Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/ab62e7-7367-4bde-934a-b42522d05895/1/TpVBTkH9nkM-maj07uLqwtUOzOY.roa
File: TpVBTkH9nkM-maj07uLqwtUOzOY.roa (raw, json)
Hash identifier: je44g7t9vhR/cSSKmOG/coQ43rbckoZfCuosRWU3jHM=
Subject key identifier: 4E:95:41:4E:41:FD:9E:43:3E:99:A8:F4:EE:E2:EA:C2:D5:0E:CC:E6
Certificate issuer: /CN=24350aa8a94af666099fd073ec621cd15d04b316
Certificate serial: 01856EAFD160404C88CD2521C97AE3A76349
Authority key identifier: 24:35:0A:A8:A9:4A:F6:66:09:9F:D0:73:EC:62:1C:D1:5D:04:B3:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JDUKqKlK9mYJn9Bz7GIc0V0EsxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/ab62e7-7367-4bde-934a-b42522d05895/1/TpVBTkH9nkM-maj07uLqwtUOzOY.roa
Signing time: Sun 01 Jan 2023 18:54:54 +0000
ROA not before: Sun 01 Jan 2023 18:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5603
IP address blocks: 193.77.0.0/18 maxlen: 18
193.77.0.0/16 maxlen: 16
188.198.0.0/16 maxlen: 16
188.198.0.0/15 maxlen: 15
193.77.64.0/18 maxlen: 18
193.138.9.0/24 maxlen: 24
212.30.64.0/20 maxlen: 20
212.30.64.0/19 maxlen: 19
195.210.192.0/20 maxlen: 20
195.210.192.0/18 maxlen: 18
149.126.144.0/20 maxlen: 20
89.143.128.0/18 maxlen: 18
89.143.64.0/18 maxlen: 18
185.59.24.0/22 maxlen: 22
185.59.24.0/23 maxlen: 23
185.59.26.0/23 maxlen: 23
149.126.128.0/20 maxlen: 20
149.126.128.0/19 maxlen: 19
89.143.192.0/18 maxlen: 18
193.189.176.0/20 maxlen: 20
178.58.128.0/17 maxlen: 17
213.250.32.0/19 maxlen: 19
193.189.160.0/19 maxlen: 19
193.189.160.0/20 maxlen: 20
89.142.128.0/18 maxlen: 18
195.250.192.0/21 maxlen: 21
195.250.192.0/20 maxlen: 20
89.143.0.0/18 maxlen: 18
195.250.200.0/21 maxlen: 21
195.250.212.0/22 maxlen: 22
193.95.224.0/19 maxlen: 19
89.143.0.0/16 maxlen: 16
195.250.208.0/21 maxlen: 21
95.176.192.0/18 maxlen: 18
188.197.0.0/16 maxlen: 16
89.142.192.0/18 maxlen: 18
95.176.128.0/17 maxlen: 17
95.176.128.0/18 maxlen: 18
95.159.192.0/20 maxlen: 20
193.95.192.0/19 maxlen: 19
95.159.192.0/18 maxlen: 18
193.95.192.0/18 maxlen: 18
91.195.146.0/23 maxlen: 23
193.77.192.0/18 maxlen: 18
188.199.0.0/16 maxlen: 16
194.165.96.0/19 maxlen: 19
194.165.96.0/20 maxlen: 20
86.61.0.0/17 maxlen: 17
86.61.0.0/18 maxlen: 18
212.30.80.0/20 maxlen: 20
193.77.128.0/18 maxlen: 18
109.182.0.0/17 maxlen: 17
109.182.0.0/16 maxlen: 16
86.61.64.0/18 maxlen: 18
188.196.0.0/16 maxlen: 16
188.196.0.0/15 maxlen: 15
213.229.192.0/20 maxlen: 20
213.229.192.0/19 maxlen: 19
213.229.192.0/18 maxlen: 18
213.250.0.0/18 maxlen: 18
213.250.0.0/19 maxlen: 19
188.196.0.0/14 maxlen: 14
195.88.82.0/23 maxlen: 23
178.58.0.0/17 maxlen: 17
178.58.0.0/16 maxlen: 16
89.142.64.0/18 maxlen: 18
