Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TnwKABzuUSdjMxsIdSxdS2rLzAA.roa
File: TnwKABzuUSdjMxsIdSxdS2rLzAA.roa (raw, json)
Hash identifier: v9eXLsiIPHhUht99zWuDEacJ7RLzAcBnacaiRDsaJGY=
Subject key identifier: 4E:7C:0A:00:1C:EE:51:27:63:33:1B:08:75:2C:5D:4B:6A:CB:CC:00
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01932F46D05D28E2445A75F2C6BFB417454D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TnwKABzuUSdjMxsIdSxdS2rLzAA.roa
Signing time: Fri 15 Nov 2024 10:03:10 +0000
ROA not before: Fri 15 Nov 2024 10:03:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39238
IP address blocks: 194.113.36.0/24 maxlen: 24
194.113.37.0/24 maxlen: 24
194.113.39.0/24 maxlen: 24
212.87.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Nov 2024 06:27:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2f:46:d0:5d:28:e2:44:5a:75:f2:c6:bf:b4:17:45:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 15 10:03:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e7c0a001cee512763331b08752c5d4b6acbcc00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:9f:cb:ff:db:bf:a9:b2:09:af:eb:ab:cc:56:
1e:e4:f2:c4:4b:6d:0a:c7:c7:12:9d:96:83:ed:2c:
01:68:23:e6:6c:b5:27:8a:f4:32:f3:89:8c:55:1f:
29:a4:ff:02:48:40:bb:69:c6:5d:50:43:42:57:25:
09:c5:ce:57:10:1d:ea:04:3c:96:7b:4b:d1:65:af:
b6:c9:f7:ac:10:65:ab:75:1b:a8:3c:20:9f:d9:19:
83:ae:06:e3:f0:e8:d2:12:0a:70:a1:77:9b:1c:55:
30:bf:16:d2:89:b0:74:d7:da:cf:40:17:a2:ac:86:
69:2b:f7:64:5a:e8:90:2d:1e:91:11:f0:85:fd:9f:
e9:86:af:67:eb:9d:e6:c0:77:1c:9c:e5:ec:85:17:
0c:fc:23:5c:75:ea:59:0b:c9:7a:2d:d6:b1:b2:c2:
ea:60:96:8f:3f:74:dc:c0:17:a1:99:89:de:0c:0a:
9d:df:ff:fc:22:57:64:85:d3:1e:93:75:e6:e8:09:
40:45:f4:e0:7c:8d:f3:18:d1:12:d2:ac:fc:13:8e:
75:52:b2:47:e0:e6:96:96:27:db:79:0b:6e:8a:b0:
a0:b1:b5:6a:f6:b9:02:3c:4c:99:a5:60:d9:98:2a:
82:da:d8:b0:6f:84:ea:df:4c:25:5d:6c:f7:86:0f:
99:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:7C:0A:00:1C:EE:51:27:63:33:1B:08:75:2C:5D:4B:6A:CB:CC:00
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TnwKABzuUSdjMxsIdSxdS2rLzAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.113.36.0/23
194.113.39.0/24
212.87.220.0/24
Signature Algorithm: sha256WithRSAEncryption
80:e2:60:b2:fd:14:f9:10:d3:c5:3a:7f:25:b1:e2:b9:85:4a:
70:1c:5f:80:1d:95:4b:91:f6:59:3f:0e:e8:df:57:0c:7f:0b:
0a:ae:25:5c:a9:ff:d9:d5:fe:bd:4d:7a:1e:f9:e8:83:6c:c6:
e0:bc:47:de:90:23:dd:97:ce:ae:1f:22:a4:b5:a6:f0:19:b1:
c0:a7:85:03:95:0c:78:d2:42:0b:cf:30:59:45:0c:55:4f:ed:
47:ef:5c:a8:2a:a9:de:8a:f8:c5:ff:89:0a:e8:9a:63:a3:bb:
1a:d4:49:38:78:bb:35:81:b6:58:78:4e:18:96:bd:82:46:75:
d0:6e:f7:fa:8f:d3:e4:fa:6e:8c:f5:01:c9:bf:ff:d0:b3:c0:
ee:48:05:87:80:ed:ff:3b:52:90:40:ac:08:c4:30:16:5f:94:
c5:17:39:9f:2c:99:f4:96:f6:20:9a:a3:c6:a0:eb:98:a4:96:
0d:9b:c0:a5:98:94:5a:21:77:40:50:36:1e:10:6d:36:9e:11:
d1:a9:7a:4b:3c:35:f1:fe:bc:da:2e:2c:5f:66:8b:8d:5b:5d:
f8:61:d8:12:ca:be:4d:53:4a:39:7b:51:ce:3c:43:91:12:70:
1b:7d:6c:78:cc:57:16:d6:32:cd:f2:d5:88:3f:28:36:94:d9:
23:51:0d:6c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZMvRtBdKOJEWnXyxr+0F0VNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMTE1MTAwMzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTdjMGEwMDFjZWU1MTI3NjMzMzFiMDg3NTJjNWQ0YjZhY2JjYzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsp/L/9u/qbIJr+urzFYe5PLES20K
x8cSnZaD7SwBaCPmbLUnivQy84mMVR8ppP8CSEC7acZdUENCVyUJxc5XEB3qBDyW
e0vRZa+2yfesEGWrdRuoPCCf2RmDrgbj8OjSEgpwoXebHFUwvxbSibB019rPQBei
rIZpK/dkWuiQLR6REfCF/Z/phq9n653mwHccnOXshRcM/CNcdepZC8l6LdaxssLq
YJaPP3TcwBehmYneDAqd3//8IldkhdMek3Xm6AlARfTgfI3zGNES0qz8E451UrJH
4OaWlifbeQtuirCgsbVq9rkCPEyZpWDZmCqC2tiwb4Tq30wlXWz3hg+ZgQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE58CgAc7lEnYzMbCHUsXUtqy8wAMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVG53S0FCenVVU2RqTXhzSWRTeGRTMnJMekFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBwnEkAwQA
wnEnAwQA1FfcMA0GCSqGSIb3DQEBCwUAA4IBAQCA4mCy/RT5ENPFOn8lseK5hUpw
HF+AHZVLkfZZPw7o31cMfwsKriVcqf/Z1f69TXoe+eiDbMbgvEfekCPdl86uHyKk
tabwGbHAp4UDlQx40kILzzBZRQxVT+1H71yoKqneivjF/4kK6Jpjo7sa1Ek4eLs1
gbZYeE4Ylr2CRnXQbvf6j9Pk+m6M9QHJv//Qs8DuSAWHgO3/O1KQQKwIxDAWX5TF
FzmfLJn0lvYgmqPGoOuYpJYNm8ClmJRaIXdAUDYeEG02nhHRqXpLPDXx/rzaLixf
ZouNW134YdgSyr5NU0o5e1HOPEOREnAbfWx4zFcW1jLN8tWIPyg2lNkjUQ1s
-----END CERTIFICATE-----
Generated at Thu Nov 21 08:09:13 2024 by rpki-client on console-fra.rpki-client.org