Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/TwCPZjc5LeUV7rqMG6Ar8tCr8CQ.roa
File: TwCPZjc5LeUV7rqMG6Ar8tCr8CQ.roa (raw, json)
Hash identifier: ldwCy55cS9z42tIizcIcqW7Gj1yozwcRWXIonAAqgVc=
Subject key identifier: 4F:00:8F:66:37:39:2D:E5:15:EE:BA:8C:1B:A0:2B:F2:D0:AB:F0:24
Certificate issuer: /CN=8b82433ffe94bf3536fec327543d396158202072
Certificate serial: 0193DF00116B78AE34852BF4E177BCD4B922
Authority key identifier: 8B:82:43:3F:FE:94:BF:35:36:FE:C3:27:54:3D:39:61:58:20:20:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i4JDP_6UvzU2_sMnVD05YVggIHI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/TwCPZjc5LeUV7rqMG6Ar8tCr8CQ.roa
Signing time: Thu 19 Dec 2024 12:59:03 +0000
ROA not before: Thu 19 Dec 2024 12:59:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50265
IP address blocks: 85.198.80.0/22 maxlen: 22
89.169.0.0/22 maxlen: 22
89.169.44.0/22 maxlen: 22
91.233.88.0/24 maxlen: 24
193.106.68.0/22 maxlen: 24
2a00:46e0::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:50:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:df:00:11:6b:78:ae:34:85:2b:f4:e1:77:bc:d4:b9:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b82433ffe94bf3536fec327543d396158202072
Validity
Not Before: Dec 19 12:59:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f008f6637392de515eeba8c1ba02bf2d0abf024
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:97:2c:04:c0:8f:d6:3a:96:1d:09:eb:43:06:
76:79:45:c2:be:a8:49:61:1a:d3:71:29:7f:46:7c:
1f:39:0e:88:2b:15:5e:ea:6a:3a:08:79:81:19:07:
28:3c:c5:fd:35:d4:71:76:10:b8:d3:88:39:68:76:
68:64:fa:2b:2c:cf:94:cc:16:58:74:c7:52:29:11:
01:1c:64:14:57:e1:a0:26:66:71:56:58:f4:bd:53:
31:64:12:ea:27:e7:5e:39:6b:83:39:aa:d3:1f:9f:
63:c3:c0:a5:10:66:30:35:dc:5e:d2:1a:6d:14:3f:
45:b7:69:e2:a5:48:ed:d7:4b:68:22:e2:72:31:48:
85:a0:67:2d:b7:c2:0c:c9:6f:a6:d7:64:93:0c:7b:
0f:a5:29:d0:fd:e9:db:8b:ab:c6:f3:9f:cf:03:21:
9e:90:c9:d5:b7:18:30:85:1a:fe:8e:92:66:0f:bc:
34:4e:10:cb:c0:33:47:65:86:51:36:f3:3c:d4:98:
47:59:8b:f7:cf:e4:bb:23:33:9f:79:16:37:ab:ce:
ec:6b:c6:52:56:b0:c1:07:23:db:01:0f:9c:6a:8c:
cf:37:d8:9f:97:a4:40:29:9e:9a:03:31:85:18:1e:
8b:d2:fb:35:f7:86:6c:b1:41:c6:01:d8:6a:30:ea:
6f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:00:8F:66:37:39:2D:E5:15:EE:BA:8C:1B:A0:2B:F2:D0:AB:F0:24
X509v3 Authority Key Identifier:
keyid:8B:82:43:3F:FE:94:BF:35:36:FE:C3:27:54:3D:39:61:58:20:20:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i4JDP_6UvzU2_sMnVD05YVggIHI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/TwCPZjc5LeUV7rqMG6Ar8tCr8CQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f5593d-689c-4dfe-8d96-2dd7890dc689/1/i4JDP_6UvzU2_sMnVD05YVggIHI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.198.80.0/22
