Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/TwvTUdrSaTdU-bePJjK3pMabxJw.roa
File: TwvTUdrSaTdU-bePJjK3pMabxJw.roa (raw, json)
Hash identifier: RhldloYQ2G0CWwayoCKBWgy/+323MuoMx2dJmpuXgCY=
Subject key identifier: 4F:0B:D3:51:DA:D2:69:37:54:F9:B7:8F:26:32:B7:A4:C6:9B:C4:9C
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01890D224657FCAD7F33189AC5B5976DEF28
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/TwvTUdrSaTdU-bePJjK3pMabxJw.roa
Signing time: Fri 30 Jun 2023 16:28:17 +0000
ROA not before: Fri 30 Jun 2023 16:28:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206150
IP address blocks: 91.238.42.0/24 maxlen: 24
91.238.42.0/23 maxlen: 23
91.193.28.0/23 maxlen: 23
91.238.43.0/24 maxlen: 24
91.245.91.0/24 maxlen: 24
176.103.121.0/24 maxlen: 24
64.43.72.0/24 maxlen: 24
91.234.120.0/24 maxlen: 24
91.234.121.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Sep 2023 13:12:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:0d:22:46:57:fc:ad:7f:33:18:9a:c5:b5:97:6d:ef:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jun 30 16:28:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f0bd351dad2693754f9b78f2632b7a4c69bc49c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:92:d7:d9:78:71:9b:87:93:64:c3:f4:c6:e8:
c7:d2:a4:77:00:2c:8b:03:46:78:9f:45:68:31:d0:
5d:e1:c9:72:d7:f1:ec:b4:e4:66:9c:ed:7f:7c:be:
b9:52:5d:1c:1e:0a:94:52:7b:75:34:9a:ad:fa:96:
65:97:b4:20:53:a6:31:62:d8:1f:98:28:66:2f:3e:
83:f5:b7:3e:a9:a8:08:bc:0d:d2:00:6b:1b:f5:ea:
86:ac:5a:3d:2a:60:96:89:f0:70:6e:50:62:fa:f9:
da:60:fa:bc:28:21:43:33:19:d9:6a:3b:e4:5b:e7:
c9:5c:f0:92:99:23:9e:47:fc:61:7e:4a:25:3f:95:
f2:b6:72:fd:a3:3c:db:9d:c6:07:f8:07:61:39:32:
13:4b:06:50:de:99:a1:2e:53:47:c1:35:79:2c:30:
99:64:59:a5:67:63:df:a7:aa:e9:5d:3e:d7:a0:0e:
3b:3c:c3:5e:07:fb:de:dc:1e:10:c1:7c:6a:fa:9f:
c7:f2:00:27:b6:be:41:5d:ca:c4:d6:55:93:13:36:
7b:ff:98:5a:af:08:23:64:a2:8d:ba:c8:67:d8:7c:
83:0f:8d:ed:f9:2a:8f:ec:36:22:ed:e8:3a:46:81:
52:59:9c:5e:d3:4b:0e:14:c5:7c:8d:b7:b8:9d:bb:
f5:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:0B:D3:51:DA:D2:69:37:54:F9:B7:8F:26:32:B7:A4:C6:9B:C4:9C
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/TwvTUdrSaTdU-bePJjK3pMabxJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.43.72.0/24
91.193.28.0/23
91.234.120.0/23
91.238.42.0/23
91.245.91.0/24
176.103.121.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:7e:9a:22:77:90:9d:ee:d3:e5:44:81:d0:4d:bb:45:62:7f:
94:6b:76:b3:33:5d:7f:74:41:3a:65:48:3f:4e:7a:5d:72:fa:
90:39:e3:a9:9a:e7:4e:28:2b:ef:72:f3:6c:11:22:a7:97:39:
a9:7c:26:b9:ea:0d:5d:c7:60:42:23:1d:1e:56:5d:64:35:15:
23:ba:8c:6c:ef:32:a0:c9:c3:71:aa:7d:96:1d:4e:83:dc:f9:
41:32:fd:a9:0f:b1:02:b2:9b:f8:a4:32:0b:6a:75:d0:2c:f7:
d6:18:8b:dd:58:d5:10:42:a0:eb:9d:ab:40:53:13:8b:50:0a:
00:eb:81:5e:24:f0:41:68:46:b4:b0:fc:40:44:03:d8:73:39:
5c:08:2b:72:9e:12:f5:91:8e:f8:b9:51:48:fe:fb:1f:91:62:
8d:60:a8:b0:19:5a:3d:37:7e:a0:c1:78:02:de:7f:52:e1:27:
97:62:d2:d6:5c:03:5b:a1:51:cb:eb:8e:33:5d:ce:2a:ba:44:
ee:af:1f:08:fa:71:c7:d9:1d:ed:4c:02:6a:16:18:d8:f9:66:
f3:86:f0:e0:09:44:f1:53:e7:5a:21:72:ca:4b:14:6b:1b:94:
ea:09:1e:84:a0:62:4e:f9:eb:e0:88:14:8a:16:ba:e7:ed:70:
f9:c5:93:66
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYkNIkZX/K1/MxiaxbWXbe8oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwNjMwMTYyODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjBiZDM1MWRhZDI2OTM3NTRmOWI3OGYyNjMyYjdhNGM2OWJjNDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpLX2Xhxm4eTZMP0xujH0qR3ACyL
A0Z4n0VoMdBd4cly1/HstORmnO1/fL65Ul0cHgqUUnt1NJqt+pZll7QgU6YxYtgf
mChmLz6D9bc+qagIvA3SAGsb9eqGrFo9KmCWifBwblBi+vnaYPq8KCFDMxnZajvk
W+fJXPCSmSOeR/xhfkolP5XytnL9ozzbncYH+AdhOTITSwZQ3pmhLlNHwTV5LDCZ
ZFmlZ2Pfp6rpXT7XoA47PMNeB/ve3B4QwXxq+p/H8gAntr5BXcrE1lWTEzZ7/5ha
rwgjZKKNushn2HyDD43t+SqP7DYi7eg6RoFSWZxe00sOFMV8jbe4nbv16wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFE8L01Ha0mk3VPm3jyYyt6TGm8ScMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvVHd2VFVkclNhVGRVLWJlUEpqSzNwTWFieEp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAQCtIAwQB
W8EcAwQBW+p4AwQBW+4qAwQAW/VbAwQAsGd5MA0GCSqGSIb3DQEBCwUAA4IBAQCg
fpoid5Cd7tPlRIHQTbtFYn+Ua3azM11/dEE6ZUg/TnpdcvqQOeOpmudOKCvvcvNs
ESKnlzmpfCa56g1dx2BCIx0eVl1kNRUjuoxs7zKgycNxqn2WHU6D3PlBMv2pD7EC
spv4pDILanXQLPfWGIvdWNUQQqDrnatAUxOLUAoA64FeJPBBaEa0sPxARAPYczlc
CCtynhL1kY74uVFI/vsfkWKNYKiwGVo9N36gwXgC3n9S4SeXYtLWXANboVHL644z
Xc4qukTurx8I+nHH2R3tTAJqFhjY+WbzhvDgCUTxU+daIXLKSxRrG5TqCR6EoGJO
+evgiBSKFrrn7XD5xZNm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org