Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/twaCoMh5jbdQgPJdYBAzP33VSbM.roa
File: twaCoMh5jbdQgPJdYBAzP33VSbM.roa (raw, json)
Hash identifier: RbSgEWdI3lErQbAiHS4aWF6Cx1ycFKwybTdT486VgC8=
Subject key identifier: B7:06:82:A0:C8:79:8D:B7:50:80:F2:5D:60:10:33:3F:7D:D5:49:B3
Certificate issuer: /CN=297c508d23b38315bbf45b726d22050a46127b8c
Certificate serial: 0185714C130BEB1A9E4BEF82AC8E560ACF71
Authority key identifier: 29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/twaCoMh5jbdQgPJdYBAzP33VSbM.roa
Signing time: Mon 02 Jan 2023 07:04:49 +0000
ROA not before: Mon 02 Jan 2023 07:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57633
IP address blocks: 195.49.132.0/22 maxlen: 22
185.79.220.0/22 maxlen: 22
77.240.192.0/20 maxlen: 20
37.25.72.0/21 maxlen: 21
46.182.208.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:13:0b:eb:1a:9e:4b:ef:82:ac:8e:56:0a:cf:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297c508d23b38315bbf45b726d22050a46127b8c
Validity
Not Before: Jan 2 07:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b70682a0c8798db75080f25d6010333f7dd549b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:90:ba:ea:ef:81:57:a1:df:6c:cc:ec:b7:68:
9e:2f:02:b5:ed:f3:47:91:00:69:6b:7c:dd:d3:ae:
80:56:16:7a:03:86:ae:6a:50:f2:3c:a0:f5:3f:e8:
40:63:31:f7:1d:b8:d5:17:5d:06:4d:e3:96:54:46:
03:ac:fc:7b:dc:2c:63:b0:09:dc:67:fa:9f:bc:99:
70:f3:24:9c:1b:61:92:91:24:2d:30:ba:4f:5e:b1:
e4:ac:56:45:f6:6a:ca:85:a8:a4:09:0a:5b:5b:58:
6f:7f:37:b2:26:29:a9:6d:df:29:93:3b:29:a9:58:
1c:c1:8d:45:07:5a:07:d3:07:f3:3c:50:54:2d:98:
9c:47:a7:ee:8b:df:bb:1d:02:7c:08:e1:88:03:1b:
d1:e5:b1:0b:7f:db:2d:72:0b:10:55:c8:28:44:c1:
6d:23:da:85:57:56:c6:9e:c7:0b:0b:9c:89:4b:58:
1e:20:d4:7c:e5:5e:51:04:7f:78:2a:d0:4a:e3:69:
b8:2f:27:82:45:71:08:4d:75:63:77:8d:d5:f7:8b:
95:b0:b0:0f:35:c8:4b:87:d0:d0:a5:b2:ea:e1:1d:
29:19:bf:31:30:e9:bd:99:72:6c:f7:fe:d6:11:8b:
92:89:a8:2e:a2:c8:dc:62:e6:a0:59:86:d2:b7:eb:
bb:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:06:82:A0:C8:79:8D:B7:50:80:F2:5D:60:10:33:3F:7D:D5:49:B3
X509v3 Authority Key Identifier:
keyid:29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/twaCoMh5jbdQgPJdYBAzP33VSbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.25.72.0/21
46.182.208.0/21
77.240.192.0/20
185.79.220.0/22
195.49.132.0/22
Signature Algorithm: sha256WithRSAEncryption
