Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/3e3483-1845-442d-a59a-dd72550d78ac/1/TTHS3waqRyT5H0q04P5yvUejoU8.roa
File: TTHS3waqRyT5H0q04P5yvUejoU8.roa (raw, json)
Hash identifier: e+PyiJwBJ8mRQQb+QDItHa9WFVN4B+9lPHLb4NVnQXA=
Subject key identifier: 4D:31:D2:DF:06:AA:47:24:F9:1F:4A:B4:E0:FE:72:BD:47:A3:A1:4F
Certificate issuer: /CN=cd01cda0302b813eb145579ad81f5ed7d29c0209
Certificate serial: 01856DDD1B0F720DB965A6DEDA6F04A76A90
Authority key identifier: CD:01:CD:A0:30:2B:81:3E:B1:45:57:9A:D8:1F:5E:D7:D2:9C:02:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zQHNoDArgT6xRVea2B9e19KcAgk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/3e3483-1845-442d-a59a-dd72550d78ac/1/TTHS3waqRyT5H0q04P5yvUejoU8.roa
Signing time: Sun 01 Jan 2023 15:04:44 +0000
ROA not before: Sun 01 Jan 2023 15:04:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57124
IP address blocks: 185.117.76.0/22 maxlen: 22
141.105.144.0/21 maxlen: 21
2a01:8980::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:1b:0f:72:0d:b9:65:a6:de:da:6f:04:a7:6a:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd01cda0302b813eb145579ad81f5ed7d29c0209
Validity
Not Before: Jan 1 15:04:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d31d2df06aa4724f91f4ab4e0fe72bd47a3a14f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:16:f6:8f:1c:e9:bc:f5:8d:7f:80:2a:24:5b:
8e:97:be:df:27:2d:57:bd:10:07:3b:50:af:69:be:
31:71:e1:49:b8:e1:45:3f:5c:3a:12:2a:5d:0f:c2:
bc:0c:21:8c:0e:9f:84:39:4f:fa:62:58:a9:20:c1:
54:e8:d5:da:c7:de:6b:ac:de:66:46:24:c0:e3:dc:
bf:83:f3:97:d3:98:a2:cd:f9:e3:f1:58:27:c4:39:
52:03:ff:7e:93:46:40:18:60:4b:cd:4e:3c:3c:d7:
12:9c:b7:c2:b9:de:e3:46:79:b5:f9:96:b8:95:7c:
ba:de:48:22:30:b0:bb:9b:68:8a:03:23:5e:a4:d0:
a6:3c:e5:1b:2f:3b:06:f9:f2:45:bf:ea:b9:1b:e8:
09:3b:c1:4c:e3:13:29:c6:56:05:87:a0:5d:43:d7:
d3:57:e9:51:19:30:6a:a1:0d:6d:95:6a:f6:d2:b7:
b2:7b:a0:30:f7:b2:de:1f:ff:5c:ae:c0:50:78:7d:
7d:eb:f2:0e:61:fb:50:8d:b6:94:55:4f:43:87:62:
8f:5c:9f:30:88:87:78:1e:c8:05:68:ba:26:e4:fe:
56:31:d5:2a:51:92:fd:88:f1:3a:a3:8c:08:8e:8d:
29:7d:19:f5:01:5e:f1:62:7a:b6:1e:f8:06:c9:7f:
6f:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:31:D2:DF:06:AA:47:24:F9:1F:4A:B4:E0:FE:72:BD:47:A3:A1:4F
X509v3 Authority Key Identifier:
keyid:CD:01:CD:A0:30:2B:81:3E:B1:45:57:9A:D8:1F:5E:D7:D2:9C:02:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zQHNoDArgT6xRVea2B9e19KcAgk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/3e3483-1845-442d-a59a-dd72550d78ac/1/TTHS3waqRyT5H0q04P5yvUejoU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/3e3483-1845-442d-a59a-dd72550d78ac/1/zQHNoDArgT6xRVea2B9e19KcAgk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.105.144.0/21
