Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/82c01e-b8cd-44ad-8aa7-8e98ea6ca8ee/1/TPWn5KQeGvjYBc9Y_PWFcJS7nco.roa
File: TPWn5KQeGvjYBc9Y_PWFcJS7nco.roa (raw, json)
Hash identifier: kfcrBSfgKNBFA9T8NqN8W86TqCFKOU0fnqFOh2hPM0A=
Subject key identifier: 4C:F5:A7:E4:A4:1E:1A:F8:D8:05:CF:58:FC:F5:85:70:94:BB:9D:CA
Certificate issuer: /CN=795013346c8d8f23e0128d306997980237db2374
Certificate serial: 01856FB1275DEB8094DD90A287C7243DA26C
Authority key identifier: 79:50:13:34:6C:8D:8F:23:E0:12:8D:30:69:97:98:02:37:DB:23:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eVATNGyNjyPgEo0waZeYAjfbI3Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/82c01e-b8cd-44ad-8aa7-8e98ea6ca8ee/1/TPWn5KQeGvjYBc9Y_PWFcJS7nco.roa
Signing time: Sun 01 Jan 2023 23:35:58 +0000
ROA not before: Sun 01 Jan 2023 23:35:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34066
IP address blocks: 78.158.48.0/20 maxlen: 24
185.158.56.0/22 maxlen: 24
193.104.103.0/24 maxlen: 24
193.104.131.0/24 maxlen: 24
77.240.48.0/20 maxlen: 24
2a03:7600::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:b1:27:5d:eb:80:94:dd:90:a2:87:c7:24:3d:a2:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=795013346c8d8f23e0128d306997980237db2374
Validity
Not Before: Jan 1 23:35:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4cf5a7e4a41e1af8d805cf58fcf5857094bb9dca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f1:7d:5b:a7:04:34:cc:38:00:a6:e1:98:22:
11:db:53:af:22:3f:1b:67:44:16:f6:a8:95:c7:94:
5b:d2:38:e8:d1:e9:bd:10:8b:36:90:e5:84:31:3e:
e6:7e:31:01:bf:e2:f8:7e:b1:8a:11:4a:0a:2d:0d:
17:c8:b8:bb:88:8c:3d:9c:bc:47:04:c0:e5:e7:31:
4b:0c:ae:30:9f:30:ca:bc:0e:bf:2e:fa:0b:7f:34:
5e:17:62:ee:90:53:8b:56:3b:2e:d5:da:6e:c5:95:
d3:80:54:6e:31:59:40:bf:af:47:03:40:ee:ff:77:
bb:4b:2b:96:9a:8b:02:ef:e9:aa:bf:a7:be:62:db:
df:0a:e4:9d:05:24:93:f1:e5:ac:1c:5c:31:f6:9f:
67:56:6f:4e:df:f4:d1:07:f8:92:16:b4:45:e6:b7:
c8:48:5f:17:a1:b2:ca:2c:39:b6:a8:ee:8d:76:f7:
7e:94:d3:89:f4:4a:ea:92:9f:1d:1b:c9:d1:53:0d:
7f:90:1e:45:07:16:17:00:3b:46:1a:02:a2:07:e3:
58:0f:54:ee:5e:9c:a2:1e:ae:89:a2:3e:6b:ca:79:
f5:f3:ce:26:0a:88:82:e2:aa:77:61:a1:40:fe:b0:
93:21:d3:fd:38:c3:1d:96:33:bc:68:6f:82:cd:ca:
5b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:F5:A7:E4:A4:1E:1A:F8:D8:05:CF:58:FC:F5:85:70:94:BB:9D:CA
X509v3 Authority Key Identifier:
keyid:79:50:13:34:6C:8D:8F:23:E0:12:8D:30:69:97:98:02:37:DB:23:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eVATNGyNjyPgEo0waZeYAjfbI3Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/82c01e-b8cd-44ad-8aa7-8e98ea6ca8ee/1/TPWn5KQeGvjYBc9Y_PWFcJS7nco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/82c01e-b8cd-44ad-8aa7-8e98ea6ca8ee/1/eVATNGyNjyPgEo0waZeYAjfbI3Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.240.48.0/20
