Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/a214a5-4449-44af-87ff-c967c9db5752/1/TQRlARbWhW2AGuW5O9rrLOWPHJU.roa
File: TQRlARbWhW2AGuW5O9rrLOWPHJU.roa (raw, json)
Hash identifier: dXJvX0MJx+FCiRxI2n9sAedbOwWMbQr4qY3XF/D0dPs=
Subject key identifier: 4D:04:65:01:16:D6:85:6D:80:1A:E5:B9:3B:DA:EB:2C:E5:8F:1C:95
Certificate issuer: /CN=7bf39e6eb3131ecf3cddcd0c9e378c352da41fc2
Certificate serial: 0185727A1E080A8F5D017AFFC6A52E64A6C1
Authority key identifier: 7B:F3:9E:6E:B3:13:1E:CF:3C:DD:CD:0C:9E:37:8C:35:2D:A4:1F:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e_OebrMTHs883c0MnjeMNS2kH8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/a214a5-4449-44af-87ff-c967c9db5752/1/TQRlARbWhW2AGuW5O9rrLOWPHJU.roa
Signing time: Mon 02 Jan 2023 12:34:43 +0000
ROA not before: Mon 02 Jan 2023 12:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24843
IP address blocks: 193.57.130.0/24 maxlen: 24
193.57.131.0/24 maxlen: 24
193.57.129.0/24 maxlen: 24
193.57.128.0/24 maxlen: 24
185.108.35.0/24 maxlen: 24
2a02:c804::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:7a:1e:08:0a:8f:5d:01:7a:ff:c6:a5:2e:64:a6:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7bf39e6eb3131ecf3cddcd0c9e378c352da41fc2
Validity
Not Before: Jan 2 12:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d04650116d6856d801ae5b93bdaeb2ce58f1c95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:3f:09:f0:21:7f:e7:a6:4d:05:d7:4c:fa:8b:
ce:ab:2e:b7:11:15:a7:62:78:7a:a5:d1:af:39:cb:
dd:61:31:22:36:39:df:93:d7:ac:47:d3:be:23:fb:
57:56:55:35:4d:9a:01:cd:c5:e0:ab:78:46:86:07:
41:27:fb:ba:a8:3c:a3:80:04:99:78:7f:b1:1c:0e:
61:b5:2e:48:05:b9:e5:71:9c:4a:aa:1f:46:7a:0f:
73:34:d6:8a:90:4c:a1:f0:95:cf:b1:2e:74:ae:1a:
7e:24:f8:21:93:2d:a6:43:87:c8:b5:a9:06:3d:af:
03:20:2b:68:1c:17:8c:b0:03:c1:c0:9c:1e:f3:a4:
14:b8:3a:23:52:bf:1f:3b:e9:bd:9b:00:2c:62:ea:
a2:07:eb:97:14:d3:e7:5e:d7:2f:4f:81:1a:8e:b7:
6f:5f:5e:b1:59:54:37:c0:db:5e:59:d6:cc:7c:41:
a5:ac:31:87:86:92:c1:06:50:2a:e3:22:63:95:4d:
b1:0f:d9:52:b2:8b:65:55:38:7c:53:a2:0c:13:e4:
e0:75:ca:ce:da:a0:27:97:d5:c0:c9:f5:05:31:86:
11:88:de:34:98:bc:e2:1c:90:93:1b:5e:89:04:6c:
a0:b7:81:32:2f:80:39:6a:32:04:61:55:fb:e3:da:
e4:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:04:65:01:16:D6:85:6D:80:1A:E5:B9:3B:DA:EB:2C:E5:8F:1C:95
X509v3 Authority Key Identifier:
keyid:7B:F3:9E:6E:B3:13:1E:CF:3C:DD:CD:0C:9E:37:8C:35:2D:A4:1F:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e_OebrMTHs883c0MnjeMNS2kH8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/a214a5-4449-44af-87ff-c967c9db5752/1/TQRlARbWhW2AGuW5O9rrLOWPHJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/a214a5-4449-44af-87ff-c967c9db5752/1/e_OebrMTHs883c0MnjeMNS2kH8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.35.0/24
