Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/a0099c-d860-49a5-b459-3d0036603ea0/1/0tfa81aXYxILgaWWp5bw38FsPXw.roa
File: 0tfa81aXYxILgaWWp5bw38FsPXw.roa (raw, json)
Hash identifier: ntlkoZel1VGfkmrwoybRL5NZhTs0hOcUpfDwFPawFK4=
Subject key identifier: D2:D7:DA:F3:56:97:63:12:0B:81:A5:96:A7:96:F0:DF:C1:6C:3D:7C
Certificate issuer: /CN=264d04c39641b82b5dc3844cf5ff550f54044689
Certificate serial: 01856F1D9984BB231553F0DC2A5C609BB1A2
Authority key identifier: 26:4D:04:C3:96:41:B8:2B:5D:C3:84:4C:F5:FF:55:0F:54:04:46:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jk0Ew5ZBuCtdw4RM9f9VD1QERok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/a0099c-d860-49a5-b459-3d0036603ea0/1/0tfa81aXYxILgaWWp5bw38FsPXw.roa
Signing time: Sun 01 Jan 2023 20:54:48 +0000
ROA not before: Sun 01 Jan 2023 20:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210144
IP address blocks: 31.132.48.0/22 maxlen: 22
185.141.172.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:99:84:bb:23:15:53:f0:dc:2a:5c:60:9b:b1:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=264d04c39641b82b5dc3844cf5ff550f54044689
Validity
Not Before: Jan 1 20:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2d7daf3569763120b81a596a796f0dfc16c3d7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:be:b6:b2:49:99:74:f0:ce:b6:d9:15:2a:37:
de:33:31:2b:d9:87:46:27:f2:84:8d:6d:87:6c:cf:
07:b9:a2:f5:1e:3f:e3:d0:9b:e4:6c:c6:25:04:31:
2b:27:70:0e:ee:d8:a8:58:95:f2:b2:04:df:04:8b:
0e:1a:0b:b3:5c:6d:39:59:7a:bf:98:a9:e5:7b:6b:
bb:d9:94:f3:b9:eb:6f:d1:17:71:ce:ed:7c:0a:34:
c6:33:04:e5:d9:f8:0f:21:15:4c:1a:5f:56:7b:dc:
76:39:91:c2:ec:7a:21:9e:79:fb:1b:50:a2:39:79:
bf:f6:d4:bb:1e:0d:4c:fb:18:18:1b:44:89:b7:b4:
88:45:7e:41:49:bc:83:6b:b1:70:40:a5:0f:81:23:
a7:22:94:26:bf:43:d5:9c:5f:ad:72:a8:5f:51:d7:
dd:ab:e1:2d:b8:32:1b:f0:00:7d:39:16:fb:26:5e:
1a:50:97:b0:31:1c:0f:92:33:95:8f:3e:61:1c:6f:
b6:0b:bd:be:a8:81:b5:11:33:37:b3:f3:84:77:bf:
cd:09:03:f4:1e:98:98:67:b0:ee:bc:25:61:44:11:
4a:fd:6f:fc:51:a8:6e:e0:3e:76:ed:23:76:67:bc:
ca:f1:77:78:6d:3a:39:02:7a:4e:83:e1:c5:ac:38:
d6:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:D7:DA:F3:56:97:63:12:0B:81:A5:96:A7:96:F0:DF:C1:6C:3D:7C
X509v3 Authority Key Identifier:
keyid:26:4D:04:C3:96:41:B8:2B:5D:C3:84:4C:F5:FF:55:0F:54:04:46:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jk0Ew5ZBuCtdw4RM9f9VD1QERok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a0099c-d860-49a5-b459-3d0036603ea0/1/0tfa81aXYxILgaWWp5bw38FsPXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a0099c-d860-49a5-b459-3d0036603ea0/1/Jk0Ew5ZBuCtdw4RM9f9VD1QERok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.132.48.0/22
