Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/TxvLzrqQHEdlMrgLkugOQb2oTkY.roa
File: TxvLzrqQHEdlMrgLkugOQb2oTkY.roa (raw, json)
Hash identifier: IrEnDWmHebkTtyBNzG1m5JQDrSvdFPbyA2fxXjZB254=
Subject key identifier: 4F:1B:CB:CE:BA:90:1C:47:65:32:B8:0B:92:E8:0E:41:BD:A8:4E:46
Certificate issuer: /CN=f0cc7a447482e57b0604babb82a52409cde3b36d
Certificate serial: 018570D5272F8515E1902C229853A9B9DDF2
Authority key identifier: F0:CC:7A:44:74:82:E5:7B:06:04:BA:BB:82:A5:24:09:CD:E3:B3:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Mx6RHSC5XsGBLq7gqUkCc3js20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/TxvLzrqQHEdlMrgLkugOQb2oTkY.roa
Signing time: Mon 02 Jan 2023 04:54:55 +0000
ROA not before: Mon 02 Jan 2023 04:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 85.198.32.0/20 maxlen: 24
45.89.21.0/24 maxlen: 24
86.106.24.0/24 maxlen: 24
91.123.0.0/20 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:27:2f:85:15:e1:90:2c:22:98:53:a9:b9:dd:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0cc7a447482e57b0604babb82a52409cde3b36d
Validity
Not Before: Jan 2 04:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f1bcbceba901c476532b80b92e80e41bda84e46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:fc:bb:fb:7d:c2:28:be:79:60:f2:e6:45:84:
ba:ba:c1:d4:b2:8d:9e:dc:2f:3b:16:dc:d8:ab:12:
c0:d3:94:ba:8f:10:74:a1:29:31:ef:a4:c9:e9:56:
0d:c7:e8:b0:3d:da:88:52:c2:78:09:b5:96:83:5b:
6a:40:67:0f:22:37:d9:05:e6:8a:1a:fe:8f:e5:2f:
87:91:f0:52:33:69:e6:20:97:16:0c:3a:b8:03:80:
0d:7b:ef:27:ec:8c:db:d2:ba:07:57:e5:57:d6:9d:
0a:32:96:7a:4c:da:9f:b5:75:fd:00:00:b7:da:1a:
58:3b:55:d4:2b:40:b5:cb:3e:79:64:b5:70:e3:d0:
2b:b3:6d:63:57:26:4d:e7:7b:18:e3:96:f2:8b:8e:
86:8b:9f:57:51:ed:40:b1:b4:2d:80:c5:85:78:d4:
8e:c4:dc:07:f1:09:68:fb:df:9c:fc:f9:55:a0:5e:
e1:09:eb:3e:f4:8d:2a:cc:ab:25:87:3d:a9:ad:b4:
49:cd:02:9e:de:02:ba:73:a0:8b:54:ed:27:08:e4:
0e:23:0a:c2:a9:7f:65:9e:99:23:01:cf:97:9e:14:
9a:c8:46:25:31:56:b2:60:09:c8:ee:e6:da:a7:32:
02:7c:a9:c7:36:25:3a:e9:7b:fc:cc:54:73:37:4e:
4a:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:1B:CB:CE:BA:90:1C:47:65:32:B8:0B:92:E8:0E:41:BD:A8:4E:46
X509v3 Authority Key Identifier:
keyid:F0:CC:7A:44:74:82:E5:7B:06:04:BA:BB:82:A5:24:09:CD:E3:B3:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Mx6RHSC5XsGBLq7gqUkCc3js20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/TxvLzrqQHEdlMrgLkugOQb2oTkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e58dc-7c90-49d7-8855-fa32d2d52968/1/8Mx6RHSC5XsGBLq7gqUkCc3js20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.21.0/24
85.198.32.0/20
86.106.24.0/24
