Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/tcb_9HvS1nCQaSWq8xDfGd2b3M4.roa
File: tcb_9HvS1nCQaSWq8xDfGd2b3M4.roa (raw, json)
Hash identifier: difq45QGtjxlH99PRJ1BAOjQvUQ0PyXGw+nO/fQCxFk=
Subject key identifier: B5:C6:FF:F4:7B:D2:D6:70:90:69:25:AA:F3:10:DF:19:DD:9B:DC:CE
Certificate issuer: /CN=307d887c02e07c9e474d1f8e21049caa6ce3fbd3
Certificate serial: 0185729EDC9C172F30D3D14517D2FD6792C8
Authority key identifier: 30:7D:88:7C:02:E0:7C:9E:47:4D:1F:8E:21:04:9C:AA:6C:E3:FB:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/tcb_9HvS1nCQaSWq8xDfGd2b3M4.roa
Signing time: Mon 02 Jan 2023 13:14:51 +0000
ROA not before: Mon 02 Jan 2023 13:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31167
IP address blocks: 109.74.80.0/20 maxlen: 20
109.74.90.0/24 maxlen: 24
85.14.153.0/24 maxlen: 24
217.119.176.0/20 maxlen: 20
217.171.16.0/20 maxlen: 20
217.171.27.0/24 maxlen: 24
85.14.131.0/24 maxlen: 24
85.14.128.0/18 maxlen: 18
2a00:1788::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:dc:9c:17:2f:30:d3:d1:45:17:d2:fd:67:92:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307d887c02e07c9e474d1f8e21049caa6ce3fbd3
Validity
Not Before: Jan 2 13:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5c6fff47bd2d670906925aaf310df19dd9bdcce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:86:c4:c8:6e:49:1d:a1:0b:07:69:06:d6:b6:
64:99:9d:36:20:88:a9:45:75:0a:24:5e:12:1c:ea:
3d:11:e2:c0:55:d5:80:37:d3:bb:71:72:2c:48:c4:
6e:d9:c3:2a:ae:0a:e0:8c:08:41:e6:48:66:59:b0:
20:09:3f:d6:d9:30:45:59:4c:be:17:e0:88:b6:4e:
6d:8c:41:5b:bb:ea:04:ff:19:a3:c8:13:d0:94:bf:
78:52:d4:53:bc:01:11:de:9e:7b:35:1e:1a:d4:49:
27:3e:57:ee:59:21:c8:51:4a:04:a3:30:44:ac:32:
5c:73:33:80:b1:58:93:c8:c5:e2:2f:b8:81:e9:4b:
68:e0:c8:98:80:51:12:23:68:79:5f:7e:79:f1:ed:
b3:01:4b:0c:ea:21:e9:52:b4:c7:44:a9:c1:33:7b:
f3:30:c2:b7:ef:94:55:d5:4a:3d:f9:82:04:27:d5:
63:54:3d:46:e5:68:06:99:d8:d3:43:f6:2a:01:89:
1a:18:49:78:91:31:58:c5:c5:eb:f3:cd:af:39:35:
ba:f5:b1:38:fb:d2:25:94:b4:9c:47:a1:d9:ba:95:
23:6a:4f:23:c6:47:82:3d:89:5c:a0:cb:9c:b0:6c:
a6:a2:86:87:de:09:8c:ff:27:11:51:4b:5e:35:49:
81:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:C6:FF:F4:7B:D2:D6:70:90:69:25:AA:F3:10:DF:19:DD:9B:DC:CE
X509v3 Authority Key Identifier:
keyid:30:7D:88:7C:02:E0:7C:9E:47:4D:1F:8E:21:04:9C:AA:6C:E3:FB:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/tcb_9HvS1nCQaSWq8xDfGd2b3M4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/MH2IfALgfJ5HTR-OIQScqmzj-9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.14.128.0/18
109.74.80.0/20
217.119.176.0/20
217.171.16.0/20
IPv6:
2a00:1788::/32
