Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/tllNoYualSiu9AxCqDoKXfm-bGU.roa
File: tllNoYualSiu9AxCqDoKXfm-bGU.roa (raw, json)
Hash identifier: DeJOcXv0JCwGxsgHh6u1aee5p01Tfnge+RPnZVCorvs=
Subject key identifier: B6:59:4D:A1:8B:9A:95:28:AE:F4:0C:42:A8:3A:0A:5D:F9:BE:6C:65
Certificate issuer: /CN=d41703db3020cc1ef2fd71091a468f4a649c238f
Certificate serial: 01873715975D17B0B7D6635354FF37FE0EBC
Authority key identifier: D4:17:03:DB:30:20:CC:1E:F2:FD:71:09:1A:46:8F:4A:64:9C:23:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/tllNoYualSiu9AxCqDoKXfm-bGU.roa
Signing time: Fri 31 Mar 2023 09:52:54 +0000
ROA not before: Fri 31 Mar 2023 09:52:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49544
IP address blocks: 185.41.140.0/22 maxlen: 22
213.179.192.0/19 maxlen: 19
213.179.192.0/22 maxlen: 22
213.179.196.0/22 maxlen: 22
91.216.207.0/24 maxlen: 24
188.122.64.0/19 maxlen: 24
91.198.152.0/24 maxlen: 24
185.52.12.0/22 maxlen: 24
213.163.64.0/19 maxlen: 24
185.50.104.0/22 maxlen: 22
162.245.204.0/22 maxlen: 22
5.200.0.0/19 maxlen: 24
185.179.202.0/23 maxlen: 24
213.179.204.0/22 maxlen: 22
213.179.200.0/22 maxlen: 22
185.179.200.0/23 maxlen: 24
213.179.210.0/23 maxlen: 23
213.179.209.0/24 maxlen: 24
213.179.212.0/22 maxlen: 22
213.179.216.0/22 maxlen: 22
213.179.220.0/22 maxlen: 22
212.19.224.0/22 maxlen: 22
146.247.76.0/22 maxlen: 22
109.200.192.0/19 maxlen: 24
109.200.194.0/23 maxlen: 23
109.200.208.0/22 maxlen: 22
162.244.52.0/22 maxlen: 23
185.197.24.0/22 maxlen: 23
193.43.218.0/23 maxlen: 23
104.153.84.0/22 maxlen: 22
31.204.132.0/22 maxlen: 22
31.204.128.0/19 maxlen: 24
31.204.136.0/23 maxlen: 23
31.204.156.0/23 maxlen: 23
138.128.136.0/22 maxlen: 22
91.195.234.0/23 maxlen: 23
138.128.140.0/22 maxlen: 22
2a01:9580::/32 maxlen: 34
2a04:c600::/29 maxlen: 34
2a00:1630::/29 maxlen: 32
2a00:1631::/32 maxlen: 32
2a00:1637::/32 maxlen: 32
2a00:1d26::/32 maxlen: 34
2a00:1630::/32 maxlen: 48
2a00:1632::/32 maxlen: 32
2a00:1d20::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:37:15:97:5d:17:b0:b7:d6:63:53:54:ff:37:fe:0e:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d41703db3020cc1ef2fd71091a468f4a649c238f
Validity
Not Before: Mar 31 09:52:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b6594da18b9a9528aef40c42a83a0a5df9be6c65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:cc:e9:52:58:a3:f4:df:4d:2b:68:55:dc:6b:
c3:67:c8:fd:9e:9b:58:21:09:c2:6c:2b:42:84:99:
c4:3d:27:67:cf:5a:b3:db:6e:38:73:30:b1:27:26:
92:7b:77:44:9a:88:9e:f2:6d:bb:7f:16:2d:21:bf:
6c:8f:16:ed:3b:e5:cb:e4:b4:a4:10:58:f5:12:ee:
45:1f:a7:fc:6f:82:08:38:e9:2e:ab:a4:f1:9b:f1:
9d:2f:c4:59:3a:62:8b:a9:6c:89:66:18:f0:3c:ef:
8c:44:6f:d5:5a:70:7d:82:99:62:2b:65:fa:ef:81:
a4:7e:85:aa:b4:83:d7:2f:e6:8a:52:9e:89:af:24:
25:db:40:86:e4:b4:50:7a:de:45:4b:10:20:e0:3b:
c7:bf:6d:a1:50:33:78:57:f5:6d:86:9f:81:7b:6d:
6e:81:d2:69:5b:40:dd:0f:fc:69:d4:8f:23:f4:e9:
04:b9:c8:4c:48:98:85:ee:23:81:6d:54:ab:b4:47:
70:8f:c0:ab:22:48:06:64:43:ce:54:c5:65:e3:45:
1b:19:33:8d:ee:af:41:96:2b:3c:18:cf:3a:ef:5a:
87:d8:eb:22:bf:8e:cb:fd:6b:b5:b4:b9:3d:51:45:
6e:33:70:a2:b0:4c:9b:88:07:43:42:ab:1e:02:f6:
99:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:59:4D:A1:8B:9A:95:28:AE:F4:0C:42:A8:3A:0A:5D:F9:BE:6C:65
X509v3 Authority Key Identifier:
