Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/31dc10-5663-4555-a806-4e9305caf1a3/1/tGJjLwAu5fLnaor9dMb_OX7TUTs.roa
File: tGJjLwAu5fLnaor9dMb_OX7TUTs.roa (raw, json)
Hash identifier: qovrjpLPkWFUFGwP7Waade5rCCItAbQAJyyhcrBoTxI=
Subject key identifier: B4:62:63:2F:00:2E:E5:F2:E7:6A:8A:FD:74:C6:FF:39:7E:D3:51:3B
Certificate issuer: /CN=64239a51084f1b2b5c684643cac146217c79f8d1
Certificate serial: 0186E48853EE4863C238243B890D74E51F9D
Authority key identifier: 64:23:9A:51:08:4F:1B:2B:5C:68:46:43:CA:C1:46:21:7C:79:F8:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZCOaUQhPGytcaEZDysFGIXx5-NE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/31dc10-5663-4555-a806-4e9305caf1a3/1/tGJjLwAu5fLnaor9dMb_OX7TUTs.roa
Signing time: Wed 15 Mar 2023 09:09:45 +0000
ROA not before: Wed 15 Mar 2023 09:09:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56800
IP address blocks: 185.110.144.0/22 maxlen: 23
176.10.40.0/21 maxlen: 21
176.10.40.0/22 maxlen: 22
176.10.44.0/22 maxlen: 22
2a0b:26c0::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e4:88:53:ee:48:63:c2:38:24:3b:89:0d:74:e5:1f:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64239a51084f1b2b5c684643cac146217c79f8d1
Validity
Not Before: Mar 15 09:09:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b462632f002ee5f2e76a8afd74c6ff397ed3513b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b1:b5:d9:29:cf:5d:77:14:58:06:b4:3d:e6:
48:33:ce:13:e8:73:8a:16:5c:a6:a6:20:9f:e4:0c:
5b:bb:73:8b:42:eb:fb:fb:db:95:54:5a:31:53:d0:
16:e3:29:b9:0d:99:58:eb:5c:ff:9f:f0:ad:65:ca:
5f:0d:40:2b:56:07:5a:90:6d:2f:4d:8e:c5:75:8e:
95:61:50:9d:d1:a7:b5:4e:ec:1b:67:71:95:d7:bb:
9d:a6:45:20:9e:8e:62:fe:aa:17:eb:06:55:47:88:
7c:42:cd:8f:85:6d:a5:74:c6:d2:f5:2a:5f:bc:a9:
25:09:58:85:52:e6:4b:02:d4:ea:67:9c:1b:10:83:
41:4c:7b:68:9b:f2:16:7e:af:78:7f:f2:9e:78:e8:
58:02:07:07:63:61:f9:9b:b0:80:62:cf:c3:22:dc:
c6:b1:b3:49:c3:80:ec:5a:24:e8:0d:63:35:e0:b1:
99:64:65:8c:34:9d:e4:07:ef:98:e9:53:01:28:04:
12:1a:de:fa:82:e8:cb:07:e5:1a:be:da:c7:48:22:
b3:de:88:90:c4:5a:f5:c8:56:c4:95:1e:5a:b3:fa:
74:bc:97:be:ab:9b:5a:63:67:cc:7d:da:be:39:19:
59:7a:97:45:a8:80:cb:32:ca:47:5d:5c:ce:bb:cc:
b0:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:62:63:2F:00:2E:E5:F2:E7:6A:8A:FD:74:C6:FF:39:7E:D3:51:3B
X509v3 Authority Key Identifier:
keyid:64:23:9A:51:08:4F:1B:2B:5C:68:46:43:CA:C1:46:21:7C:79:F8:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZCOaUQhPGytcaEZDysFGIXx5-NE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/31dc10-5663-4555-a806-4e9305caf1a3/1/tGJjLwAu5fLnaor9dMb_OX7TUTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/31dc10-5663-4555-a806-4e9305caf1a3/1/ZCOaUQhPGytcaEZDysFGIXx5-NE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.10.40.0/21
