Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/43d508-d19e-4f66-ae85-f805ab3a327e/1/TkyWlDOU7MJColFpR1dGeSvuvcA.roa
File: TkyWlDOU7MJColFpR1dGeSvuvcA.roa (raw, json)
Hash identifier: wFVULXcd9noN855Q0kf1G/K/q7VBpugFLNvd9JWQZMY=
Subject key identifier: 4E:4C:96:94:33:94:EC:C2:42:A2:51:69:47:57:46:79:2B:EE:BD:C0
Certificate issuer: /CN=97d9ef7bd30324dedf70bace4bbda5760c326b1a
Certificate serial: 01856FCBAB60C25F54BCE42121538C2DC636
Authority key identifier: 97:D9:EF:7B:D3:03:24:DE:DF:70:BA:CE:4B:BD:A5:76:0C:32:6B:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l9nve9MDJN7fcLrOS72ldgwyaxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/43d508-d19e-4f66-ae85-f805ab3a327e/1/TkyWlDOU7MJColFpR1dGeSvuvcA.roa
Signing time: Mon 02 Jan 2023 00:04:56 +0000
ROA not before: Mon 02 Jan 2023 00:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203637
IP address blocks: 185.127.190.0/24 maxlen: 24
185.127.189.0/24 maxlen: 24
185.127.188.0/24 maxlen: 24
185.127.191.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:ab:60:c2:5f:54:bc:e4:21:21:53:8c:2d:c6:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97d9ef7bd30324dedf70bace4bbda5760c326b1a
Validity
Not Before: Jan 2 00:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e4c96943394ecc242a25169475746792beebdc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b5:47:74:04:c1:86:4d:c5:5c:e3:a9:60:0e:
40:ca:bd:53:e8:a3:8c:c1:9e:27:2c:92:aa:2b:de:
6a:86:3f:1c:5d:5b:ed:e6:3a:86:61:77:72:15:2d:
95:49:c9:e8:91:8e:9c:2c:f0:fe:41:37:dd:c5:7a:
68:7e:b2:20:42:21:08:45:63:cb:f8:17:0c:d9:87:
52:85:02:36:3e:89:64:3e:5a:1a:84:a9:2f:6a:a5:
af:b2:10:2c:ae:21:9f:da:0e:36:11:10:7a:0d:3e:
7d:f8:c1:5c:f0:e2:e3:93:f9:95:fd:43:ea:cc:eb:
26:56:07:ad:35:56:9e:ce:4b:8c:ea:82:64:48:22:
dd:e8:d4:ab:8e:63:64:dc:65:f6:6f:da:09:6b:71:
50:a7:57:a2:62:9a:20:26:5d:c0:14:9b:15:23:e0:
1d:d3:30:15:47:5e:a6:da:fb:ef:e8:71:8a:3b:43:
d0:8f:37:3e:19:a0:07:d5:08:e0:14:39:f6:fb:c6:
78:08:6a:8f:c8:a7:14:cc:67:58:0b:b1:61:7b:d4:
64:2e:77:20:75:32:a9:63:93:43:59:87:d2:4c:ae:
b3:e5:bc:51:fe:17:a7:41:7f:c7:76:13:b0:17:dd:
68:0e:46:61:51:e1:82:d3:a8:94:40:10:5a:36:91:
58:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:4C:96:94:33:94:EC:C2:42:A2:51:69:47:57:46:79:2B:EE:BD:C0
X509v3 Authority Key Identifier:
keyid:97:D9:EF:7B:D3:03:24:DE:DF:70:BA:CE:4B:BD:A5:76:0C:32:6B:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l9nve9MDJN7fcLrOS72ldgwyaxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/43d508-d19e-4f66-ae85-f805ab3a327e/1/TkyWlDOU7MJColFpR1dGeSvuvcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/43d508-d19e-4f66-ae85-f805ab3a327e/1/l9nve9MDJN7fcLrOS72ldgwyaxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.127.188.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:b9:09:a4:d2:d6:6e:ba:e3:d1:8d:9a:f6:70:b3:6d:86:18:
12:ca:b1:f0:46:d5:fc:42:ea:ff:57:04:a5:af:ca:a3:85:10:
fa:d9:9f:99:ed:4d:4f:6a:c1:d0:a5:b2:9d:02:23:fb:84:12:
87:48:e0:51:d0:27:66:ff:cc:32:90:65:7c:90:85:c6:bc:5d:
79:df:4a:50:a1:f6:aa:ec:bf:c7:12:3b:48:77:8e:ac:ed:4b:
c3:d0:8f:96:77:a2:4a:9c:46:da:ae:37:31:93:d6:39:39:d3:
fe:92:51:dc:17:c0:30:88:07:e9:33:b8:18:8d:84:0f:e1:6e:
4d:66:ff:1d:17:f9:a5:41:5c:67:de:49:a0:8a:73:2e:85:43:
a3:77:46:54:91:4b:ab:63:01:a0:84:42:85:ff:a9:90:2a:ae:
fd:59:96:64:a8:73:41:ae:21:de:fe:f8:d4:68:ea:6e:22:6d:
c0:a3:81:8b:8c:4c:a4:63:71:6e:9e:37:8e:0a:64:2c:96:1e:
51:ca:37:b6:4e:a9:fc:ac:3b:a2:af:31:a7:68:d0:c1:07:4e:
b1:d5:27:13:a6:b4:8b:a7:8b:3f:53:06:be:ab:b5:ca:81:9f:
bd:9b:c7:63:e4:68:37:83:a7:5a:90:4d:9f:f0:11:42:1d:dd:
9f:cf:59:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvy6tgwl9UvOQhIVOMLcY2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ZDllZjdiZDMwMzI0ZGVkZjcwYmFjZTRiYmRhNTc2MGMz
MjZiMWEwHhcNMjMwMTAyMDAwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTRjOTY5NDMzOTRlY2MyNDJhMjUxNjk0NzU3NDY3OTJiZWViZGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7VHdATBhk3FXOOpYA5Ayr1T6KOM
wZ4nLJKqK95qhj8cXVvt5jqGYXdyFS2VScnokY6cLPD+QTfdxXpofrIgQiEIRWPL
+BcM2YdShQI2PolkPloahKkvaqWvshAsriGf2g42ERB6DT59+MFc8OLjk/mV/UPq
zOsmVgetNVaezkuM6oJkSCLd6NSrjmNk3GX2b9oJa3FQp1eiYpogJl3AFJsVI+Ad
0zAVR16m2vvv6HGKO0PQjzc+GaAH1QjgFDn2+8Z4CGqPyKcUzGdYC7Fhe9RkLncg
dTKpY5NDWYfSTK6z5bxR/henQX/HdhOwF91oDkZhUeGC06iUQBBaNpFYAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE5MlpQzlOzCQqJRaUdXRnkr7r3AMB8GA1UdIwQY
MBaAFJfZ73vTAyTe33C6zku9pXYMMmsaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDludmU5TURKTjdmY0xyT1M3MmxkZ3d5YXhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS80M2Q1MDgtZDE5ZS00ZjY2LWFlODUt
ZjgwNWFiM2EzMjdlLzEvVGt5V2xET1U3TUpDb2xGcFIxZEdlU3Z1dmNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS80M2Q1MDgtZDE5ZS00ZjY2LWFlODUtZjgwNWFiM2EzMjdl
LzEvbDludmU5TURKTjdmY0xyT1M3MmxkZ3d5YXhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuX+8MA0G
CSqGSIb3DQEBCwUAA4IBAQAruQmk0tZuuuPRjZr2cLNthhgSyrHwRtX8Qur/VwSl
r8qjhRD62Z+Z7U1PasHQpbKdAiP7hBKHSOBR0Cdm/8wykGV8kIXGvF1530pQofaq
7L/HEjtId46s7UvD0I+Wd6JKnEbarjcxk9Y5OdP+klHcF8AwiAfpM7gYjYQP4W5N
Zv8dF/mlQVxn3kmginMuhUOjd0ZUkUurYwGghEKF/6mQKq79WZZkqHNBriHe/vjU
aOpuIm3Ao4GLjEykY3FunjeOCmQslh5Ryje2Tqn8rDuirzGnaNDBB06x1ScTprSL
p4s/Uwa+q7XKgZ+9m8dj5Gg3g6dakE2f8BFCHd2fz1mH
-----END CERTIFICATE-----
Generated at Mon Jan 1 07:05:06 2024 by rpki-client on console.sobornost.net