Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/1fadce-7fa7-4c4c-bded-e4b702f16116/1/tz5xyOHTASChpGGxfcUwqLxPyAQ.roa
File: tz5xyOHTASChpGGxfcUwqLxPyAQ.roa (raw, json)
Hash identifier: XY6tMDySG34Iqu9yx+ZPiZnOH40T6m4dNs54RS4ztNw=
Subject key identifier: B7:3E:71:C8:E1:D3:01:20:A1:A4:61:B1:7D:C5:30:A8:BC:4F:C8:04
Certificate issuer: /CN=23120c6a6c8cf1726e7d48e314a16ccd05ef8607
Certificate serial: 01856F8B7FE23895671DED120F3B96725E38
Authority key identifier: 23:12:0C:6A:6C:8C:F1:72:6E:7D:48:E3:14:A1:6C:CD:05:EF:86:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IxIMamyM8XJufUjjFKFszQXvhgc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/1fadce-7fa7-4c4c-bded-e4b702f16116/1/tz5xyOHTASChpGGxfcUwqLxPyAQ.roa
Signing time: Sun 01 Jan 2023 22:54:51 +0000
ROA not before: Sun 01 Jan 2023 22:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197874
IP address blocks: 194.246.159.0/24 maxlen: 24
194.246.156.0/24 maxlen: 24
2001:67c:22ec::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:7f:e2:38:95:67:1d:ed:12:0f:3b:96:72:5e:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23120c6a6c8cf1726e7d48e314a16ccd05ef8607
Validity
Not Before: Jan 1 22:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b73e71c8e1d30120a1a461b17dc530a8bc4fc804
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:3c:ba:b4:ef:01:b5:87:e3:4b:5a:6c:e9:4b:
6f:2b:b9:c4:f8:7c:59:d8:78:13:ff:b3:10:c1:f9:
e1:53:c1:18:40:f4:b3:8f:07:dc:cd:32:fa:3d:3d:
80:cb:12:9f:1b:33:d0:9b:20:21:ab:af:64:93:c0:
fb:7b:7b:3f:00:ef:af:0e:a6:d0:73:46:d2:42:0a:
12:07:7e:3d:00:a5:d6:8f:05:4d:6d:9e:2b:7f:00:
c3:8e:75:f8:b9:85:b2:12:cc:66:66:dd:a1:b7:e4:
98:89:bf:30:fe:97:42:0d:e8:f5:bf:87:0b:82:49:
9d:d1:eb:bd:0a:56:df:48:6c:32:fb:5e:b5:03:d2:
ea:38:e8:8d:64:fa:15:b4:d4:1b:f5:7c:57:2e:e0:
ec:16:4c:d7:a2:63:ba:79:54:0b:cb:24:b7:35:f7:
61:c3:da:34:b5:42:ae:1f:98:bb:da:a6:45:ad:94:
10:0b:28:c3:a7:47:2c:23:cb:5b:6c:47:0a:b8:b6:
8f:7a:c6:4e:28:9b:7c:8e:fc:cd:40:12:af:30:bc:
70:34:13:dd:96:c2:fb:d8:4b:21:45:47:b5:d9:55:
2d:75:0d:13:24:88:32:a0:30:43:af:8e:9d:c8:d0:
36:2d:1e:92:54:50:bb:07:90:d9:1f:4f:8b:dd:68:
46:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:3E:71:C8:E1:D3:01:20:A1:A4:61:B1:7D:C5:30:A8:BC:4F:C8:04
X509v3 Authority Key Identifier:
keyid:23:12:0C:6A:6C:8C:F1:72:6E:7D:48:E3:14:A1:6C:CD:05:EF:86:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IxIMamyM8XJufUjjFKFszQXvhgc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/1fadce-7fa7-4c4c-bded-e4b702f16116/1/tz5xyOHTASChpGGxfcUwqLxPyAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/1fadce-7fa7-4c4c-bded-e4b702f16116/1/IxIMamyM8XJufUjjFKFszQXvhgc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.246.156.0/24
