Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/4d200d-eae5-44da-8ee3-09595e9cd6c2/1/tbzAippkWu6Me5xALqQkwbKvTBo.roa
File: tbzAippkWu6Me5xALqQkwbKvTBo.roa (raw, json)
Hash identifier: 3y56oLvNs8zm7CdGmHPLTssjQJBBPt30MPHjclQ005Q=
Subject key identifier: B5:BC:C0:8A:9A:64:5A:EE:8C:7B:9C:40:2E:A4:24:C1:B2:AF:4C:1A
Certificate issuer: /CN=e740eed28f2d994eb2b831cb8efc6470306d7461
Certificate serial: 01856E41CC98344252044AD15B4348619257
Authority key identifier: E7:40:EE:D2:8F:2D:99:4E:B2:B8:31:CB:8E:FC:64:70:30:6D:74:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/50Du0o8tmU6yuDHLjvxkcDBtdGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/4d200d-eae5-44da-8ee3-09595e9cd6c2/1/tbzAippkWu6Me5xALqQkwbKvTBo.roa
Signing time: Sun 01 Jan 2023 16:54:43 +0000
ROA not before: Sun 01 Jan 2023 16:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42600
IP address blocks: 185.139.201.0/24 maxlen: 24
185.139.200.0/24 maxlen: 24
185.139.200.0/22 maxlen: 24
185.139.203.0/24 maxlen: 24
185.139.202.0/24 maxlen: 24
185.46.90.0/24 maxlen: 24
185.46.89.0/24 maxlen: 24
185.46.88.0/24 maxlen: 24
185.46.91.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:41:cc:98:34:42:52:04:4a:d1:5b:43:48:61:92:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e740eed28f2d994eb2b831cb8efc6470306d7461
Validity
Not Before: Jan 1 16:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5bcc08a9a645aee8c7b9c402ea424c1b2af4c1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:da:4e:36:bb:3e:b5:08:b1:b5:31:f9:33:4f:
ed:dc:2a:91:f7:1a:3c:f3:27:d4:8f:08:8e:db:28:
2d:45:2d:3e:5c:a0:44:9d:9b:1e:9e:8b:00:ff:a8:
9b:02:e6:78:97:13:ea:57:50:95:d1:a9:d5:5a:c2:
2d:0e:a0:71:ba:36:af:18:c4:43:03:9d:df:09:d2:
7f:f7:8f:e8:d1:17:00:a8:e0:32:60:f1:7b:e7:1c:
bb:6b:49:5d:76:65:2a:50:a2:7a:c1:e3:e4:6d:99:
b7:a6:56:ec:d7:78:37:c8:25:a1:d2:2c:37:e4:aa:
38:39:38:ad:61:27:20:30:4b:31:3e:3e:a0:c0:54:
05:b0:bd:91:df:26:b7:03:9d:2e:16:48:e4:53:29:
1d:00:0c:30:80:69:a8:3a:d1:69:54:e9:90:1c:13:
30:7f:e0:80:a0:2a:0f:a8:fd:2e:48:dc:d3:bb:a0:
ae:e7:82:43:28:a9:3e:dc:05:0e:55:bb:55:73:70:
a1:ac:a4:f4:38:f1:54:b0:06:1e:e3:e0:da:07:20:
88:c6:ae:20:89:db:bb:d1:bf:f6:11:f1:f8:68:bf:
9d:21:8c:aa:de:a2:c9:e9:77:30:7a:0a:3e:e0:96:
2a:da:93:f8:e2:84:15:63:f1:d2:4a:fd:c1:c7:e8:
d8:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:BC:C0:8A:9A:64:5A:EE:8C:7B:9C:40:2E:A4:24:C1:B2:AF:4C:1A
X509v3 Authority Key Identifier:
keyid:E7:40:EE:D2:8F:2D:99:4E:B2:B8:31:CB:8E:FC:64:70:30:6D:74:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/50Du0o8tmU6yuDHLjvxkcDBtdGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4d200d-eae5-44da-8ee3-09595e9cd6c2/1/tbzAippkWu6Me5xALqQkwbKvTBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4d200d-eae5-44da-8ee3-09595e9cd6c2/1/50Du0o8tmU6yuDHLjvxkcDBtdGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.46.88.0/22
