Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/faa95f-3b32-41fe-abe3-c27c4a610bd3/1/takq3LHU72KtTqtndebjzrkaok4.roa
File: takq3LHU72KtTqtndebjzrkaok4.roa (raw, json)
Hash identifier: DDixIQZ2MeJ4fmn5aE1cNBrCjKhP/80GFCxobTzQT/4=
Subject key identifier: B5:A9:2A:DC:B1:D4:EF:62:AD:4E:AB:67:75:E6:E3:CE:B9:1A:A2:4E
Certificate issuer: /CN=f01c8997a354bc7d4e5a60a9f42438a182fa998a
Certificate serial: 01857139AF0C698EF6B8B8E38D35C3FDA61C
Authority key identifier: F0:1C:89:97:A3:54:BC:7D:4E:5A:60:A9:F4:24:38:A1:82:FA:99:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8ByJl6NUvH1OWmCp9CQ4oYL6mYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/faa95f-3b32-41fe-abe3-c27c4a610bd3/1/takq3LHU72KtTqtndebjzrkaok4.roa
Signing time: Mon 02 Jan 2023 06:44:43 +0000
ROA not before: Mon 02 Jan 2023 06:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43957
IP address blocks: 79.170.208.0/21 maxlen: 21
185.52.20.0/22 maxlen: 22
46.245.200.0/21 maxlen: 21
185.31.28.0/22 maxlen: 22
185.93.214.0/23 maxlen: 23
92.63.144.0/20 maxlen: 20
94.102.96.0/20 maxlen: 20
92.61.48.0/21 maxlen: 21
92.61.56.0/22 maxlen: 22
2a02:4140:4::/48 maxlen: 48
2a02:4140::/32 maxlen: 32
2a00:b220::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:af:0c:69:8e:f6:b8:b8:e3:8d:35:c3:fd:a6:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f01c8997a354bc7d4e5a60a9f42438a182fa998a
Validity
Not Before: Jan 2 06:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5a92adcb1d4ef62ad4eab6775e6e3ceb91aa24e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0b:92:a4:08:01:84:11:d3:da:44:a9:03:67:
ad:d9:8a:ed:6b:39:77:c4:60:fc:b7:bf:69:2b:65:
64:8c:77:8f:58:8b:ba:d2:ff:9f:78:0d:4c:87:14:
72:87:34:f1:30:56:f8:83:76:aa:87:8b:8c:d9:7e:
29:d0:73:5d:7e:c8:e4:26:09:43:f8:d0:c5:d3:75:
7e:74:21:3f:71:96:fc:0a:41:a6:cc:1f:e1:3e:e2:
18:54:e4:ea:ef:29:60:2e:60:f7:9e:cc:63:e9:e1:
82:01:82:00:63:04:4a:16:5b:aa:a5:cd:c1:7c:05:
9d:79:53:aa:e7:85:3e:48:d8:f6:d2:a3:42:ce:74:
c6:46:1e:1d:c0:37:36:9c:fc:bf:38:52:5d:e5:43:
1b:21:81:3f:b9:b0:52:bd:7f:81:0f:27:86:07:3e:
8e:3d:3a:63:b3:4d:e5:2e:11:f1:c2:6d:2a:81:f9:
a8:8b:52:98:c5:f3:75:34:3b:b4:f7:cc:a4:ae:53:
e9:e3:a7:d9:88:ff:f9:ff:6a:71:7a:39:f3:a3:42:
ad:4c:6d:57:87:7b:41:bb:b4:f5:fd:39:27:ac:03:
2b:55:d4:f6:9b:aa:26:62:3e:4f:84:37:79:05:6d:
0f:08:71:57:6b:11:2d:ad:32:35:b4:43:17:23:ac:
0a:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:A9:2A:DC:B1:D4:EF:62:AD:4E:AB:67:75:E6:E3:CE:B9:1A:A2:4E
X509v3 Authority Key Identifier:
keyid:F0:1C:89:97:A3:54:BC:7D:4E:5A:60:A9:F4:24:38:A1:82:FA:99:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8ByJl6NUvH1OWmCp9CQ4oYL6mYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/faa95f-3b32-41fe-abe3-c27c4a610bd3/1/takq3LHU72KtTqtndebjzrkaok4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/faa95f-3b32-41fe-abe3-c27c4a610bd3/1/8ByJl6NUvH1OWmCp9CQ4oYL6mYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.245.200.0/21