194.246.159.0/24
IPv6:
2001:67c:22ec::/48
Signature Algorithm: sha256WithRSAEncryption
a1:30:38:ed:da:da:cb:34:65:20:4c:25:70:86:2b:19:44:79:
59:a9:91:77:4f:93:73:39:c7:dd:31:cf:d4:05:f0:56:9d:d9:
c2:cc:93:ee:8d:d8:98:12:7c:53:49:0a:ec:28:44:48:31:48:
de:fd:3b:2b:1f:39:44:00:f7:f6:11:d0:1e:ff:18:8d:66:06:
76:25:6d:11:e0:03:a9:b1:8a:17:35:e8:f6:2b:2e:e9:da:0b:
34:31:3d:80:5f:09:a0:26:4f:a2:1a:74:1b:86:d1:b2:22:5d:
0a:8c:53:0b:45:ed:92:72:68:d1:8a:1f:04:05:95:18:ce:5c:
86:ad:5e:0c:16:34:fb:ff:3a:61:b2:58:8f:42:ae:b8:f2:eb:
4f:dd:c7:a4:db:cf:6a:6b:f6:db:95:ee:90:c4:db:4a:de:94:
33:92:cc:7b:d6:25:74:dc:a9:84:be:71:fd:dd:f8:68:9c:2b:
bf:80:73:cf:49:ca:e6:46:89:79:f3:77:ec:fd:13:26:01:ea:
a1:57:79:2d:df:93:50:ba:fd:f6:05:5a:31:94:49:dc:f9:c7:
e7:6b:23:c2:ad:06:be:69:63:f3:df:08:fd:2a:25:8a:28:d5:
9e:d8:c7:10:09:d6:fa:f2:8e:f9:15:b9:8e:02:4a:c4:05:7b:
19:4b:bd:5f
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVvi3/iOJVnHe0SDzuWcl44MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMTIwYzZhNmM4Y2YxNzI2ZTdkNDhlMzE0YTE2Y2NkMDVl
Zjg2MDcwHhcNMjMwMTAxMjI1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzNlNzFjOGUxZDMwMTIwYTFhNDYxYjE3ZGM1MzBhOGJjNGZjODA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDy6tO8BtYfjS1ps6UtvK7nE+HxZ
2HgT/7MQwfnhU8EYQPSzjwfczTL6PT2AyxKfGzPQmyAhq69kk8D7e3s/AO+vDqbQ
c0bSQgoSB349AKXWjwVNbZ4rfwDDjnX4uYWyEsxmZt2ht+SYib8w/pdCDej1v4cL
gkmd0eu9ClbfSGwy+161A9LqOOiNZPoVtNQb9XxXLuDsFkzXomO6eVQLyyS3Nfdh
w9o0tUKuH5i72qZFrZQQCyjDp0csI8tbbEcKuLaPesZOKJt8jvzNQBKvMLxwNBPd
lsL72EshRUe12VUtdQ0TJIgyoDBDr46dyNA2LR6SVFC7B5DZH0+L3WhGqwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFLc+ccjh0wEgoaRhsX3FMKi8T8gEMB8GA1UdIwQY
MBaAFCMSDGpsjPFybn1I4xShbM0F74YHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXhJTWFteU04WEp1ZlVqakZLRnN6UVh2aGdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8xZmFkY2UtN2ZhNy00YzRjLWJkZWQt
ZTRiNzAyZjE2MTE2LzEvdHo1eHlPSFRBU0NocEdHeGZjVXdxTHhQeUFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8xZmFkY2UtN2ZhNy00YzRjLWJkZWQtZTRiNzAyZjE2MTE2
LzEvSXhJTWFteU04WEp1ZlVqakZLRnN6UVh2aGdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwvacAwQA
wvafMA8EAgACMAkDBwAgAQZ8IuwwDQYJKoZIhvcNAQELBQADggEBAKEwOO3a2ss0
ZSBMJXCGKxlEeVmpkXdPk3M5x90xz9QF8Fad2cLMk+6N2JgSfFNJCuwoREgxSN79
OysfOUQA9/YR0B7/GI1mBnYlbRHgA6mxihc16PYrLunaCzQxPYBfCaAmT6IadBuG
0bIiXQqMUwtF7ZJyaNGKHwQFlRjOXIatXgwWNPv/OmGyWI9Crrjy60/dx6Tbz2pr
9tuV7pDE20relDOSzHvWJXTcqYS+cf3d+GicK7+Ac89JyuZGiXnzd+z9EyYB6qFX
eS3fk1C6/fYFWjGUSdz5x+drI8KtBr5pY/PfCP0qJYoo1Z7YxxAJ1vryjvkVuY4C
SsQFexlLvV8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:19 2024 by rpki-client on console-ams.rpki-client.org