185.139.200.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:e0:e6:da:db:19:c7:5e:86:8e:65:c3:30:d8:4b:28:a1:19:
fc:08:ca:10:40:30:24:4f:84:85:93:08:1e:6e:68:24:93:14:
10:1b:ed:b2:01:93:d9:f5:e2:09:19:31:c1:58:d7:60:db:7d:
01:93:58:16:75:b7:3c:f9:f0:1d:02:b0:5f:e3:d2:02:ea:e0:
ab:fa:c7:50:10:e7:5e:3e:0e:8f:05:8d:11:8a:8f:06:22:07:
b7:22:3d:47:93:50:34:79:6b:4d:ec:34:33:95:76:47:a2:b6:
91:39:16:9f:ec:cd:4f:53:c0:1f:bb:28:4c:2f:5b:3b:d1:03:
40:2e:9a:9f:ee:7e:e0:f0:c7:45:59:14:1e:96:ad:44:d2:13:
64:18:a8:e4:a6:fc:b9:a1:33:c2:08:f9:a4:1b:db:ee:33:61:
2b:64:a8:8d:02:fe:1a:bd:21:89:39:05:d1:13:21:e1:82:41:
af:7e:59:78:11:ad:f8:fd:eb:a1:a5:c0:75:78:2d:b1:a4:8d:
8b:fb:f0:80:22:00:af:16:d7:6e:9f:34:4c:13:5f:6e:cd:a4:
5c:e7:c2:4d:ba:67:12:19:71:3f:16:5e:0a:12:d3:0f:c8:69:
90:54:0b:2d:c8:29:ed:20:0d:0d:3a:19:c4:7f:33:22:0b:6e:
7b:02:bf:7b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuQcyYNEJSBErRW0NIYZJXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NDBlZWQyOGYyZDk5NGViMmI4MzFjYjhlZmM2NDcwMzA2
ZDc0NjEwHhcNMjMwMTAxMTY1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWJjYzA4YTlhNjQ1YWVlOGM3YjljNDAyZWE0MjRjMWIyYWY0YzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdpONrs+tQixtTH5M0/t3CqR9xo8
8yfUjwiO2ygtRS0+XKBEnZsenosA/6ibAuZ4lxPqV1CV0anVWsItDqBxujavGMRD
A53fCdJ/94/o0RcAqOAyYPF75xy7a0lddmUqUKJ6wePkbZm3plbs13g3yCWh0iw3
5Ko4OTitYScgMEsxPj6gwFQFsL2R3ya3A50uFkjkUykdAAwwgGmoOtFpVOmQHBMw
f+CAoCoPqP0uSNzTu6Cu54JDKKk+3AUOVbtVc3ChrKT0OPFUsAYe4+DaByCIxq4g
idu70b/2EfH4aL+dIYyq3qLJ6Xcwego+4JYq2pP44oQVY/HSSv3Bx+jYoQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLW8wIqaZFrujHucQC6kJMGyr0waMB8GA1UdIwQY
MBaAFOdA7tKPLZlOsrgxy478ZHAwbXRhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTBEdTBvOHRtVTZ5dURITGp2eGtjREJ0ZEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy80ZDIwMGQtZWFlNS00NGRhLThlZTMt
MDk1OTVlOWNkNmMyLzEvdGJ6QWlwcGtXdTZNZTV4QUxxUWt3Ykt2VEJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy80ZDIwMGQtZWFlNS00NGRhLThlZTMtMDk1OTVlOWNkNmMy
LzEvNTBEdTBvOHRtVTZ5dURITGp2eGtjREJ0ZEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuS5YAwQC
uYvIMA0GCSqGSIb3DQEBCwUAA4IBAQCa4Oba2xnHXoaOZcMw2EsooRn8CMoQQDAk
T4SFkwgebmgkkxQQG+2yAZPZ9eIJGTHBWNdg230Bk1gWdbc8+fAdArBf49IC6uCr
+sdQEOdePg6PBY0Rio8GIge3Ij1Hk1A0eWtN7DQzlXZHoraRORaf7M1PU8AfuyhM
L1s70QNALpqf7n7g8MdFWRQelq1E0hNkGKjkpvy5oTPCCPmkG9vuM2ErZKiNAv4a
vSGJOQXREyHhgkGvfll4Ea34/euhpcB1eC2xpI2L+/CAIgCvFtdunzRME19uzaRc
58JNumcSGXE/Fl4KEtMPyGmQVAstyCntIA0NOhnEfzMiC257Ar97
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:37:22 2024 by rpki-client on console-fra.rpki-client.org