Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/ttTN-x26yX2OX8lKRaLMo2e5wIY.roa
File: ttTN-x26yX2OX8lKRaLMo2e5wIY.roa (raw, json)
Hash identifier: OYnDNklb+pODlgIorYqmpebdK3lfOiLWIbqMcIPo4EI=
Subject key identifier: B6:D4:CD:FB:1D:BA:C9:7D:8E:5F:C9:4A:45:A2:CC:A3:67:B9:C0:86
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0187A40BAEB5EC3541600421B12EF1D9DC7A
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/ttTN-x26yX2OX8lKRaLMo2e5wIY.roa
Signing time: Fri 21 Apr 2023 13:40:41 +0000
ROA not before: Fri 21 Apr 2023 13:40:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211409
IP address blocks: 94.142.138.0/24 maxlen: 24
185.106.93.0/24 maxlen: 24
91.103.252.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a4:0b:ae:b5:ec:35:41:60:04:21:b1:2e:f1:d9:dc:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Apr 21 13:40:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b6d4cdfb1dbac97d8e5fc94a45a2cca367b9c086
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:e5:28:b7:b0:bf:19:a6:db:b2:0f:cb:92:e2:
d9:57:63:80:d9:3a:6f:84:89:7a:28:b2:6b:81:ef:
86:f6:24:86:3b:ae:43:1e:2f:d9:d4:84:e3:ee:2c:
04:e4:66:c3:ab:03:c8:85:ca:d3:f3:6a:21:85:ef:
e7:c6:24:2a:58:ea:07:52:71:67:8e:40:2c:28:d2:
2a:38:c8:b4:3b:79:d3:41:14:c1:40:26:df:09:e8:
d0:2d:da:e1:09:07:80:cb:74:a0:16:c2:13:e2:cd:
6f:fe:ec:22:f2:a0:8e:80:41:8a:75:45:22:db:dc:
4c:1d:47:5b:95:77:39:23:35:60:37:dd:95:5c:3f:
07:a3:99:c1:a5:d8:0b:ac:25:0c:5c:4c:55:f9:a2:
e9:59:4e:a8:ca:54:7c:6a:f8:93:78:34:84:02:50:
33:cc:93:c2:35:d5:22:df:86:44:8c:6d:e2:4e:6b:
13:56:a9:b7:f7:e3:21:f3:7e:17:9f:f8:d3:92:bf:
8f:ab:4d:eb:0f:fe:30:06:11:f5:3a:a3:de:21:38:
73:a8:a1:7b:cb:7d:9a:87:d3:68:7f:e8:13:f8:72:
f4:cc:f9:31:3e:96:f7:cc:bf:79:03:2f:07:a4:20:
d6:38:f6:85:58:4b:27:9a:f2:96:14:d3:87:59:89:
36:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:D4:CD:FB:1D:BA:C9:7D:8E:5F:C9:4A:45:A2:CC:A3:67:B9:C0:86
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/ttTN-x26yX2OX8lKRaLMo2e5wIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.252.0/24
94.142.138.0/24
185.106.93.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:3c:d7:ea:73:fc:95:57:2e:51:f0:e5:e8:d9:0f:91:54:85:
7a:76:87:86:04:10:73:aa:9e:ab:35:4e:e9:de:48:1f:12:27:
c8:e9:d1:62:ae:be:e7:aa:fb:f9:0c:4d:55:73:64:aa:ef:c5:
d6:45:84:71:bd:ea:08:ee:ba:b9:a6:41:46:29:66:8c:28:7a:
12:bb:b0:39:5b:cc:ae:bd:a6:66:7e:80:2b:db:db:01:d6:8e:
6f:ae:b9:66:8b:60:c5:8c:2e:3e:18:ab:32:ed:e7:e8:3a:e5:
63:a7:c1:eb:f5:60:23:79:06:0d:3b:8a:0e:8c:7a:4f:c4:89:
6b:24:bb:eb:bb:cf:3e:16:8f:45:48:7f:cd:16:99:55:55:10:
0c:4b:99:ac:73:14:e5:ec:f6:f8:bd:e3:26:3c:d7:eb:f7:60:
ca:fa:df:43:e1:45:1e:4d:a2:61:a2:83:8a:94:a6:28:c3:84:
c3:cb:39:fc:a4:5b:5b:33:6f:1c:03:7d:81:66:df:e6:69:f3:
d6:06:25:06:90:9e:ed:f7:18:9f:76:76:1e:6e:0d:f3:b9:5a:
df:1e:65:83:a3:bb:01:37:3c:ac:5c:26:fb:5e:71:85:1d:dc:
79:e3:46:cf:e8:d5:ee:ae:81:f7:67:f9:99:f1:5c:44:e8:a2:
46:0c:18:21
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYekC6617DVBYAQhsS7x2dx6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwNDIxMTM0MDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmQ0Y2RmYjFkYmFjOTdkOGU1ZmM5NGE0NWEyY2NhMzY3YjljMDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyOUot7C/Gabbsg/LkuLZV2OA2Tpv
hIl6KLJrge+G9iSGO65DHi/Z1ITj7iwE5GbDqwPIhcrT82ohhe/nxiQqWOoHUnFn
jkAsKNIqOMi0O3nTQRTBQCbfCejQLdrhCQeAy3SgFsIT4s1v/uwi8qCOgEGKdUUi
29xMHUdblXc5IzVgN92VXD8Ho5nBpdgLrCUMXExV+aLpWU6oylR8aviTeDSEAlAz
zJPCNdUi34ZEjG3iTmsTVqm39+Mh834Xn/jTkr+Pq03rD/4wBhH1OqPeIThzqKF7
y32ah9Nof+gT+HL0zPkxPpb3zL95Ay8HpCDWOPaFWEsnmvKWFNOHWYk2fQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLbUzfsdusl9jl/JSkWizKNnucCGMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvdHRUTi14MjZ5WDJPWDhsS1JhTE1vMmU1d0lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW2f8AwQA
Xo6KAwQAuWpdMA0GCSqGSIb3DQEBCwUAA4IBAQC9PNfqc/yVVy5R8OXo2Q+RVIV6
doeGBBBzqp6rNU7p3kgfEifI6dFirr7nqvv5DE1Vc2Sq78XWRYRxveoI7rq5pkFG
KWaMKHoSu7A5W8yuvaZmfoAr29sB1o5vrrlmi2DFjC4+GKsy7efoOuVjp8Hr9WAj
eQYNO4oOjHpPxIlrJLvru88+Fo9FSH/NFplVVRAMS5mscxTl7Pb4veMmPNfr92DK
+t9D4UUeTaJhooOKlKYow4TDyzn8pFtbM28cA32BZt/mafPWBiUGkJ7t9xifdnYe
bg3zuVrfHmWDo7sBNzysXCb7XnGFHdx540bP6NXuroH3Z/mZ8VxE6KJGDBgh
-----END CERTIFICATE-----
Generated at Thu Nov 9 19:46:37 2023 by rpki-client on console-ams.rpki-client.org