Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/19f229-a90f-42c4-980b-1550f2ac87b3/1/TWMB5AZHl4x07lziTC7co_IrRWc.roa
File: TWMB5AZHl4x07lziTC7co_IrRWc.roa (raw, json)
Hash identifier: xanJYsqJPMkb6lMIsaNe/MaQo36Q/DuPHNNa2Lg3ODc=
Subject key identifier: 4D:63:01:E4:06:47:97:8C:74:EE:5C:E2:4C:2E:DC:A3:F2:2B:45:67
Certificate issuer: /CN=a11f205979d2fbde95756a46a0f2739d7816d459
Certificate serial: 01856D13E58F8DD314D853BA5BC58C103274
Authority key identifier: A1:1F:20:59:79:D2:FB:DE:95:75:6A:46:A0:F2:73:9D:78:16:D4:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oR8gWXnS-96VdWpGoPJznXgW1Fk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/19f229-a90f-42c4-980b-1550f2ac87b3/1/TWMB5AZHl4x07lziTC7co_IrRWc.roa
Signing time: Sun 01 Jan 2023 11:24:58 +0000
ROA not before: Sun 01 Jan 2023 11:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60414
IP address blocks: 185.31.136.0/22 maxlen: 22
85.194.238.0/23 maxlen: 23
89.44.211.0/24 maxlen: 24
2a00:bbe0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:13:e5:8f:8d:d3:14:d8:53:ba:5b:c5:8c:10:32:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a11f205979d2fbde95756a46a0f2739d7816d459
Validity
Not Before: Jan 1 11:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d6301e40647978c74ee5ce24c2edca3f22b4567
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ac:09:2d:2d:96:28:e8:10:83:9d:ec:90:c8:
e3:09:c7:fe:48:9b:3a:f8:d7:e7:84:8b:0c:75:56:
a8:6f:14:71:8a:8a:6c:20:b5:10:63:58:84:5b:af:
fb:9b:96:cd:fd:4e:35:b3:c6:f0:42:e6:84:d1:b4:
27:8e:ae:80:24:e4:7e:d7:9e:9d:5a:dc:06:41:de:
80:4d:5c:d1:43:4c:6f:b0:9d:a9:cd:7d:01:26:3d:
57:de:6e:22:af:e5:3c:a6:9f:2c:db:5e:c2:84:7b:
fd:20:81:65:ac:67:15:d3:3c:94:c9:9a:b9:bc:36:
15:cc:9e:a6:e9:4d:eb:1a:24:87:f0:26:68:2d:5d:
1f:5b:fb:81:52:12:7c:dc:5b:cd:b9:17:76:92:46:
a4:da:91:19:14:90:e8:22:3d:da:7f:80:80:25:ee:
c3:22:de:1d:f8:e2:41:97:a9:1f:f3:d7:af:eb:34:
2e:4e:45:4e:b1:69:6d:91:75:59:c7:a6:d4:54:e5:
48:9d:e8:51:fb:d0:cf:2c:25:37:05:ca:30:aa:1d:
30:53:6f:7d:fd:6f:5c:9a:ac:51:ad:4c:e2:7b:c0:
89:6c:35:8a:ac:d2:fe:6d:21:50:d1:88:f1:fe:08:
ad:51:82:09:da:24:a5:e9:76:c6:4d:b8:e0:93:dc:
86:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:63:01:E4:06:47:97:8C:74:EE:5C:E2:4C:2E:DC:A3:F2:2B:45:67
X509v3 Authority Key Identifier:
keyid:A1:1F:20:59:79:D2:FB:DE:95:75:6A:46:A0:F2:73:9D:78:16:D4:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oR8gWXnS-96VdWpGoPJznXgW1Fk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/19f229-a90f-42c4-980b-1550f2ac87b3/1/TWMB5AZHl4x07lziTC7co_IrRWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/19f229-a90f-42c4-980b-1550f2ac87b3/1/oR8gWXnS-96VdWpGoPJznXgW1Fk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.194.238.0/23