89.169.0.0/22
89.169.44.0/22
91.233.88.0/24
193.106.68.0/22
IPv6:
2a00:46e0::/32
Signature Algorithm: sha256WithRSAEncryption
6d:a2:f0:26:96:bc:43:3e:2d:5b:a4:b4:39:e3:53:d1:74:ee:
18:57:e4:16:4b:63:30:f3:f0:8d:68:b4:b7:a7:49:af:42:ce:
dc:52:59:96:68:6e:b9:f0:61:0d:70:88:31:4f:89:03:40:54:
0f:9d:5f:67:99:94:2a:8c:f1:1d:d8:16:a0:4c:cd:85:c1:f1:
85:98:f6:eb:fd:06:b0:27:05:ce:4b:51:32:b5:af:8b:e1:af:
07:62:9d:1d:8c:56:b0:73:1e:c9:2c:4d:fe:bd:ae:fa:b6:a5:
3a:9a:c1:21:fb:ed:2a:c4:8f:c3:8a:7f:1a:0f:06:1a:1a:ee:
bf:a2:6b:b5:5a:1b:ee:f2:64:a2:a3:a4:48:0e:59:47:fc:9f:
53:8d:be:29:8d:26:e1:51:d4:6a:b7:47:2e:21:fb:22:ab:13:
62:b1:ef:34:b6:da:6b:59:9c:ad:62:74:f6:76:9f:31:4c:87:
d1:6f:84:98:5e:8a:91:ca:be:80:28:cb:14:e5:60:05:69:dd:
11:9a:a7:03:96:25:79:8f:db:6f:eb:e5:26:15:7a:c2:b9:b2:
67:f5:e9:95:d9:5b:fd:c7:2f:e7:e5:9a:32:2c:60:3b:9d:27:
7a:a8:62:77:54:8d:36:79:17:c6:7c:d1:1e:f7:39:76:7b:b1:
43:92:b9:f9
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZPfABFreK40hSv04Xe81LkiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiODI0MzNmZmU5NGJmMzUzNmZlYzMyNzU0M2QzOTYxNTgy
MDIwNzIwHhcNMjQxMjE5MTI1OTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjAwOGY2NjM3MzkyZGU1MTVlZWJhOGMxYmEwMmJmMmQwYWJmMDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0JcsBMCP1jqWHQnrQwZ2eUXCvqhJ
YRrTcSl/RnwfOQ6IKxVe6mo6CHmBGQcoPMX9NdRxdhC404g5aHZoZPorLM+UzBZY
dMdSKREBHGQUV+GgJmZxVlj0vVMxZBLqJ+deOWuDOarTH59jw8ClEGYwNdxe0hpt
FD9Ft2nipUjt10toIuJyMUiFoGctt8IMyW+m12STDHsPpSnQ/enbi6vG85/PAyGe
kMnVtxgwhRr+jpJmD7w0ThDLwDNHZYZRNvM81JhHWYv3z+S7IzOfeRY3q87sa8ZS
VrDBByPbAQ+caozPN9ifl6RAKZ6aAzGFGB6L0vs194ZssUHGAdhqMOpvDwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFE8Aj2Y3OS3lFe66jBugK/LQq/AkMB8GA1UdIwQY
MBaAFIuCQz/+lL81Nv7DJ1Q9OWFYICByMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTRKRFBfNlV2elUyX3NNblZEMDVZVmdnSUhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9mNTU5M2QtNjg5Yy00ZGZlLThkOTYt
MmRkNzg5MGRjNjg5LzEvVHdDUFpqYzVMZVVWN3JxTUc2QXI4dENyOENRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9mNTU5M2QtNjg5Yy00ZGZlLThkOTYtMmRkNzg5MGRjNjg5
LzEvaTRKRFBfNlV2elUyX3NNblZEMDVZVmdnSUhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCVcZQAwQC
WakAAwQCWaksAwQAW+lYAwQCwWpEMA0EAgACMAcDBQAqAEbgMA0GCSqGSIb3DQEB
CwUAA4IBAQBtovAmlrxDPi1bpLQ541PRdO4YV+QWS2Mw8/CNaLS3p0mvQs7cUlmW
aG658GENcIgxT4kDQFQPnV9nmZQqjPEd2BagTM2FwfGFmPbr/QawJwXOS1Eyta+L
4a8HYp0djFawcx7JLE3+va76tqU6msEh++0qxI/Din8aDwYaGu6/omu1Whvu8mSi
o6RIDllH/J9Tjb4pjSbhUdRqt0cuIfsiqxNise80ttprWZytYnT2dp8xTIfRb4SY
XoqRyr6AKMsU5WAFad0RmqcDliV5j9tv6+UmFXrCubJn9emV2Vv9xy/n5ZoyLGA7
nSd6qGJ3VI02eRfGfNEe9zl2e7FDkrn5
-----END CERTIFICATE-----
Generated at Sat Apr 19 02:36:30 2025 by rpki-client