Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/TKmfwoEmFX4Akp2so8PaOBj7t70.roa
File: TKmfwoEmFX4Akp2so8PaOBj7t70.roa (raw, json)
Hash identifier: xObEtXOC1dKtuEkIcJdqPfepmIa+YWFBVhExbmKZFlc=
Subject key identifier: 4C:A9:9F:C2:81:26:15:7E:00:92:9D:AC:A3:C3:DA:38:18:FB:B7:BD
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 0185730CD7C0BA028DC829108B7DC0683195
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/TKmfwoEmFX4Akp2so8PaOBj7t70.roa
Signing time: Mon 02 Jan 2023 15:14:59 +0000
ROA not before: Mon 02 Jan 2023 15:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207591
IP address blocks: 147.234.79.0/24 maxlen: 24
147.234.78.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:0c:d7:c0:ba:02:8d:c8:29:10:8b:7d:c0:68:31:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Jan 2 15:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ca99fc28126157e00929daca3c3da3818fbb7bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:4e:37:d1:b8:77:87:6e:b2:20:0e:6c:c0:b1:
e2:59:d8:ef:9f:9b:75:2a:53:70:5f:ed:5e:b2:9e:
33:8f:83:2e:84:55:3e:c7:0f:3b:5b:f6:20:54:bc:
46:ce:c4:50:1f:e3:38:ec:5d:2a:14:85:20:b0:2e:
34:33:2c:a7:f2:70:22:35:a2:70:51:b5:8c:69:31:
8b:23:7e:6c:3d:19:00:01:ca:61:26:dd:bb:3e:c3:
b0:22:46:86:6b:1d:34:aa:cc:8e:67:ef:2a:f9:87:
40:ea:b0:8a:57:a2:c7:92:a0:0c:db:53:fc:82:3a:
80:16:a3:3b:1d:4a:60:04:ee:9d:b8:d7:13:10:f7:
71:4b:50:b8:02:4c:85:ca:8f:b2:6b:01:82:7d:35:
d7:25:b4:37:38:20:18:af:b0:2f:b0:1f:3e:86:84:
5f:46:5e:3a:0e:88:48:4d:1f:2d:80:9c:b9:59:98:
0f:1e:56:1b:b2:d5:25:c2:c8:95:b5:52:c7:9f:93:
e1:ac:89:6d:df:d9:50:5f:b6:c9:51:ee:cc:84:fe:
da:30:2e:d7:c3:ed:0a:bd:95:00:f5:6b:1a:5e:f2:
b1:49:01:1e:c5:c0:75:23:1f:08:e3:7b:14:80:28:
0f:62:ec:70:cd:83:5e:21:a8:06:c0:a5:6e:4a:4e:
e5:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:A9:9F:C2:81:26:15:7E:00:92:9D:AC:A3:C3:DA:38:18:FB:B7:BD
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/TKmfwoEmFX4Akp2so8PaOBj7t70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.234.78.0/23
Signature Algorithm: sha256WithRSAEncryption
15:fe:f3:82:16:b0:78:6b:0d:37:fd:d2:aa:aa:ee:ed:d8:74:
64:2f:fb:4d:0f:7e:68:0f:b2:3a:7e:2a:79:a9:83:dc:92:b8:
4f:47:e4:95:ae:e4:91:fe:fc:62:f3:74:ed:76:bb:4d:b1:9c:
e4:22:90:0e:e9:5a:c2:e8:f9:63:6d:5b:1c:a5:92:5b:a4:1f:
c0:bf:32:c0:6d:80:b0:4a:a7:bd:35:fe:60:84:f3:20:d8:53:
00:a9:8d:2f:90:6f:2a:c7:d7:10:74:75:87:2d:c4:95:03:66:
bd:30:2f:33:9b:ec:22:5b:9b:ab:d9:5d:da:ef:88:5d:27:94:
80:ad:ba:4c:38:eb:3b:a7:fb:da:28:14:ba:60:fb:e5:a8:0f:
4b:7c:48:aa:e3:3f:8a:66:e9:6b:43:77:59:d0:be:d2:07:b2:
35:b5:07:01:ff:d7:21:87:b0:64:41:bd:e7:4e:fb:b4:44:db:
bf:b4:93:6a:6a:25:a5:04:a7:67:7d:26:8f:a0:52:9a:f7:36:
3d:4e:f4:0d:ed:4f:9f:9e:3f:2b:f9:83:22:48:c0:c0:16:03:
e4:3f:62:ad:02:7c:2a:e4:7b:94:d9:e5:f3:20:ca:78:a3:14:
5d:e0:c3:78:f2:e0:4f:52:16:a4:09:99:22:e4:db:14:60:6f:
b0:f7:c2:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzDNfAugKNyCkQi33AaDGVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjMwMTAyMTUxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2E5OWZjMjgxMjYxNTdlMDA5MjlkYWNhM2MzZGEzODE4ZmJiN2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgk430bh3h26yIA5swLHiWdjvn5t1
KlNwX+1esp4zj4MuhFU+xw87W/YgVLxGzsRQH+M47F0qFIUgsC40Myyn8nAiNaJw
UbWMaTGLI35sPRkAAcphJt27PsOwIkaGax00qsyOZ+8q+YdA6rCKV6LHkqAM21P8
gjqAFqM7HUpgBO6duNcTEPdxS1C4AkyFyo+yawGCfTXXJbQ3OCAYr7AvsB8+hoRf
Rl46DohITR8tgJy5WZgPHlYbstUlwsiVtVLHn5PhrIlt39lQX7bJUe7MhP7aMC7X
w+0KvZUA9WsaXvKxSQEexcB1Ix8I43sUgCgPYuxwzYNeIagGwKVuSk7lqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEypn8KBJhV+AJKdrKPD2jgY+7e9MB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvVEttZndvRW1GWDRBa3Ayc284UGFPQmo3dDcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBk+pOMA0G
CSqGSIb3DQEBCwUAA4IBAQAV/vOCFrB4aw03/dKqqu7t2HRkL/tND35oD7I6fip5
qYPckrhPR+SVruSR/vxi83TtdrtNsZzkIpAO6VrC6PljbVscpZJbpB/AvzLAbYCw
Sqe9Nf5ghPMg2FMAqY0vkG8qx9cQdHWHLcSVA2a9MC8zm+wiW5ur2V3a74hdJ5SA
rbpMOOs7p/vaKBS6YPvlqA9LfEiq4z+KZulrQ3dZ0L7SB7I1tQcB/9chh7BkQb3n
Tvu0RNu/tJNqaiWlBKdnfSaPoFKa9zY9TvQN7U+fnj8r+YMiSMDAFgPkP2KtAnwq
5HuU2eXzIMp4oxRd4MN48uBPUhakCZki5NsUYG+w98IJ
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:14:23 2024 by rpki-client on console.sobornost.net