Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/3c9f4a-4456-4581-b287-52d6b3e4789f/1/TW0Arcxb-5LBytwb89gZBxXXFFU.roa
File: TW0Arcxb-5LBytwb89gZBxXXFFU.roa (raw, json)
Hash identifier: YEk7ORCrSKRKk2qLspbq32IA1mLcFazF5sM44Rxp1zs=
Subject key identifier: 4D:6D:00:AD:CC:5B:FB:92:C1:CA:DC:1B:F3:D8:19:07:15:D7:14:55
Certificate issuer: /CN=998e9cb27f3d1abcc4cc61c3c1bbfdc72628e57b
Certificate serial: 01856FDDCE731476818212E71E5920260C84
Authority key identifier: 99:8E:9C:B2:7F:3D:1A:BC:C4:CC:61:C3:C1:BB:FD:C7:26:28:E5:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mY6csn89GrzEzGHDwbv9xyYo5Xs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/3c9f4a-4456-4581-b287-52d6b3e4789f/1/TW0Arcxb-5LBytwb89gZBxXXFFU.roa
Signing time: Mon 02 Jan 2023 00:24:45 +0000
ROA not before: Mon 02 Jan 2023 00:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59866
IP address blocks: 185.68.134.0/23 maxlen: 23
185.68.134.0/24 maxlen: 24
185.68.135.0/24 maxlen: 24
2a05:1840::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:dd:ce:73:14:76:81:82:12:e7:1e:59:20:26:0c:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=998e9cb27f3d1abcc4cc61c3c1bbfdc72628e57b
Validity
Not Before: Jan 2 00:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d6d00adcc5bfb92c1cadc1bf3d8190715d71455
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a7:1d:55:e9:eb:3e:bf:4c:f0:b6:6f:1a:fe:
c6:01:35:39:01:10:a2:32:c4:b2:0b:48:44:32:6b:
10:a3:8a:d8:d2:cd:4d:f2:38:55:fe:50:ea:86:be:
a8:a2:87:20:39:8a:d9:64:8f:ee:7e:76:dc:d8:60:
a2:9d:8b:0a:38:28:90:b6:48:7f:61:5f:ea:c9:53:
4d:49:c7:a9:76:5d:96:8c:12:64:76:11:5a:0c:f3:
88:f4:db:aa:73:18:d3:2c:3e:5e:13:14:ac:02:6d:
aa:5e:5a:b6:24:1e:05:42:95:f7:f2:d2:20:f9:5f:
e2:66:cd:7b:9c:21:7d:1d:54:2a:75:6e:e4:8c:88:
1b:10:a2:31:49:71:ce:d5:c3:06:89:ba:ad:8e:40:
f8:63:20:e3:6a:c9:41:79:c8:c4:41:1b:b7:c1:cd:
fa:13:b1:6a:aa:a9:f2:44:00:e6:3b:0c:98:59:47:
48:8c:70:36:b4:93:56:76:ca:79:dc:13:57:ad:ed:
a5:60:9a:ef:ff:78:f6:9f:46:7d:aa:93:8b:c8:e1:
52:90:a7:4c:36:40:7a:1b:0c:83:c6:2c:e4:a6:db:
bf:a6:4d:1c:2f:10:6f:99:cc:0c:d1:7f:80:c9:39:
55:0e:35:33:79:25:7a:ff:6e:27:02:3e:75:76:f5:
e5:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:6D:00:AD:CC:5B:FB:92:C1:CA:DC:1B:F3:D8:19:07:15:D7:14:55
X509v3 Authority Key Identifier:
keyid:99:8E:9C:B2:7F:3D:1A:BC:C4:CC:61:C3:C1:BB:FD:C7:26:28:E5:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mY6csn89GrzEzGHDwbv9xyYo5Xs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/3c9f4a-4456-4581-b287-52d6b3e4789f/1/TW0Arcxb-5LBytwb89gZBxXXFFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/3c9f4a-4456-4581-b287-52d6b3e4789f/1/mY6csn89GrzEzGHDwbv9xyYo5Xs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.134.0/23
