Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/8a8487-931a-42fb-b664-c52df4aa521d/1/TzGxuagpSqQiqrlSkcb2QILqKLU.roa
File: TzGxuagpSqQiqrlSkcb2QILqKLU.roa (raw, json)
Hash identifier: 3L+Bimwpveca1nniO3cqC/kds+3UIUZ0xBAdT6O/9Fs=
Subject key identifier: 4F:31:B1:B9:A8:29:4A:A4:22:AA:B9:52:91:C6:F6:40:82:EA:28:B5
Certificate issuer: /CN=b55800300fa4017f970c95d767d812fd10d0dcbc
Certificate serial: 01856E6FCE01E5D2E62C35C21BE4E513DC97
Authority key identifier: B5:58:00:30:0F:A4:01:7F:97:0C:95:D7:67:D8:12:FD:10:D0:DC:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVgAMA-kAX-XDJXXZ9gS_RDQ3Lw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/8a8487-931a-42fb-b664-c52df4aa521d/1/TzGxuagpSqQiqrlSkcb2QILqKLU.roa
Signing time: Sun 01 Jan 2023 17:44:58 +0000
ROA not before: Sun 01 Jan 2023 17:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203
IP address blocks: 195.93.197.0/24 maxlen: 24
195.93.196.0/24 maxlen: 24
95.130.110.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:ce:01:e5:d2:e6:2c:35:c2:1b:e4:e5:13:dc:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b55800300fa4017f970c95d767d812fd10d0dcbc
Validity
Not Before: Jan 1 17:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f31b1b9a8294aa422aab95291c6f64082ea28b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:f9:9f:fe:9e:2d:fa:72:b1:fe:ae:c5:7d:66:
a5:13:38:90:4f:67:50:3e:35:63:3c:32:58:33:1a:
3f:b9:cd:a6:3d:82:9b:04:62:54:a3:7d:bd:8a:01:
4b:14:ea:55:24:fb:5a:14:04:c9:1e:44:50:fd:c3:
9c:6d:b2:e0:87:58:ff:30:cf:33:af:dd:be:ad:f6:
61:6b:35:2e:d0:93:0c:30:f6:ed:d0:ed:a0:d7:59:
9d:b6:b9:a1:f4:55:ce:9e:81:2a:04:cc:d7:19:95:
7e:f7:ca:b0:ef:bf:d4:99:46:be:a5:d3:96:ee:d5:
1d:62:4e:74:86:3f:36:35:90:ad:b3:63:d3:a1:1d:
e3:bc:44:26:c4:bf:a1:d0:f7:52:5c:42:42:21:22:
1a:e3:dc:e0:91:f9:e5:dd:18:dc:c4:e8:88:d0:ac:
42:43:33:b0:9a:5c:91:97:b4:aa:9f:09:a0:df:f2:
1d:19:6d:c6:c2:a5:a8:0f:a8:e1:19:73:c1:04:d4:
19:b7:7b:83:b7:22:3a:d7:c1:30:e7:32:df:94:85:
2e:11:a8:f5:d8:40:eb:af:4c:e5:ba:d2:a6:11:79:
5f:08:87:53:18:0d:d0:3c:0d:63:4e:8d:4e:ad:10:
b4:a7:36:4a:ff:89:82:df:5f:f0:b9:a5:16:7e:51:
55:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:31:B1:B9:A8:29:4A:A4:22:AA:B9:52:91:C6:F6:40:82:EA:28:B5
X509v3 Authority Key Identifier:
keyid:B5:58:00:30:0F:A4:01:7F:97:0C:95:D7:67:D8:12:FD:10:D0:DC:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVgAMA-kAX-XDJXXZ9gS_RDQ3Lw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/8a8487-931a-42fb-b664-c52df4aa521d/1/TzGxuagpSqQiqrlSkcb2QILqKLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/8a8487-931a-42fb-b664-c52df4aa521d/1/tVgAMA-kAX-XDJXXZ9gS_RDQ3Lw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.130.110.0/24
