Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/TKqaPWwyyqM6iaANsqH4wtMfZI0.roa
File: TKqaPWwyyqM6iaANsqH4wtMfZI0.roa (raw, json)
Hash identifier: iBdfpF/xzom2MguRB3/LhAR3bV3Y2sTHrPSRK2293ik=
Subject key identifier: 4C:AA:9A:3D:6C:32:CA:A3:3A:89:A0:0D:B2:A1:F8:C2:D3:1F:64:8D
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 01856CAF127B4CCD9ECAAE088107E1A6619C
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/TKqaPWwyyqM6iaANsqH4wtMfZI0.roa
Signing time: Sun 01 Jan 2023 09:34:50 +0000
ROA not before: Sun 01 Jan 2023 09:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 80.92.206.0/24 maxlen: 24
74.119.195.0/24 maxlen: 24
185.242.84.0/24 maxlen: 24
185.242.85.0/24 maxlen: 24
185.242.87.0/24 maxlen: 24
185.242.86.0/24 maxlen: 24
185.250.149.0/24 maxlen: 24
185.250.148.0/24 maxlen: 24
45.67.231.0/24 maxlen: 24
45.67.230.0/24 maxlen: 24
45.67.229.0/24 maxlen: 24
45.67.228.0/24 maxlen: 24
2a09:7c44::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:12:7b:4c:cd:9e:ca:ae:08:81:07:e1:a6:61:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Jan 1 09:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4caa9a3d6c32caa33a89a00db2a1f8c2d31f648d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b0:60:b3:16:eb:81:20:93:b8:f6:dc:1a:3f:
a1:b3:43:14:86:93:dc:b0:88:c6:f5:04:ad:95:d1:
27:a7:5d:68:37:d9:b3:57:ff:d1:79:1c:5c:a9:c8:
0d:b8:69:3a:0b:44:b1:07:0c:f3:06:92:75:ec:bd:
46:d9:14:4c:48:c1:14:f6:81:9a:f3:b0:eb:e2:51:
49:89:ad:ab:18:52:06:0a:da:8e:60:10:de:2f:76:
37:7f:c1:a1:4b:92:9b:a0:36:6c:ca:95:19:13:e0:
04:c0:6f:93:fd:0a:bb:2a:36:fe:b5:b1:de:50:6e:
56:53:ec:13:d1:8b:80:ce:3c:27:07:14:3c:12:3c:
70:4a:15:a4:54:20:84:91:10:a7:4e:01:c2:82:45:
a0:61:e1:5f:67:85:91:72:5a:69:bc:86:b9:cf:c4:
16:ac:78:e9:9b:85:fe:f6:a3:c7:a6:b5:57:86:8a:
3b:a4:8b:ff:d0:85:a4:8c:cd:9c:9a:a0:f0:83:5a:
d5:50:3a:d6:a4:a9:d7:0e:0e:a4:6e:b8:93:0d:e9:
45:c3:76:97:0a:6d:ab:48:9e:e6:bd:69:d9:fe:46:
a5:57:6b:66:34:ab:64:48:1d:e9:ad:48:3f:2a:63:
7f:8b:96:5f:82:bd:51:32:9a:2b:e7:c0:27:5e:b0:
37:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:AA:9A:3D:6C:32:CA:A3:3A:89:A0:0D:B2:A1:F8:C2:D3:1F:64:8D
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/TKqaPWwyyqM6iaANsqH4wtMfZI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.228.0/22
74.119.195.0/24
80.92.206.0/24
185.242.84.0/22
185.250.148.0/23
IPv6:
2a09:7c44::/32
Signature Algorithm: sha256WithRSAEncryption
9d:ca:c4:27:b3:6e:a4:3a:d7:74:b4:3e:e7:52:ae:37:ef:1e:
42:a0:86:0b:c1:88:ec:01:95:f1:ba:e3:df:b4:df:18:d1:1f:
69:98:14:df:1e:59:14:8a:94:1a:6f:4a:9e:5d:eb:10:52:12:
c2:87:9f:40:c2:cf:c0:6b:a2:93:06:99:33:b1:fe:84:24:0a:
7d:b0:94:ee:a4:4c:c5:bf:c1:49:35:9a:4c:6f:26:bb:a0:61:
36:5b:10:96:e1:67:9d:e7:32:bd:c5:95:1b:b5:44:48:0c:2b:
6a:2f:11:99:e0:80:23:2e:14:2b:c3:62:0a:21:16:20:9a:0c:
b2:59:d3:3e:5d:3b:a8:91:19:d0:1a:cf:24:72:83:c5:d8:20:
8f:9c:76:b2:6c:6b:31:ba:da:a8:81:31:a1:fc:52:3d:9d:d6:
b5:54:8d:95:b0:38:f1:bd:86:67:8b:c1:ac:67:a0:51:e3:98:
a1:b5:88:20:6c:b6:39:0f:2c:a0:8d:8b:e8:2d:8a:f3:42:38:
31:ed:54:b8:e9:02:04:66:93:b8:d6:67:77:41:dd:85:5f:3a:
e5:df:87:5f:63:3b:ac:8c:01:20:d1:6b:30:8f:9d:d9:b7:63:
23:15:a1:e2:2e:cf:54:2e:ca:68:d9:74:be:4c:ab:94:6c:fe:
0e:fc:c2:16
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVsrxJ7TM2eyq4IgQfhpmGcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjMwMTAxMDkzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2FhOWEzZDZjMzJjYWEzM2E4OWEwMGRiMmExZjhjMmQzMWY2NDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLBgsxbrgSCTuPbcGj+hs0MUhpPc
sIjG9QStldEnp11oN9mzV//ReRxcqcgNuGk6C0SxBwzzBpJ17L1G2RRMSMEU9oGa
87Dr4lFJia2rGFIGCtqOYBDeL3Y3f8GhS5KboDZsypUZE+AEwG+T/Qq7Kjb+tbHe
UG5WU+wT0YuAzjwnBxQ8EjxwShWkVCCEkRCnTgHCgkWgYeFfZ4WRclppvIa5z8QW
rHjpm4X+9qPHprVXhoo7pIv/0IWkjM2cmqDwg1rVUDrWpKnXDg6kbriTDelFw3aX
Cm2rSJ7mvWnZ/kalV2tmNKtkSB3prUg/KmN/i5Zfgr1RMpor58AnXrA3XQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFEyqmj1sMsqjOomgDbKh+MLTH2SNMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvVEtxYVBXd3l5cU02aWFBTnNxSDR3dE1mWkkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLUPkAwQA
SnfDAwQAUFzOAwQCufJUAwQBufqUMA0EAgACMAcDBQAqCXxEMA0GCSqGSIb3DQEB
CwUAA4IBAQCdysQns26kOtd0tD7nUq437x5CoIYLwYjsAZXxuuPftN8Y0R9pmBTf
HlkUipQab0qeXesQUhLCh59Aws/Aa6KTBpkzsf6EJAp9sJTupEzFv8FJNZpMbya7
oGE2WxCW4Wed5zK9xZUbtURIDCtqLxGZ4IAjLhQrw2IKIRYgmgyyWdM+XTuokRnQ
Gs8kcoPF2CCPnHaybGsxutqogTGh/FI9nda1VI2VsDjxvYZni8GsZ6BR45ihtYgg
bLY5DyygjYvoLYrzQjgx7VS46QIEZpO41md3Qd2FXzrl34dfYzusjAEg0Wswj53Z
t2MjFaHiLs9ULspo2XS+TKuUbP4O/MIW
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:53 2023 by rpki-client on console-ams.rpki-client.org