63:1f:6c:29:af:dc:1a:6b:3d:f8:66:b3:10:67:d9:ba:0f:f4:
8a:37:1e:c9:eb:ab:c3:45:6c:81:1e:9c:53:57:0c:76:39:8b:
c4:c5:73:cf:cf:de:e7:98:be:c9:04:9e:3f:0c:88:16:c6:c8:
ec:a4:76:a1:a9:a5:ee:7d:9b:20:7c:57:b3:c5:89:47:8f:3e:
45:1e:34:73:e2:14:d7:b2:11:72:88:32:9c:74:37:a6:38:20:
2e:41:e3:03:52:a8:f3:2d:ad:21:3a:67:a9:bb:d5:2c:b5:47:
a8:88:60:fc:48:23:9b:49:04:79:4b:73:81:58:c3:34:f3:e1:
65:31:e7:e3:92:55:ee:90:3c:23:c7:2d:b9:27:22:25:b3:68:
52:05:d6:bf:c7:9e:06:e2:68:e9:44:26:8d:db:ae:e9:d1:28:
0c:b0:33:24:60:3c:f5:4e:6e:4f:07:27:fc:ab:ee:2d:e4:8b:
6c:54:65:3d:72:82:f4:5b:48:68:0f:f3:a5:08:1e:99:c1:de:
31:69:4f:a8:4b:34:56:0e:7a:8a:0d:3f:ad:26:cf:2f:47:b3:
ce:e6:ae:4e:70:ee:7e:c7:97:3e:00:fa:31:99:97:a4:66:34:
bb:d9:a8:c0:5e:72:a3:ae:dc:cb:3a:51:be:36:3d:ec:69:1a:
61:b9:85:7e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVxTBML6xqeS++CrI5WCs9xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2M1MDhkMjNiMzgzMTViYmY0NWI3MjZkMjIwNTBhNDYx
MjdiOGMwHhcNMjMwMTAyMDcwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzA2ODJhMGM4Nzk4ZGI3NTA4MGYyNWQ2MDEwMzMzZjdkZDU0OWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJC66u+BV6HfbMzst2ieLwK17fNH
kQBpa3zd066AVhZ6A4aualDyPKD1P+hAYzH3HbjVF10GTeOWVEYDrPx73CxjsAnc
Z/qfvJlw8yScG2GSkSQtMLpPXrHkrFZF9mrKhaikCQpbW1hvfzeyJimpbd8pkzsp
qVgcwY1FB1oH0wfzPFBULZicR6fui9+7HQJ8COGIAxvR5bELf9stcgsQVcgoRMFt
I9qFV1bGnscLC5yJS1geINR85V5RBH94KtBK42m4LyeCRXEITXVjd43V94uVsLAP
NchLh9DQpbLq4R0pGb8xMOm9mXJs9/7WEYuSiaguosjcYuagWYbSt+u7rwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLcGgqDIeY23UIDyXWAQMz991UmzMB8GA1UdIwQY
MBaAFCl8UI0js4MVu/Rbcm0iBQpGEnuMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTIt
MzZlOWE3OWJkOTUwLzEvdHdhQ29NaDVqYmRRZ1BKZFlCQXpQMzNWU2JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTItMzZlOWE3OWJkOTUw
LzEvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDJRlIAwQD
LrbQAwQETfDAAwQCuU/cAwQCwzGEMA0GCSqGSIb3DQEBCwUAA4IBAQBjH2wpr9wa
az34ZrMQZ9m6D/SKNx7J66vDRWyBHpxTVwx2OYvExXPPz97nmL7JBJ4/DIgWxsjs
pHahqaXufZsgfFezxYlHjz5FHjRz4hTXshFyiDKcdDemOCAuQeMDUqjzLa0hOmep
u9UstUeoiGD8SCObSQR5S3OBWMM08+FlMefjklXukDwjxy25JyIls2hSBda/x54G
4mjpRCaN267p0SgMsDMkYDz1Tm5PByf8q+4t5ItsVGU9coL0W0hoD/OlCB6Zwd4x
aU+oSzRWDnqKDT+tJs8vR7PO5q5OcO5+x5c+APoxmZekZjS72ajAXnKjrtzLOlG+
Nj3saRphuYV+
-----END CERTIFICATE-----
Generated at Mon Sep 11 16:11:04 2023 by rpki-client on console-ams.rpki-client.org