Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/TcKt262W5z_shVVQEy-ugaa32T0.roa
File: TcKt262W5z_shVVQEy-ugaa32T0.roa (raw, json)
Hash identifier: ooD9BZnHo7oreXsvLlOb+in8hyY3N4E6dEf5nHl4JZA=
Subject key identifier: 4D:C2:AD:DB:AD:96:E7:3F:EC:85:55:50:13:2F:AE:81:A6:B7:D9:3D
Certificate issuer: /CN=d03046d16cfc391b028b88743773ce005cf97b1d
Certificate serial: 01856DB879536D2B52CBF60A007FEC25ED4E
Authority key identifier: D0:30:46:D1:6C:FC:39:1B:02:8B:88:74:37:73:CE:00:5C:F9:7B:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0DBG0Wz8ORsCi4h0N3POAFz5ex0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/TcKt262W5z_shVVQEy-ugaa32T0.roa
Signing time: Sun 01 Jan 2023 14:24:44 +0000
ROA not before: Sun 01 Jan 2023 14:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396982
IP address blocks: 185.168.204.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:b8:79:53:6d:2b:52:cb:f6:0a:00:7f:ec:25:ed:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d03046d16cfc391b028b88743773ce005cf97b1d
Validity
Not Before: Jan 1 14:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4dc2addbad96e73fec855550132fae81a6b7d93d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:7b:c2:18:19:70:50:d6:45:ef:8f:c5:96:5a:
85:60:cc:ab:97:f1:ac:ab:99:21:de:d2:44:93:65:
b7:53:e4:ce:fc:5f:9e:fd:b6:fe:02:90:b9:a3:44:
a3:b7:8c:49:bc:1b:62:ab:ae:d8:b3:9a:a3:15:33:
30:64:98:49:66:3a:6f:13:3b:b3:99:58:ee:ed:93:
c5:2d:95:fa:f7:e3:33:c9:62:01:02:e5:3a:fd:fe:
2b:ae:6c:9b:0a:f9:53:af:34:68:ea:4d:d9:9e:69:
36:90:ed:55:17:aa:81:1d:97:57:e4:b0:b1:0a:7c:
0e:85:34:d7:a0:df:ec:64:83:ab:17:d5:bd:7d:57:
32:52:95:d2:39:50:56:fb:61:5f:9d:6b:37:dc:71:
b0:88:c2:42:3d:05:a2:ae:9e:66:12:37:67:6d:f6:
bd:b4:bd:31:74:1f:10:e0:c7:1a:19:b4:b1:64:04:
f3:23:d5:2c:16:4c:31:e7:53:b0:03:2d:3f:4d:20:
86:27:a1:fb:6a:ee:85:4d:5a:99:26:5e:49:fb:33:
07:b9:18:72:3e:ec:a8:a8:22:41:18:be:39:61:f7:
d9:52:cd:3b:e3:fd:1e:80:b1:c1:f0:9a:6b:07:84:
de:3b:67:c1:bb:b2:25:31:1e:86:04:51:16:08:87:
6f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:C2:AD:DB:AD:96:E7:3F:EC:85:55:50:13:2F:AE:81:A6:B7:D9:3D
X509v3 Authority Key Identifier:
keyid:D0:30:46:D1:6C:FC:39:1B:02:8B:88:74:37:73:CE:00:5C:F9:7B:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0DBG0Wz8ORsCi4h0N3POAFz5ex0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/TcKt262W5z_shVVQEy-ugaa32T0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/0DBG0Wz8ORsCi4h0N3POAFz5ex0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.168.204.0/24
Signature Algorithm: sha256WithRSAEncryption