185.110.144.0/22
IPv6:
2a0b:26c0::/29
Signature Algorithm: sha256WithRSAEncryption
1b:68:40:c1:dc:36:ac:97:ac:3f:f6:f6:ea:aa:95:a5:dc:f3:
7b:5c:80:e9:7e:f7:cd:6b:48:1d:a9:f0:ae:e8:fe:68:bd:e0:
ee:a5:ab:b6:31:41:90:ea:73:b9:6b:7c:10:88:84:95:ad:3c:
e0:68:ca:bb:a8:fc:bf:ad:ca:a2:2b:65:9c:88:77:aa:ec:c5:
fd:35:ba:6c:62:68:69:ca:0c:b0:22:ab:75:1f:48:4d:5c:a6:
b4:ce:88:9b:29:ca:ae:20:08:2c:92:16:1e:4c:b9:de:43:e1:
2e:c7:30:e1:d5:b4:c8:f8:67:85:8e:19:13:5e:54:af:b3:46:
c5:92:26:d7:12:88:ed:c6:22:7a:9f:85:32:80:f0:ef:8e:c0:
a6:01:15:22:90:5b:66:07:58:4e:ed:6e:d7:eb:6c:f1:23:9d:
b5:08:27:11:c6:32:f1:e1:98:2a:b1:01:ad:d9:7f:c8:a7:cb:
82:72:55:06:0a:d2:0b:a7:7e:86:ac:2d:42:1f:a9:04:90:8f:
08:bb:b0:9b:6f:91:5c:8f:c1:36:24:49:e4:b5:1b:2f:94:b4:
e8:a4:30:09:c5:36:ca:db:c9:25:7a:c0:9b:90:93:17:f2:59:
e6:5c:90:fc:cd:5a:06:25:f3:ef:65:04:ad:9b:31:98:6e:d4:
7d:78:ce:80
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYbkiFPuSGPCOCQ7iQ105R+dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MjM5YTUxMDg0ZjFiMmI1YzY4NDY0M2NhYzE0NjIxN2M3
OWY4ZDEwHhcNMjMwMzE1MDkwOTQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDYyNjMyZjAwMmVlNWYyZTc2YThhZmQ3NGM2ZmYzOTdlZDM1MTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbG12SnPXXcUWAa0PeZIM84T6HOK
FlympiCf5Axbu3OLQuv7+9uVVFoxU9AW4ym5DZlY61z/n/CtZcpfDUArVgdakG0v
TY7FdY6VYVCd0ae1TuwbZ3GV17udpkUgno5i/qoX6wZVR4h8Qs2PhW2ldMbS9Spf
vKklCViFUuZLAtTqZ5wbEINBTHtom/IWfq94f/KeeOhYAgcHY2H5m7CAYs/DItzG
sbNJw4DsWiToDWM14LGZZGWMNJ3kB++Y6VMBKAQSGt76gujLB+UavtrHSCKz3oiQ
xFr1yFbElR5as/p0vJe+q5taY2fMfdq+ORlZepdFqIDLMspHXVzOu8ywpQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLRiYy8ALuXy52qK/XTG/zl+01E7MB8GA1UdIwQY
MBaAFGQjmlEITxsrXGhGQ8rBRiF8efjRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkNPYVVRaFBHeXRjYUVaRHlzRkdJWHg1LU5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8zMWRjMTAtNTY2My00NTU1LWE4MDYt
NGU5MzA1Y2FmMWEzLzEvdEdKakx3QXU1ZkxuYW9yOWRNYl9PWDdUVVRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8zMWRjMTAtNTY2My00NTU1LWE4MDYtNGU5MzA1Y2FmMWEz
LzEvWkNPYVVRaFBHeXRjYUVaRHlzRkdJWHg1LU5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDsAooAwQC
uW6QMA0EAgACMAcDBQMqCybAMA0GCSqGSIb3DQEBCwUAA4IBAQAbaEDB3Dasl6w/
9vbqqpWl3PN7XIDpfvfNa0gdqfCu6P5oveDupau2MUGQ6nO5a3wQiISVrTzgaMq7
qPy/rcqiK2WciHeq7MX9NbpsYmhpygywIqt1H0hNXKa0zoibKcquIAgskhYeTLne
Q+EuxzDh1bTI+GeFjhkTXlSvs0bFkibXEojtxiJ6n4UygPDvjsCmARUikFtmB1hO
7W7X62zxI521CCcRxjLx4ZgqsQGt2X/Ip8uCclUGCtILp36GrC1CH6kEkI8Iu7Cb
b5Fcj8E2JEnktRsvlLTopDAJxTbK28klesCbkJMX8lnmXJD8zVoGJfPvZQStmzGY
btR9eM6A
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:10:52 2024 by rpki-client on console.sobornost.net