Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TlQhMkx39dCzWmqYrey6qjhSrFU.roa
File: TlQhMkx39dCzWmqYrey6qjhSrFU.roa (raw, json)
Hash identifier: neYk6mzjBK8lxYXzknspXW10+fP5hS9Z5OcWKEXLvpM=
Subject key identifier: 4E:54:21:32:4C:77:F5:D0:B3:5A:6A:98:AD:EC:BA:AA:38:52:AC:55
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DCEE5B04C0AEE3D297E6B4A7007ED9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TlQhMkx39dCzWmqYrey6qjhSrFU.roa
Signing time: Tue 02 Jan 2024 06:29:31 +0000
ROA not before: Tue 02 Jan 2024 06:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51396
IP address blocks: 2.58.95.0/24 maxlen: 24
84.54.51.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
141.98.4.0/24 maxlen: 24
94.103.124.0/24 maxlen: 24
31.13.211.0/24 maxlen: 24
87.121.58.0/24 maxlen: 24
87.121.69.0/24 maxlen: 24
45.128.232.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Jan 2024 07:21:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:ee:5b:04:c0:ae:e3:d2:97:e6:b4:a7:00:7e:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e5421324c77f5d0b35a6a98adecbaaa3852ac55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:a2:4a:98:0c:61:f5:a0:4a:ca:f5:bd:d8:04:
95:8f:a6:47:61:f3:61:c0:34:90:a4:30:16:70:71:
5a:13:6c:2b:19:4b:e8:39:38:d3:a6:37:70:40:39:
f4:35:fc:02:d4:5e:8f:d9:36:11:1d:a7:92:2f:65:
f7:1e:91:06:9f:71:46:b9:41:23:67:3d:cd:83:8e:
44:b5:63:b8:e2:11:0c:b5:e1:b0:fb:a8:55:42:30:
78:19:6c:46:dd:fe:06:dd:51:8d:d4:eb:c3:dd:6b:
d6:2d:95:c5:34:96:69:12:12:da:55:46:e9:bc:43:
4d:47:d4:23:da:c2:8f:1e:3a:66:4d:22:fe:90:36:
d0:28:ad:50:db:7b:c0:f7:fc:de:37:c5:50:75:3d:
6c:cd:37:9a:d7:3c:66:23:b4:11:56:07:93:b7:d4:
76:ed:f9:e0:0e:c3:c8:f4:56:f7:d5:9f:fa:be:4d:
df:67:7c:43:e2:3b:e9:80:72:e5:32:1c:a5:db:3e:
d6:28:07:24:b4:32:bd:1e:56:60:73:19:85:02:6f:
f4:fe:f5:ef:7b:b1:4a:e5:9c:fc:58:5b:b7:22:25:
71:25:13:1c:75:e7:14:4c:02:8f:b2:cc:e8:03:5c:
33:9b:27:c4:e3:73:c0:d6:84:7a:a8:02:00:c4:2d:
8c:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:54:21:32:4C:77:F5:D0:B3:5A:6A:98:AD:EC:BA:AA:38:52:AC:55
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TlQhMkx39dCzWmqYrey6qjhSrFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.95.0/24
31.13.211.0/24
45.128.232.0/24
84.54.51.0/24
87.121.58.0/24
87.121.69.0/24
94.103.124.0/23
141.98.4.0/24
147.78.102.0/24
193.35.18.0/24
Signature Algorithm: sha256WithRSAEncryption
22:45:8b:5e:d2:5b:42:44:91:a7:f8:27:da:47:6d:4e:ba:33:
d0:3e:ea:6a:df:e4:57:38:87:52:da:a2:68:e3:20:df:17:ab:
2e:a5:ac:5b:51:08:59:25:3a:48:fd:96:cd:8c:c7:b3:d5:4b:
0d:11:ed:52:38:75:0a:dd:dc:3b:9a:b0:83:43:4c:f7:ad:c8:
6b:80:3a:05:d8:bc:33:e9:de:27:74:17:0f:be:b7:21:08:43:
ee:a8:94:b7:c3:a8:ab:eb:62:4e:88:09:ac:90:25:b7:cb:f4:
79:97:63:6a:3b:c4:5c:90:07:e5:6c:03:5e:68:86:58:81:87:
2f:08:e3:78:2d:54:72:09:0a:6b:5c:c3:9f:7f:ec:2e:d8:ae:
ff:7c:90:2e:3d:77:bb:47:d6:f7:cc:85:51:df:1e:72:92:89:
70:45:8a:2d:f2:ba:82:79:97:44:47:65:32:c3:bf:d7:1a:ff:
6c:f7:ac:5d:8e:2a:fb:3d:4f:ea:58:3c:02:dc:4b:cf:69:8a:
5f:dc:3b:d0:ef:fd:9f:83:a0:5a:3e:d4:a0:f9:f8:7d:bf:4d:
fa:f1:48:9f:58:2b:2f:d5:71:d5:dd:b2:a8:46:17:62:6c:36:
11:aa:b5:83:06:3c:55:c2:f5:2d:31:3a:61:4c:61:0b:9d:51:
10:be:14:b2
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYzI3O5bBMCu49KX5rSnAH7ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTU0MjEzMjRjNzdmNWQwYjM1YTZhOThhZGVjYmFhYTM4NTJhYzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6JKmAxh9aBKyvW92ASVj6ZHYfNh
wDSQpDAWcHFaE2wrGUvoOTjTpjdwQDn0NfwC1F6P2TYRHaeSL2X3HpEGn3FGuUEj
Zz3Ng45EtWO44hEMteGw+6hVQjB4GWxG3f4G3VGN1OvD3WvWLZXFNJZpEhLaVUbp
vENNR9Qj2sKPHjpmTSL+kDbQKK1Q23vA9/zeN8VQdT1szTea1zxmI7QRVgeTt9R2
7fngDsPI9Fb31Z/6vk3fZ3xD4jvpgHLlMhyl2z7WKAcktDK9HlZgcxmFAm/0/vXv
e7FK5Zz8WFu3IiVxJRMcdecUTAKPsszoA1wzmyfE43PA1oR6qAIAxC2MAQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFE5UITJMd/XQs1pqmK3suqo4UqxVMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVGxRaE1reDM5ZEN6V21xWXJleTZxamhTckZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAAjpfAwQA
Hw3TAwQALYDoAwQAVDYzAwQAV3k6AwQAV3lFAwQBXmd8AwQAjWIEAwQAk05mAwQA
wSMSMA0GCSqGSIb3DQEBCwUAA4IBAQAiRYte0ltCRJGn+CfaR21OujPQPupq3+RX
OIdS2qJo4yDfF6supaxbUQhZJTpI/ZbNjMez1UsNEe1SOHUK3dw7mrCDQ0z3rchr
gDoF2Lwz6d4ndBcPvrchCEPuqJS3w6ir62JOiAmskCW3y/R5l2NqO8RckAflbANe
aIZYgYcvCON4LVRyCQprXMOff+wu2K7/fJAuPXe7R9b3zIVR3x5ykolwRYot8rqC
eZdER2Uyw7/XGv9s96xdjir7PU/qWDwC3EvPaYpf3DvQ7/2fg6BaPtSg+fh9v036
8UifWCsv1XHV3bKoRhdibDYRqrWDBjxVwvUtMTphTGELnVEQvhSy
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:34 2024 by rpki-client on console-ams.rpki-client.org