Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/6683f4-3eec-4dcb-8787-731abc6f75ca/1/TaEzaIcbtlkOa28uWED3ErdAMzQ.roa
File: TaEzaIcbtlkOa28uWED3ErdAMzQ.roa (raw, json)
Hash identifier: +aK5h4yZT3H8ALIl2kDhlU95tf1unUU+AoLbjaZsPIQ=
Subject key identifier: 4D:A1:33:68:87:1B:B6:59:0E:6B:6F:2E:58:40:F7:12:B7:40:33:34
Certificate issuer: /CN=1795ac843cd8ba90188f7313652bb561299b296f
Certificate serial: 0185715567E6F10D72069CD825E3C3C2AC1E
Authority key identifier: 17:95:AC:84:3C:D8:BA:90:18:8F:73:13:65:2B:B5:61:29:9B:29:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F5WshDzYupAYj3MTZSu1YSmbKW8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/6683f4-3eec-4dcb-8787-731abc6f75ca/1/TaEzaIcbtlkOa28uWED3ErdAMzQ.roa
Signing time: Mon 02 Jan 2023 07:15:00 +0000
ROA not before: Mon 02 Jan 2023 07:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31313
IP address blocks: 213.177.16.0/21 maxlen: 32
213.177.24.0/21 maxlen: 32
93.113.29.0/24 maxlen: 32
89.42.116.0/23 maxlen: 32
193.151.28.0/22 maxlen: 32
89.35.192.0/24 maxlen: 32
213.177.0.0/21 maxlen: 32
86.105.108.0/22 maxlen: 32
213.177.8.0/21 maxlen: 32
193.169.21.0/24 maxlen: 32
89.41.56.0/23 maxlen: 32
89.43.190.0/23 maxlen: 32
195.242.244.0/22 maxlen: 32
89.200.246.0/23 maxlen: 32
89.200.247.0/24 maxlen: 32
86.105.216.0/22 maxlen: 32
2a00:5dc0::/29 maxlen: 128
Validation: Failed, certificate revoked on Thu 10 Aug 2023 04:27:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:55:67:e6:f1:0d:72:06:9c:d8:25:e3:c3:c2:ac:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1795ac843cd8ba90188f7313652bb561299b296f
Validity
Not Before: Jan 2 07:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4da13368871bb6590e6b6f2e5840f712b7403334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:bd:34:da:b1:5f:d8:3b:12:79:4c:a7:08:53:
da:34:f9:e7:f7:31:a1:04:7b:3c:01:c5:bf:78:39:
d9:50:7a:7c:f4:d1:e5:c6:b2:0c:63:82:53:68:8c:
37:af:fb:46:54:0c:05:97:3a:e2:23:45:ff:6b:af:
12:11:c8:4f:72:09:5e:7a:8a:ee:ae:28:3d:20:84:
ab:56:c0:b4:7b:a6:68:a8:4b:b8:fa:21:64:22:bc:
1e:66:cd:47:a4:74:99:5a:b1:1c:de:f3:f6:00:b3:
c8:8d:47:70:a7:5d:0b:dc:e5:43:9c:21:60:48:1e:
99:46:d0:2b:60:cd:fd:42:20:10:73:69:6b:ce:01:
93:57:2a:21:13:5b:10:ae:d9:65:41:62:2f:9b:57:
bf:ff:63:69:55:31:82:22:15:3e:c2:fd:35:e3:f4:
2e:31:10:10:80:90:5d:04:f4:f1:b4:a9:13:35:d5:
12:b0:0c:bb:44:72:06:89:cd:e3:27:66:33:16:6f:
5e:11:cf:31:0d:b4:7c:f3:bf:85:a8:bb:64:27:3f:
bc:3b:d0:45:fc:54:12:84:79:0a:e0:01:78:32:e3:
48:ba:97:3a:3c:52:b6:17:15:89:4f:59:00:83:52:
ab:e3:0a:3c:13:cc:1e:b0:49:37:70:05:70:41:dd:
5f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:A1:33:68:87:1B:B6:59:0E:6B:6F:2E:58:40:F7:12:B7:40:33:34
X509v3 Authority Key Identifier:
keyid:17:95:AC:84:3C:D8:BA:90:18:8F:73:13:65:2B:B5:61:29:9B:29:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F5WshDzYupAYj3MTZSu1YSmbKW8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/6683f4-3eec-4dcb-8787-731abc6f75ca/1/TaEzaIcbtlkOa28uWED3ErdAMzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/6683f4-3eec-4dcb-8787-731abc6f75ca/1/F5WshDzYupAYj3MTZSu1YSmbKW8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.108.0/22