91.123.0.0/20
Signature Algorithm: sha256WithRSAEncryption
5e:51:a6:2e:76:67:b1:86:23:0d:79:8e:7d:3c:0e:fc:15:12:
cb:a1:25:a1:d9:70:28:b4:b1:63:4d:bf:a0:96:b5:50:62:78:
e5:b1:bf:80:a2:07:ad:6a:b2:e3:10:70:96:33:88:0d:5f:24:
9f:65:8b:e1:93:31:d9:ce:8f:2e:48:17:cf:56:a4:eb:d6:93:
ea:ab:3c:22:34:62:0e:40:19:46:da:84:03:ee:8c:c2:94:02:
2e:09:e4:dc:80:49:1f:e7:64:0c:3a:2e:6e:75:0b:e5:77:35:
ff:6e:f7:3f:e1:43:64:dd:01:da:20:1a:8e:6d:a0:b1:51:df:
53:04:5f:70:55:9d:52:66:ba:be:6b:59:cc:2c:a3:82:03:14:
8b:44:6c:51:6d:2e:e8:de:7d:e7:f1:4a:b9:a0:a3:59:dc:a5:
d7:c4:d3:ed:b8:7d:c2:db:7f:fa:21:07:4e:18:74:a7:cb:00:
bf:d9:5e:ce:ff:56:97:e3:95:0c:88:5a:67:b5:bf:37:24:6f:
19:e2:38:4d:0d:56:ab:c8:05:a4:32:bf:42:2d:2c:c0:d5:6f:
0c:6d:c0:0a:08:d0:62:c7:70:ab:ae:6b:c4:85:5f:84:c4:cb:
14:e1:e1:f5:54:6c:1b:f5:2e:28:05:56:74:a4:bd:7f:83:9a:
9b:9b:18:ba
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVw1ScvhRXhkCwimFOpud3yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwY2M3YTQ0NzQ4MmU1N2IwNjA0YmFiYjgyYTUyNDA5Y2Rl
M2IzNmQwHhcNMjMwMTAyMDQ1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjFiY2JjZWJhOTAxYzQ3NjUzMmI4MGI5MmU4MGU0MWJkYTg0ZTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfy7+33CKL55YPLmRYS6usHUso2e
3C87FtzYqxLA05S6jxB0oSkx76TJ6VYNx+iwPdqIUsJ4CbWWg1tqQGcPIjfZBeaK
Gv6P5S+HkfBSM2nmIJcWDDq4A4ANe+8n7Izb0roHV+VX1p0KMpZ6TNqftXX9AAC3
2hpYO1XUK0C1yz55ZLVw49Ars21jVyZN53sY45byi46Gi59XUe1AsbQtgMWFeNSO
xNwH8Qlo+9+c/PlVoF7hCes+9I0qzKslhz2prbRJzQKe3gK6c6CLVO0nCOQOIwrC
qX9lnpkjAc+XnhSayEYlMVayYAnI7ubapzICfKnHNiU66Xv8zFRzN05KoQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFE8by866kBxHZTK4C5LoDkG9qE5GMB8GA1UdIwQY
MBaAFPDMekR0guV7BgS6u4KlJAnN47NtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE14NlJIU0M1WHNHQkxxN2dxVWtDYzNqczIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wZTU4ZGMtN2M5MC00OWQ3LTg4NTUt
ZmEzMmQyZDUyOTY4LzEvVHh2THpycVFIRWRsTXJnTGt1Z09RYjJvVGtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wZTU4ZGMtN2M5MC00OWQ3LTg4NTUtZmEzMmQyZDUyOTY4
LzEvOE14NlJIU0M1WHNHQkxxN2dxVWtDYzNqczIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVkVAwQE
VcYgAwQAVmoYAwQEW3sAMA0GCSqGSIb3DQEBCwUAA4IBAQBeUaYudmexhiMNeY59
PA78FRLLoSWh2XAotLFjTb+glrVQYnjlsb+AogetarLjEHCWM4gNXySfZYvhkzHZ
zo8uSBfPVqTr1pPqqzwiNGIOQBlG2oQD7ozClAIuCeTcgEkf52QMOi5udQvldzX/
bvc/4UNk3QHaIBqObaCxUd9TBF9wVZ1SZrq+a1nMLKOCAxSLRGxRbS7o3n3n8Uq5
oKNZ3KXXxNPtuH3C23/6IQdOGHSnywC/2V7O/1aX45UMiFpntb83JG8Z4jhNDVar
yAWkMr9CLSzA1W8MbcAKCNBix3CrrmvEhV+ExMsU4eH1VGwb9S4oBVZ0pL1/g5qb
mxi6
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:13 2023 by rpki-client on console-ams.rpki-client.org