78.158.48.0/20
185.158.56.0/22
193.104.103.0/24
193.104.131.0/24
IPv6:
2a03:7600::/32
Signature Algorithm: sha256WithRSAEncryption
5d:42:7d:09:28:76:92:7b:f0:c2:dd:de:17:d3:4f:a0:d3:bf:
af:88:0f:45:85:85:30:4c:be:f0:be:08:a4:29:e4:09:e6:ff:
81:78:df:8e:f8:8c:e4:e9:08:2f:86:81:d3:1c:69:b3:91:69:
89:1b:12:a1:0d:b1:f5:f5:d7:64:02:be:01:e5:66:1e:4f:40:
10:99:db:bc:9c:c4:2b:2e:55:95:a3:48:87:57:81:5c:f7:ac:
db:e9:09:4a:67:ae:c5:29:fc:0e:05:fa:69:3d:57:2e:ba:12:
55:8f:43:e6:0a:db:11:ca:b0:51:c6:c7:1a:4e:b8:01:55:81:
0c:b2:39:db:57:21:6c:2e:ea:9c:42:f9:77:aa:8f:29:32:f5:
b1:92:ad:3c:5c:da:0d:f3:9b:02:f6:d5:c6:a6:31:fd:5a:30:
64:70:db:48:ea:53:f7:89:04:4e:9b:16:b1:37:a8:0a:33:19:
ef:53:0a:b1:30:f6:3b:d4:60:b7:89:12:b0:75:1a:31:28:8d:
72:ee:bc:c4:0b:93:bc:61:6c:11:1a:20:b6:11:cb:89:11:99:
c6:e0:7b:db:4a:ea:8c:c6:bd:20:d2:12:a3:7d:9b:2d:b1:8b:
fb:44:09:b6:ed:9c:77:27:54:26:d9:8b:cc:b5:63:c4:c3:7c:
11:79:2f:f0
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVvsSdd64CU3ZCih8ckPaJsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5NTAxMzM0NmM4ZDhmMjNlMDEyOGQzMDY5OTc5ODAyMzdk
YjIzNzQwHhcNMjMwMTAxMjMzNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2Y1YTdlNGE0MWUxYWY4ZDgwNWNmNThmY2Y1ODU3MDk0YmI5ZGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPF9W6cENMw4AKbhmCIR21OvIj8b
Z0QW9qiVx5Rb0jjo0em9EIs2kOWEMT7mfjEBv+L4frGKEUoKLQ0XyLi7iIw9nLxH
BMDl5zFLDK4wnzDKvA6/LvoLfzReF2LukFOLVjsu1dpuxZXTgFRuMVlAv69HA0Du
/3e7SyuWmosC7+mqv6e+YtvfCuSdBSST8eWsHFwx9p9nVm9O3/TRB/iSFrRF5rfI
SF8XobLKLDm2qO6Ndvd+lNOJ9Erqkp8dG8nRUw1/kB5FBxYXADtGGgKiB+NYD1Tu
XpyiHq6Joj5rynn1884mCoiC4qp3YaFA/rCTIdP9OMMdljO8aG+CzcpbZwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFEz1p+SkHhr42AXPWPz1hXCUu53KMB8GA1UdIwQY
MBaAFHlQEzRsjY8j4BKNMGmXmAI32yN0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVZBVE5HeU5qeVBnRW8wd2FaZVlBamZiSTNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84MmMwMWUtYjhjZC00NGFkLThhYTct
OGU5OGVhNmNhOGVlLzEvVFBXbjVLUWVHdmpZQmM5WV9QV0ZjSlM3bmNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84MmMwMWUtYjhjZC00NGFkLThhYTctOGU5OGVhNmNhOGVl
LzEvZVZBVE5HeU5qeVBnRW8wd2FaZVlBamZiSTNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQETfAwAwQE
Tp4wAwQCuZ44AwQAwWhnAwQAwWiDMA0EAgACMAcDBQAqA3YAMA0GCSqGSIb3DQEB
CwUAA4IBAQBdQn0JKHaSe/DC3d4X00+g07+viA9FhYUwTL7wvgikKeQJ5v+BeN+O
+Izk6QgvhoHTHGmzkWmJGxKhDbH19ddkAr4B5WYeT0AQmdu8nMQrLlWVo0iHV4Fc
96zb6QlKZ67FKfwOBfppPVcuuhJVj0PmCtsRyrBRxscaTrgBVYEMsjnbVyFsLuqc
Qvl3qo8pMvWxkq08XNoN85sC9tXGpjH9WjBkcNtI6lP3iQROmxaxN6gKMxnvUwqx
MPY71GC3iRKwdRoxKI1y7rzEC5O8YWwRGiC2EcuJEZnG4HvbSuqMxr0g0hKjfZst
sYv7RAm27Zx3J1Qm2YvMtWPEw3wReS/w
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:25 2024 by rpki-client on console-ams.rpki-client.org