Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/f8ab48-05d0-4f9c-8b0f-98c875ae35c9/1/tnnML4rmsBT7nHxwxr79TOFl3QI.roa
File: tnnML4rmsBT7nHxwxr79TOFl3QI.roa (raw, json)
Hash identifier: x23GxN3Uvdc8mmkN3YuH7fbWxoYvAhboSFw9j8hGHHM=
Subject key identifier: B6:79:CC:2F:8A:E6:B0:14:FB:9C:7C:70:C6:BE:FD:4C:E1:65:DD:02
Certificate issuer: /CN=22423839f210721627641ae6b6cceacee8d9067b
Certificate serial: 0186B66D95C3168C61323753AF6C04E6DDDF
Authority key identifier: 22:42:38:39:F2:10:72:16:27:64:1A:E6:B6:CC:EA:CE:E8:D9:06:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IkI4OfIQchYnZBrmtszqzujZBns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/f8ab48-05d0-4f9c-8b0f-98c875ae35c9/1/tnnML4rmsBT7nHxwxr79TOFl3QI.roa
Signing time: Mon 06 Mar 2023 10:18:00 +0000
ROA not before: Mon 06 Mar 2023 10:18:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202179
IP address blocks: 185.50.180.0/22 maxlen: 24
2a01:a960::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b6:6d:95:c3:16:8c:61:32:37:53:af:6c:04:e6:dd:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22423839f210721627641ae6b6cceacee8d9067b
Validity
Not Before: Mar 6 10:18:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b679cc2f8ae6b014fb9c7c70c6befd4ce165dd02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e8:5b:88:0a:c2:16:e4:61:02:a9:e6:67:7e:
52:5c:58:fb:2e:54:cf:02:05:d0:3c:91:56:16:cc:
de:ef:fd:d6:6b:fb:e7:41:05:2c:53:c2:31:28:2e:
ea:8a:83:a9:3a:85:e7:95:5e:fb:b7:56:33:63:c0:
48:74:8f:f5:3e:b8:7a:12:fa:a2:5c:53:b8:df:c2:
77:00:4e:1d:f5:6b:ad:d5:d7:8d:01:f9:1c:1d:e7:
5f:ad:2a:ef:21:45:25:bf:02:a5:3b:6e:ad:0c:23:
f3:60:ed:9c:8d:31:4d:b0:9f:6a:f9:9f:dc:c2:b0:
06:0c:8b:be:a2:3d:9a:16:70:ea:0d:e4:eb:24:40:
1c:6f:b4:78:41:67:85:c4:0d:5b:57:ae:0d:5c:81:
84:b3:5e:67:10:73:64:f5:b2:08:ee:6b:29:a2:7e:
37:df:6d:21:1f:7f:1f:7d:0c:3a:3f:37:a6:35:c5:
cb:5c:07:52:0e:19:43:e3:bb:87:4f:a5:fe:3c:90:
3a:d0:00:1b:3f:53:04:17:0b:f2:b2:cf:0d:d7:cc:
6a:1b:d8:b7:a0:77:74:8d:99:e8:5a:83:7b:fb:d7:
27:f5:f6:b8:fd:85:25:d8:fd:94:ee:11:20:52:29:
99:4e:0e:3a:90:a4:c9:e9:88:9c:ef:ea:0f:0a:b8:
e7:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:79:CC:2F:8A:E6:B0:14:FB:9C:7C:70:C6:BE:FD:4C:E1:65:DD:02
X509v3 Authority Key Identifier:
keyid:22:42:38:39:F2:10:72:16:27:64:1A:E6:B6:CC:EA:CE:E8:D9:06:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IkI4OfIQchYnZBrmtszqzujZBns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/f8ab48-05d0-4f9c-8b0f-98c875ae35c9/1/tnnML4rmsBT7nHxwxr79TOFl3QI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/f8ab48-05d0-4f9c-8b0f-98c875ae35c9/1/IkI4OfIQchYnZBrmtszqzujZBns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.50.180.0/22