185.117.76.0/22
IPv6:
2a01:8980::/32
Signature Algorithm: sha256WithRSAEncryption
51:fc:bf:f9:fb:d3:87:3e:42:0b:c8:36:ef:26:99:e7:4a:a7:
d9:30:77:22:83:8a:80:a9:56:27:ff:a1:3b:dc:a6:8f:8b:01:
b3:98:d5:06:a2:32:a3:9f:3c:68:c5:df:82:91:10:e2:70:c7:
1c:16:3e:1b:7b:3a:eb:96:c3:c1:c7:f3:1d:57:12:04:5e:10:
b0:a7:dd:e5:ee:f6:ca:28:33:37:b0:12:44:e3:9b:fe:9c:19:
05:fd:0f:a2:84:88:bd:5b:5e:bd:d9:a4:ce:1e:9b:a8:1b:c0:
96:cd:df:9d:a8:5d:db:b1:59:0d:3d:64:bc:a4:66:b7:20:89:
69:e1:93:f2:a4:96:ba:ee:4c:cd:a4:0d:0e:e4:fd:3e:7b:fe:
ce:14:a6:8a:b7:cd:44:6a:1d:bc:97:1d:e4:50:23:bb:69:a4:
19:3c:c8:0b:43:2c:fb:21:97:74:80:04:49:e3:0c:ae:0e:38:
11:6e:5c:d5:42:56:7e:59:f9:11:48:21:be:9c:f4:64:a2:80:
2a:2b:c1:b9:39:96:8f:cf:ef:83:44:9d:2e:17:8d:30:68:fd:
cc:88:2e:c7:8b:69:06:12:b1:de:6f:03:16:1c:33:11:a7:b6:
eb:8c:c6:1e:57:4c:cf:52:e7:fa:e5:26:2b:5a:7a:cf:48:ec:
dc:57:5c:10
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVt3RsPcg25Zabe2m8Ep2qQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMDFjZGEwMzAyYjgxM2ViMTQ1NTc5YWQ4MWY1ZWQ3ZDI5
YzAyMDkwHhcNMjMwMTAxMTUwNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDMxZDJkZjA2YWE0NzI0ZjkxZjRhYjRlMGZlNzJiZDQ3YTNhMTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRb2jxzpvPWNf4AqJFuOl77fJy1X
vRAHO1Cvab4xceFJuOFFP1w6EipdD8K8DCGMDp+EOU/6YlipIMFU6NXax95rrN5m
RiTA49y/g/OX05iizfnj8VgnxDlSA/9+k0ZAGGBLzU48PNcSnLfCud7jRnm1+Za4
lXy63kgiMLC7m2iKAyNepNCmPOUbLzsG+fJFv+q5G+gJO8FM4xMpxlYFh6BdQ9fT
V+lRGTBqoQ1tlWr20reye6Aw97LeH/9crsBQeH196/IOYftQjbaUVU9Dh2KPXJ8w
iId4HsgFaLom5P5WMdUqUZL9iPE6o4wIjo0pfRn1AV7xYnq2HvgGyX9vXwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFE0x0t8Gqkck+R9KtOD+cr1Ho6FPMB8GA1UdIwQY
MBaAFM0BzaAwK4E+sUVXmtgfXtfSnAIJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelFITm9EQXJnVDZ4UlZlYTJCOWUxOUtjQWdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8zZTM0ODMtMTg0NS00NDJkLWE1OWEt
ZGQ3MjU1MGQ3OGFjLzEvVFRIUzN3YXFSeVQ1SDBxMDRQNXl2VWVqb1U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8zZTM0ODMtMTg0NS00NDJkLWE1OWEtZGQ3MjU1MGQ3OGFj
LzEvelFITm9EQXJnVDZ4UlZlYTJCOWUxOUtjQWdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDjWmQAwQC
uXVMMA0EAgACMAcDBQAqAYmAMA0GCSqGSIb3DQEBCwUAA4IBAQBR/L/5+9OHPkIL
yDbvJpnnSqfZMHcig4qAqVYn/6E73KaPiwGzmNUGojKjnzxoxd+CkRDicMccFj4b
ezrrlsPBx/MdVxIEXhCwp93l7vbKKDM3sBJE45v+nBkF/Q+ihIi9W1692aTOHpuo
G8CWzd+dqF3bsVkNPWS8pGa3IIlp4ZPypJa67kzNpA0O5P0+e/7OFKaKt81Eah28
lx3kUCO7aaQZPMgLQyz7IZd0gARJ4wyuDjgRblzVQlZ+WfkRSCG+nPRkooAqK8G5
OZaPz++DRJ0uF40waP3MiC7Hi2kGErHebwMWHDMRp7brjMYeV0zPUuf65SYrWnrP
SOzcV1wQ
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:00:55 2024 by rpki-client on console.sobornost.net