Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/930279-3187-47a5-8137-f4fb5c880509/1/TgQMBAw6b-NsrOMUiiHme7J3iM4.roa
File: TgQMBAw6b-NsrOMUiiHme7J3iM4.roa (raw, json)
Hash identifier: iQh4Yig17jY6aTzhJFF/lP9Tw5vWasEkxHsMNMCFImc=
Subject key identifier: 4E:04:0C:04:0C:3A:6F:E3:6C:AC:E3:14:8A:21:E6:7B:B2:77:88:CE
Certificate issuer: /CN=29109da662f9d302fff2c5c4b4afb8f947fec1c0
Certificate serial: 0185735602B3704458D35FA318D7D68080A9
Authority key identifier: 29:10:9D:A6:62:F9:D3:02:FF:F2:C5:C4:B4:AF:B8:F9:47:FE:C1:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KRCdpmL50wL_8sXEtK-4-Uf-wcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/930279-3187-47a5-8137-f4fb5c880509/1/TgQMBAw6b-NsrOMUiiHme7J3iM4.roa
Signing time: Mon 02 Jan 2023 16:34:54 +0000
ROA not before: Mon 02 Jan 2023 16:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6881
IP address blocks: 194.50.100.0/24 maxlen: 32
185.1.34.0/24 maxlen: 32
91.207.230.0/23 maxlen: 23
91.207.234.0/23 maxlen: 23
195.47.235.0/24 maxlen: 32
91.210.16.0/22 maxlen: 32
194.30.187.0/24 maxlen: 32
93.190.128.0/21 maxlen: 32
2001:7f8:14::/48 maxlen: 128
2a02:38::/32 maxlen: 32
2001:7f8:91::/48 maxlen: 128
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:56:02:b3:70:44:58:d3:5f:a3:18:d7:d6:80:80:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29109da662f9d302fff2c5c4b4afb8f947fec1c0
Validity
Not Before: Jan 2 16:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e040c040c3a6fe36cace3148a21e67bb27788ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b3:c1:2b:8d:f8:67:93:7c:e6:c6:7b:41:59:
2c:c8:94:ab:f0:47:f0:c8:7a:09:89:03:63:c1:65:
15:d5:64:8e:97:d4:84:2e:76:16:39:f5:9b:79:c3:
f1:11:b8:a8:6e:23:34:8d:37:dd:4d:cc:10:79:ab:
84:39:fb:ac:14:2e:44:79:89:66:d9:a0:61:43:21:
10:80:13:1f:11:f3:e4:a2:c1:0f:2c:9d:1d:43:f5:
94:6c:8d:ff:78:52:e5:0f:bf:f2:6b:5c:20:93:02:
b9:05:52:f1:c4:62:97:2a:d6:e3:d9:93:44:27:8a:
0e:4e:e0:7d:51:c6:e5:5d:2f:1b:33:c0:cf:45:e4:
5a:78:f5:06:52:0c:4b:ba:2b:c1:69:30:f4:0a:2c:
03:f0:62:d2:bd:3e:24:71:e1:b8:38:07:a1:2e:89:
48:a3:58:cd:37:27:9a:0b:08:ec:56:d3:4b:f8:83:
96:0d:57:7d:12:0b:27:03:1d:fc:6a:b1:28:a2:b0:
e5:70:ab:60:92:e4:2f:99:70:d4:6a:47:13:ab:ce:
2d:71:70:08:af:49:87:83:7f:73:64:26:48:65:6d:
71:1d:e8:28:68:f0:ea:a4:17:25:17:e8:67:39:84:
7f:d6:01:5e:3f:a0:ee:39:d8:1d:64:f0:fe:c2:55:
e7:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:04:0C:04:0C:3A:6F:E3:6C:AC:E3:14:8A:21:E6:7B:B2:77:88:CE
X509v3 Authority Key Identifier:
keyid:29:10:9D:A6:62:F9:D3:02:FF:F2:C5:C4:B4:AF:B8:F9:47:FE:C1:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KRCdpmL50wL_8sXEtK-4-Uf-wcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/930279-3187-47a5-8137-f4fb5c880509/1/TgQMBAw6b-NsrOMUiiHme7J3iM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/930279-3187-47a5-8137-f4fb5c880509/1/KRCdpmL50wL_8sXEtK-4-Uf-wcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.230.0/23
