Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/TBRMmaACfJhC7mycG-GRMT-9wqM.roa
File: TBRMmaACfJhC7mycG-GRMT-9wqM.roa (raw, json)
Hash identifier: O5EUdzPhi49IhbpXyMKblSkn1wNxnesIM6BJlIe82uE=
Subject key identifier: 4C:14:4C:99:A0:02:7C:98:42:EE:6C:9C:1B:E1:91:31:3F:BD:C2:A3
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0191DF47C688A40C0ED35B446C9C4C94D081
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/TBRMmaACfJhC7mycG-GRMT-9wqM.roa
Signing time: Wed 11 Sep 2024 04:11:48 +0000
ROA not before: Wed 11 Sep 2024 04:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/19 maxlen: 32
5.83.128.0/20 maxlen: 32
5.83.151.0/24 maxlen: 32
5.83.156.0/24 maxlen: 24
5.175.128.0/17 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.233.0/24 maxlen: 32
77.90.0.0/18 maxlen: 32
77.90.29.0/24 maxlen: 24
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
87.239.128.0/21 maxlen: 32
87.239.131.0/24 maxlen: 24
89.106.64.0/19 maxlen: 32
89.144.0.0/18 maxlen: 32
94.103.160.0/20 maxlen: 32
94.249.128.0/17 maxlen: 32
94.249.138.0/24 maxlen: 24
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
Validation: Failed, certificate revoked on Thu 12 Sep 2024 04:07:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:df:47:c6:88:a4:0c:0e:d3:5b:44:6c:9c:4c:94:d0:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Sep 11 04:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c144c99a0027c9842ee6c9c1be191313fbdc2a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:94:0c:35:99:21:08:a3:a1:ce:8a:c5:94:6f:
0e:e8:08:33:92:dd:40:16:21:4a:12:9a:2a:a8:b3:
bd:ed:e5:85:25:51:31:36:6b:82:fe:c7:32:14:eb:
a0:81:ca:92:7c:18:59:be:38:eb:71:7e:63:0e:59:
58:6b:89:35:52:6f:72:88:37:cb:f9:02:d1:00:ae:
29:4c:6e:47:cb:9c:05:b7:07:7e:0c:57:b9:7a:c6:
48:e4:c9:89:64:bd:ef:55:97:0d:82:cd:0a:b1:9c:
4f:c1:c9:ba:1f:8e:b0:91:fb:27:2d:f9:30:a3:9c:
6e:d2:2b:81:d9:7f:e1:3d:a4:98:5c:b0:df:f1:1f:
76:5f:3c:b6:cc:d3:d0:38:11:f1:69:a9:c6:e8:e6:
39:09:86:4b:1c:74:9e:2b:48:b7:23:f3:81:da:ac:
1e:85:c9:82:11:e3:03:a9:da:e4:fb:51:44:c1:2a:
49:db:41:fe:54:63:1d:93:c5:b4:8d:63:44:7f:44:
bb:c2:16:a1:92:72:cf:e8:04:cf:56:c5:3f:b7:2b:
fd:9a:1f:bd:43:6c:b0:d8:58:4b:42:18:47:d4:c2:
f2:0d:e6:7e:ce:d7:6f:a2:13:f6:bd:3b:c4:8f:b8:
dc:9c:1d:11:84:19:87:08:9b:79:00:68:6b:c7:3c:
35:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:14:4C:99:A0:02:7C:98:42:EE:6C:9C:1B:E1:91:31:3F:BD:C2:A3
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/TBRMmaACfJhC7mycG-GRMT-9wqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/19
