Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726b60-8aa7-461f-9cd9-7ccbb45dca51/1/TlyNFdtQW8KCp2qsehcNoD17h3s.roa
File: TlyNFdtQW8KCp2qsehcNoD17h3s.roa (raw, json)
Hash identifier: Ib22jCluRF1hNo4/z/fECeEXmMklEjBvhUvmNrk8ues=
Subject key identifier: 4E:5C:8D:15:DB:50:5B:C2:82:A7:6A:AC:7A:17:0D:A0:3D:7B:87:7B
Certificate issuer: /CN=8466a5dde27f911da8be73c261ff55b5881198a9
Certificate serial: 01857014F9142968AB5D4084519AEC14C696
Authority key identifier: 84:66:A5:DD:E2:7F:91:1D:A8:BE:73:C2:61:FF:55:B5:88:11:98:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hGal3eJ_kR2ovnPCYf9VtYgRmKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726b60-8aa7-461f-9cd9-7ccbb45dca51/1/TlyNFdtQW8KCp2qsehcNoD17h3s.roa
Signing time: Mon 02 Jan 2023 01:25:00 +0000
ROA not before: Mon 02 Jan 2023 01:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205945
IP address blocks: 185.201.92.0/22 maxlen: 25
185.201.92.0/24 maxlen: 24
185.201.92.0/25 maxlen: 25
185.201.92.128/25 maxlen: 25
185.201.93.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:14:f9:14:29:68:ab:5d:40:84:51:9a:ec:14:c6:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8466a5dde27f911da8be73c261ff55b5881198a9
Validity
Not Before: Jan 2 01:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e5c8d15db505bc282a76aac7a170da03d7b877b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:b3:27:a7:5b:c8:de:37:f8:75:fb:aa:ed:b8:
78:b5:73:21:3d:0a:eb:42:b2:b7:28:a1:67:88:4a:
81:bd:75:b9:33:a6:60:74:66:f0:f1:c1:14:4f:cf:
d5:ad:71:a3:17:4c:62:a5:e5:fc:45:57:a0:ee:95:
0a:27:60:e4:8c:e1:dc:37:8d:fe:94:2a:2f:2b:da:
50:3d:db:17:a6:51:b0:21:f1:0b:fd:a9:67:c6:a7:
44:dc:20:bf:3e:e4:50:9d:be:a0:e3:0c:be:62:bc:
d3:82:33:b7:77:d6:af:6a:10:d9:d6:29:c7:cf:cd:
ee:ad:2b:eb:51:db:c7:d0:f1:48:5a:58:a4:e1:46:
57:32:86:8a:33:c7:54:d8:1e:02:b9:48:05:51:cf:
d8:7f:6b:5f:f5:f3:3b:e7:5f:e1:05:9a:8e:b0:ef:
2e:a3:bb:54:ea:9a:a9:c4:a9:23:21:26:e4:63:53:
04:e2:30:4a:a2:41:de:0f:b7:47:2c:80:dc:64:af:
81:bf:3e:40:84:29:d1:61:5d:3b:9f:ad:cf:b1:9c:
84:a1:f4:f8:9f:92:72:61:36:43:a9:6c:dc:0e:f0:
59:e9:ea:3e:70:6a:fe:0e:be:92:a5:ed:f3:9d:42:
fe:75:33:45:27:a1:ba:f9:e6:11:96:37:41:be:be:
00:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:5C:8D:15:DB:50:5B:C2:82:A7:6A:AC:7A:17:0D:A0:3D:7B:87:7B
X509v3 Authority Key Identifier:
keyid:84:66:A5:DD:E2:7F:91:1D:A8:BE:73:C2:61:FF:55:B5:88:11:98:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hGal3eJ_kR2ovnPCYf9VtYgRmKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726b60-8aa7-461f-9cd9-7ccbb45dca51/1/TlyNFdtQW8KCp2qsehcNoD17h3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726b60-8aa7-461f-9cd9-7ccbb45dca51/1/hGal3eJ_kR2ovnPCYf9VtYgRmKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.92.0/22
