Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/f17a27-4599-45b5-a66e-70123f495110/1/TchkFRZ4GCH-Dmw2A1bkbFqFA0Y.roa
File: TchkFRZ4GCH-Dmw2A1bkbFqFA0Y.roa (raw, json)
Hash identifier: I9yOI3MyJceHNeY6GrHsNzGCPWDGYUhSRFa+CIYjSmw=
Subject key identifier: 4D:C8:64:15:16:78:18:21:FE:0E:6C:36:03:56:E4:6C:5A:85:03:46
Certificate issuer: /CN=759d27ce072ca336d3afaab8879f94ec63455669
Certificate serial: 018B42A031BE35C5496BB4D76049FFDAB015
Authority key identifier: 75:9D:27:CE:07:2C:A3:36:D3:AF:AA:B8:87:9F:94:EC:63:45:56:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dZ0nzgcsozbTr6q4h5-U7GNFVmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/f17a27-4599-45b5-a66e-70123f495110/1/TchkFRZ4GCH-Dmw2A1bkbFqFA0Y.roa
Signing time: Wed 18 Oct 2023 11:51:16 +0000
ROA not before: Wed 18 Oct 2023 11:51:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199342
IP address blocks: 185.11.152.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 20 Oct 2023 22:19:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:42:a0:31:be:35:c5:49:6b:b4:d7:60:49:ff:da:b0:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=759d27ce072ca336d3afaab8879f94ec63455669
Validity
Not Before: Oct 18 11:51:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4dc8641516781821fe0e6c360356e46c5a850346
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:4d:c2:8e:de:09:a4:4b:ad:65:8f:6e:9a:56:
5e:e6:ad:2f:54:d5:a0:fe:ae:88:14:f1:11:69:8b:
dd:af:9a:ea:04:1f:30:9f:80:27:f0:6a:cb:94:57:
68:86:24:35:fc:18:e0:18:56:0a:43:1c:74:72:e0:
9b:97:8a:55:fd:f9:a6:71:32:6f:6e:1f:33:11:0e:
de:14:dd:2d:87:6f:3c:21:bc:5d:93:ca:98:ed:d4:
25:f5:85:97:68:af:56:af:ec:e7:1e:99:4d:79:69:
b2:5a:b2:b3:99:fb:69:8c:1e:e7:6e:7e:9f:9a:d4:
87:b1:fc:c9:e6:ec:71:7b:0e:e9:4c:76:a5:85:9c:
ff:cd:21:a2:3d:6f:8f:d5:c6:0b:2f:a4:3a:98:ab:
43:c1:3e:94:4d:9a:65:1a:cc:a8:52:0d:a2:93:5a:
45:33:83:d6:a8:80:45:c1:e4:ab:9b:3f:63:e1:13:
1b:4b:c6:dc:8a:54:f1:bc:82:d6:a3:41:2f:3f:34:
b8:78:31:85:a0:5a:46:71:ec:97:4d:25:e0:d1:9a:
82:23:55:c1:7f:df:d6:d8:64:76:eb:06:87:f0:69:
1a:94:71:7e:4f:36:7d:70:0d:6a:4c:a3:66:6d:72:
cd:10:9d:c7:da:a2:81:4a:a8:b5:b1:b6:3f:ea:86:
d4:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:C8:64:15:16:78:18:21:FE:0E:6C:36:03:56:E4:6C:5A:85:03:46
X509v3 Authority Key Identifier:
keyid:75:9D:27:CE:07:2C:A3:36:D3:AF:AA:B8:87:9F:94:EC:63:45:56:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dZ0nzgcsozbTr6q4h5-U7GNFVmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/f17a27-4599-45b5-a66e-70123f495110/1/TchkFRZ4GCH-Dmw2A1bkbFqFA0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/f17a27-4599-45b5-a66e-70123f495110/1/dZ0nzgcsozbTr6q4h5-U7GNFVmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.152.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:aa:da:4f:bd:1f:73:9e:d8:6a:3b:b0:9b:a9:f3:de:2f:d4:
01:95:16:2b:83:93:a0:2d:68:76:8d:82:ab:13:ec:ea:7c:25:
53:a4:69:67:d8:42:25:37:23:49:46:1f:ee:2e:32:f4:08:fd:
5a:b6:41:25:d2:31:ea:fa:d4:51:c9:83:9b:de:d0:9e:ad:53:
9c:f7:30:6c:8b:01:25:2e:5f:3b:06:9d:cf:44:6a:5a:1b:a3:
f6:f0:98:f9:18:66:4b:47:78:58:ce:b0:46:40:7a:7b:9d:ec:
b9:7f:8d:bc:e4:24:21:2b:26:b6:79:76:91:e2:11:17:64:4e:
66:cc:6f:b9:56:ee:48:91:d0:ba:d4:a6:1c:26:5f:4b:b0:0c:
23:f6:74:19:78:0c:88:22:46:30:fe:34:e4:7b:a3:4e:ab:97:
a9:b7:fc:da:61:2f:20:f4:f9:ea:e8:7a:ec:27:64:8e:e0:72:
b3:1b:be:34:a5:30:5f:19:ff:d9:1d:3c:f5:52:bf:85:cc:0f:
e0:2c:61:33:a4:51:59:f6:6c:ed:19:95:f9:7d:0d:fb:11:f3:
be:59:fc:98:11:50:f8:ff:20:3e:e6:32:f6:2b:d3:8e:45:83:
8b:43:ae:73:16:de:8f:ed:d4:bf:fa:71:7b:d2:00:9d:b7:6f:
0d:83:5c:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtCoDG+NcVJa7TXYEn/2rAVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1OWQyN2NlMDcyY2EzMzZkM2FmYWFiODg3OWY5NGVjNjM0
NTU2NjkwHhcNMjMxMDE4MTE1MTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGM4NjQxNTE2NzgxODIxZmUwZTZjMzYwMzU2ZTQ2YzVhODUwMzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn03Cjt4JpEutZY9umlZe5q0vVNWg
/q6IFPERaYvdr5rqBB8wn4An8GrLlFdohiQ1/BjgGFYKQxx0cuCbl4pV/fmmcTJv
bh8zEQ7eFN0th288Ibxdk8qY7dQl9YWXaK9Wr+znHplNeWmyWrKzmftpjB7nbn6f
mtSHsfzJ5uxxew7pTHalhZz/zSGiPW+P1cYLL6Q6mKtDwT6UTZplGsyoUg2ik1pF
M4PWqIBFweSrmz9j4RMbS8bcilTxvILWo0EvPzS4eDGFoFpGceyXTSXg0ZqCI1XB
f9/W2GR26waH8GkalHF+TzZ9cA1qTKNmbXLNEJ3H2qKBSqi1sbY/6obU5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE3IZBUWeBgh/g5sNgNW5GxahQNGMB8GA1UdIwQY
MBaAFHWdJ84HLKM206+quIeflOxjRVZpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFowbnpnY3NvemJUcjZxNGg1LVU3R05GVm1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9mMTdhMjctNDU5OS00NWI1LWE2NmUt
NzAxMjNmNDk1MTEwLzEvVGNoa0ZSWjRHQ0gtRG13MkExYmtiRnFGQTBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9mMTdhMjctNDU5OS00NWI1LWE2NmUtNzAxMjNmNDk1MTEw
LzEvZFowbnpnY3NvemJUcjZxNGg1LVU3R05GVm1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQuYMA0G
CSqGSIb3DQEBCwUAA4IBAQCqqtpPvR9znthqO7CbqfPeL9QBlRYrg5OgLWh2jYKr
E+zqfCVTpGln2EIlNyNJRh/uLjL0CP1atkEl0jHq+tRRyYOb3tCerVOc9zBsiwEl
Ll87Bp3PRGpaG6P28Jj5GGZLR3hYzrBGQHp7ney5f4285CQhKya2eXaR4hEXZE5m
zG+5Vu5IkdC61KYcJl9LsAwj9nQZeAyIIkYw/jTke6NOq5ept/zaYS8g9Pnq6Hrs
J2SO4HKzG740pTBfGf/ZHTz1Ur+FzA/gLGEzpFFZ9mztGZX5fQ37EfO+WfyYEVD4
/yA+5jL2K9OORYOLQ65zFt6P7dS/+nF70gCdt28Ng1xt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:22 2024 by rpki-client on console-fra.rpki-client.org