Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/TwTve3cAbel-Pxu-bOj1pt1s2gc.roa
File: TwTve3cAbel-Pxu-bOj1pt1s2gc.roa (raw, json)
Hash identifier: qPlTup/am0PpARcTfK2SYCqkGeSt2nks5/TgiRsVS/o=
Subject key identifier: 4F:04:EF:7B:77:00:6D:E9:7E:3F:1B:BE:6C:E8:F5:A6:DD:6C:DA:07
Certificate issuer: /CN=7094a425595e923c4b53b9c000aa8f19ad923f20
Certificate serial: 018CC425258189D539802BE99D2BB460CBC6
Authority key identifier: 70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/TwTve3cAbel-Pxu-bOj1pt1s2gc.roa
Signing time: Mon 01 Jan 2024 08:30:17 +0000
ROA not before: Mon 01 Jan 2024 08:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207050
IP address blocks: 185.59.50.0/24 maxlen: 24
185.59.48.0/22 maxlen: 22
193.160.84.0/24 maxlen: 24
193.160.84.0/22 maxlen: 22
92.119.20.0/24 maxlen: 24
92.119.21.0/24 maxlen: 24
79.143.132.0/24 maxlen: 24
79.143.132.0/22 maxlen: 22
92.119.22.0/24 maxlen: 24
79.143.135.0/24 maxlen: 24
185.124.104.0/24 maxlen: 24
185.124.104.0/22 maxlen: 22
185.124.105.0/24 maxlen: 24
2a04:e2c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 25 Mar 2024 15:42:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:25:81:89:d5:39:80:2b:e9:9d:2b:b4:60:cb:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7094a425595e923c4b53b9c000aa8f19ad923f20
Validity
Not Before: Jan 1 08:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f04ef7b77006de97e3f1bbe6ce8f5a6dd6cda07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:26:34:b5:e3:d5:30:8b:5e:1d:89:c2:18:8d:
fe:02:9f:8c:42:ce:77:7f:16:a7:f9:5a:96:bd:ad:
d8:ff:7e:c9:da:d1:e1:ff:d5:f9:02:6d:02:63:5a:
7e:fe:02:c7:9f:d9:a3:ac:51:b7:a4:d8:58:aa:74:
e3:57:fc:c3:e9:61:3e:cd:17:ef:f9:be:01:72:f2:
86:59:d9:92:af:be:09:06:99:ed:4b:b2:4b:e2:19:
1c:9f:7b:8c:4b:63:9b:71:d7:05:41:07:51:31:40:
96:51:c1:a0:f9:f2:60:bd:e3:d4:62:8a:77:47:ff:
ad:03:dc:91:28:d1:0a:33:41:2c:14:9d:df:2c:74:
e6:e9:bd:1e:92:4b:f9:ff:7d:85:a5:a0:14:54:f4:
15:e9:a7:f4:16:8c:1d:79:40:c4:0e:1e:1a:e8:dd:
3b:13:28:a3:f0:5e:90:98:6d:08:1a:c4:25:87:ec:
8a:d1:4e:6f:af:3a:a3:c3:d2:17:c4:79:34:23:b3:
10:49:34:83:79:3c:c9:62:b9:ee:46:2d:9d:b9:40:
05:fb:d5:6b:03:7c:a2:3e:59:ab:14:25:3d:23:f4:
76:dc:b0:30:84:88:5f:a5:b5:6d:a5:c3:5e:53:3a:
77:34:3a:61:2a:52:53:94:35:e3:b9:3c:41:b0:84:
13:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:04:EF:7B:77:00:6D:E9:7E:3F:1B:BE:6C:E8:F5:A6:DD:6C:DA:07
X509v3 Authority Key Identifier:
keyid:70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/TwTve3cAbel-Pxu-bOj1pt1s2gc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.143.132.0/22
92.119.20.0-92.119.22.255
185.59.48.0/22
185.124.104.0/22
193.160.84.0/22
IPv6:
