Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/TSCzp-2kKxE1e40k8PgUMMWBsFA.roa
File: TSCzp-2kKxE1e40k8PgUMMWBsFA.roa (raw, json)
Hash identifier: tl53VtB1Ib24bQnPfDd/uEj6UCnNSoF5TXkcqpF+IY4=
Subject key identifier: 4D:20:B3:A7:ED:A4:2B:11:35:7B:8D:24:F0:F8:14:30:C5:81:B0:50
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 018ED8C44C7A2A4F366AA52549E72F486918
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/TSCzp-2kKxE1e40k8PgUMMWBsFA.roa
Signing time: Sat 13 Apr 2024 18:42:07 +0000
ROA not before: Sat 13 Apr 2024 18:42:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216271
IP address blocks: 185.168.28.0/22 maxlen: 22
185.201.136.0/22 maxlen: 22
2a06:b3c0::/29 maxlen: 29
2a06:b440::/29 maxlen: 29
2a06:cac0::/29 maxlen: 29
2a0f:d480::/29 maxlen: 29
2a11:2f40::/29 maxlen: 29
2a11:3b40::/29 maxlen: 29
2a11:7240::/29 maxlen: 29
2a11:9600::/29 maxlen: 29
2a11:f140::/29 maxlen: 29
2a12:440::/29 maxlen: 29
2a12:28c0::/29 maxlen: 29
2a12:6640::/29 maxlen: 29
2a12:6740::/29 maxlen: 29
2a12:6b80::/29 maxlen: 29
2a12:6f40::/29 maxlen: 29
2a12:7740::/29 maxlen: 29
2a12:8ec0::/29 maxlen: 29
2a12:ccc0::/29 maxlen: 29
2a12:d3c0::/29 maxlen: 29
2a12:e240::/29 maxlen: 29
2a12:f0c0::/29 maxlen: 29
2a14:c0::/29 maxlen: 29
2a14:140::/29 maxlen: 29
2a14:1c0::/29 maxlen: 29
2a14:800::/29 maxlen: 29
2a14:f40::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 20 Apr 2024 21:08:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d8:c4:4c:7a:2a:4f:36:6a:a5:25:49:e7:2f:48:69:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Apr 13 18:42:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d20b3a7eda42b11357b8d24f0f81430c581b050
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e9:89:6c:3b:3d:cf:bf:ee:4f:6b:65:e2:3e:
72:3a:e9:bd:e6:2f:02:77:88:35:93:1e:e8:79:cf:
40:d5:bf:7b:cd:33:9a:95:76:f5:38:79:32:1b:bf:
fc:b6:f9:fb:01:ee:53:c7:29:1c:11:4f:aa:fa:23:
48:0d:7a:c2:c2:5d:14:7a:e4:6e:e1:ea:6d:ff:33:
11:99:46:39:15:4c:a7:b8:2f:d3:ce:6a:2e:f6:6f:
43:14:e6:c4:5a:42:dc:ff:a9:58:c4:2f:01:50:00:
c8:5b:58:a0:75:34:16:ff:bd:8a:b9:b4:e5:d7:a3:
46:69:52:f3:18:44:87:59:07:3d:79:8f:75:53:0f:
25:cf:c8:84:6e:e9:09:ed:00:9c:63:8b:60:d7:2a:
42:f0:09:bd:4f:4c:8f:6c:e1:df:f7:e9:ad:19:8a:
cb:d6:7a:a3:32:1d:0d:a5:9c:ef:ee:69:a7:02:19:
70:89:ed:a1:70:13:34:89:5b:25:eb:2b:c0:25:38:
6b:dd:68:02:ae:a0:b1:c3:a4:ad:c7:f2:d8:d6:87:
f7:2f:7c:23:ef:9c:5c:f0:bc:69:82:96:c0:a2:51:
4e:11:9c:87:8c:84:29:75:dc:0d:c4:1f:c2:e6:93:
0c:c3:fc:54:08:41:8e:ce:b5:9d:10:15:b3:46:c0:
67:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:20:B3:A7:ED:A4:2B:11:35:7B:8D:24:F0:F8:14:30:C5:81:B0:50
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/TSCzp-2kKxE1e40k8PgUMMWBsFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.168.28.0/22
185.201.136.0/22
IPv6:
2a06:b3c0::/29
2a06:b440::/29
2a06:cac0::/29
