Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/3c02f6-7c41-49bb-b9de-b69dce7547a1/1/tbszbhTXnc6kIuY1SjDMfB_q_p0.roa
File: tbszbhTXnc6kIuY1SjDMfB_q_p0.roa (raw, json)
Hash identifier: U5wGO1RtB/opmWr3ns7IVxpOBEKgU4/nCnCuehKmEiQ=
Subject key identifier: B5:BB:33:6E:14:D7:9D:CE:A4:22:E6:35:4A:30:CC:7C:1F:EA:FE:9D
Certificate issuer: /CN=16cde139ae0573b0a4dda93e77b57ff27f9beba1
Certificate serial: 01856D017402C30D6EE07602DCC1212EE53D
Authority key identifier: 16:CD:E1:39:AE:05:73:B0:A4:DD:A9:3E:77:B5:7F:F2:7F:9B:EB:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fs3hOa4Fc7Ck3ak-d7V_8n-b66E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/3c02f6-7c41-49bb-b9de-b69dce7547a1/1/tbszbhTXnc6kIuY1SjDMfB_q_p0.roa
Signing time: Sun 01 Jan 2023 11:04:49 +0000
ROA not before: Sun 01 Jan 2023 11:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20594
IP address blocks: 185.62.144.0/23 maxlen: 23
185.62.146.0/24 maxlen: 24
217.194.32.0/20 maxlen: 20
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:74:02:c3:0d:6e:e0:76:02:dc:c1:21:2e:e5:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16cde139ae0573b0a4dda93e77b57ff27f9beba1
Validity
Not Before: Jan 1 11:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5bb336e14d79dcea422e6354a30cc7c1feafe9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d7:1d:65:c2:78:ef:df:97:a2:1f:5b:3a:56:
8d:07:da:6d:a7:a8:fa:b6:6a:c1:82:22:0b:6b:85:
ff:90:32:69:d1:93:04:ed:ba:8b:15:05:85:e7:32:
21:5a:0e:36:2f:b4:c8:c8:b5:4a:86:b0:2e:95:44:
18:09:9d:bd:54:bc:c4:40:b7:9c:b1:f7:3a:7a:8b:
6b:74:82:fe:17:5c:73:09:84:00:e1:e7:49:98:ea:
2d:17:5a:69:50:00:75:6f:f0:3d:f3:89:90:97:12:
6e:64:68:2d:f4:57:3c:1a:d3:f1:c7:4d:41:93:36:
f7:d8:63:75:24:15:5a:0e:48:f3:d9:fc:0b:14:e4:
32:8e:49:29:06:d0:83:c9:48:27:a4:4f:4a:01:3a:
e5:f5:71:40:c6:72:1a:0d:08:13:f9:5d:74:6f:2e:
bf:2c:1d:2b:48:26:fa:4b:97:0a:d6:f0:33:53:d6:
d4:54:3f:7a:99:a9:64:7d:1b:77:2a:25:e2:b4:dc:
b1:d5:92:d3:0f:cd:37:1e:6d:fd:83:9c:5a:b0:9c:
3c:5c:f2:3d:5c:b1:25:ed:05:70:8e:60:62:8b:74:
c1:fa:c8:50:68:ec:2f:af:93:b6:01:5d:bd:ae:db:
4e:8c:61:d5:7f:96:5f:e3:27:5b:77:79:78:58:f7:
98:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:BB:33:6E:14:D7:9D:CE:A4:22:E6:35:4A:30:CC:7C:1F:EA:FE:9D
X509v3 Authority Key Identifier:
keyid:16:CD:E1:39:AE:05:73:B0:A4:DD:A9:3E:77:B5:7F:F2:7F:9B:EB:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fs3hOa4Fc7Ck3ak-d7V_8n-b66E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/3c02f6-7c41-49bb-b9de-b69dce7547a1/1/tbszbhTXnc6kIuY1SjDMfB_q_p0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/3c02f6-7c41-49bb-b9de-b69dce7547a1/1/Fs3hOa4Fc7Ck3ak-d7V_8n-b66E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.62.144.0-185.62.146.255