21:48:11:57:31:24:6d:9b:b0:d8:e9:d5:2f:14:4d:cf:ad:05:
93:6e:bf:f9:ff:b7:1b:a2:9e:db:35:de:11:0f:92:80:d2:08:
ac:6c:c2:d5:a0:91:a6:a8:33:12:56:4a:6d:ab:88:3a:16:db:
3a:fc:38:39:d7:04:44:b3:05:63:4e:d9:af:9a:2f:d2:38:da:
e9:e9:e0:d8:10:e1:d2:26:22:76:54:b0:a6:22:8f:ef:d3:31:
70:15:18:c1:68:57:a9:ee:e8:b9:89:fa:ad:3e:66:89:bf:18:
f9:dd:0f:c9:a7:7f:c0:44:3c:c4:c4:a3:7d:c8:67:c3:df:5d:
57:42:52:5c:db:15:8d:73:d8:0d:01:13:6c:70:9c:52:3d:9d:
56:a7:66:fb:bd:21:80:24:8f:57:a2:6d:42:a5:39:13:de:31:
72:f9:6a:30:1e:48:e0:71:16:3d:d5:d8:45:e9:f7:72:b5:98:
ee:27:8d:7d:81:f4:d5:db:18:86:c3:3d:ed:00:aa:f4:08:27:
fb:51:73:21:73:77:92:76:82:2c:21:54:ab:67:b9:b2:49:da:
f0:d6:09:52:be:2b:22:ee:f6:9e:e8:7e:05:91:4c:2c:72:21:
d8:68:78:ed:0a:64:4d:72:65:ad:e2:ac:12:fd:d8:c2:6a:02:
d2:d1:55:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtuHlTbStSy/YKAH/sJe1OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMzA0NmQxNmNmYzM5MWIwMjhiODg3NDM3NzNjZTAwNWNm
OTdiMWQwHhcNMjMwMTAxMTQyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGMyYWRkYmFkOTZlNzNmZWM4NTU1NTAxMzJmYWU4MWE2YjdkOTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHvCGBlwUNZF74/FllqFYMyrl/Gs
q5kh3tJEk2W3U+TO/F+e/bb+ApC5o0Sjt4xJvBtiq67Ys5qjFTMwZJhJZjpvEzuz
mVju7ZPFLZX69+MzyWIBAuU6/f4rrmybCvlTrzRo6k3Znmk2kO1VF6qBHZdX5LCx
CnwOhTTXoN/sZIOrF9W9fVcyUpXSOVBW+2FfnWs33HGwiMJCPQWirp5mEjdnbfa9
tL0xdB8Q4McaGbSxZATzI9UsFkwx51OwAy0/TSCGJ6H7au6FTVqZJl5J+zMHuRhy
PuyoqCJBGL45YffZUs074/0egLHB8JprB4TeO2fBu7IlMR6GBFEWCIdvYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE3Crdutluc/7IVVUBMvroGmt9k9MB8GA1UdIwQY
MBaAFNAwRtFs/DkbAouIdDdzzgBc+XsdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMERCRzBXejhPUnNDaTRoME4zUE9BRno1ZXgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8xOGQxMzItOTk1MS00MDU1LWI1YTYt
ZGMwZTFhNzI1MjIxLzEvVGNLdDI2Mlc1el9zaFZWUUV5LXVnYWEzMlQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8xOGQxMzItOTk1MS00MDU1LWI1YTYtZGMwZTFhNzI1MjIx
LzEvMERCRzBXejhPUnNDaTRoME4zUE9BRno1ZXgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuajMMA0G
CSqGSIb3DQEBCwUAA4IBAQAhSBFXMSRtm7DY6dUvFE3PrQWTbr/5/7cbop7bNd4R
D5KA0gisbMLVoJGmqDMSVkptq4g6Fts6/Dg51wREswVjTtmvmi/SONrp6eDYEOHS
JiJ2VLCmIo/v0zFwFRjBaFep7ui5ifqtPmaJvxj53Q/Jp3/ARDzExKN9yGfD311X
QlJc2xWNc9gNARNscJxSPZ1Wp2b7vSGAJI9Xom1CpTkT3jFy+WowHkjgcRY91dhF
6fdytZjuJ419gfTV2xiGwz3tAKr0CCf7UXMhc3eSdoIsIVSrZ7mySdrw1glSvisi
7vae6H4FkUwsciHYaHjtCmRNcmWt4qwS/djCagLS0VUh
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:19:49 2024 by rpki-client on console-ams.rpki-client.org