Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/TWGhCmilcSmT03tiEIgGSp7i1Pg.roa
File: TWGhCmilcSmT03tiEIgGSp7i1Pg.roa (raw, json)
Hash identifier: dfUEZ/Nl3dt4Y7v4nPTmJJeg3T17xb0++tCckNNSkZ8=
Subject key identifier: 4D:61:A1:0A:68:A5:71:29:93:D3:7B:62:10:88:06:4A:9E:E2:D4:F8
Certificate issuer: /CN=5324defbaade93e998e13a942029dd593b8b2ea3
Certificate serial: 01874E582EE875C8C24BAC8022517AA7049F
Authority key identifier: 53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/TWGhCmilcSmT03tiEIgGSp7i1Pg.roa
Signing time: Tue 04 Apr 2023 22:16:54 +0000
ROA not before: Tue 04 Apr 2023 22:16:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59447
IP address blocks: 198.55.29.0/24 maxlen: 24
198.55.28.0/24 maxlen: 24
198.55.31.0/24 maxlen: 24
198.55.30.0/24 maxlen: 24
185.4.225.0/24 maxlen: 24
23.252.67.0/24 maxlen: 24
23.252.68.0/24 maxlen: 24
23.252.71.0/24 maxlen: 24
23.252.75.0/24 maxlen: 24
23.252.76.0/24 maxlen: 24
23.252.79.0/24 maxlen: 24
185.161.110.0/24 maxlen: 24
162.218.177.0/24 maxlen: 24
162.218.176.0/24 maxlen: 24
162.218.179.0/24 maxlen: 24
185.161.111.0/24 maxlen: 24
162.218.178.0/24 maxlen: 24
167.160.1.0/24 maxlen: 24
167.160.0.0/24 maxlen: 24
167.160.3.0/24 maxlen: 24
162.222.90.0/24 maxlen: 24
162.222.89.0/24 maxlen: 24
167.160.17.0/24 maxlen: 24
167.160.13.0/24 maxlen: 24
167.160.21.0/24 maxlen: 24
167.160.28.0/24 maxlen: 24
167.160.30.0/24 maxlen: 24
167.160.29.0/24 maxlen: 24
107.150.163.0/24 maxlen: 24
107.150.162.0/24 maxlen: 24
107.150.164.0/24 maxlen: 24
107.150.166.0/24 maxlen: 24
107.150.167.0/24 maxlen: 24
107.150.168.0/24 maxlen: 24
107.150.169.0/24 maxlen: 24
107.150.172.0/24 maxlen: 24
107.150.171.0/24 maxlen: 24
107.150.173.0/24 maxlen: 24
107.150.175.0/24 maxlen: 24
185.212.174.0/24 maxlen: 24
2a07:5140::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 16 May 2023 04:06:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4e:58:2e:e8:75:c8:c2:4b:ac:80:22:51:7a:a7:04:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5324defbaade93e998e13a942029dd593b8b2ea3
Validity
Not Before: Apr 4 22:16:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d61a10a68a5712993d37b621088064a9ee2d4f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:71:29:bd:32:21:d3:7e:38:ee:bc:16:d3:c0:
44:31:ce:69:c4:d8:48:52:28:58:bf:bf:84:bd:c8:
f7:73:93:fb:84:6e:57:cd:b1:33:b1:23:d2:60:a5:
5e:ff:07:c8:3f:32:60:59:4e:b0:c9:61:18:fd:df:
17:4a:43:d3:e9:d8:11:61:7c:41:f1:22:03:be:4c:
9a:06:0d:a6:94:bd:69:db:6b:c4:d3:00:43:59:97:
1f:d5:d4:fc:55:93:f8:8d:7d:02:df:17:06:d8:e4:
86:c7:04:84:4e:3a:08:1d:42:4d:b9:58:fd:bd:9e:
49:46:f0:8b:b9:02:ba:a1:07:29:93:02:35:69:cc:
91:7c:2f:a8:97:02:42:1a:0d:a1:39:85:96:3f:e3:
fd:36:f0:dd:49:d0:5e:82:5c:fe:fe:c3:51:de:97:
99:bb:32:2b:f2:47:44:f4:10:fe:7a:04:72:c6:0f:
73:13:86:fa:f9:52:b9:30:cb:18:85:ea:47:f7:6c:
ce:f5:67:90:74:76:bf:ac:17:bf:c8:00:bd:23:c1:
fc:86:c1:e0:6a:3c:47:ad:36:36:76:c8:eb:78:0c:
de:24:0a:f6:0e:dc:db:11:81:ba:d8:69:61:9f:df:
cb:6e:d3:ad:9b:9c:b3:3d:2b:50:fc:e2:cb:4e:b6:
e7:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:61:A1:0A:68:A5:71:29:93:D3:7B:62:10:88:06:4A:9E:E2:D4:F8
X509v3 Authority Key Identifier:
keyid:53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/TWGhCmilcSmT03tiEIgGSp7i1Pg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/UyTe-6rek-mY4TqUICndWTuLLqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.252.67.0-23.252.68.255
23.252.71.0/24
23.252.75.0-23.252.76.255
23.252.79.0/24
107.150.162.0-107.150.164.255
107.150.166.0-107.150.169.255
107.150.171.0-107.150.173.255
107.150.175.0/24
162.218.176.0/22
162.222.89.0-162.222.90.255
167.160.0.0/23
167.160.3.0/24
167.160.13.0/24
167.160.17.0/24
167.160.21.0/24
167.160.28.0-167.160.30.255
185.4.225.0/24
185.161.110.0/23
185.212.174.0/24
198.55.28.0/22
IPv6:
2a07:5140::/29
Signature Algorithm: sha256WithRSAEncryption
67:2d:56:73:d0:e0:94:7a:c2:91:9d:d8:f6:75:1f:53:ec:fe:
ae:24:cf:b6:88:cd:13:7f:cc:c4:fc:96:c9:85:70:dd:56:fd:
28:77:f0:24:f1:dd:55:8b:35:db:5c:84:42:60:ed:f1:79:e4:
d7:92:f9:6c:3c:5b:54:21:15:f9:78:ab:63:e8:2b:3b:46:69:
11:93:f7:30:52:86:e8:9f:f7:ea:4a:ae:c8:96:02:75:c1:6c:
34:a2:7f:0b:99:38:c1:08:dd:42:e0:c8:23:72:d9:63:df:50:
d4:fc:e3:5b:72:fe:e5:f8:ca:59:25:b8:06:e0:a8:e7:b8:33:
a6:3a:5e:63:b0:86:ae:2c:34:d6:0f:bc:1a:c5:8c:c3:bf:56:
c2:ae:47:ca:fd:20:4f:71:d4:75:b6:11:de:ca:e3:e9:c1:40:
06:0d:9f:4a:a1:95:d8:c6:30:c8:b4:e8:49:28:97:96:91:92:
19:0d:b6:7d:ee:de:34:8d:c2:28:0e:ea:c4:3f:35:fa:d3:9e:
15:c6:c1:3b:4b:1e:d1:e8:7a:49:9c:9d:26:8d:f9:13:f5:1b:
d8:fe:5b:87:9f:9e:87:4e:54:56:06:57:0b:81:d9:d1:7c:87:
bb:8e:3d:59:14:ff:f4:ed:e2:ad:20:82:29:18:1c:75:2b:e3:
82:52:7e:d0
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgISAYdOWC7odcjCS6yAIlF6pwSfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMjRkZWZiYWFkZTkzZTk5OGUxM2E5NDIwMjlkZDU5M2I4
YjJlYTMwHhcNMjMwNDA0MjIxNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDYxYTEwYTY4YTU3MTI5OTNkMzdiNjIxMDg4MDY0YTllZTJkNGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3EpvTIh03447rwW08BEMc5pxNhI
UihYv7+Evcj3c5P7hG5XzbEzsSPSYKVe/wfIPzJgWU6wyWEY/d8XSkPT6dgRYXxB
8SIDvkyaBg2mlL1p22vE0wBDWZcf1dT8VZP4jX0C3xcG2OSGxwSETjoIHUJNuVj9
vZ5JRvCLuQK6oQcpkwI1acyRfC+olwJCGg2hOYWWP+P9NvDdSdBeglz+/sNR3peZ
uzIr8kdE9BD+egRyxg9zE4b6+VK5MMsYhepH92zO9WeQdHa/rBe/yAC9I8H8hsHg
ajxHrTY2dsjreAzeJAr2DtzbEYG62Glhn9/LbtOtm5yzPStQ/OLLTrbn/QIDAQAB
o4ICxzCCAsMwHQYDVR0OBBYEFE1hoQpopXEpk9N7YhCIBkqe4tT4MB8GA1UdIwQY
MBaAFFMk3vuq3pPpmOE6lCAp3Vk7iy6jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2Qt
MzNiNzQ1OTk3NWUwLzEvVFdHaENtaWxjU21UMDN0aUVJZ0dTcDdpMVBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2QtMzNiNzQ1OTk3NWUw
LzEvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHcBggrBgEFBQcBBwEB/wSBzDCByTCBtwQCAAEwgbAwDAME
ABf8QwMEABf8RAMEABf8RzAMAwQAF/xLAwQAF/xMAwQAF/xPMAwDBAFrlqIDBABr
lqQwDAMEAWuWpgMEAWuWqDAMAwQAa5arAwQBa5asAwQAa5avAwQCotqwMAwDBACi
3lkDBACi3loDBAGnoAADBACnoAMDBACnoA0DBACnoBEDBACnoBUwDAMEAqegHAME
AKegHgMEALkE4QMEAbmhbgMEALnUrgMEAsY3HDANBAIAAjAHAwUDKgdRQDANBgkq
hkiG9w0BAQsFAAOCAQEAZy1Wc9DglHrCkZ3Y9nUfU+z+riTPtojNE3/MxPyWyYVw
3Vb9KHfwJPHdVYs121yEQmDt8Xnk15L5bDxbVCEV+XirY+grO0ZpEZP3MFKG6J/3
6kquyJYCdcFsNKJ/C5k4wQjdQuDII3LZY99Q1PzjW3L+5fjKWSW4BuCo57gzpjpe
Y7CGriw01g+8GsWMw79Wwq5Hyv0gT3HUdbYR3srj6cFABg2fSqGV2MYwyLToSSiX
lpGSGQ22fe7eNI3CKA7qxD81+tOeFcbBO0se0eh6SZydJo35E/Ub2P5bh5+eh05U
VgZXC4HZ0XyHu449WRT/9O3irSCCKRgcdSvjglJ+0A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:09 2024 by rpki-client on console-ams.rpki-client.org