Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/TYDQ9CDbttlUUbJd1LD4gGXA6tc.roa
File: TYDQ9CDbttlUUbJd1LD4gGXA6tc.roa (raw, json)
Hash identifier: J62M3ktr30ChfhTGGucRV4MzSruTf0+X84PK6RPyStg=
Subject key identifier: 4D:80:D0:F4:20:DB:B6:D9:54:51:B2:5D:D4:B0:F8:80:65:C0:EA:D7
Certificate issuer: /CN=5aedcb334d39e797817e2eb47703c018b4dc49d5
Certificate serial: 01856D93E0471BEE5368BCDD69743FA01EF3
Authority key identifier: 5A:ED:CB:33:4D:39:E7:97:81:7E:2E:B4:77:03:C0:18:B4:DC:49:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wu3LM00555eBfi60dwPAGLTcSdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/TYDQ9CDbttlUUbJd1LD4gGXA6tc.roa
Signing time: Sun 01 Jan 2023 13:44:45 +0000
ROA not before: Sun 01 Jan 2023 13:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60079
IP address blocks: 78.158.87.0/24 maxlen: 24
2a05:e201::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:93:e0:47:1b:ee:53:68:bc:dd:69:74:3f:a0:1e:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5aedcb334d39e797817e2eb47703c018b4dc49d5
Validity
Not Before: Jan 1 13:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d80d0f420dbb6d95451b25dd4b0f88065c0ead7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:8b:88:85:d6:a6:f0:24:26:a4:f5:e1:46:7b:
d5:03:92:f8:ad:17:f7:24:7d:8a:b2:7e:48:e3:8c:
82:68:96:92:19:63:f2:ee:ef:a8:68:8c:73:c1:42:
61:d0:96:27:ca:55:a4:66:fd:4b:38:bc:a6:ca:ff:
2c:13:7a:09:5c:84:c7:a9:8e:25:69:d9:4a:46:75:
6e:6e:eb:24:9e:26:71:99:40:2f:85:f9:f8:dd:34:
4a:18:e4:7a:1b:2b:3a:4b:b3:1a:b5:e3:ed:68:5d:
75:e6:fd:d4:f4:84:d8:18:6e:bc:b3:96:7a:53:ed:
8f:b5:3d:14:be:46:11:3f:06:31:4b:90:31:31:00:
eb:b8:49:f6:5a:2a:04:14:36:20:fe:95:a1:90:59:
04:a1:17:e0:cb:08:c0:68:55:a5:96:5a:1f:fe:e5:
3c:6e:d8:d2:b5:b4:c8:dd:17:8a:a0:98:53:19:cf:
e1:3f:8f:9e:b0:2d:b8:ac:4c:d0:38:20:c8:40:12:
e8:1f:2a:8d:bf:08:95:0e:5d:7c:f8:e4:4a:1e:30:
b8:e1:05:6e:a0:1a:6a:18:5f:fd:3c:57:3d:c2:73:
68:44:81:e3:d8:54:27:ad:7b:be:d0:92:df:e9:ba:
3f:46:23:d1:f7:2c:77:0f:0c:dd:8c:0a:27:d4:2d:
75:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:80:D0:F4:20:DB:B6:D9:54:51:B2:5D:D4:B0:F8:80:65:C0:EA:D7
X509v3 Authority Key Identifier:
keyid:5A:ED:CB:33:4D:39:E7:97:81:7E:2E:B4:77:03:C0:18:B4:DC:49:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wu3LM00555eBfi60dwPAGLTcSdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/TYDQ9CDbttlUUbJd1LD4gGXA6tc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/b95ca0-853f-48ab-9b41-e0aee1bbf9e3/1/Wu3LM00555eBfi60dwPAGLTcSdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.158.87.0/24
IPv6:
2a05:e201::/32
