Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/50f08f-f907-44de-be94-05764c7edaa7/1/T0PM2eOMz986rRSQkiR663n0gJc.roa
File: T0PM2eOMz986rRSQkiR663n0gJc.roa (raw, json)
Hash identifier: oY85adVETj3toDG+JGYr08JcB5zgzyBo0bA1jwnPPXQ=
Subject key identifier: 4F:43:CC:D9:E3:8C:CF:DF:3A:AD:14:90:92:24:7A:EB:79:F4:80:97
Certificate issuer: /CN=4ab6d7c468d092c921314d66473cfa53851cd686
Certificate serial: 018721D569170FAE0A9F971A06E55A1A96A9
Authority key identifier: 4A:B6:D7:C4:68:D0:92:C9:21:31:4D:66:47:3C:FA:53:85:1C:D6:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SrbXxGjQkskhMU1mRzz6U4Uc1oY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/50f08f-f907-44de-be94-05764c7edaa7/1/T0PM2eOMz986rRSQkiR663n0gJc.roa
Signing time: Mon 27 Mar 2023 06:50:46 +0000
ROA not before: Mon 27 Mar 2023 06:50:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35047
IP address blocks: 92.60.16.0/20 maxlen: 20
77.242.16.0/20 maxlen: 20
77.242.18.0/23 maxlen: 23
77.242.20.0/24 maxlen: 24
77.242.22.0/23 maxlen: 23
77.242.21.0/24 maxlen: 24
77.242.24.0/24 maxlen: 24
77.242.31.0/24 maxlen: 24
77.242.29.0/24 maxlen: 24
77.242.28.0/22 maxlen: 22
77.242.30.0/24 maxlen: 24
77.242.25.0/24 maxlen: 24
77.242.26.0/24 maxlen: 24
109.236.32.0/20 maxlen: 20
185.55.150.0/24 maxlen: 24
185.55.148.0/22 maxlen: 24
185.9.44.0/22 maxlen: 22
31.44.64.0/20 maxlen: 20
31.44.68.0/22 maxlen: 22
80.91.117.0/24 maxlen: 24
80.91.116.0/24 maxlen: 24
31.44.72.0/22 maxlen: 22
80.91.112.0/20 maxlen: 24
80.91.120.0/21 maxlen: 24
80.91.122.0/24 maxlen: 24
80.91.123.0/24 maxlen: 24
80.91.127.0/24 maxlen: 24
80.91.126.0/24 maxlen: 24
2a01:4f00:2233::/48 maxlen: 48
2a01:4f00::/32 maxlen: 32
2a01:4f00::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 11 May 2023 12:27:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:21:d5:69:17:0f:ae:0a:9f:97:1a:06:e5:5a:1a:96:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ab6d7c468d092c921314d66473cfa53851cd686
Validity
Not Before: Mar 27 06:50:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f43ccd9e38ccfdf3aad149092247aeb79f48097
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ec:9b:2b:fd:75:fd:be:89:f8:79:53:4c:27:
53:12:9c:80:b6:f0:52:ce:ac:35:9e:e6:1b:17:b4:
2a:f1:45:df:68:fc:f3:4f:59:e3:90:5d:25:6b:42:
92:86:2f:d6:bb:e9:cb:4b:a0:67:17:e9:76:4a:f1:
9d:0e:3a:c3:f4:32:f4:5f:d8:9d:26:c8:89:dd:2d:
bc:fe:2d:db:b8:6f:4b:f3:3a:a3:5a:76:b7:2c:a0:
37:bb:d9:80:4e:30:72:4d:23:49:0a:02:1e:c5:27:
12:08:e2:36:e7:fa:b6:2e:37:e6:a1:8e:aa:a1:a6:
d1:21:97:94:5b:7e:76:1e:a8:5f:7f:e9:78:e1:9f:
f4:e2:5f:8d:b7:65:b0:d1:37:92:24:ee:16:0f:ef:
d5:ad:43:c0:f3:66:87:d2:ef:19:d0:3b:c3:13:4c:
8b:0f:fb:63:75:4b:13:ad:2a:7c:7c:74:77:7e:a3:
5b:07:c3:68:88:ff:f7:e5:0c:6c:69:fe:10:3b:50:
ee:06:4f:86:10:de:f4:64:86:63:56:e2:29:da:80:
a9:14:a7:6c:60:50:7e:a5:17:69:03:17:56:7a:d2:
de:48:c1:c2:08:47:27:7a:4b:37:f1:b8:c0:2b:89:
2a:80:44:f6:14:bd:9e:bd:80:9c:d7:6f:1e:39:0f:
eb:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:43:CC:D9:E3:8C:CF:DF:3A:AD:14:90:92:24:7A:EB:79:F4:80:97
X509v3 Authority Key Identifier:
keyid:4A:B6:D7:C4:68:D0:92:C9:21:31:4D:66:47:3C:FA:53:85:1C:D6:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SrbXxGjQkskhMU1mRzz6U4Uc1oY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/50f08f-f907-44de-be94-05764c7edaa7/1/T0PM2eOMz986rRSQkiR663n0gJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/50f08f-f907-44de-be94-05764c7edaa7/1/SrbXxGjQkskhMU1mRzz6U4Uc1oY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.64.0/20
77.242.16.0/20
80.91.112.0/20
92.60.16.0/20
109.236.32.0/20
185.9.44.0/22
185.55.148.0/22
IPv6:
2a01:4f00::/32
Signature Algorithm: sha256WithRSAEncryption
18:98:ce:27:e3:26:4d:57:08:29:83:fd:39:fa:63:e1:b4:d0:
87:c2:86:9d:76:e0:e8:39:d2:16:81:00:22:36:b1:57:67:fb:
6a:3b:5e:ad:47:94:77:c3:0d:19:53:6b:15:2e:49:9d:81:c5:
ef:77:4c:23:45:30:60:d5:d3:6b:0e:ef:d9:b5:6b:9b:fa:9d:
c0:07:55:69:f8:d4:4f:dd:62:1c:fb:77:d9:3c:49:1d:81:48:
73:e9:26:ac:04:0b:fd:97:4b:b7:f0:52:0c:d0:46:e5:27:64:
12:e8:58:5b:d7:54:06:c1:c7:33:58:f3:11:21:9d:f6:a0:41:
41:c0:1d:fa:55:0a:f2:17:21:21:28:67:ab:50:4f:3c:46:d0:
09:f3:ef:67:bf:b5:1c:1b:16:f5:ec:85:4a:63:a4:2d:8c:cc:
1b:88:3a:eb:5c:3c:07:e4:34:65:48:44:2b:42:7b:87:23:88:
7d:06:c7:f2:ba:78:57:b6:3f:60:d8:f5:c9:05:2d:40:3f:37:
21:90:e3:c0:14:e1:db:41:79:3a:96:4b:f9:1f:51:ac:74:f4:
53:72:66:8c:68:d6:71:d7:73:87:19:a0:62:95:b5:65:69:81:
69:5e:8f:cb:8e:15:ef:4f:86:61:97:fe:f2:06:1a:f1:ce:c7:
8a:f3:e9:cb
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYch1WkXD64Kn5caBuVaGpapMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhYjZkN2M0NjhkMDkyYzkyMTMxNGQ2NjQ3M2NmYTUzODUx
Y2Q2ODYwHhcNMjMwMzI3MDY1MDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjQzY2NkOWUzOGNjZmRmM2FhZDE0OTA5MjI0N2FlYjc5ZjQ4MDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+ybK/11/b6J+HlTTCdTEpyAtvBS
zqw1nuYbF7Qq8UXfaPzzT1njkF0la0KShi/Wu+nLS6BnF+l2SvGdDjrD9DL0X9id
JsiJ3S28/i3buG9L8zqjWna3LKA3u9mATjByTSNJCgIexScSCOI25/q2LjfmoY6q
oabRIZeUW352Hqhff+l44Z/04l+Nt2Ww0TeSJO4WD+/VrUPA82aH0u8Z0DvDE0yL
D/tjdUsTrSp8fHR3fqNbB8NoiP/35Qxsaf4QO1DuBk+GEN70ZIZjVuIp2oCpFKds
YFB+pRdpAxdWetLeSMHCCEcneks38bjAK4kqgET2FL2evYCc128eOQ/rvQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFE9DzNnjjM/fOq0UkJIkeut59ICXMB8GA1UdIwQY
MBaAFEq218Ro0JLJITFNZkc8+lOFHNaGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3JiWHhHalFrc2toTVUxbVJ6ejZVNFVjMW9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy81MGYwOGYtZjkwNy00NGRlLWJlOTQt
MDU3NjRjN2VkYWE3LzEvVDBQTTJlT016OTg2clJTUWtpUjY2M24wZ0pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy81MGYwOGYtZjkwNy00NGRlLWJlOTQtMDU3NjRjN2VkYWE3
LzEvU3JiWHhHalFrc2toTVUxbVJ6ejZVNFVjMW9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQEHyxAAwQE
TfIQAwQEUFtwAwQEXDwQAwQEbewgAwQCuQksAwQCuTeUMA0EAgACMAcDBQAqAU8A
MA0GCSqGSIb3DQEBCwUAA4IBAQAYmM4n4yZNVwgpg/05+mPhtNCHwoadduDoOdIW
gQAiNrFXZ/tqO16tR5R3ww0ZU2sVLkmdgcXvd0wjRTBg1dNrDu/ZtWub+p3AB1Vp
+NRP3WIc+3fZPEkdgUhz6SasBAv9l0u38FIM0EblJ2QS6Fhb11QGwcczWPMRIZ32
oEFBwB36VQryFyEhKGerUE88RtAJ8+9nv7UcGxb17IVKY6QtjMwbiDrrXDwH5DRl
SEQrQnuHI4h9BsfyunhXtj9g2PXJBS1APzchkOPAFOHbQXk6lkv5H1GsdPRTcmaM
aNZx13OHGaBilbVlaYFpXo/LjhXvT4Zhl/7yBhrxzseK8+nL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:16 2024 by rpki-client on console-ams.rpki-client.org