Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/cd63ea-faa9-404e-9f57-0dae0d653e38/1/TY-qaQWZRXsDgUQ9CSUXgIEpMRk.roa
File: TY-qaQWZRXsDgUQ9CSUXgIEpMRk.roa (raw, json)
Hash identifier: KmSptAPJ7hK8Y00oLG6WfcYrFZywA/owrEZ4gxlBr/I=
Subject key identifier: 4D:8F:AA:69:05:99:45:7B:03:81:44:3D:09:25:17:80:81:29:31:19
Certificate issuer: /CN=07f5ccf6abd7582cc51940a76f99505633982bb4
Certificate serial: 0187BA0CEB50B300A73A629EE10FD7501EE4
Authority key identifier: 07:F5:CC:F6:AB:D7:58:2C:C5:19:40:A7:6F:99:50:56:33:98:2B:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B_XM9qvXWCzFGUCnb5lQVjOYK7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/cd63ea-faa9-404e-9f57-0dae0d653e38/1/TY-qaQWZRXsDgUQ9CSUXgIEpMRk.roa
Signing time: Tue 25 Apr 2023 20:13:41 +0000
ROA not before: Tue 25 Apr 2023 20:13:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3507
IP address blocks: 217.114.39.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ba:0c:eb:50:b3:00:a7:3a:62:9e:e1:0f:d7:50:1e:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07f5ccf6abd7582cc51940a76f99505633982bb4
Validity
Not Before: Apr 25 20:13:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d8faa690599457b0381443d0925178081293119
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:4f:2e:cf:4c:07:6b:a4:0f:1f:ee:2c:75:6f:
17:98:2a:60:82:26:cd:f4:36:10:da:eb:ab:0e:2c:
26:da:74:af:7f:7c:8f:40:8c:6b:7d:82:a6:e3:26:
71:16:c6:94:7c:d8:46:47:41:3c:32:4c:71:c8:61:
a7:ca:01:d9:a9:6e:51:02:d8:83:ec:5f:62:0f:ae:
c1:d0:8c:6d:42:b0:82:24:ad:3e:e8:50:9f:16:82:
ee:ea:a5:00:7e:10:67:83:12:d8:98:29:0e:ca:84:
f8:43:1d:a4:a9:14:42:12:46:9d:f7:d2:d2:e8:39:
0e:e3:75:62:1d:b8:63:b5:d2:92:3f:1b:b2:63:55:
ca:7e:c1:e6:56:6d:31:80:0f:23:fd:44:8e:ed:cb:
a6:30:4d:59:5f:24:23:18:df:1e:ca:13:9b:cd:3b:
a6:e5:55:c2:8c:6a:fa:43:dd:0c:c4:f3:5c:75:4b:
e4:ed:c5:d4:69:95:53:5e:69:2a:54:8a:de:dc:ee:
3d:4e:57:c2:96:48:bc:dc:fe:fb:ec:93:3c:e0:a0:
28:fb:47:4e:f3:58:b0:c9:eb:a3:8a:cb:1d:44:98:
10:cb:e3:e8:46:92:8d:fd:f4:57:1c:21:18:31:8a:
14:d2:ad:24:4d:f8:2a:8d:e3:6d:e8:12:ff:42:cf:
b1:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:8F:AA:69:05:99:45:7B:03:81:44:3D:09:25:17:80:81:29:31:19
X509v3 Authority Key Identifier:
keyid:07:F5:CC:F6:AB:D7:58:2C:C5:19:40:A7:6F:99:50:56:33:98:2B:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B_XM9qvXWCzFGUCnb5lQVjOYK7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/cd63ea-faa9-404e-9f57-0dae0d653e38/1/TY-qaQWZRXsDgUQ9CSUXgIEpMRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/cd63ea-faa9-404e-9f57-0dae0d653e38/1/B_XM9qvXWCzFGUCnb5lQVjOYK7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.114.39.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:60:4d:9e:53:02:0e:fb:1c:c6:d8:9c:b4:37:3f:fb:82:4f:
c2:d4:57:7c:c9:b5:16:33:44:63:c4:f7:9e:97:0b:c2:aa:68:
c0:13:9e:bc:5f:4b:1e:3b:27:f2:4b:40:02:5b:c9:08:b6:ea:
39:f7:a0:40:6f:15:5d:5f:91:54:86:82:7d:62:8d:86:2b:ad:
6b:a6:c0:d2:dd:82:5e:ed:37:fd:f5:c4:5d:cc:be:ca:23:43:
5b:84:f9:bc:69:33:c1:68:0b:4c:49:16:d3:e9:03:ba:76:47:
a4:7b:91:0a:0c:70:28:6b:44:05:0d:e8:0c:04:42:0b:e6:f8:
d0:17:14:3f:cb:8f:b3:5b:b3:ab:f9:eb:76:19:b9:25:f2:8d:
1b:70:47:b3:45:6f:2a:f7:ee:41:6a:cb:bf:00:22:af:28:6b:
e9:11:f4:25:c7:03:7d:38:47:b4:1c:19:25:3a:a8:69:a9:89:
e6:e4:a9:2f:51:94:64:96:b2:e5:2d:ed:8c:85:b6:a7:d9:8f:
64:1f:35:26:c4:c9:e6:f2:f0:35:e6:21:43:ec:2f:05:46:49:
ff:bf:bc:f3:02:26:9d:65:30:21:08:71:df:a9:bb:ac:2c:5e:
e1:1a:77:75:68:16:5b:63:ac:98:50:c1:5e:db:11:41:ce:c2:
b3:ed:d1:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYe6DOtQswCnOmKe4Q/XUB7kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZjVjY2Y2YWJkNzU4MmNjNTE5NDBhNzZmOTk1MDU2MzM5
ODJiYjQwHhcNMjMwNDI1MjAxMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDhmYWE2OTA1OTk0NTdiMDM4MTQ0M2QwOTI1MTc4MDgxMjkzMTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnU8uz0wHa6QPH+4sdW8XmCpggibN
9DYQ2uurDiwm2nSvf3yPQIxrfYKm4yZxFsaUfNhGR0E8MkxxyGGnygHZqW5RAtiD
7F9iD67B0IxtQrCCJK0+6FCfFoLu6qUAfhBngxLYmCkOyoT4Qx2kqRRCEkad99LS
6DkO43ViHbhjtdKSPxuyY1XKfsHmVm0xgA8j/USO7cumME1ZXyQjGN8eyhObzTum
5VXCjGr6Q90MxPNcdUvk7cXUaZVTXmkqVIre3O49TlfClki83P777JM84KAo+0dO
81iwyeujissdRJgQy+PoRpKN/fRXHCEYMYoU0q0kTfgqjeNt6BL/Qs+xEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE2PqmkFmUV7A4FEPQklF4CBKTEZMB8GA1UdIwQY
MBaAFAf1zPar11gsxRlAp2+ZUFYzmCu0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQl9YTTlxdlhXQ3pGR1VDbmI1bFFWak9ZSzdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9jZDYzZWEtZmFhOS00MDRlLTlmNTct
MGRhZTBkNjUzZTM4LzEvVFktcWFRV1pSWHNEZ1VROUNTVVhnSUVwTVJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9jZDYzZWEtZmFhOS00MDRlLTlmNTctMGRhZTBkNjUzZTM4
LzEvQl9YTTlxdlhXQ3pGR1VDbmI1bFFWak9ZSzdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2XInMA0G
CSqGSIb3DQEBCwUAA4IBAQAaYE2eUwIO+xzG2Jy0Nz/7gk/C1Fd8ybUWM0RjxPee
lwvCqmjAE568X0seOyfyS0ACW8kItuo596BAbxVdX5FUhoJ9Yo2GK61rpsDS3YJe
7Tf99cRdzL7KI0NbhPm8aTPBaAtMSRbT6QO6dkeke5EKDHAoa0QFDegMBEIL5vjQ
FxQ/y4+zW7Or+et2Gbkl8o0bcEezRW8q9+5Basu/ACKvKGvpEfQlxwN9OEe0HBkl
OqhpqYnm5KkvUZRklrLlLe2Mhban2Y9kHzUmxMnm8vA15iFD7C8FRkn/v7zzAiad
ZTAhCHHfqbusLF7hGnd1aBZbY6yYUMFe2xFBzsKz7dEf
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:58 2023 by rpki-client on console-fra.rpki-client.org