Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/TFisoFebTZXg4Ae8kxUaYXrrMJg.roa
File: TFisoFebTZXg4Ae8kxUaYXrrMJg.roa (raw, json)
Hash identifier: m/+Pr2m28S+zFMcUeBio3pYGDkW70eJC7+r8VXJ2rco=
Subject key identifier: 4C:58:AC:A0:57:9B:4D:95:E0:E0:07:BC:93:15:1A:61:7A:EB:30:98
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 0189191423FE8F2E99274AC1C4E871CC1A57
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/TFisoFebTZXg4Ae8kxUaYXrrMJg.roa
Signing time: Mon 03 Jul 2023 00:08:17 +0000
ROA not before: Mon 03 Jul 2023 00:08:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23470
IP address blocks: 107.161.166.0/24 maxlen: 24
107.161.165.0/24 maxlen: 24
107.161.164.0/24 maxlen: 24
107.161.163.0/24 maxlen: 24
107.161.167.0/24 maxlen: 24
107.161.172.0/24 maxlen: 24
107.161.173.0/24 maxlen: 24
2a07:9944:40::/48 maxlen: 48
2a07:9945:45::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:19:14:23:fe:8f:2e:99:27:4a:c1:c4:e8:71:cc:1a:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jul 3 00:08:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c58aca0579b4d95e0e007bc93151a617aeb3098
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:64:4f:79:59:0c:5f:85:14:76:a9:51:2b:19:
b4:b5:89:6b:d7:77:b1:28:84:dd:58:84:8e:9f:95:
02:27:bb:42:8d:84:0b:0e:c2:a2:4b:33:23:c9:4e:
23:16:c6:3a:19:b6:f1:68:a0:0b:b9:40:45:e5:24:
65:c7:c5:9d:f7:4b:9e:79:f4:44:5e:5c:9a:2d:98:
32:1b:ff:57:d8:a0:de:74:16:d5:05:36:72:66:f3:
c1:4f:64:c6:b7:a1:a6:55:e5:39:02:38:4a:af:78:
32:97:13:b4:cf:b4:14:47:27:8d:a1:15:ab:a1:eb:
e1:e1:89:f7:db:dc:71:7f:29:ca:c6:47:f8:9b:33:
1c:b1:1b:e0:71:9f:2a:da:52:01:13:59:49:96:94:
e0:5a:08:78:f9:0b:b9:14:44:e5:08:4f:00:e5:ba:
b1:7e:dc:bb:a4:b6:51:a4:d9:76:2b:48:2d:fb:f5:
f4:6f:59:8a:08:45:ca:d5:b2:21:2e:5d:ed:20:f0:
15:ee:54:e9:8b:b2:e7:7f:0b:50:4a:85:1d:5c:9c:
3c:fa:0f:cb:26:22:1a:bc:bb:87:06:67:8e:df:67:
9e:e2:24:e6:c5:f6:d2:52:89:6d:50:60:e1:3a:84:
a3:3c:20:19:38:bf:47:2b:a9:27:20:17:56:8e:21:
99:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:58:AC:A0:57:9B:4D:95:E0:E0:07:BC:93:15:1A:61:7A:EB:30:98
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/TFisoFebTZXg4Ae8kxUaYXrrMJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
107.161.163.0-107.161.167.255
107.161.172.0/23
IPv6:
2a07:9944:40::/48
2a07:9945:45::/48
Signature Algorithm: sha256WithRSAEncryption
4e:87:5d:eb:fa:85:00:a3:ed:f8:50:92:af:99:49:76:d7:20:
26:1d:12:83:fb:e0:b6:66:bc:d1:b4:2d:b8:8f:74:25:47:da:
13:3b:4a:8d:38:29:a0:9a:ee:fe:bb:87:45:ad:b0:19:17:a7:
65:9d:a5:e6:d2:43:95:c8:0f:13:7e:78:20:ef:2d:c0:b2:c9:
56:69:8a:56:3d:d0:46:dc:9c:80:68:73:86:bb:09:3f:72:9e:
cf:b0:5c:b4:6c:98:0f:f4:af:bb:12:1d:bd:f5:60:72:d0:79:
be:5e:43:ec:14:6c:9c:b8:56:48:e6:a6:09:e2:ae:ad:1d:e4:
b9:c7:a1:c5:6a:9e:c5:af:8a:2c:a8:2a:77:19:46:af:fc:d8:
31:90:66:d7:06:0b:27:c5:f3:9e:8f:8d:f3:a3:e8:d2:7e:0d:
64:75:8a:17:5b:e5:51:c3:13:49:07:09:99:a7:b0:18:f1:93:
da:2a:d1:4c:68:17:8f:7b:89:2d:0a:18:5e:aa:79:e4:ec:30:
1b:f4:40:33:51:ef:85:48:28:33:01:07:18:66:8e:eb:ae:c6:
23:34:6f:e5:f5:99:13:cb:39:10:0d:e8:52:c6:72:40:ef:37:
73:1f:e8:cc:c7:0f:a2:e7:04:cb:64:62:ac:45:4b:b7:52:17:
46:89:f3:68
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYkZFCP+jy6ZJ0rBxOhxzBpXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjMwNzAzMDAwODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzU4YWNhMDU3OWI0ZDk1ZTBlMDA3YmM5MzE1MWE2MTdhZWIzMDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmRPeVkMX4UUdqlRKxm0tYlr13ex
KITdWISOn5UCJ7tCjYQLDsKiSzMjyU4jFsY6GbbxaKALuUBF5SRlx8Wd90ueefRE
XlyaLZgyG/9X2KDedBbVBTZyZvPBT2TGt6GmVeU5AjhKr3gylxO0z7QURyeNoRWr
oevh4Yn329xxfynKxkf4mzMcsRvgcZ8q2lIBE1lJlpTgWgh4+Qu5FETlCE8A5bqx
fty7pLZRpNl2K0gt+/X0b1mKCEXK1bIhLl3tIPAV7lTpi7LnfwtQSoUdXJw8+g/L
JiIavLuHBmeO32ee4iTmxfbSUoltUGDhOoSjPCAZOL9HK6knIBdWjiGZIQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFExYrKBXm02V4OAHvJMVGmF66zCYMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvVEZpc29GZWJUWlhnNEFlOGt4VWFZWHJyTUpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAaBAIAATAUMAwDBABroaMD
BANroaADBAFroawwGAQCAAIwEgMHACoHmUQAQAMHACoHmUUARTANBgkqhkiG9w0B
AQsFAAOCAQEATodd6/qFAKPt+FCSr5lJdtcgJh0Sg/vgtma80bQtuI90JUfaEztK
jTgpoJru/ruHRa2wGRenZZ2l5tJDlcgPE354IO8twLLJVmmKVj3QRtycgGhzhrsJ
P3Kez7BctGyYD/SvuxIdvfVgctB5vl5D7BRsnLhWSOamCeKurR3kucehxWqexa+K
LKgqdxlGr/zYMZBm1wYLJ8Xzno+N86Po0n4NZHWKF1vlUcMTSQcJmaewGPGT2irR
TGgXj3uJLQoYXqp55OwwG/RAM1HvhUgoMwEHGGaO667GIzRv5fWZE8s5EA3oUsZy
QO83cx/ozMcPoucEy2RirEVLt1IXRonzaA==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:02 2023 by rpki-client on console.sobornost.net