Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TZ_L8uho6L0FbCJ3noTLp33vg0o.roa
File: TZ_L8uho6L0FbCJ3noTLp33vg0o.roa (raw, json)
Hash identifier: J3W0/JUHojmCypYU83PGeceXzp7T9Gbe/nUBs7Nmbak=
Subject key identifier: 4D:9F:CB:F2:E8:68:E8:BD:05:6C:22:77:9E:84:CB:A7:7D:EF:83:4A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01856D82002DAEE5F27D68B0BBC8DE0A13B2
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TZ_L8uho6L0FbCJ3noTLp33vg0o.roa
Signing time: Sun 01 Jan 2023 13:25:14 +0000
ROA not before: Sun 01 Jan 2023 13:25:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201133
IP address blocks: 212.73.137.0/24 maxlen: 24
93.123.73.207/32 maxlen: 32
93.123.73.0/24 maxlen: 24
94.156.175.0/24 maxlen: 24
93.123.10.0/24 maxlen: 24
87.121.110.0/24 maxlen: 24
85.217.223.0/24 maxlen: 24
85.217.222.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:82:00:2d:ae:e5:f2:7d:68:b0:bb:c8:de:0a:13:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 1 13:25:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d9fcbf2e868e8bd056c22779e84cba77def834a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:39:59:9a:77:59:a3:b0:75:49:5c:e8:28:5e:
72:47:6b:eb:f7:56:1b:28:b8:98:1f:57:12:00:05:
11:99:5d:c1:af:b5:e3:5f:12:56:7e:c7:2e:a6:3c:
85:23:56:ad:f1:87:27:4d:69:0a:a7:1f:b3:90:43:
7c:63:14:00:f9:17:83:04:32:34:92:ee:43:8a:db:
22:74:eb:a7:8a:ba:19:53:a3:78:83:84:9f:42:8b:
be:46:df:ad:6b:fc:b7:b8:6d:ee:82:b6:6d:11:8d:
e7:f4:ec:78:4f:3f:82:7d:0e:42:8a:73:c0:42:77:
5d:19:08:68:7c:56:15:08:55:05:06:19:f6:97:ae:
de:e6:5b:dc:52:f4:bb:f9:64:11:2e:67:24:ba:39:
75:fa:9c:aa:3f:76:da:2a:10:30:b4:d1:e8:83:22:
3a:0d:f4:7c:10:02:15:44:23:c2:24:35:07:54:dc:
c9:4d:5d:03:65:85:22:93:88:41:45:df:92:27:61:
73:12:84:05:b1:a2:64:c2:36:45:a8:68:f9:68:d1:
6f:d3:7b:ba:f4:51:cf:f6:0c:d1:22:c0:04:c1:4b:
a7:5d:d6:a8:1a:77:ec:c6:83:8e:02:50:5e:db:1e:
e1:16:90:26:23:08:88:1b:a7:a7:b5:ae:da:c4:89:
b4:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:9F:CB:F2:E8:68:E8:BD:05:6C:22:77:9E:84:CB:A7:7D:EF:83:4A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TZ_L8uho6L0FbCJ3noTLp33vg0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.222.0/23
87.121.110.0/24
93.123.10.0/24
93.123.73.0/24
94.156.175.0/24
212.73.137.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:cd:d3:56:50:40:5e:41:c1:e5:1f:a2:f8:be:02:ac:fc:cb:
7f:03:2f:07:c9:50:8c:23:3d:1d:3d:e3:4e:bb:b1:4c:6a:34:
c7:d9:1e:99:4c:30:e1:1d:d5:cd:d5:c4:e1:b9:17:48:ac:57:
58:fa:18:f6:dc:c8:97:03:91:8f:93:77:ab:40:14:e6:80:37:
50:c9:6d:b5:e5:d2:2f:c9:1f:2c:31:45:78:bb:7b:e6:b5:17:
17:cd:94:24:00:c6:44:6a:b1:f6:17:e1:04:60:ed:45:e2:ee:
7b:ee:14:d8:98:c8:63:d0:d6:f4:99:94:bb:37:b0:21:17:89:
72:af:db:bf:1e:b5:35:2f:07:d1:75:bc:dd:a6:95:2a:f7:e6:
fa:06:40:46:69:e7:96:35:35:c1:5e:39:b9:7b:1a:04:df:d9:
a8:20:02:9d:89:81:df:4f:35:87:43:aa:ec:bd:69:87:3b:05:
a7:14:b0:4c:d1:48:94:05:d4:c5:a1:0d:15:a2:a1:22:c8:cf:
18:13:77:03:5c:34:9e:b2:29:bd:e1:49:14:ff:d7:af:7f:aa:
cf:54:2b:46:e8:7c:69:72:0f:91:3c:3c:08:a9:c7:bc:85:54:
c4:23:34:f3:f3:e2:25:ea:57:d2:ac:0d:d7:74:aa:5e:35:72:
45:ab:dc:74
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVtggAtruXyfWiwu8jeChOyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAxMTMyNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDlmY2JmMmU4NjhlOGJkMDU2YzIyNzc5ZTg0Y2JhNzdkZWY4MzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjlZmndZo7B1SVzoKF5yR2vr91Yb
KLiYH1cSAAURmV3Br7XjXxJWfscupjyFI1at8YcnTWkKpx+zkEN8YxQA+ReDBDI0
ku5DitsidOuniroZU6N4g4SfQou+Rt+ta/y3uG3ugrZtEY3n9Ox4Tz+CfQ5CinPA
QnddGQhofFYVCFUFBhn2l67e5lvcUvS7+WQRLmckujl1+pyqP3baKhAwtNHogyI6
DfR8EAIVRCPCJDUHVNzJTV0DZYUik4hBRd+SJ2FzEoQFsaJkwjZFqGj5aNFv03u6
9FHP9gzRIsAEwUunXdaoGnfsxoOOAlBe2x7hFpAmIwiIG6enta7axIm0QQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFE2fy/LoaOi9BWwid56Ey6d974NKMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVFpfTDh1aG82TDBGYkNKM25vVExwMzN2ZzBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBVdneAwQA
V3luAwQAXXsKAwQAXXtJAwQAXpyvAwQA1EmJMA0GCSqGSIb3DQEBCwUAA4IBAQCl
zdNWUEBeQcHlH6L4vgKs/Mt/Ay8HyVCMIz0dPeNOu7FMajTH2R6ZTDDhHdXN1cTh
uRdIrFdY+hj23MiXA5GPk3erQBTmgDdQyW215dIvyR8sMUV4u3vmtRcXzZQkAMZE
arH2F+EEYO1F4u577hTYmMhj0Nb0mZS7N7AhF4lyr9u/HrU1LwfRdbzdppUq9+b6
BkBGaeeWNTXBXjm5exoE39moIAKdiYHfTzWHQ6rsvWmHOwWnFLBM0UiUBdTFoQ0V
oqEiyM8YE3cDXDSesim94UkU/9evf6rPVCtG6Hxpcg+RPDwIqce8hVTEIzTz8+Il
6lfSrA3XdKpeNXJFq9x0
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:18:47 2024 by rpki-client on console-fra.rpki-client.org