Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/4591a9-56c6-40de-a124-45f61f871427/1/TI9hyf-nfT0PLORyalFJImmKxPI.roa
File: TI9hyf-nfT0PLORyalFJImmKxPI.roa (raw, json)
Hash identifier: l0cAc6Sw0V2FgnbKQUAx7CZAVKZexGOYBgiR7ApbIW8=
Subject key identifier: 4C:8F:61:C9:FF:A7:7D:3D:0F:2C:E4:72:6A:51:49:22:69:8A:C4:F2
Certificate issuer: /CN=4f412cd26994faf609bdad4e35d576c2cae46555
Certificate serial: 01856DCAC4252122FA1133EAFB17190A6E9C
Authority key identifier: 4F:41:2C:D2:69:94:FA:F6:09:BD:AD:4E:35:D5:76:C2:CA:E4:65:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T0Es0mmU-vYJva1ONdV2wsrkZVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/4591a9-56c6-40de-a124-45f61f871427/1/TI9hyf-nfT0PLORyalFJImmKxPI.roa
Signing time: Sun 01 Jan 2023 14:44:43 +0000
ROA not before: Sun 01 Jan 2023 14:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201688
IP address blocks: 185.67.32.0/22 maxlen: 24
2a03:23e0::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:c4:25:21:22:fa:11:33:ea:fb:17:19:0a:6e:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f412cd26994faf609bdad4e35d576c2cae46555
Validity
Not Before: Jan 1 14:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c8f61c9ffa77d3d0f2ce4726a514922698ac4f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:0e:ef:16:fc:01:9d:75:e9:8a:13:49:1a:24:
0c:8a:86:b3:ef:41:bd:0b:a7:0e:4f:f5:b9:a7:36:
01:69:31:f4:f4:f7:7e:a6:f6:d1:8a:78:e2:07:6e:
83:60:3d:b3:3e:c5:b2:8e:e6:06:42:4b:83:22:fa:
ad:f3:ed:b4:8b:75:a2:17:e6:f7:e9:ba:8d:7a:41:
b0:95:30:29:ea:0d:35:f3:ef:1b:d7:a0:55:ef:a3:
14:95:c7:5a:6f:34:4a:7c:14:8d:55:7d:3f:81:46:
30:e0:ee:f0:9d:6e:0e:eb:1c:09:34:46:92:92:c8:
94:2b:42:69:2b:a1:f2:16:4e:e2:b2:a4:29:29:c6:
08:97:c8:bd:7e:79:d3:07:4d:7f:53:5f:e6:c3:5d:
90:26:3b:d8:dd:f0:46:a6:3f:a2:39:fe:60:8f:a3:
24:3b:e5:b3:c1:07:fe:87:1a:f3:1b:48:e0:a8:0f:
04:7b:af:df:cc:0a:7a:2b:d3:ec:f5:50:f1:a9:48:
4f:78:cf:0b:07:05:b3:33:d6:3b:82:72:5c:49:d0:
81:b3:e1:7e:70:9c:03:d7:05:d3:b8:31:4c:ab:a7:
89:dd:b8:5a:3b:15:bb:f6:d2:f7:29:c9:37:e6:d3:
9e:4e:a9:88:c5:f2:2b:a7:14:63:61:58:c6:a6:bd:
61:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:8F:61:C9:FF:A7:7D:3D:0F:2C:E4:72:6A:51:49:22:69:8A:C4:F2
X509v3 Authority Key Identifier:
keyid:4F:41:2C:D2:69:94:FA:F6:09:BD:AD:4E:35:D5:76:C2:CA:E4:65:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T0Es0mmU-vYJva1ONdV2wsrkZVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/4591a9-56c6-40de-a124-45f61f871427/1/TI9hyf-nfT0PLORyalFJImmKxPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/4591a9-56c6-40de-a124-45f61f871427/1/T0Es0mmU-vYJva1ONdV2wsrkZVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.32.0/22