5.175.128.0/17
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
29:cd:66:2b:6f:2c:de:f5:98:4c:94:3b:64:70:86:59:06:82:
3c:40:0b:35:84:28:1f:cd:38:8e:ea:27:4c:56:c0:97:f4:d7:
6f:c5:1a:a8:09:5c:72:4e:87:98:62:39:22:4a:f7:7f:64:5a:
98:63:2b:ef:e9:6d:d3:c3:dd:bb:c0:87:c2:68:9f:5e:8c:0c:
87:44:ef:d4:fc:aa:d0:93:07:12:ad:c3:f9:56:17:04:2e:07:
e5:82:7f:ff:ae:aa:a6:8c:27:e5:76:ca:e8:34:cd:45:46:1e:
24:f3:12:c0:de:4e:04:f6:f7:44:b4:f5:a7:96:9e:79:8c:2b:
8b:d6:87:c5:9e:67:1b:4d:aa:af:2e:b3:e1:6e:d7:78:35:55:
6b:ac:55:f9:3a:22:90:e4:5a:da:3b:d1:b5:58:91:ac:dd:53:
1c:4e:b0:38:59:ac:91:2f:fb:68:78:8e:c6:4a:50:f6:70:73:
24:6f:1c:6f:5e:bf:91:cf:02:26:09:7f:ba:67:09:a0:f3:c8:
c7:3a:b1:17:ac:c6:bf:c5:f2:b4:e4:08:49:e6:82:34:fc:47:
d4:12:68:e8:85:55:a9:b0:4b:a6:69:30:f2:77:e5:d1:21:c6:
16:f7:53:08:cd:27:fd:2d:9e:ba:93:27:6f:7c:bf:e7:64:e8:
0c:1c:c9:c1
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZHfR8aIpAwO01tEbJxMlNCBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQwOTExMDQxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzE0NGM5OWEwMDI3Yzk4NDJlZTZjOWMxYmUxOTEzMTNmYmRjMmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpQMNZkhCKOhzorFlG8O6Agzkt1A
FiFKEpoqqLO97eWFJVExNmuC/scyFOuggcqSfBhZvjjrcX5jDllYa4k1Um9yiDfL
+QLRAK4pTG5Hy5wFtwd+DFe5esZI5MmJZL3vVZcNgs0KsZxPwcm6H46wkfsnLfkw
o5xu0iuB2X/hPaSYXLDf8R92Xzy2zNPQOBHxaanG6OY5CYZLHHSeK0i3I/OB2qwe
hcmCEeMDqdrk+1FEwSpJ20H+VGMdk8W0jWNEf0S7whahknLP6ATPVsU/tyv9mh+9
Q2yw2FhLQhhH1MLyDeZ+ztdvohP2vTvEj7jcnB0RhBmHCJt5AGhrxzw1QwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFEwUTJmgAnyYQu5snBvhkTE/vcKjMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvVEJSTW1hQUNmSmhDN215Y0ctR1JNVC05d3FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTB9BAIAATB3AwQFBVOA
AwQHBa+AAwMBBeYDBAZNWgADBANT81ADBAVVXQADBANVdqADBANX74ADBAVZakAD
BAZZkAADBAReZ6ADBAde+YADBAJf1yADBASyEpADBAK5DZwDBAG5L4wDBAC5eUcD
BADBHPsDBAHDbg4DBATZRaAwMAQCAAIwKgMFAyoAEtgDBQMqABnQAwUAKgDNwAMF
AyoBvUADBQMqAgegAwUDKgIvwDANBgkqhkiG9w0BAQsFAAOCAQEAKc1mK28s3vWY
TJQ7ZHCGWQaCPEALNYQoH804juonTFbAl/TXb8UaqAlcck6HmGI5Ikr3f2RamGMr
7+lt08Pdu8CHwmifXowMh0Tv1Pyq0JMHEq3D+VYXBC4H5YJ//66qpown5XbK6DTN
RUYeJPMSwN5OBPb3RLT1p5aeeYwri9aHxZ5nG02qry6z4W7XeDVVa6xV+ToikORa
2jvRtViRrN1THE6wOFmskS/7aHiOxkpQ9nBzJG8cb16/kc8CJgl/umcJoPPIxzqx
F6zGv8XytOQISeaCNPxH1BJo6IVVqbBLpmkw8nfl0SHGFvdTCM0n/S2eupMnb3y/
52ToDBzJwQ==
-----END CERTIFICATE-----
Generated at Thu Sep 12 07:27:13 2024 by rpki-client on console-ams.rpki-client.org