2a04:e2c0::/29
Signature Algorithm: sha256WithRSAEncryption
4a:64:4d:d7:6d:23:0d:48:9d:4f:6b:b0:03:0b:9f:b5:09:7c:
24:c5:73:c2:04:34:7e:8d:35:3f:f3:ef:01:f3:cf:36:ac:5e:
fe:e6:b4:7c:f8:df:c5:b0:d6:46:bf:50:ca:72:a9:1d:7b:10:
b6:a7:76:d8:d4:09:18:84:13:9e:bd:ae:5c:d3:8a:c0:57:a9:
9e:23:c7:cd:39:76:dd:9d:58:9e:cc:1b:ec:af:1f:6b:86:a7:
f8:18:5e:e0:93:81:b0:83:ed:ff:d4:c2:b4:75:9a:8e:db:f8:
fb:89:ce:61:43:4e:c7:bd:9b:5a:5d:74:31:1a:53:91:89:71:
8f:16:71:15:51:79:c1:ad:44:8e:b0:11:7a:12:30:2e:7a:be:
e5:70:b2:d6:0f:07:8c:e4:3c:25:dc:41:e4:43:9e:49:a0:b9:
10:18:5b:33:cc:09:5b:58:57:77:b4:54:2e:14:ab:d6:36:a2:
32:ae:2a:ad:8d:ee:32:30:13:68:18:40:cf:70:03:c7:56:ef:
93:a4:8b:b3:08:4b:d4:a5:80:c5:b1:c2:fc:d5:17:97:75:20:
1f:f1:3b:dd:64:b9:63:52:5d:cc:9a:02:21:dd:ce:a5:c4:6c:
2a:e9:da:7c:dc:1e:f5:a5:0f:92:b6:9f:aa:98:73:e4:a8:bd:
48:80:f2:00
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYzEJSWBidU5gCvpnSu0YMvGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwOTRhNDI1NTk1ZTkyM2M0YjUzYjljMDAwYWE4ZjE5YWQ5
MjNmMjAwHhcNMjQwMTAxMDgzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjA0ZWY3Yjc3MDA2ZGU5N2UzZjFiYmU2Y2U4ZjVhNmRkNmNkYTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCY0tePVMIteHYnCGI3+Ap+MQs53
fxan+VqWva3Y/37J2tHh/9X5Am0CY1p+/gLHn9mjrFG3pNhYqnTjV/zD6WE+zRfv
+b4BcvKGWdmSr74JBpntS7JL4hkcn3uMS2ObcdcFQQdRMUCWUcGg+fJgvePUYop3
R/+tA9yRKNEKM0EsFJ3fLHTm6b0ekkv5/32FpaAUVPQV6af0FowdeUDEDh4a6N07
Eyij8F6QmG0IGsQlh+yK0U5vrzqjw9IXxHk0I7MQSTSDeTzJYrnuRi2duUAF+9Vr
A3yiPlmrFCU9I/R23LAwhIhfpbVtpcNeUzp3NDphKlJTlDXjuTxBsIQTmwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFE8E73t3AG3pfj8bvmzo9abdbNoHMB8GA1UdIwQY
MBaAFHCUpCVZXpI8S1O5wACqjxmtkj8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0pTa0pWbGVranhMVTduQUFLcVBHYTJTUHlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS85NjMxNzAtNThiZS00NmJiLWE1ZGUt
Nzc3MzczZTYwNTVlLzEvVHdUdmUzY0FiZWwtUHh1LWJPajFwdDFzMmdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS85NjMxNzAtNThiZS00NmJiLWE1ZGUtNzc3MzczZTYwNTVl
LzEvY0pTa0pWbGVranhMVTduQUFLcVBHYTJTUHlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQCT4+EMAwD
BAJcdxQDBABcdxYDBAK5OzADBAK5fGgDBALBoFQwDQQCAAIwBwMFAyoE4sAwDQYJ
KoZIhvcNAQELBQADggEBAEpkTddtIw1InU9rsAMLn7UJfCTFc8IENH6NNT/z7wHz
zzasXv7mtHz438Ww1ka/UMpyqR17ELandtjUCRiEE569rlzTisBXqZ4jx805dt2d
WJ7MG+yvH2uGp/gYXuCTgbCD7f/UwrR1mo7b+PuJzmFDTse9m1pddDEaU5GJcY8W
cRVRecGtRI6wEXoSMC56vuVwstYPB4zkPCXcQeRDnkmguRAYWzPMCVtYV3e0VC4U
q9Y2ojKuKq2N7jIwE2gYQM9wA8dW75Oki7MIS9SlgMWxwvzVF5d1IB/xO91kuWNS
XcyaAiHdzqXEbCrp2nzcHvWlD5K2n6qYc+SovUiA8gA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:34 2024 by rpki-client on console-fra.rpki-client.org