keyid:D4:17:03:DB:30:20:CC:1E:F2:FD:71:09:1A:46:8F:4A:64:9C:23:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/tllNoYualSiu9AxCqDoKXfm-bGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/1BcD2zAgzB7y_XEJGkaPSmScI48.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.200.0.0/19
31.204.128.0/19
91.195.234.0/23
91.198.152.0/24
91.216.207.0/24
104.153.84.0/22
109.200.192.0/19
138.128.136.0/21
146.247.76.0/22
162.244.52.0/22
162.245.204.0/22
185.41.140.0/22
185.50.104.0/22
185.52.12.0/22
185.179.200.0/22
185.197.24.0/22
188.122.64.0/19
193.43.218.0/23
212.19.224.0/22
213.163.64.0/19
213.179.192.0/19
IPv6:
2a00:1630::/29
2a00:1d20::/29
2a01:9580::/32
2a04:c600::/29
Signature Algorithm: sha256WithRSAEncryption
16:ab:10:79:f3:03:8f:3a:df:cc:58:68:8f:9f:cb:6e:72:b9:
f1:71:26:65:94:db:38:d4:3b:20:04:8e:15:32:b8:8f:30:fc:
64:ee:d2:40:d9:c4:60:61:45:21:80:92:61:47:5b:6e:02:9e:
12:c6:5c:fb:4f:12:36:37:d2:c2:39:b3:25:c6:28:75:70:23:
08:0a:6e:e7:2f:18:4a:89:b3:1a:08:f6:73:2b:e7:fc:77:51:
15:9b:f1:35:e1:63:07:41:73:fc:13:6e:ce:ac:8d:9d:c1:a5:
33:8c:88:70:e1:00:3f:cc:d5:b8:32:ec:03:24:26:94:ae:9d:
47:d7:d3:f8:de:a5:7c:f0:94:74:c6:0f:83:e4:05:88:d0:48:
ff:57:1b:47:b4:46:58:dd:76:22:cc:5a:49:fa:a6:6f:66:b0:
08:a4:42:8d:2e:e5:52:a7:c3:01:22:90:f6:49:c3:74:f8:b6:
49:a4:90:49:db:0a:0e:a6:88:ec:b4:cb:b8:a5:00:fe:b3:0e:
72:7c:d5:21:ca:08:56:79:b3:bf:16:10:e0:79:01:82:a6:d4:
33:b4:69:98:a0:9b:85:9b:52:64:f3:e4:cd:0e:4d:48:ce:65:
08:f5:b3:4d:f7:b6:81:ff:07:be:37:a0:8e:3a:c0:e2:c6:37:
80:1b:79:bd
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgISAYc3FZddF7C31mNTVP83/g68MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MTcwM2RiMzAyMGNjMWVmMmZkNzEwOTFhNDY4ZjRhNjQ5
YzIzOGYwHhcNMjMwMzMxMDk1MjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjU5NGRhMThiOWE5NTI4YWVmNDBjNDJhODNhMGE1ZGY5YmU2YzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMzpUlij9N9NK2hV3GvDZ8j9nptY
IQnCbCtChJnEPSdnz1qz2244czCxJyaSe3dEmoie8m27fxYtIb9sjxbtO+XL5LSk
EFj1Eu5FH6f8b4IIOOkuq6Txm/GdL8RZOmKLqWyJZhjwPO+MRG/VWnB9gpliK2X6
74GkfoWqtIPXL+aKUp6JryQl20CG5LRQet5FSxAg4DvHv22hUDN4V/Vthp+Be21u
gdJpW0DdD/xp1I8j9OkEuchMSJiF7iOBbVSrtEdwj8CrIkgGZEPOVMVl40UbGTON
7q9Blis8GM8671qH2Osiv47L/Wu1tLk9UUVuM3CisEybiAdDQqseAvaZzwIDAQAB
o4ICqTCCAqUwHQYDVR0OBBYEFLZZTaGLmpUorvQMQqg6Cl35vmxlMB8GA1UdIwQY
MBaAFNQXA9swIMwe8v1xCRpGj0pknCOPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUJjRDJ6QWd6Qjd5X1hFSkdrYVBTbVNjSTQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ODU1NGItNGY5Ny00MDZjLTkwYTYt
NDhkMzFjNzVmMzFlLzEvdGxsTm9ZdWFsU2l1OUF4Q3FEb0tYZm0tYkdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ODU1NGItNGY5Ny00MDZjLTkwYTYtNDhkMzFjNzVmMzFl
LzEvMUJjRDJ6QWd6Qjd5X1hFSkdrYVBTbVNjSTQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG+BggrBgEFBQcBBwEB/wSBrjCBqzCBhAQCAAEwfgMEBQXI
AAMEBR/MgAMEAVvD6gMEAFvGmAMEAFvYzwMEAmiZVAMEBW3IwAMEA4qAiAMEApL3
TAMEAqL0NAMEAqL1zAMEArkpjAMEArkyaAMEArk0DAMEArmzyAMEArnFGAMEBbx6
QAMEAcEr2gMEAtQT4AMEBdWjQAMEBdWzwDAiBAIAAjAcAwUDKgAWMAMFAyoAHSAD
BQAqAZWAAwUDKgTGADANBgkqhkiG9w0BAQsFAAOCAQEAFqsQefMDjzrfzFhoj5/L
bnK58XEmZZTbONQ7IASOFTK4jzD8ZO7SQNnEYGFFIYCSYUdbbgKeEsZc+08SNjfS
wjmzJcYodXAjCApu5y8YSomzGgj2cyvn/HdRFZvxNeFjB0Fz/BNuzqyNncGlM4yI
cOEAP8zVuDLsAyQmlK6dR9fT+N6lfPCUdMYPg+QFiNBI/1cbR7RGWN12IsxaSfqm
b2awCKRCjS7lUqfDASKQ9knDdPi2SaSQSdsKDqaI7LTLuKUA/rMOcnzVIcoIVnmz
vxYQ4HkBgqbUM7RpmKCbhZtSZPPkzQ5NSM5lCPWzTfe2gf8HvjegjjrA4sY3gBt5
vQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:30 2023 by rpki-client on console.sobornost.net