IPv6:
2a01:a960::/32
Signature Algorithm: sha256WithRSAEncryption
2c:ed:30:be:1b:25:1c:5e:f3:04:1c:bf:f4:c3:32:f3:6a:48:
60:04:75:3c:b8:5c:b8:76:bc:11:50:b9:e5:57:51:62:5b:cf:
12:35:f9:41:5b:2c:04:19:0f:da:0e:18:2e:4f:cc:40:82:fe:
52:f5:40:57:b5:56:1b:71:d5:31:b1:11:6e:b9:5a:2a:17:ce:
cc:fc:56:97:75:90:9a:30:2c:3d:8b:d5:e3:83:32:39:4f:91:
73:83:bb:0a:5c:bb:8f:a3:ba:f8:40:9b:44:d8:fe:67:75:fb:
50:42:78:66:72:1d:19:6a:05:85:6a:29:88:62:c5:8f:1e:99:
d0:59:62:62:f8:3d:26:ad:04:00:c7:5b:4a:68:e5:a0:e9:b6:
40:0c:76:b8:41:2c:44:72:dd:e1:44:a4:7c:89:1d:fe:e9:14:
b2:7f:4c:dc:b4:a2:1a:08:18:8a:0d:46:cd:0a:9f:50:6f:b1:
c7:16:fa:6f:9d:e2:4b:ce:b7:16:bf:ef:6a:85:10:fb:4c:1d:
a4:d7:22:33:2f:b1:21:63:25:4a:b8:9d:6b:46:34:bb:ef:39:
30:da:21:d3:33:f8:45:19:ee:e6:1f:6f:8b:79:22:45:52:34:
c2:51:b8:93:0a:c8:48:67:52:ef:89:76:82:c3:35:12:3e:98:
5e:58:d2:37
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYa2bZXDFoxhMjdTr2wE5t3fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyNDIzODM5ZjIxMDcyMTYyNzY0MWFlNmI2Y2NlYWNlZThk
OTA2N2IwHhcNMjMwMzA2MTAxODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjc5Y2MyZjhhZTZiMDE0ZmI5YzdjNzBjNmJlZmQ0Y2UxNjVkZDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+hbiArCFuRhAqnmZ35SXFj7LlTP
AgXQPJFWFsze7/3Wa/vnQQUsU8IxKC7qioOpOoXnlV77t1YzY8BIdI/1Prh6Evqi
XFO438J3AE4d9Wut1deNAfkcHedfrSrvIUUlvwKlO26tDCPzYO2cjTFNsJ9q+Z/c
wrAGDIu+oj2aFnDqDeTrJEAcb7R4QWeFxA1bV64NXIGEs15nEHNk9bII7mspon43
320hH38ffQw6PzemNcXLXAdSDhlD47uHT6X+PJA60AAbP1MEFwvyss8N18xqG9i3
oHd0jZnoWoN7+9cn9fa4/YUl2P2U7hEgUimZTg46kKTJ6Yic7+oPCrjnvwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLZ5zC+K5rAU+5x8cMa+/UzhZd0CMB8GA1UdIwQY
MBaAFCJCODnyEHIWJ2Qa5rbM6s7o2QZ7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWtJNE9mSVFjaFluWkJybXRzenF6dWpaQm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9mOGFiNDgtMDVkMC00ZjljLThiMGYt
OThjODc1YWUzNWM5LzEvdG5uTUw0cm1zQlQ3bkh4d3hyNzlUT0ZsM1FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9mOGFiNDgtMDVkMC00ZjljLThiMGYtOThjODc1YWUzNWM5
LzEvSWtJNE9mSVFjaFluWkJybXRzenF6dWpaQm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTK0MA0E
AgACMAcDBQAqAalgMA0GCSqGSIb3DQEBCwUAA4IBAQAs7TC+GyUcXvMEHL/0wzLz
akhgBHU8uFy4drwRULnlV1FiW88SNflBWywEGQ/aDhguT8xAgv5S9UBXtVYbcdUx
sRFuuVoqF87M/FaXdZCaMCw9i9XjgzI5T5Fzg7sKXLuPo7r4QJtE2P5ndftQQnhm
ch0ZagWFaimIYsWPHpnQWWJi+D0mrQQAx1tKaOWg6bZADHa4QSxEct3hRKR8iR3+
6RSyf0zctKIaCBiKDUbNCp9Qb7HHFvpvneJLzrcWv+9qhRD7TB2k1yIzL7EhYyVK
uJ1rRjS77zkw2iHTM/hFGe7mH2+LeSJFUjTCUbiTCshIZ1LviXaCwzUSPpheWNI3
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:23:24 2024 by rpki-client on console-fra.rpki-client.org