Signature Algorithm: sha256WithRSAEncryption
70:1d:c9:2a:12:38:30:3e:26:f9:3f:92:55:97:c2:16:16:8c:
c6:8b:b4:0c:30:94:95:12:ad:91:8f:e1:27:48:3d:d5:bc:8f:
73:b1:ba:eb:a8:c0:49:b1:d6:fa:22:2d:78:82:c5:b1:2a:04:
94:de:dd:be:2d:78:9c:6a:7a:44:d4:1d:f0:2b:26:c1:ae:e9:
bb:37:b5:19:da:be:9c:ab:08:a1:e4:4f:36:12:d6:59:61:9b:
25:47:d1:44:7c:f3:b7:e6:fc:b4:3e:92:bf:5b:59:b4:f6:e6:
d9:bf:27:f4:dc:4e:93:20:c4:6e:60:a0:e5:92:4e:65:82:b1:
ef:71:36:9e:1e:3e:6c:4d:b3:fa:49:ad:be:1d:07:5d:ef:e5:
0e:42:88:3f:cb:2e:94:08:d3:4e:a4:91:a2:c4:ab:e7:a7:fd:
dc:78:f2:f3:66:fe:27:bc:00:c1:ed:a5:c4:70:c2:82:aa:cc:
a6:04:74:fb:4c:0b:17:0b:e5:d2:25:dd:91:1b:69:3f:7a:5e:
90:b8:bc:f2:40:63:4d:d3:66:98:a9:a1:8d:3b:a0:32:4a:6d:
dd:b6:e7:60:39:0b:e3:24:89:99:f2:fa:f6:ea:c6:c4:fa:54:
f2:75:77:06:8b:de:ff:8f:77:e9:5c:34:61:5f:6b:ec:ae:3d:
b7:c2:76:3d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtk+BHG+5TaLzdaXQ/oB7zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhZWRjYjMzNGQzOWU3OTc4MTdlMmViNDc3MDNjMDE4YjRk
YzQ5ZDUwHhcNMjMwMTAxMTM0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDgwZDBmNDIwZGJiNmQ5NTQ1MWIyNWRkNGIwZjg4MDY1YzBlYWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYuIhdam8CQmpPXhRnvVA5L4rRf3
JH2Ksn5I44yCaJaSGWPy7u+oaIxzwUJh0JYnylWkZv1LOLymyv8sE3oJXITHqY4l
adlKRnVubuskniZxmUAvhfn43TRKGOR6Gys6S7MatePtaF115v3U9ITYGG68s5Z6
U+2PtT0UvkYRPwYxS5AxMQDruEn2WioEFDYg/pWhkFkEoRfgywjAaFWlllof/uU8
btjStbTI3ReKoJhTGc/hP4+esC24rEzQOCDIQBLoHyqNvwiVDl18+ORKHjC44QVu
oBpqGF/9PFc9wnNoRIHj2FQnrXu+0JLf6bo/RiPR9yx3DwzdjAon1C11twIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE2A0PQg27bZVFGyXdSw+IBlwOrXMB8GA1UdIwQY
MBaAFFrtyzNNOeeXgX4utHcDwBi03EnVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3UzTE0wMDU1NWVCZmk2MGR3UEFHTFRjU2RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9iOTVjYTAtODUzZi00OGFiLTliNDEt
ZTBhZWUxYmJmOWUzLzEvVFlEUTlDRGJ0dGxVVWJKZDFMRDRnR1hBNnRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9iOTVjYTAtODUzZi00OGFiLTliNDEtZTBhZWUxYmJmOWUz
LzEvV3UzTE0wMDU1NWVCZmk2MGR3UEFHTFRjU2RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQATp5XMA0E
AgACMAcDBQAqBeIBMA0GCSqGSIb3DQEBCwUAA4IBAQBwHckqEjgwPib5P5JVl8IW
FozGi7QMMJSVEq2Rj+EnSD3VvI9zsbrrqMBJsdb6Ii14gsWxKgSU3t2+LXicanpE
1B3wKybBrum7N7UZ2r6cqwih5E82EtZZYZslR9FEfPO35vy0PpK/W1m09ubZvyf0
3E6TIMRuYKDlkk5lgrHvcTaeHj5sTbP6Sa2+HQdd7+UOQog/yy6UCNNOpJGixKvn
p/3cePLzZv4nvADB7aXEcMKCqsymBHT7TAsXC+XSJd2RG2k/el6QuLzyQGNN02aY
qaGNO6AySm3dtudgOQvjJImZ8vr26sbE+lTydXcGi97/j3fpXDRhX2vsrj23wnY9
-----END CERTIFICATE-----
Generated at Fri Oct 13 10:16:55 2023 by rpki-client on console-fra.rpki-client.org