217.194.32.0/20
Signature Algorithm: sha256WithRSAEncryption
1f:75:36:cf:5d:96:a9:b8:07:45:2b:c4:52:af:fd:86:61:51:
af:0b:30:95:53:2f:5a:0e:28:54:01:26:d3:c8:e1:2f:24:63:
77:7e:be:0a:1e:b0:71:62:f5:63:af:3b:c3:55:61:2c:69:3d:
84:10:72:3b:ec:a7:7f:cb:52:1c:50:de:09:b6:3b:9f:51:15:
fe:ad:a2:03:cd:84:2e:86:37:89:8a:69:f3:9d:5c:a4:cb:f8:
8b:87:12:45:df:3b:80:6c:a6:b6:38:53:40:26:a1:25:0a:2a:
ad:66:a0:d4:26:79:22:8a:d3:f7:99:31:91:87:f0:88:5f:d6:
24:20:7a:3e:88:46:af:b6:90:f1:cb:33:17:60:1e:fb:25:a0:
76:a8:fd:ce:14:fc:dc:bd:0c:6b:53:fc:d5:8f:ff:80:1b:48:
28:d5:83:64:3d:69:39:19:54:e5:c5:53:04:2c:f6:d7:91:c9:
1d:56:19:ea:0e:09:b0:8d:bf:0a:d1:65:47:a7:a3:d1:c6:07:
f1:93:55:07:fd:78:d7:5f:3f:3f:9a:5b:f6:24:71:a2:5d:50:
e6:69:75:50:ac:95:e0:0f:58:cf:fc:dd:4f:da:c8:9c:7d:e2:
5e:38:e3:46:b3:0e:6b:1b:b8:89:1b:f4:64:dd:0e:c3:7e:d9:
7c:cc:74:48
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVtAXQCww1u4HYC3MEhLuU9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2Y2RlMTM5YWUwNTczYjBhNGRkYTkzZTc3YjU3ZmYyN2Y5
YmViYTEwHhcNMjMwMTAxMTEwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWJiMzM2ZTE0ZDc5ZGNlYTQyMmU2MzU0YTMwY2M3YzFmZWFmZTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtcdZcJ479+Xoh9bOlaNB9ptp6j6
tmrBgiILa4X/kDJp0ZME7bqLFQWF5zIhWg42L7TIyLVKhrAulUQYCZ29VLzEQLec
sfc6eotrdIL+F1xzCYQA4edJmOotF1ppUAB1b/A984mQlxJuZGgt9Fc8GtPxx01B
kzb32GN1JBVaDkjz2fwLFOQyjkkpBtCDyUgnpE9KATrl9XFAxnIaDQgT+V10by6/
LB0rSCb6S5cK1vAzU9bUVD96malkfRt3KiXitNyx1ZLTD803Hm39g5xasJw8XPI9
XLEl7QVwjmBii3TB+shQaOwvr5O2AV29rttOjGHVf5Zf4ydbd3l4WPeYAwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLW7M24U153OpCLmNUowzHwf6v6dMB8GA1UdIwQY
MBaAFBbN4TmuBXOwpN2pPne1f/J/m+uhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnMzaE9hNEZjN0NrM2FrLWQ3Vl84bi1iNjZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8zYzAyZjYtN2M0MS00OWJiLWI5ZGUt
YjY5ZGNlNzU0N2ExLzEvdGJzemJoVFhuYzZrSXVZMVNqRE1mQl9xX3AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8zYzAyZjYtN2M0MS00OWJiLWI5ZGUtYjY5ZGNlNzU0N2Ex
LzEvRnMzaE9hNEZjN0NrM2FrLWQ3Vl84bi1iNjZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAS5PpAD
BAC5PpIDBATZwiAwDQYJKoZIhvcNAQELBQADggEBAB91Ns9dlqm4B0UrxFKv/YZh
Ua8LMJVTL1oOKFQBJtPI4S8kY3d+vgoesHFi9WOvO8NVYSxpPYQQcjvsp3/LUhxQ
3gm2O59RFf6togPNhC6GN4mKafOdXKTL+IuHEkXfO4BsprY4U0AmoSUKKq1moNQm
eSKK0/eZMZGH8Ihf1iQgej6IRq+2kPHLMxdgHvsloHao/c4U/Ny9DGtT/NWP/4Ab
SCjVg2Q9aTkZVOXFUwQs9teRyR1WGeoOCbCNvwrRZUeno9HGB/GTVQf9eNdfPz+a
W/YkcaJdUOZpdVCsleAPWM/83U/ayJx94l4440azDmsbuIkb9GTdDsN+2XzMdEg=
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:22 2024 by rpki-client on console-ams.rpki-client.org