IPv6:
2a03:23e0::/32
Signature Algorithm: sha256WithRSAEncryption
29:12:6d:7d:36:e0:60:9a:3a:12:c8:88:68:bb:e1:c0:2d:fb:
c6:4f:bf:1d:09:5e:02:77:91:ed:1a:de:72:6b:19:5e:73:63:
3d:07:fc:2a:e9:07:b3:0c:8b:f3:35:57:ca:c4:f4:0c:4b:a8:
93:2c:32:46:d4:49:02:2b:11:70:95:b5:63:1d:2c:37:69:7e:
08:4d:82:09:1a:25:9f:a1:0a:df:62:9e:94:25:6e:43:66:b2:
f2:d6:7f:24:b1:bb:2c:bd:8d:9a:98:d9:50:f7:69:5a:89:43:
07:8f:10:36:0d:b9:8f:ae:b6:19:6f:be:aa:e8:72:74:f6:82:
f9:a1:3b:ef:33:b2:99:74:0e:2e:42:ac:c9:dd:0f:ed:24:c0:
7e:e0:45:dd:6a:cf:4b:a8:24:a7:f2:8b:39:df:f9:9a:96:c2:
bf:3c:cd:d2:e0:0b:b2:d2:56:b2:09:fd:f1:e7:e8:cb:2a:c5:
29:50:27:0d:93:ed:b1:95:16:cd:bc:07:8b:46:70:c6:ab:43:
c6:69:e7:ac:b5:a4:27:cd:a6:9e:d0:df:d8:c0:f2:04:79:11:
62:8f:c5:4c:94:55:3a:c8:81:3c:16:35:06:88:e4:1c:5c:9d:
44:1e:fe:48:ae:d7:a7:57:18:4c:55:56:e6:0a:84:79:81:57:
ff:ca:c4:17
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtysQlISL6ETPq+xcZCm6cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmNDEyY2QyNjk5NGZhZjYwOWJkYWQ0ZTM1ZDU3NmMyY2Fl
NDY1NTUwHhcNMjMwMTAxMTQ0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzhmNjFjOWZmYTc3ZDNkMGYyY2U0NzI2YTUxNDkyMjY5OGFjNGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlw7vFvwBnXXpihNJGiQMioaz70G9
C6cOT/W5pzYBaTH09Pd+pvbRinjiB26DYD2zPsWyjuYGQkuDIvqt8+20i3WiF+b3
6bqNekGwlTAp6g018+8b16BV76MUlcdabzRKfBSNVX0/gUYw4O7wnW4O6xwJNEaS
ksiUK0JpK6HyFk7isqQpKcYIl8i9fnnTB01/U1/mw12QJjvY3fBGpj+iOf5gj6Mk
O+WzwQf+hxrzG0jgqA8Ee6/fzAp6K9Ps9VDxqUhPeM8LBwWzM9Y7gnJcSdCBs+F+
cJwD1wXTuDFMq6eJ3bhaOxW79tL3Kck35tOeTqmIxfIrpxRjYVjGpr1hyQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEyPYcn/p309DyzkcmpRSSJpisTyMB8GA1UdIwQY
MBaAFE9BLNJplPr2Cb2tTjXVdsLK5GVVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDBFczBtbVUtdllKdmExT05kVjJ3c3JrWlZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS80NTkxYTktNTZjNi00MGRlLWExMjQt
NDVmNjFmODcxNDI3LzEvVEk5aHlmLW5mVDBQTE9SeWFsRkpJbW1LeFBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS80NTkxYTktNTZjNi00MGRlLWExMjQtNDVmNjFmODcxNDI3
LzEvVDBFczBtbVUtdllKdmExT05kVjJ3c3JrWlZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUMgMA0E
AgACMAcDBQAqAyPgMA0GCSqGSIb3DQEBCwUAA4IBAQApEm19NuBgmjoSyIhou+HA
LfvGT78dCV4Cd5HtGt5yaxlec2M9B/wq6QezDIvzNVfKxPQMS6iTLDJG1EkCKxFw
lbVjHSw3aX4ITYIJGiWfoQrfYp6UJW5DZrLy1n8ksbssvY2amNlQ92laiUMHjxA2
DbmPrrYZb76q6HJ09oL5oTvvM7KZdA4uQqzJ3Q/tJMB+4EXdas9LqCSn8os53/ma
lsK/PM3S4Auy0layCf3x5+jLKsUpUCcNk+2xlRbNvAeLRnDGq0PGaeestaQnzaae
0N/YwPIEeRFij8VMlFU6yIE8FjUGiOQcXJ1EHv5IrtenVxhMVVbmCoR5gVf/ysQX
-----END CERTIFICATE-----
Generated at Tue Jan 2 05:01:06 2024 by rpki-client on console.sobornost.net