193.57.128.0/22
IPv6:
2a02:c804::/32
Signature Algorithm: sha256WithRSAEncryption
80:87:50:9b:ab:85:6c:75:e9:13:91:79:fc:39:0e:3a:22:8b:
2c:1f:aa:7e:a0:8d:76:2a:20:c4:89:f3:44:00:58:d9:b0:42:
fd:f3:b2:73:cb:4e:5c:37:c8:d2:2d:1c:18:de:7b:9e:e4:f1:
76:b1:ef:fd:eb:fb:1f:1b:8e:20:bf:1f:0e:c2:b3:f8:16:c4:
17:ef:cd:93:89:03:ce:76:cd:ba:92:14:66:6a:be:0e:e6:a9:
59:4f:3a:79:51:1e:40:97:40:53:86:4b:12:6b:23:b1:f8:a8:
30:8d:25:93:cc:00:f1:8e:eb:b4:65:2f:82:16:15:c5:a0:81:
a8:97:c0:70:22:be:b9:20:95:24:71:6a:ad:d8:62:a7:0c:15:
56:55:11:5a:cf:cc:14:f9:f9:27:40:a2:b2:51:f5:04:3f:4e:
f8:0d:9a:bf:74:48:37:e8:85:6e:af:61:cf:79:0b:62:b3:2b:
04:3a:94:aa:68:e9:fa:04:7d:b9:d0:2a:18:f1:9e:4b:09:18:
25:7c:8d:a9:9c:09:78:7a:ce:4b:94:ff:d4:e9:0f:57:3d:cb:
3a:72:90:64:09:af:3c:2a:b0:17:a6:64:fe:60:12:ff:5e:5a:
60:d6:14:bd:28:0a:a5:4e:de:b2:ad:cc:9c:68:ea:31:aa:27:
07:94:60:af
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVyeh4ICo9dAXr/xqUuZKbBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiZjM5ZTZlYjMxMzFlY2YzY2RkY2QwYzllMzc4YzM1MmRh
NDFmYzIwHhcNMjMwMTAyMTIzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDA0NjUwMTE2ZDY4NTZkODAxYWU1YjkzYmRhZWIyY2U1OGYxYzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAij8J8CF/56ZNBddM+ovOqy63ERWn
Ynh6pdGvOcvdYTEiNjnfk9esR9O+I/tXVlU1TZoBzcXgq3hGhgdBJ/u6qDyjgASZ
eH+xHA5htS5IBbnlcZxKqh9Geg9zNNaKkEyh8JXPsS50rhp+JPghky2mQ4fItakG
Pa8DICtoHBeMsAPBwJwe86QUuDojUr8fO+m9mwAsYuqiB+uXFNPnXtcvT4Eajrdv
X16xWVQ3wNteWdbMfEGlrDGHhpLBBlAq4yJjlU2xD9lSsotlVTh8U6IME+TgdcrO
2qAnl9XAyfUFMYYRiN40mLziHJCTG16JBGygt4EyL4A5ajIEYVX749rkPQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFE0EZQEW1oVtgBrluTva6yzljxyVMB8GA1UdIwQY
MBaAFHvznm6zEx7PPN3NDJ43jDUtpB/CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZV9PZWJyTVRIczg4M2MwTW5qZU1OUzJrSDhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9hMjE0YTUtNDQ0OS00NGFmLTg3ZmYt
Yzk2N2M5ZGI1NzUyLzEvVFFSbEFSYldoVzJBR3VXNU85cnJMT1dQSEpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9hMjE0YTUtNDQ0OS00NGFmLTg3ZmYtYzk2N2M5ZGI1NzUy
LzEvZV9PZWJyTVRIczg4M2MwTW5qZU1OUzJrSDhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuWwjAwQC
wTmAMA0EAgACMAcDBQAqAsgEMA0GCSqGSIb3DQEBCwUAA4IBAQCAh1Cbq4VsdekT
kXn8OQ46IossH6p+oI12KiDEifNEAFjZsEL987Jzy05cN8jSLRwY3nue5PF2se/9
6/sfG44gvx8OwrP4FsQX782TiQPOds26khRmar4O5qlZTzp5UR5Al0BThksSayOx
+KgwjSWTzADxjuu0ZS+CFhXFoIGol8BwIr65IJUkcWqt2GKnDBVWVRFaz8wU+fkn
QKKyUfUEP074DZq/dEg36IVur2HPeQtisysEOpSqaOn6BH250CoY8Z5LCRglfI2p
nAl4es5LlP/U6Q9XPcs6cpBkCa88KrAXpmT+YBL/Xlpg1hS9KAqlTt6yrcycaOox
qicHlGCv
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:14 2023 by rpki-client on console.sobornost.net