Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/tw2TvwhzTHCHKBizQJpLteZD8-k.roa
File: tw2TvwhzTHCHKBizQJpLteZD8-k.roa (raw, json)
Hash identifier: 3bXYN82vjZKIkDxtg+F4UDKxFEpT0XZG13E+V6iIioE=
Subject key identifier: B7:0D:93:BF:08:73:4C:70:87:28:18:B3:40:9A:4B:B5:E6:43:F3:E9
Certificate issuer: /CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Certificate serial: 018CC6B8336C17BB12970BB9FC840F03220A
Authority key identifier: F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/tw2TvwhzTHCHKBizQJpLteZD8-k.roa
Signing time: Mon 01 Jan 2024 20:30:09 +0000
ROA not before: Mon 01 Jan 2024 20:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 185.93.221.0/24 maxlen: 24
94.124.160.0/23 maxlen: 24
78.142.216.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Feb 2024 12:47:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:33:6c:17:bb:12:97:0b:b9:fc:84:0f:03:22:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Validity
Not Before: Jan 1 20:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b70d93bf08734c70872818b3409a4bb5e643f3e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:11:8e:1a:71:b6:df:d6:09:08:ef:79:61:79:
42:b0:75:58:30:0a:51:26:67:31:92:c3:dd:a6:e8:
e5:b3:34:77:2b:34:79:45:e4:8d:d0:88:5b:7a:7e:
80:f4:59:d5:12:0d:6f:a0:f1:43:02:6b:e0:1b:74:
98:96:2c:e1:c5:c9:f1:ce:b1:3b:c2:42:82:c8:a5:
75:70:e2:29:54:90:52:4e:30:f1:20:54:9f:b2:ea:
0d:c7:88:b3:59:75:c8:a9:5c:3e:02:a9:3f:e9:27:
9a:25:a3:30:ad:d0:81:a9:e1:f9:43:88:9a:19:e6:
aa:ac:04:55:c0:86:44:9e:f5:e0:ad:23:ae:2b:19:
d3:60:1b:82:33:01:72:de:30:52:34:9c:b2:83:a5:
9b:d4:aa:bc:a7:80:fb:ae:86:20:b9:e3:76:26:e7:
c3:ae:47:b9:46:28:d4:63:a0:8d:89:df:6e:e8:6f:
b7:68:4f:ef:06:d0:df:20:16:65:18:59:db:63:60:
81:b4:c8:bf:0b:ff:c3:12:94:5b:e7:1e:c9:1b:f1:
df:6a:7a:e4:2c:d4:9c:f7:ee:33:61:ef:de:80:d2:
ec:47:71:aa:d9:5c:39:3e:5e:1a:5c:49:46:35:22:
d3:64:4f:7c:15:65:bb:62:ff:ee:34:31:dd:7c:29:
b0:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:0D:93:BF:08:73:4C:70:87:28:18:B3:40:9A:4B:B5:E6:43:F3:E9
X509v3 Authority Key Identifier:
keyid:F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/tw2TvwhzTHCHKBizQJpLteZD8-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/9NCKHhy8kJJU6ea5yTn9haJoseE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.142.216.0/22
94.124.160.0/23
185.93.221.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:0a:b9:84:f1:55:92:9c:51:bb:37:9e:22:f4:de:e7:17:da:
1c:4b:05:92:43:90:34:73:ba:ea:49:24:c0:14:94:d6:11:4b:
2a:26:7e:b7:90:d4:c4:1b:c1:95:37:37:67:8e:40:9b:1a:89:
1c:7a:04:43:65:f8:3e:63:83:6a:89:3c:84:a8:b0:42:52:47:
39:03:56:df:93:1a:d3:d9:5f:9a:8e:6f:b8:22:bf:a2:ec:8b:
c0:99:74:88:27:92:e4:5b:8e:39:78:af:af:69:6d:96:1f:87:
3e:2d:46:77:8c:72:2f:ca:e7:44:c1:9b:67:f8:9e:83:5c:97:
fd:be:da:60:25:7a:c9:35:86:cb:d3:ea:6b:fe:19:35:fc:47:
0c:1d:2f:b3:fa:3c:77:27:27:4b:31:e4:3a:b2:80:74:a9:4b:
6f:2b:24:39:2a:e8:5a:73:26:40:ff:0f:55:66:91:ff:7f:04:
fa:51:3d:f6:d6:f2:1c:7f:ea:2a:d2:5e:40:39:c6:21:0c:c0:
2d:27:fb:f4:50:2a:e0:80:b0:81:88:d0:0c:1b:03:3d:a7:ad:
c4:5e:aa:29:a1:c9:f1:e4:f6:85:4d:06:05:91:f8:af:67:f9:
7c:87:94:09:46:8b:d9:9a:44:95:14:ac:5a:5d:ba:8c:4b:bd:
21:50:ba:16
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGuDNsF7sSlwu5/IQPAyIKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZDA4YTFlMWNiYzkwOTI1NGU5ZTZiOWM5MzlmZDg1YTI2
OGIxZTEwHhcNMjQwMTAxMjAzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzBkOTNiZjA4NzM0YzcwODcyODE4YjM0MDlhNGJiNWU2NDNmM2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhGOGnG239YJCO95YXlCsHVYMApR
JmcxksPdpujlszR3KzR5ReSN0Ihben6A9FnVEg1voPFDAmvgG3SYlizhxcnxzrE7
wkKCyKV1cOIpVJBSTjDxIFSfsuoNx4izWXXIqVw+Aqk/6SeaJaMwrdCBqeH5Q4ia
GeaqrARVwIZEnvXgrSOuKxnTYBuCMwFy3jBSNJyyg6Wb1Kq8p4D7roYgueN2JufD
rke5RijUY6CNid9u6G+3aE/vBtDfIBZlGFnbY2CBtMi/C//DEpRb5x7JG/Hfanrk
LNSc9+4zYe/egNLsR3Gq2Vw5Pl4aXElGNSLTZE98FWW7Yv/uNDHdfCmw6QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLcNk78Ic0xwhygYs0CaS7XmQ/PpMB8GA1UdIwQY
MBaAFPTQih4cvJCSVOnmuck5/YWiaLHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2Ut
ZGNlOTQ3ZTI5NGI2LzEvdHcyVHZ3aHpUSENIS0JpelFKcEx0ZVpEOC1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2UtZGNlOTQ3ZTI5NGI2
LzEvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCTo7YAwQB
XnygAwQAuV3dMA0GCSqGSIb3DQEBCwUAA4IBAQC8CrmE8VWSnFG7N54i9N7nF9oc
SwWSQ5A0c7rqSSTAFJTWEUsqJn63kNTEG8GVNzdnjkCbGokcegRDZfg+Y4NqiTyE
qLBCUkc5A1bfkxrT2V+ajm+4Ir+i7IvAmXSIJ5LkW445eK+vaW2WH4c+LUZ3jHIv
yudEwZtn+J6DXJf9vtpgJXrJNYbL0+pr/hk1/EcMHS+z+jx3JydLMeQ6soB0qUtv
KyQ5KuhacyZA/w9VZpH/fwT6UT321vIcf+oq0l5AOcYhDMAtJ/v0UCrggLCBiNAM
GwM9p63EXqopocnx5PaFTQYFkfivZ/l8h5QJRovZmkSVFKxaXbqMS70hULoW
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:17 2024 by rpki-client on console-ams.rpki-client.org