213.229.224.0/19 maxlen: 19
89.142.0.0/18 maxlen: 18
89.142.0.0/16 maxlen: 16
185.57.226.0/23 maxlen: 23
109.182.128.0/17 maxlen: 17
2a00:ee5::/32 maxlen: 32
2a00:ee4::/32 maxlen: 32
2a00:ee7::/32 maxlen: 32
2a00:ee0::/29 maxlen: 29
2a00:ee3::/32 maxlen: 32
2a00:ee0::/32 maxlen: 32
2a00:ee6::/32 maxlen: 32
2a02:e20::/29 maxlen: 29
2a00:ee1::/32 maxlen: 32
2a00:ee2::/32 maxlen: 32
2a02:e20::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:d1:60:40:4c:88:cd:25:21:c9:7a:e3:a7:63:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24350aa8a94af666099fd073ec621cd15d04b316
Validity
Not Before: Jan 1 18:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e95414e41fd9e433e99a8f4eee2eac2d50ecce6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:9e:d3:ad:3d:cd:7b:4b:a0:7a:f5:14:e2:b7:
97:1e:61:0a:d3:29:fa:3d:3b:d4:0f:9f:52:fe:1a:
4f:98:28:54:2d:aa:f3:ee:89:bd:b3:5f:21:5d:cb:
ef:9e:64:7e:73:9b:03:4e:2c:44:7f:76:0b:68:96:
09:f1:2a:96:9c:20:5e:fc:f2:e7:1d:7b:99:5f:7c:
0c:ee:47:ba:93:c9:51:d1:75:3e:f0:40:23:57:cd:
29:d9:f4:56:73:3b:92:14:2e:6d:2a:4c:5f:d1:b6:
cf:34:bc:c3:cd:91:e0:62:c6:30:09:93:0c:c3:53:
b5:2f:8f:d0:12:ea:61:a3:da:ee:ee:45:0c:50:8d:
a1:cf:18:66:d3:c6:4b:a2:1c:6c:5b:78:9e:64:0b:
f4:e6:d1:42:66:c5:55:e3:16:f7:61:62:5f:af:a8:
97:80:74:d4:ad:48:aa:b2:0d:19:63:c5:e5:93:7e:
11:83:40:50:2f:99:4e:96:e4:7d:9b:68:db:97:d4:
f9:24:a9:93:6c:75:b3:31:32:cc:9a:8a:1c:45:bd:
a6:4e:0b:5d:3b:c4:44:1b:f1:13:a0:47:e9:e5:8b:
4b:7b:c2:28:ac:60:3f:d2:1f:e9:ca:85:54:06:a6:
75:1d:0f:93:ed:ef:92:83:f2:78:c7:4e:a1:9b:95:
d3:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:95:41:4E:41:FD:9E:43:3E:99:A8:F4:EE:E2:EA:C2:D5:0E:CC:E6
X509v3 Authority Key Identifier:
keyid:24:35:0A:A8:A9:4A:F6:66:09:9F:D0:73:EC:62:1C:D1:5D:04:B3:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JDUKqKlK9mYJn9Bz7GIc0V0EsxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/ab62e7-7367-4bde-934a-b42522d05895/1/TpVBTkH9nkM-maj07uLqwtUOzOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/ab62e7-7367-4bde-934a-b42522d05895/1/JDUKqKlK9mYJn9Bz7GIc0V0EsxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.61.0.0/17
89.142.0.0/15
91.195.146.0/23
95.159.192.0/18
95.176.128.0/17
109.182.0.0/16
149.126.128.0/19
178.58.0.0/16
185.57.226.0/23
185.59.24.0/22
188.196.0.0/14
193.77.0.0/16
193.95.192.0/18
193.138.9.0/24
193.189.160.0/19
194.165.96.0/19
195.88.82.0/23
195.210.192.0/18
195.250.192.0-195.250.215.255
212.30.64.0/19
213.229.192.0/18
213.250.0.0/18
IPv6:
2a00:ee0::/29
2a02:e20::/29
Signature Algorithm: sha256WithRSAEncryption
03:25:45:f1:78:3e:27:b6:35:b5:11:27:6d:06:61:a3:e8:e1:
03:20:40:9e:91:db:e2:7c:aa:ae:f5:82:df:1a:3b:c6:53:23:
be:89:39:a9:21:1c:92:93:7b:d9:e5:2e:36:85:ec:d4:0f:c7:
4d:32:ce:87:d8:66:d4:1d:b3:a6:11:60:08:1e:1a:fe:a7:3d:
a1:96:43:d7:cd:68:39:0e:3d:95:b6:55:99:ef:68:1b:c5:c0:
be:0d:55:b6:14:07:71:71:bb:ab:d4:c1:23:f4:20:86:e9:ea:
f5:5d:7f:aa:c7:95:19:d4:4d:6e:b2:85:26:5d:ea:2b:bd:fa:
4f:c7:a3:58:05:99:4a:2b:68:84:ab:db:41:45:f9:b6:1a:85:
ab:69:20:ad:11:b1:2c:01:8e:4f:ac:69:31:c8:87:6b:05:06:
ea:ce:5d:4a:ae:2c:ab:7e:5e:10:08:21:14:15:3b:3b:f3:6f:
f1:6b:ab:0c:69:de:67:b1:73:43:9b:a1:f2:fe:30:df:e6:e6:
5d:2a:41:61:34:41:b9:c8:cd:0c:fb:7d:46:eb:7d:ff:d6:4c:
16:95:09:7c:9c:a6:d4:6d:5d:28:66:04:00:0d:ef:e6:a4:71:
02:73:17:b9:fc:b1:c2:e7:4d:6b:f1:30:4e:5b:cf:24:bc:e0:
bc:0e:0d:5a
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgISAYVur9FgQEyIzSUhyXrjp2NJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MzUwYWE4YTk0YWY2NjYwOTlmZDA3M2VjNjIxY2QxNWQw
NGIzMTYwHhcNMjMwMTAxMTg1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTk1NDE0ZTQxZmQ5ZTQzM2U5OWE4ZjRlZWUyZWFjMmQ1MGVjY2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZ7TrT3Ne0ugevUU4reXHmEK0yn6
PTvUD59S/hpPmChULarz7om9s18hXcvvnmR+c5sDTixEf3YLaJYJ8SqWnCBe/PLn
HXuZX3wM7ke6k8lR0XU+8EAjV80p2fRWczuSFC5tKkxf0bbPNLzDzZHgYsYwCZMM
w1O1L4/QEupho9ru7kUMUI2hzxhm08ZLohxsW3ieZAv05tFCZsVV4xb3YWJfr6iX
gHTUrUiqsg0ZY8Xlk34Rg0BQL5lOluR9m2jbl9T5JKmTbHWzMTLMmoocRb2mTgtd
O8REG/EToEfp5YtLe8IorGA/0h/pyoVUBqZ1HQ+T7e+Sg/J4x06hm5XTLQIDAQAB
o4ICpTCCAqEwHQYDVR0OBBYEFE6VQU5B/Z5DPpmo9O7i6sLVDszmMB8GA1UdIwQY
MBaAFCQ1CqipSvZmCZ/Qc+xiHNFdBLMWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkRVS3FLbEs5bVlKbjlCejdHSWMwVjBFc3hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9hYjYyZTctNzM2Ny00YmRlLTkzNGEt
YjQyNTIyZDA1ODk1LzEvVHBWQlRrSDlua00tbWFqMDd1THF3dFVPek9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9hYjYyZTctNzM2Ny00YmRlLTkzNGEtYjQyNTIyZDA1ODk1
LzEvSkRVS3FLbEs5bVlKbjlCejdHSWMwVjBFc3hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG6BggrBgEFBQcBBwEB/wSBqjCBpzCBjgQCAAEwgYcDBAdW
PQADAwFZjgMEAVvDkgMEBl+fwAMEB1+wgAMDAG22AwQFlX6AAwMAsjoDBAG5OeID
BAK5OxgDAwK8xAMDAMFNAwQGwV/AAwQAwYoJAwQFwb2gAwQFwqVgAwQBw1hSAwQG
w9LAMAwDBAbD+sADBAPD+tADBAXUHkADBAbV5cADBAbV+gAwFAQCAAIwDgMFAyoA
DuADBQMqAg4gMA0GCSqGSIb3DQEBCwUAA4IBAQADJUXxeD4ntjW1ESdtBmGj6OED
IECekdvifKqu9YLfGjvGUyO+iTmpIRySk3vZ5S42hezUD8dNMs6H2GbUHbOmEWAI
Hhr+pz2hlkPXzWg5Dj2VtlWZ72gbxcC+DVW2FAdxcbur1MEj9CCG6er1XX+qx5UZ
1E1usoUmXeorvfpPx6NYBZlKK2iEq9tBRfm2GoWraSCtEbEsAY5PrGkxyIdrBQbq
zl1Kriyrfl4QCCEUFTs782/xa6sMad5nsXNDm6Hy/jDf5uZdKkFhNEG5yM0M+31G
633/1kwWlQl8nKbUbV0oZgQADe/mpHECcxe5/LHC501r8TBOW88kvOC8Dg1a
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:09 2024 by rpki-client on console-fra.rpki-client.org