86.105.216.0/22
89.35.192.0/24
89.41.56.0/23
89.42.116.0/23
89.43.190.0/23
89.200.246.0/23
93.113.29.0/24
193.151.28.0/22
193.169.21.0/24
195.242.244.0/22
213.177.0.0/19
IPv6:
2a00:5dc0::/29
Signature Algorithm: sha256WithRSAEncryption
9b:7d:51:2d:f5:63:25:20:52:50:fa:ce:6b:e7:e6:44:9b:ff:
3b:f0:73:1d:05:1c:6c:35:ae:92:8b:9c:bc:7f:3f:7f:94:b1:
33:83:c8:82:e3:5f:ae:05:dc:37:74:82:c5:ef:93:05:6b:15:
68:88:f3:78:c4:46:08:fa:08:4f:7f:97:31:80:42:65:b0:a2:
60:3c:df:fc:38:33:f4:2b:7b:25:08:1d:d7:4f:72:f6:2b:9e:
f5:5e:e8:5f:3b:d4:f1:5a:38:9c:ac:12:ad:ac:7f:6d:c2:b0:
66:7f:9f:45:f6:a3:81:fc:0d:c9:3c:ab:79:dd:55:ea:bb:55:
94:71:1c:ad:97:b8:71:22:2d:23:4f:72:d0:6b:bf:4b:42:12:
0b:b5:f1:d6:b2:92:d7:24:d6:38:46:47:8d:a6:b8:28:a2:9f:
2a:fb:92:27:19:e1:a2:0f:f1:71:05:85:aa:d3:7c:c5:ae:18:
b2:07:14:7b:67:68:94:90:34:2e:42:71:8e:e3:e9:9a:b2:8c:
a5:6b:a7:61:15:0a:c8:e9:dd:c9:17:10:a4:3a:a7:d7:68:af:
7a:9e:c9:a1:97:74:2b:b2:62:1b:0e:92:e2:33:13:4a:02:c9:
08:17:d8:65:b7:1b:77:e6:79:dc:4e:d0:2d:48:e5:65:b3:cb:
a7:67:87:ab
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYVxVWfm8Q1yBpzYJePDwqweMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3OTVhYzg0M2NkOGJhOTAxODhmNzMxMzY1MmJiNTYxMjk5
YjI5NmYwHhcNMjMwMTAyMDcxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGExMzM2ODg3MWJiNjU5MGU2YjZmMmU1ODQwZjcxMmI3NDAzMzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7002rFf2DsSeUynCFPaNPnn9zGh
BHs8AcW/eDnZUHp89NHlxrIMY4JTaIw3r/tGVAwFlzriI0X/a68SEchPcgleeoru
rig9IISrVsC0e6ZoqEu4+iFkIrweZs1HpHSZWrEc3vP2ALPIjUdwp10L3OVDnCFg
SB6ZRtArYM39QiAQc2lrzgGTVyohE1sQrtllQWIvm1e//2NpVTGCIhU+wv014/Qu
MRAQgJBdBPTxtKkTNdUSsAy7RHIGic3jJ2YzFm9eEc8xDbR887+FqLtkJz+8O9BF
/FQShHkK4AF4MuNIupc6PFK2FxWJT1kAg1Kr4wo8E8wesEk3cAVwQd1f9wIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFE2hM2iHG7ZZDmtvLlhA9xK3QDM0MB8GA1UdIwQY
MBaAFBeVrIQ82LqQGI9zE2UrtWEpmylvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjVXc2hEell1cEFZajNNVFpTdTFZU21iS1c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS82NjgzZjQtM2VlYy00ZGNiLTg3ODct
NzMxYWJjNmY3NWNhLzEvVGFFemFJY2J0bGtPYTI4dVdFRDNFcmRBTXpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS82NjgzZjQtM2VlYy00ZGNiLTg3ODctNzMxYWJjNmY3NWNh
LzEvRjVXc2hEell1cEFZajNNVFpTdTFZU21iS1c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQCVmlsAwQC
VmnYAwQAWSPAAwQBWSk4AwQBWSp0AwQBWSu+AwQBWcj2AwQAXXEdAwQCwZccAwQA
wakVAwQCw/L0AwQF1bEAMA0EAgACMAcDBQMqAF3AMA0GCSqGSIb3DQEBCwUAA4IB
AQCbfVEt9WMlIFJQ+s5r5+ZEm/878HMdBRxsNa6Si5y8fz9/lLEzg8iC41+uBdw3
dILF75MFaxVoiPN4xEYI+ghPf5cxgEJlsKJgPN/8ODP0K3slCB3XT3L2K571Xuhf
O9TxWjicrBKtrH9twrBmf59F9qOB/A3JPKt53VXqu1WUcRytl7hxIi0jT3LQa79L
QhILtfHWspLXJNY4RkeNprgoop8q+5InGeGiD/FxBYWq03zFrhiyBxR7Z2iUkDQu
QnGO4+masoyla6dhFQrI6d3JFxCkOqfXaK96nsmhl3QrsmIbDpLiMxNKAskIF9hl
txt35nncTtAtSOVls8unZ4er
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:33 2024 by rpki-client on console-ams.rpki-client.org