEXnIO9iSNARim/v
jvOmI8RWVPo61ifXudjLXk299a9VUVMduNqPaYDN5ATvwXSfiO8XhINb66T9IbbI
NOl3PA5jyK3aNX46UkcA+1sn03U3ClFP3zMx8E4v1wijnzQ3QJsKxgMc4vWk1Tnf
2UMvkIjrxIMs1dFlSj/wzjs/8KjvyZIRVNcKXkdZictULvhNCeH7p3Y/3QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEwhfH3yGNsHximVhquRxj5xW12lMB8GA1UdIwQY
MBaAFCk9EETNSNYXFtdZ4CDdvaqBTVzVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1QwUVJNMUkxaGNXMTFuZ0lOMjlxb0ZOWE5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9kZWYwOTUtMDU2Yi00ZGQzLWJmMWUt
ZTcxYmVkYTFmMjk5LzEvVENGOGZmSVkyd2ZHS1pXR3E1SEdQbkZiWGFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9kZWYwOTUtMDU2Yi00ZGQzLWJmMWUtZTcxYmVkYTFmMjk5
LzEvS1QwUVJNMUkxaGNXMTFuZ0lOMjlxb0ZOWE5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCueZwMA0E
AgACMAcDBQAqDHMAMA0GCSqGSIb3DQEBCwUAA4IBAQCVSE5AYz93+q9c3lKSe0s3
RkVHvyiOPP48ApTmcrqW4sodU38ozYedbFmY2KTpCYW1iN1hkUdh4HK4xPtYMrlV
zMOVkIWlAx8REShitsVyFdhqAh7JNGy9lzmY5qPd/1/xxFKnaED4ApfvqTECLxGG
a/P8w3ldz1T/vcvGUJGTBaItxsnt9xxohVqnt9bnTmE0PRUcFkZYkDzw+qSvzDC1
DkqZ7kJtZtNgkGgOA9tDjmYsoUUq3Fwbs8KlFuoqvoiBBUgCLiDZXiHaBaS23gfJ
1NMrp2FBTl94EacYV1s+l9SrZ2t9CHx33mTL3/w8/Pie9474HXKKeRceQFdqLO61
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:43 2024 by rpki-client on console-ams.rpki-client.org