2a0f:d480::/29
2a11:2f40::/29
2a11:3b40::/29
2a11:7240::/29
2a11:9600::/29
2a11:f140::/29
2a12:440::/29
2a12:28c0::/29
2a12:6640::/29
2a12:6740::/29
2a12:6b80::/29
2a12:6f40::/29
2a12:7740::/29
2a12:8ec0::/29
2a12:ccc0::/29
2a12:d3c0::/29
2a12:e240::/29
2a12:f0c0::/29
2a14:c0::/29
2a14:140::/29
2a14:1c0::/29
2a14:800::/29
2a14:f40::/29
Signature Algorithm: sha256WithRSAEncryption
57:62:df:d3:80:dc:61:91:e6:cd:4e:7a:d6:da:26:f4:76:af:
2c:4b:18:f5:eb:82:11:58:93:eb:71:d1:e6:89:30:38:cd:25:
db:a9:39:a7:de:7a:13:2b:e7:22:0c:6c:54:6a:d0:59:08:f2:
70:eb:9e:ef:6b:a7:1c:08:fe:bc:c8:5c:e4:ce:40:9d:22:27:
b7:ea:08:2b:5c:e8:85:d2:e4:76:16:3b:ea:71:74:17:8c:82:
ae:d7:04:b4:60:e6:26:66:89:ba:df:0d:72:c7:fd:dc:11:9b:
83:41:62:3f:4e:3f:4f:f8:45:b2:35:3d:d2:e7:37:e8:de:28:
da:ae:8c:f1:e4:09:9e:76:82:b0:82:ca:61:4b:55:c1:b0:59:
cc:1a:e1:d6:19:92:a0:9c:b6:c2:97:48:ff:4e:3b:67:26:7c:
df:6a:74:da:d0:f7:1d:22:ee:e6:31:f5:f5:dd:38:b4:41:9e:
99:b2:8a:c4:77:92:8d:e2:c4:5e:34:f2:67:0e:01:1e:c7:62:
31:eb:5e:b0:5a:e0:32:b3:01:e0:8b:ef:69:08:73:b6:37:c0:
36:a9:b5:f8:fe:a5:69:9b:2b:70:eb:10:96:fe:7b:88:a0:f6:
1c:1d:ec:2a:ea:2d:51:ff:cd:0b:de:6c:16:f9:b6:59:8c:6b:
6e:bc:37:4c
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAY7YxEx6Kk82aqUlSecvSGkYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjQwNDEzMTg0MjA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDIwYjNhN2VkYTQyYjExMzU3YjhkMjRmMGY4MTQzMGM1ODFiMDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+mJbDs9z7/uT2tl4j5yOum95i8C
d4g1kx7oec9A1b97zTOalXb1OHkyG7/8tvn7Ae5TxykcEU+q+iNIDXrCwl0UeuRu
4ept/zMRmUY5FUynuC/Tzmou9m9DFObEWkLc/6lYxC8BUADIW1igdTQW/72KubTl
16NGaVLzGESHWQc9eY91Uw8lz8iEbukJ7QCcY4tg1ypC8Am9T0yPbOHf9+mtGYrL
1nqjMh0NpZzv7mmnAhlwie2hcBM0iVsl6yvAJThr3WgCrqCxw6Stx/LY1of3L3wj
75xc8LxpgpbAolFOEZyHjIQpddwNxB/C5pMMw/xUCEGOzrWdEBWzRsBnVQIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFE0gs6ftpCsRNXuNJPD4FDDFgbBQMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvVFNDenAtMmtLeEUxZTQwazhQZ1VNTVdCc0ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DASBAIAATAMAwQCuagc
AwQCucmIMIG9BAIAAjCBtgMFAyoGs8ADBQMqBrRAAwUDKgbKwAMFAyoP1IADBQMq
ES9AAwUDKhE7QAMFAyoRckADBQMqEZYAAwUDKhHxQAMFAyoSBEADBQMqEijAAwUD
KhJmQAMFAyoSZ0ADBQMqEmuAAwUDKhJvQAMFAyoSd0ADBQMqEo7AAwUDKhLMwAMF
AyoS08ADBQMqEuJAAwUDKhLwwAMFAyoUAMADBQMqFAFAAwUDKhQBwAMFAyoUCAAD
BQMqFA9AMA0GCSqGSIb3DQEBCwUAA4IBAQBXYt/TgNxhkebNTnrW2ib0dq8sSxj1
64IRWJPrcdHmiTA4zSXbqTmn3noTK+ciDGxUatBZCPJw657va6ccCP68yFzkzkCd
Iie36ggrXOiF0uR2FjvqcXQXjIKu1wS0YOYmZom63w1yx/3cEZuDQWI/Tj9P+EWy
NT3S5zfo3ijarozx5AmedoKwgsphS1XBsFnMGuHWGZKgnLbCl0j/TjtnJnzfanTa
0PcdIu7mMfX13Ti0QZ6ZsorEd5KN4sReNPJnDgEex2Ix616wWuAyswHgi+9pCHO2
N8A2qbX4/qVpmytw6xCW/nuIoPYcHewq6i1R/80L3mwW+bZZjGtuvDdM
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:02 2024 by rpki-client on console-ams.rpki-client.org