185.141.172.0/22
Signature Algorithm: sha256WithRSAEncryption
68:4f:98:c4:bc:3f:25:5f:d3:a4:c0:28:9e:62:bb:4f:ef:ce:
cb:52:5f:4a:09:7c:d5:ef:72:72:99:24:04:10:93:52:c7:c0:
42:56:e7:cc:4f:87:95:d9:6e:91:3b:4d:40:ae:c7:f8:81:55:
ee:af:16:12:9a:5e:75:e1:f7:9e:fd:b1:f5:97:0f:fc:79:dd:
78:57:89:1b:b3:0c:6a:6b:db:ff:b7:e7:5c:6e:b3:e9:4d:89:
95:c2:0a:0e:8a:58:c2:e9:c6:41:01:f3:76:3c:05:08:fb:d3:
79:0a:9c:3c:05:cf:bb:ed:a1:0b:2d:b6:c3:7f:de:b1:f1:d3:
e5:75:65:2a:69:47:fe:99:73:2b:44:58:dc:ee:c3:9a:fc:60:
0e:ed:27:87:83:6f:65:98:8f:b5:b2:1d:95:be:83:b4:01:a2:
34:75:40:b5:10:58:4b:68:79:0e:06:93:c2:ba:2a:33:9c:2f:
c2:be:62:c4:3e:d9:be:e6:a9:21:39:66:49:2c:88:67:6f:a3:
c4:60:3f:85:37:89:a5:60:4d:8a:e2:6b:71:23:5b:1e:68:67:
40:e0:6f:b1:60:7b:d8:2a:80:cc:85:5b:f7:0e:4d:bc:92:85:
0b:aa:8c:94:46:93:21:1c:9f:ea:b0:a4:78:ab:9b:a8:c8:76:
49:eb:a2:7c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvHZmEuyMVU/DcKlxgm7GiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NGQwNGMzOTY0MWI4MmI1ZGMzODQ0Y2Y1ZmY1NTBmNTQw
NDQ2ODkwHhcNMjMwMTAxMjA1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmQ3ZGFmMzU2OTc2MzEyMGI4MWE1OTZhNzk2ZjBkZmMxNmMzZDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhL62skmZdPDOttkVKjfeMzEr2YdG
J/KEjW2HbM8HuaL1Hj/j0JvkbMYlBDErJ3AO7tioWJXysgTfBIsOGguzXG05WXq/
mKnle2u72ZTzuetv0Rdxzu18CjTGMwTl2fgPIRVMGl9We9x2OZHC7Hohnnn7G1Ci
OXm/9tS7Hg1M+xgYG0SJt7SIRX5BSbyDa7FwQKUPgSOnIpQmv0PVnF+tcqhfUdfd
q+EtuDIb8AB9ORb7Jl4aUJewMRwPkjOVjz5hHG+2C72+qIG1ETM3s/OEd7/NCQP0
HpiYZ7DuvCVhRBFK/W/8Uahu4D527SN2Z7zK8Xd4bTo5AnpOg+HFrDjW0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNLX2vNWl2MSC4GllqeW8N/BbD18MB8GA1UdIwQY
MBaAFCZNBMOWQbgrXcOETPX/VQ9UBEaJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmswRXc1WkJ1Q3RkdzRSTTlmOVZEMVFFUm9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9hMDA5OWMtZDg2MC00OWE1LWI0NTkt
M2QwMDM2NjAzZWEwLzEvMHRmYTgxYVhZeElMZ2FXV3A1YnczOEZzUFh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9hMDA5OWMtZDg2MC00OWE1LWI0NTktM2QwMDM2NjAzZWEw
LzEvSmswRXc1WkJ1Q3RkdzRSTTlmOVZEMVFFUm9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCH4QwAwQC
uY2sMA0GCSqGSIb3DQEBCwUAA4IBAQBoT5jEvD8lX9OkwCieYrtP787LUl9KCXzV
73JymSQEEJNSx8BCVufMT4eV2W6RO01Arsf4gVXurxYSml514fee/bH1lw/8ed14
V4kbswxqa9v/t+dcbrPpTYmVwgoOiljC6cZBAfN2PAUI+9N5Cpw8Bc+77aELLbbD
f96x8dPldWUqaUf+mXMrRFjc7sOa/GAO7SeHg29lmI+1sh2VvoO0AaI0dUC1EFhL
aHkOBpPCuioznC/CvmLEPtm+5qkhOWZJLIhnb6PEYD+FN4mlYE2K4mtxI1seaGdA
4G+xYHvYKoDMhVv3Dk28koULqoyURpMhHJ/qsKR4q5uoyHZJ66J8
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:05 2023 by rpki-client on console.sobornost.net