195.93.196.0/23
Signature Algorithm: sha256WithRSAEncryption
be:19:41:70:1b:20:c2:72:39:c8:13:35:19:f6:b0:9a:74:8c:
46:af:6c:8a:48:db:66:27:e4:b5:b8:ce:6e:c3:94:06:6e:f2:
96:02:01:19:fe:d8:df:48:93:39:79:f3:ee:b2:20:c7:3c:b2:
88:7d:77:a1:d4:21:29:f3:10:39:a6:1b:8d:7a:91:ef:5e:59:
6d:3b:dd:a9:74:bb:2f:39:c5:45:e1:bb:31:50:68:03:1e:bc:
a2:5f:1f:1a:ab:89:07:14:3d:98:05:4c:d6:b9:c5:44:71:db:
13:34:20:9c:37:ba:37:33:05:36:87:41:d4:93:a4:4b:a0:fe:
c2:f9:24:06:77:86:31:6b:8d:f6:8f:25:ba:7b:9a:a1:e0:48:
72:9a:48:e0:e9:26:a9:f1:ef:15:e8:75:a6:60:83:2d:1a:df:
f3:b2:48:2d:9e:55:99:29:14:24:a7:ed:11:97:8d:af:fa:d2:
59:e4:f0:81:88:ad:e8:2d:b7:c2:67:33:24:e3:9d:b8:8a:85:
88:a3:70:ca:f2:20:d3:d9:82:d5:15:58:7b:50:29:c5:7b:77:
e1:5f:a7:fb:83:d1:38:fd:23:a1:f0:53:8f:8d:61:2f:e8:2b:
ee:52:96:d4:9b:a4:a6:46:94:15:b5:2d:8f:74:58:99:e7:ac:
ae:44:2d:00
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVub84B5dLmLDXCG+TlE9yXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTgwMDMwMGZhNDAxN2Y5NzBjOTVkNzY3ZDgxMmZkMTBk
MGRjYmMwHhcNMjMwMTAxMTc0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjMxYjFiOWE4Mjk0YWE0MjJhYWI5NTI5MWM2ZjY0MDgyZWEyOGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvmf/p4t+nKx/q7FfWalEziQT2dQ
PjVjPDJYMxo/uc2mPYKbBGJUo329igFLFOpVJPtaFATJHkRQ/cOcbbLgh1j/MM8z
r92+rfZhazUu0JMMMPbt0O2g11mdtrmh9FXOnoEqBMzXGZV+98qw77/UmUa+pdOW
7tUdYk50hj82NZCts2PToR3jvEQmxL+h0PdSXEJCISIa49zgkfnl3RjcxOiI0KxC
QzOwmlyRl7Sqnwmg3/IdGW3GwqWoD6jhGXPBBNQZt3uDtyI618Ew5zLflIUuEaj1
2EDrr0zlutKmEXlfCIdTGA3QPA1jTo1OrRC0pzZK/4mC31/wuaUWflFVbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE8xsbmoKUqkIqq5UpHG9kCC6ii1MB8GA1UdIwQY
MBaAFLVYADAPpAF/lwyV12fYEv0Q0Ny8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZnQU1BLWtBWC1YREpYWFo5Z1NfUkRRM0x3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC84YTg0ODctOTMxYS00MmZiLWI2NjQt
YzUyZGY0YWE1MjFkLzEvVHpHeHVhZ3BTcVFpcXJsU2tjYjJRSUxxS0xVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC84YTg0ODctOTMxYS00MmZiLWI2NjQtYzUyZGY0YWE1MjFk
LzEvdFZnQU1BLWtBWC1YREpYWFo5Z1NfUkRRM0x3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAX4JuAwQB
w13EMA0GCSqGSIb3DQEBCwUAA4IBAQC+GUFwGyDCcjnIEzUZ9rCadIxGr2yKSNtm
J+S1uM5uw5QGbvKWAgEZ/tjfSJM5efPusiDHPLKIfXeh1CEp8xA5phuNepHvXllt
O92pdLsvOcVF4bsxUGgDHryiXx8aq4kHFD2YBUzWucVEcdsTNCCcN7o3MwU2h0HU
k6RLoP7C+SQGd4Yxa432jyW6e5qh4Ehymkjg6Sap8e8V6HWmYIMtGt/zskgtnlWZ
KRQkp+0Rl42v+tJZ5PCBiK3oLbfCZzMk4524ioWIo3DK8iDT2YLVFVh7UCnFe3fh
X6f7g9E4/SOh8FOPjWEv6CvuUpbUm6SmRpQVtS2PdFiZ56yuRC0A
-----END CERTIFICATE-----
Generated at Mon Jan 1 18:00:56 2024 by rpki-client on console.sobornost.net