Signature Algorithm: sha256WithRSAEncryption
48:8c:9f:89:b9:38:f5:37:6f:f9:16:d3:45:5b:2b:2e:30:50:
da:d7:a5:96:58:ca:3d:ff:87:fc:49:45:63:55:49:af:2b:27:
c6:2f:23:bc:a5:65:46:22:1e:c2:d9:e7:d4:92:09:4a:77:87:
eb:f8:f0:32:51:f9:ed:23:c4:e0:0c:d8:25:87:f5:11:ac:12:
32:02:e8:6b:24:f5:60:26:bb:56:83:d2:56:84:d3:9c:03:9c:
cc:75:e8:43:02:45:8e:41:2c:f2:c6:0c:87:36:46:13:20:8e:
ae:47:26:0d:ef:7f:d9:d8:3b:9d:88:64:7f:6a:61:00:26:31:
9d:9d:66:c1:5e:6b:1d:1e:10:db:45:df:3c:c4:8f:f8:5e:44:
de:27:09:09:bd:e6:a9:31:7e:84:8e:48:6e:83:5a:d2:d0:a8:
7b:0c:22:58:02:d7:3c:61:37:ee:9a:35:88:d3:0a:4f:62:10:
08:70:90:ac:8e:96:b9:18:23:6d:01:a2:eb:d1:10:fd:b8:8d:
ae:5d:56:6d:dc:db:cc:93:f0:c8:ca:45:30:62:91:80:e1:f6:
a6:d0:5a:97:4f:b7:58:8e:d8:96:15:ae:73:9f:b6:4b:4c:bd:
36:96:9d:b7:f0:6a:6d:72:a5:cb:ff:ff:3f:f8:f7:31:2c:70:
22:00:0d:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwFPkUKWirXUCEUZrsFMaWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NjZhNWRkZTI3ZjkxMWRhOGJlNzNjMjYxZmY1NWI1ODgx
MTk4YTkwHhcNMjMwMTAyMDEyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTVjOGQxNWRiNTA1YmMyODJhNzZhYWM3YTE3MGRhMDNkN2I4NzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8rMnp1vI3jf4dfuq7bh4tXMhPQrr
QrK3KKFniEqBvXW5M6ZgdGbw8cEUT8/VrXGjF0xipeX8RVeg7pUKJ2DkjOHcN43+
lCovK9pQPdsXplGwIfEL/alnxqdE3CC/PuRQnb6g4wy+YrzTgjO3d9avahDZ1inH
z83urSvrUdvH0PFIWlik4UZXMoaKM8dU2B4CuUgFUc/Yf2tf9fM751/hBZqOsO8u
o7tU6pqpxKkjISbkY1ME4jBKokHeD7dHLIDcZK+Bvz5AhCnRYV07n63PsZyEofT4
n5JyYTZDqWzcDvBZ6eo+cGr+Dr6Spe3znUL+dTNFJ6G6+eYRljdBvr4A4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE5cjRXbUFvCgqdqrHoXDaA9e4d7MB8GA1UdIwQY
MBaAFIRmpd3if5EdqL5zwmH/VbWIEZipMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEdhbDNlSl9rUjJvdm5QQ1lmOVZ0WWdSbUtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiNjAtOGFhNy00NjFmLTljZDkt
N2NjYmI0NWRjYTUxLzEvVGx5TkZkdFFXOEtDcDJxc2VoY05vRDE3aDNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiNjAtOGFhNy00NjFmLTljZDktN2NjYmI0NWRjYTUx
LzEvaEdhbDNlSl9rUjJvdm5QQ1lmOVZ0WWdSbUtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuclcMA0G
CSqGSIb3DQEBCwUAA4IBAQBIjJ+JuTj1N2/5FtNFWysuMFDa16WWWMo9/4f8SUVj
VUmvKyfGLyO8pWVGIh7C2efUkglKd4fr+PAyUfntI8TgDNglh/URrBIyAuhrJPVg
JrtWg9JWhNOcA5zMdehDAkWOQSzyxgyHNkYTII6uRyYN73/Z2DudiGR/amEAJjGd
nWbBXmsdHhDbRd88xI/4XkTeJwkJveapMX6Ejkhug1rS0Kh7DCJYAtc8YTfumjWI
0wpPYhAIcJCsjpa5GCNtAaLr0RD9uI2uXVZt3NvMk/DIykUwYpGA4fam0FqXT7dY
jtiWFa5zn7ZLTL02lp238GptcqXL//8/+PcxLHAiAA0y
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:01:48 2024 by rpki-client on console.sobornost.net