89.44.211.0/24
185.31.136.0/22
IPv6:
2a00:bbe0::/29
Signature Algorithm: sha256WithRSAEncryption
12:a6:f6:e0:b9:02:0b:57:c4:2e:20:e9:82:08:6e:ee:c2:e2:
cb:ef:e0:89:24:b9:64:a1:ac:13:84:d6:6e:9e:4f:ab:bd:4c:
66:66:44:9b:c4:53:96:85:09:eb:53:cd:6e:35:00:77:4f:56:
7f:d1:4f:d2:8c:16:78:69:a0:c2:f1:68:dd:37:4b:a8:36:0e:
01:46:b3:03:ba:3c:7a:3b:6e:a5:17:7f:f8:fe:5a:fe:f6:80:
c5:9f:13:c4:64:cf:22:07:08:f5:b3:47:3f:24:24:44:4e:c3:
99:4c:e0:1a:82:25:9c:b7:52:e5:b0:b3:5d:ea:f2:18:aa:1a:
0a:24:9c:0d:ca:59:53:cb:a2:35:c4:87:6a:f1:c3:2b:c0:e4:
03:14:23:1c:e8:64:b9:7c:7e:5d:22:73:d3:c7:18:4f:ca:60:
9c:be:94:83:8b:60:d9:37:57:b9:23:fa:29:50:0e:74:b6:7d:
3e:b4:ef:76:db:f8:4d:e9:35:8e:a9:14:38:4e:6e:08:52:3a:
89:62:0c:94:74:e9:49:70:08:31:5b:a8:06:2d:7b:75:db:d9:
12:70:46:e7:e6:bf:bc:33:c2:2f:bf:0c:04:54:e6:31:c5:4d:
18:9d:1a:5d:18:f5:14:bf:2d:f8:db:69:b8:5f:7d:60:d2:1d:
e3:8f:a8:a1
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVtE+WPjdMU2FO6W8WMEDJ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMWYyMDU5NzlkMmZiZGU5NTc1NmE0NmEwZjI3MzlkNzgx
NmQ0NTkwHhcNMjMwMTAxMTEyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDYzMDFlNDA2NDc5NzhjNzRlZTVjZTI0YzJlZGNhM2YyMmI0NTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKwJLS2WKOgQg53skMjjCcf+SJs6
+NfnhIsMdVaobxRxiopsILUQY1iEW6/7m5bN/U41s8bwQuaE0bQnjq6AJOR+156d
WtwGQd6ATVzRQ0xvsJ2pzX0BJj1X3m4ir+U8pp8s217ChHv9IIFlrGcV0zyUyZq5
vDYVzJ6m6U3rGiSH8CZoLV0fW/uBUhJ83FvNuRd2kkak2pEZFJDoIj3af4CAJe7D
It4d+OJBl6kf89ev6zQuTkVOsWltkXVZx6bUVOVInehR+9DPLCU3Bcowqh0wU299
/W9cmqxRrUzie8CJbDWKrNL+bSFQ0Yjx/gitUYIJ2iSl6XbGTbjgk9yGcQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFE1jAeQGR5eMdO5c4kwu3KPyK0VnMB8GA1UdIwQY
MBaAFKEfIFl50vvelXVqRqDyc514FtRZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1I4Z1dYblMtOTZWZFdwR29QSnpuWGdXMUZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8xOWYyMjktYTkwZi00MmM0LTk4MGIt
MTU1MGYyYWM4N2IzLzEvVFdNQjVBWkhsNHgwN2x6aVRDN2NvX0lyUldjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8xOWYyMjktYTkwZi00MmM0LTk4MGItMTU1MGYyYWM4N2Iz
LzEvb1I4Z1dYblMtOTZWZFdwR29QSnpuWGdXMUZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBVcLuAwQA
WSzTAwQCuR+IMA0EAgACMAcDBQMqALvgMA0GCSqGSIb3DQEBCwUAA4IBAQASpvbg
uQILV8QuIOmCCG7uwuLL7+CJJLlkoawThNZunk+rvUxmZkSbxFOWhQnrU81uNQB3
T1Z/0U/SjBZ4aaDC8WjdN0uoNg4BRrMDujx6O26lF3/4/lr+9oDFnxPEZM8iBwj1
s0c/JCRETsOZTOAagiWct1LlsLNd6vIYqhoKJJwNyllTy6I1xIdq8cMrwOQDFCMc
6GS5fH5dInPTxxhPymCcvpSDi2DZN1e5I/opUA50tn0+tO922/hN6TWOqRQ4Tm4I
UjqJYgyUdOlJcAgxW6gGLXt129kScEbn5r+8M8IvvwwEVOYxxU0YnRpdGPUUvy34
22m4X31g0h3jj6ih
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:00:50 2024 by rpki-client on console.sobornost.net