IPv6:
2a05:1840::/29
Signature Algorithm: sha256WithRSAEncryption
06:ed:0d:4f:d5:6d:7c:ca:56:26:ec:a8:ce:35:b4:d1:a2:12:
27:07:18:61:e6:6b:04:41:c4:7e:d6:47:2a:62:fb:1e:e0:1a:
ff:f4:39:a6:c1:6b:51:49:15:f7:db:e3:88:39:52:45:54:9a:
32:ed:a4:cf:45:22:fc:3e:23:1c:ee:0f:8b:e7:c7:b3:ee:96:
94:24:90:1a:0b:98:81:38:c6:18:f5:73:40:19:aa:1d:a3:a0:
2c:b6:1c:66:80:ed:c0:46:b4:7b:0d:e9:a5:3c:06:2a:a7:81:
ca:09:47:03:39:41:86:60:cb:06:b3:8a:17:fe:9e:cd:ac:d8:
c3:8b:be:b0:2f:21:11:74:92:52:60:9f:59:ae:3d:e2:86:2a:
a2:fa:83:06:cd:03:29:0c:c6:a1:25:6d:8a:46:c1:74:34:a6:
bd:cb:74:9f:22:eb:07:8f:b5:95:46:93:9a:c8:3f:bb:1a:1f:
76:18:f1:3e:8c:01:6e:ac:25:e7:71:2f:c6:24:d9:0a:37:f8:
d8:08:13:f8:0d:09:02:3a:0e:12:f8:27:a3:64:61:23:cb:d3:
b7:78:89:3b:2f:fe:d9:7c:8a:1e:67:0e:69:1b:bd:5b:da:2b:
14:e7:e1:24:93:f2:3b:49:bc:a0:43:09:c7:a4:14:ae:18:3b:
bf:8a:5d:73
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVv3c5zFHaBghLnHlkgJgyEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5OGU5Y2IyN2YzZDFhYmNjNGNjNjFjM2MxYmJmZGM3MjYy
OGU1N2IwHhcNMjMwMTAyMDAyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDZkMDBhZGNjNWJmYjkyYzFjYWRjMWJmM2Q4MTkwNzE1ZDcxNDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmacdVenrPr9M8LZvGv7GATU5ARCi
MsSyC0hEMmsQo4rY0s1N8jhV/lDqhr6ooocgOYrZZI/ufnbc2GCinYsKOCiQtkh/
YV/qyVNNScepdl2WjBJkdhFaDPOI9NuqcxjTLD5eExSsAm2qXlq2JB4FQpX38tIg
+V/iZs17nCF9HVQqdW7kjIgbEKIxSXHO1cMGibqtjkD4YyDjaslBecjEQRu3wc36
E7FqqqnyRADmOwyYWUdIjHA2tJNWdsp53BNXre2lYJrv/3j2n0Z9qpOLyOFSkKdM
NkB6GwyDxizkptu/pk0cLxBvmcwM0X+AyTlVDjUzeSV6/24nAj51dvXlcQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE1tAK3MW/uSwcrcG/PYGQcV1xRVMB8GA1UdIwQY
MBaAFJmOnLJ/PRq8xMxhw8G7/ccmKOV7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVk2Y3NuODlHcnpFekdIRHdidjl4eVlvNVhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8zYzlmNGEtNDQ1Ni00NTgxLWIyODct
NTJkNmIzZTQ3ODlmLzEvVFcwQXJjeGItNUxCeXR3Yjg5Z1pCeFhYRkZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8zYzlmNGEtNDQ1Ni00NTgxLWIyODctNTJkNmIzZTQ3ODlm
LzEvbVk2Y3NuODlHcnpFekdIRHdidjl4eVlvNVhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuUSGMA0E
AgACMAcDBQMqBRhAMA0GCSqGSIb3DQEBCwUAA4IBAQAG7Q1P1W18ylYm7KjONbTR
ohInBxhh5msEQcR+1kcqYvse4Br/9DmmwWtRSRX32+OIOVJFVJoy7aTPRSL8PiMc
7g+L58ez7paUJJAaC5iBOMYY9XNAGaodo6AsthxmgO3ARrR7DemlPAYqp4HKCUcD
OUGGYMsGs4oX/p7NrNjDi76wLyERdJJSYJ9Zrj3ihiqi+oMGzQMpDMahJW2KRsF0
NKa9y3SfIusHj7WVRpOayD+7Gh92GPE+jAFurCXncS/GJNkKN/jYCBP4DQkCOg4S
+CejZGEjy9O3eIk7L/7ZfIoeZw5pG71b2isU5+Ekk/I7SbygQwnHpBSuGDu/il1z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:53 2024 by rpki-client on console-fra.rpki-client.org