79.170.208.0/21
92.61.48.0-92.61.59.255
92.63.144.0/20
94.102.96.0/20
185.31.28.0/22
185.52.20.0/22
185.93.214.0/23
IPv6:
2a00:b220::/32
2a02:4140::/32
Signature Algorithm: sha256WithRSAEncryption
1e:76:51:20:2b:cc:cb:11:2e:d8:c3:c3:2c:08:a4:f6:4f:1b:
46:45:6e:85:eb:be:60:a5:5d:80:97:7c:59:dc:46:e2:20:2c:
11:52:bc:b8:20:3f:b2:17:e1:d6:9b:b2:29:2c:6a:2f:31:ec:
cb:6d:c2:1c:78:be:e0:a3:46:5d:a6:d1:06:d0:2e:84:2f:d9:
ae:9d:ac:2b:20:a8:a2:ee:3e:3d:2b:2f:bd:d8:45:8f:42:1f:
7a:65:2b:ff:6c:3b:38:75:c0:3e:4a:78:32:d8:9c:8b:05:1d:
77:d1:55:a5:7c:d3:5d:6a:a4:a2:77:bc:8f:60:5f:fa:bd:a1:
12:4c:ac:e6:8e:8d:ce:fa:89:6b:ec:84:48:fa:cf:59:32:83:
f8:57:04:e3:fc:40:37:ee:31:4c:ee:a8:fe:76:c6:59:8d:ea:
e9:b5:aa:2a:d6:e7:34:9e:8b:52:a9:b7:ee:b6:b5:b6:5a:eb:
a1:95:75:b9:ac:e2:99:35:d1:59:ae:31:37:d0:9d:82:c3:65:
74:0e:9c:a5:e5:b2:9b:97:a5:e3:1f:cf:5b:5b:1b:db:10:ab:
75:28:41:c7:b6:3e:83:f6:78:5c:ba:74:a8:45:65:e9:b2:1f:
c6:a7:c1:fa:21:57:ee:36:8e:b8:61:5a:6d:a4:8f:f5:67:37:
fa:21:fa:8c
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYVxOa8MaY72uLjjjTXD/aYcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMWM4OTk3YTM1NGJjN2Q0ZTVhNjBhOWY0MjQzOGExODJm
YTk5OGEwHhcNMjMwMTAyMDY0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWE5MmFkY2IxZDRlZjYyYWQ0ZWFiNjc3NWU2ZTNjZWI5MWFhMjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAuSpAgBhBHT2kSpA2et2Yrtazl3
xGD8t79pK2VkjHePWIu60v+feA1MhxRyhzTxMFb4g3aqh4uM2X4p0HNdfsjkJglD
+NDF03V+dCE/cZb8CkGmzB/hPuIYVOTq7ylgLmD3nsxj6eGCAYIAYwRKFluqpc3B
fAWdeVOq54U+SNj20qNCznTGRh4dwDc2nPy/OFJd5UMbIYE/ubBSvX+BDyeGBz6O
PTpjs03lLhHxwm0qgfmoi1KYxfN1NDu098ykrlPp46fZiP/5/2pxejnzo0KtTG1X
h3tBu7T1/TknrAMrVdT2m6omYj5PhDd5BW0PCHFXaxEtrTI1tEMXI6wKkwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFLWpKtyx1O9irU6rZ3Xm4865GqJOMB8GA1UdIwQY
MBaAFPAciZejVLx9TlpgqfQkOKGC+pmKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEJ5Smw2TlV2SDFPV21DcDlDUTRvWUw2bVlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9mYWE5NWYtM2IzMi00MWZlLWFiZTMt
YzI3YzRhNjEwYmQzLzEvdGFrcTNMSFU3Mkt0VHF0bmRlYmp6cmthb2s0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9mYWE5NWYtM2IzMi00MWZlLWFiZTMtYzI3YzRhNjEwYmQz
LzEvOEJ5Smw2TlV2SDFPV21DcDlDUTRvWUw2bVlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjA+BAIAATA4AwQDLvXIAwQD
T6rQMAwDBARcPTADBAJcPTgDBARcP5ADBAReZmADBAK5HxwDBAK5NBQDBAG5XdYw
FAQCAAIwDgMFACoAsiADBQAqAkFAMA0GCSqGSIb3DQEBCwUAA4IBAQAedlEgK8zL
ES7Yw8MsCKT2TxtGRW6F675gpV2Al3xZ3EbiICwRUry4ID+yF+HWm7IpLGovMezL
bcIceL7go0ZdptEG0C6EL9munawrIKii7j49Ky+92EWPQh96ZSv/bDs4dcA+Sngy
2JyLBR130VWlfNNdaqSid7yPYF/6vaESTKzmjo3O+olr7IRI+s9ZMoP4VwTj/EA3
7jFM7qj+dsZZjerptaoq1uc0notSqbfutrW2WuuhlXW5rOKZNdFZrjE30J2Cw2V0
Dpyl5bKbl6XjH89bWxvbEKt1KEHHtj6D9nhcunSoRWXpsh/Gp8H6IVfuNo64YVpt
pI/1Zzf6IfqM
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:28:22 2024 by rpki-client on console-fra.rpki-client.org