Signature Algorithm: sha256WithRSAEncryption
25:07:d2:46:2a:a8:6f:da:85:c2:df:be:3e:43:0a:fa:98:93:
c1:a5:2f:50:ca:00:66:5e:4b:95:07:97:d3:b4:72:66:74:86:
9c:e6:5a:f4:a4:db:ed:96:31:af:78:09:5d:21:72:cb:35:a5:
9f:2d:5e:30:ef:ab:38:25:f0:a4:b7:ca:0b:ab:cc:33:88:52:
46:02:68:e2:c1:68:9d:e3:ee:98:b0:31:6d:da:dd:ce:63:d7:
a5:ce:38:a3:04:74:a3:2c:26:8f:c1:05:c8:81:c9:2a:43:b2:
79:21:5a:c6:c9:55:ee:a1:eb:0c:c0:09:f1:c4:5c:5a:12:91:
3c:c1:bc:3e:32:6f:ce:3b:d3:1e:c5:fb:93:ea:cf:9b:36:8b:
29:14:54:59:33:f6:4b:bc:c6:92:2f:87:fa:06:16:1d:5e:d7:
ea:5c:15:7c:20:c6:ea:fb:6f:f2:81:07:5c:28:c6:97:8d:12:
f8:a3:dd:dc:1d:70:d5:e5:30:12:de:9e:a1:7c:da:26:31:d3:
79:18:59:4a:2d:26:6e:02:78:14:3d:ff:ed:ca:cf:79:4c:be:
d2:c2:0b:4a:77:90:2a:92:35:92:75:af:f4:9a:da:e2:90:8f:
d5:16:8b:b5:61:5d:12:a8:32:d1:7e:62:07:7e:e4:85:87:fa:
82:ac:45:e9
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVyntycFy8w09FFF9L9Z5LIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Q4ODdjMDJlMDdjOWU0NzRkMWY4ZTIxMDQ5Y2FhNmNl
M2ZiZDMwHhcNMjMwMTAyMTMxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWM2ZmZmNDdiZDJkNjcwOTA2OTI1YWFmMzEwZGYxOWRkOWJkY2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYbEyG5JHaELB2kG1rZkmZ02IIip
RXUKJF4SHOo9EeLAVdWAN9O7cXIsSMRu2cMqrgrgjAhB5khmWbAgCT/W2TBFWUy+
F+CItk5tjEFbu+oE/xmjyBPQlL94UtRTvAER3p57NR4a1EknPlfuWSHIUUoEozBE
rDJcczOAsViTyMXiL7iB6Uto4MiYgFESI2h5X3558e2zAUsM6iHpUrTHRKnBM3vz
MMK375RV1Uo9+YIEJ9VjVD1G5WgGmdjTQ/YqAYkaGEl4kTFYxcXr882vOTW69bE4
+9IllLScR6HZupUjak8jxkeCPYlcoMucsGymooaH3gmM/ycRUUteNUmBEwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLXG//R70tZwkGklqvMQ3xndm9zOMB8GA1UdIwQY
MBaAFDB9iHwC4HyeR00fjiEEnKps4/vTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUgySWZBTGdmSjVIVFItT0lRU2NxbXpqLTlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9iMjBkODMtNjEyYy00YjYyLTk3YTMt
MWE1ZTVmMTkxYmZhLzEvdGNiXzlIdlMxbkNRYVNXcTh4RGZHZDJiM000LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9iMjBkODMtNjEyYy00YjYyLTk3YTMtMWE1ZTVmMTkxYmZh
LzEvTUgySWZBTGdmSjVIVFItT0lRU2NxbXpqLTlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGVQ6AAwQE
bUpQAwQE2XewAwQE2asQMA0EAgACMAcDBQAqABeIMA0GCSqGSIb3DQEBCwUAA4IB
AQAlB9JGKqhv2oXC374+Qwr6mJPBpS9QygBmXkuVB5fTtHJmdIac5lr0pNvtljGv
eAldIXLLNaWfLV4w76s4JfCkt8oLq8wziFJGAmjiwWid4+6YsDFt2t3OY9elzjij
BHSjLCaPwQXIgckqQ7J5IVrGyVXuoesMwAnxxFxaEpE8wbw+Mm/OO9MexfuT6s+b
NospFFRZM/ZLvMaSL4f6BhYdXtfqXBV8IMbq+2/ygQdcKMaXjRL4o93cHXDV5TAS
3p6hfNomMdN5GFlKLSZuAngUPf/tys95TL7SwgtKd5AqkjWSda/0mtrikI/VFou1
YV0SqDLRfmIHfuSFh/qCrEXp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:35 2024 by rpki-client on console-fra.rpki-client.org