91.207.234.0/23
91.210.16.0/22
93.190.128.0/21
185.1.34.0/24
194.30.187.0/24
194.50.100.0/24
195.47.235.0/24
IPv6:
2001:7f8:14::/48
2001:7f8:91::/48
2a02:38::/32
Signature Algorithm: sha256WithRSAEncryption
1a:c3:a2:eb:97:35:38:08:ab:da:aa:e3:13:5e:e1:b3:41:34:
05:ab:47:e3:b7:d3:bd:77:22:05:b7:62:3c:09:23:de:ea:d9:
06:51:5a:7b:51:0f:34:68:fd:22:fb:65:2a:1c:26:38:1f:42:
e2:e9:ee:bc:6e:a7:8a:96:19:9b:30:f2:1c:62:16:d6:81:19:
67:90:85:c4:a0:2d:ca:1f:f3:73:63:c5:19:9c:1f:6a:01:b9:
69:9d:6f:ac:e8:05:28:35:64:ee:d7:3c:06:7d:0f:51:14:c3:
a5:01:9e:3e:c7:33:ee:99:27:a4:3b:97:a9:6e:d2:93:9e:53:
9c:c7:cf:35:86:b9:e5:3d:73:56:7e:03:3a:55:22:ab:2d:a6:
bc:19:82:20:3c:b4:f3:4f:0a:f1:93:1b:a5:84:29:80:9b:39:
f1:5b:f0:69:52:c1:55:d9:d5:87:84:0a:dc:56:f7:d1:6e:46:
f8:03:ee:ff:1d:57:b4:e3:19:90:27:d1:d5:d2:4b:8a:87:14:
48:04:e7:8e:dc:66:e6:a3:a3:28:6c:e5:e4:23:9f:dc:13:a0:
ab:46:9b:62:35:a4:99:ad:f7:05:9a:b0:fa:24:65:9a:30:f3:
b9:aa:9c:6a:b3:1f:0e:50:62:52:4b:16:8f:88:a6:b3:06:fa:
43:e0:a7:35
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYVzVgKzcERY01+jGNfWgICpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MTA5ZGE2NjJmOWQzMDJmZmYyYzVjNGI0YWZiOGY5NDdm
ZWMxYzAwHhcNMjMwMTAyMTYzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTA0MGMwNDBjM2E2ZmUzNmNhY2UzMTQ4YTIxZTY3YmIyNzc4OGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrPBK434Z5N85sZ7QVksyJSr8Efw
yHoJiQNjwWUV1WSOl9SELnYWOfWbecPxEbiobiM0jTfdTcwQeauEOfusFC5EeYlm
2aBhQyEQgBMfEfPkosEPLJ0dQ/WUbI3/eFLlD7/ya1wgkwK5BVLxxGKXKtbj2ZNE
J4oOTuB9UcblXS8bM8DPReRaePUGUgxLuivBaTD0CiwD8GLSvT4kceG4OAehLolI
o1jNNyeaCwjsVtNL+IOWDVd9EgsnAx38arEoorDlcKtgkuQvmXDUakcTq84tcXAI
r0mHg39zZCZIZW1xHegoaPDqpBclF+hnOYR/1gFeP6DuOdgdZPD+wlXn0QIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFE4EDAQMOm/jbKzjFIoh5nuyd4jOMB8GA1UdIwQY
MBaAFCkQnaZi+dMC//LFxLSvuPlH/sHAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1JDZHBtTDUwd0xfOHNYRXRLLTQtVWYtd2NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS85MzAyNzktMzE4Ny00N2E1LTgxMzct
ZjRmYjVjODgwNTA5LzEvVGdRTUJBdzZiLU5zck9NVWlpSG1lN0ozaU00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS85MzAyNzktMzE4Ny00N2E1LTgxMzctZjRmYjVjODgwNTA5
LzEvS1JDZHBtTDUwd0xfOHNYRXRLLTQtVWYtd2NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTA2BAIAATAwAwQBW8/mAwQB
W8/qAwQCW9IQAwQDXb6AAwQAuQEiAwQAwh67AwQAwjJkAwQAwy/rMB8EAgACMBkD
BwAgAQf4ABQDBwAgAQf4AJEDBQAqAgA4MA0GCSqGSIb3DQEBCwUAA4IBAQAaw6Lr
lzU4CKvaquMTXuGzQTQFq0fjt9O9dyIFt2I8CSPe6tkGUVp7UQ80aP0i+2UqHCY4
H0Li6e68bqeKlhmbMPIcYhbWgRlnkIXEoC3KH/NzY8UZnB9qAblpnW+s6AUoNWTu
1zwGfQ9RFMOlAZ4+xzPumSekO5epbtKTnlOcx881hrnlPXNWfgM6VSKrLaa8GYIg
PLTzTwrxkxulhCmAmznxW/BpUsFV2dWHhArcVvfRbkb4A+7/HVe04xmQJ9HV0kuK
hxRIBOeO3Gbmo6MobOXkI5/cE6CrRptiNaSZrfcFmrD6JGWaMPO5qpxqsx8OUGJS
SxaPiKazBvpD4Kc1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:47 2024 by rpki-client on console-fra.rpki-client.org