Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/Tah9CNsbFFkkUd0XnrdNez6ALKs.roa
File: Tah9CNsbFFkkUd0XnrdNez6ALKs.roa (raw, json)
Hash identifier: gDisawDt9DDG+MinmVfFqs769zSFv9FiAze7KEKN57k=
Subject key identifier: 4D:A8:7D:08:DB:1B:14:59:24:51:DD:17:9E:B7:4D:7B:3E:80:2C:AB
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 0190EF702E15D5FB85544A2C2B1C947F3F75
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/Tah9CNsbFFkkUd0XnrdNez6ALKs.roa
Signing time: Fri 26 Jul 2024 14:27:04 +0000
ROA not before: Fri 26 Jul 2024 14:27:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29632
IP address blocks: 62.205.128.0/19 maxlen: 20
62.205.128.0/20 maxlen: 20
62.205.132.0/24 maxlen: 24
62.205.134.0/24 maxlen: 24
62.205.144.0/20 maxlen: 20
62.205.152.0/24 maxlen: 24
62.205.159.0/24 maxlen: 24
94.131.0.0/23 maxlen: 23
94.131.4.0/24 maxlen: 24
94.131.6.0/24 maxlen: 24
94.131.7.0/24 maxlen: 24
95.164.20.0/24 maxlen: 24
95.164.40.0/22 maxlen: 22
95.164.49.0/24 maxlen: 24
95.164.50.0/24 maxlen: 24
95.164.52.0/22 maxlen: 22
95.164.56.0/22 maxlen: 22
95.164.72.0/22 maxlen: 22
95.164.76.0/24 maxlen: 24
95.164.80.0/22 maxlen: 22
95.164.92.0/24 maxlen: 24
95.164.170.0/23 maxlen: 23
95.164.172.0/22 maxlen: 22
195.214.208.0/21 maxlen: 21
195.214.208.0/22 maxlen: 22
195.214.210.0/24 maxlen: 24
195.214.212.0/22 maxlen: 22
2a01:d0::/32 maxlen: 32
2a01:d0:4::/48 maxlen: 48
2a01:d0:a::/48 maxlen: 48
2a01:d0:28::/48 maxlen: 48
2a01:d0:43::/48 maxlen: 48
2a01:d0:105::/48 maxlen: 48
2a01:d0:303::/48 maxlen: 48
2a01:d0:305::/48 maxlen: 48
2a01:d0:308::/48 maxlen: 48
2a01:d0:317::/48 maxlen: 48
2a01:d0:31d::/48 maxlen: 48
2a01:d0:333::/48 maxlen: 48
2a01:d0:962::/48 maxlen: 48
2a01:d0:1657::/48 maxlen: 48
2a01:d0:7fff::/48 maxlen: 48
2a01:d0:8000::/33 maxlen: 33
2a01:d0:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 27 Sep 2024 16:24:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ef:70:2e:15:d5:fb:85:54:4a:2c:2b:1c:94:7f:3f:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jul 26 14:27:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4da87d08db1b14592451dd179eb74d7b3e802cab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:a3:4e:5f:32:a4:78:9f:f5:70:e7:84:62:6d:
cd:29:bf:b7:b9:fa:90:90:ab:68:4a:33:3d:e8:b8:
47:06:ad:2d:ff:aa:f7:b0:dc:42:42:a4:e0:06:11:
01:02:22:62:c7:35:f0:a6:ce:96:5c:98:12:72:65:
8f:f9:ef:6b:50:73:a5:32:5d:da:b0:5e:4b:a3:a4:
37:de:3d:42:bc:3c:25:be:d1:8f:d2:4a:0e:fd:db:
5e:bc:53:3d:44:b2:a5:9a:39:94:48:fc:2f:c2:04:
0e:eb:90:32:50:ea:72:76:25:81:0c:8d:d2:c1:43:
34:9c:42:af:56:31:53:10:de:4a:6e:ea:27:06:7b:
64:4a:8f:8e:2b:51:f1:1c:51:37:7c:cc:f1:a1:74:
42:03:26:ea:ba:56:4f:8a:b3:f7:c7:e1:2a:a3:e9:
55:f1:b6:ca:85:f2:f8:67:7e:3d:73:09:12:0d:7b:
ea:1b:2c:27:df:35:b5:65:d8:84:7b:e9:a1:70:92:
84:1b:c9:a0:ac:71:56:7f:92:5d:38:67:5b:43:2e:
8d:7b:ec:e4:c8:3b:34:3a:8b:55:e9:26:7b:12:d8:
da:4f:ec:63:ec:92:72:3a:77:3d:12:fa:d3:32:8a:
9d:67:34:32:58:13:7f:d4:f0:3c:36:2b:d2:34:ed:
b5:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:A8:7D:08:DB:1B:14:59:24:51:DD:17:9E:B7:4D:7B:3E:80:2C:AB
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/Tah9CNsbFFkkUd0XnrdNez6ALKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.205.128.0/19
94.131.0.0/23
94.131.4.0/24
94.131.6.0/23
95.164.20.0/24
95.164.40.0/22
95.164.49.0-95.164.50.255
95.164.52.0-95.164.59.255
95.164.72.0-95.164.76.255
95.164.80.0/22
95.164.92.0/24
95.164.170.0-95.164.175.255
195.214.208.0/21
IPv6:
2a01:d0::/32
Signature Algorithm: sha256WithRSAEncryption
76:d1:4b:9c:1e:09:a1:b2:d3:b1:3b:98:f9:bc:34:4c:06:ca:
74:51:0d:ef:f8:df:ce:d3:81:3a:ba:0b:5e:07:c4:4f:13:99:
93:3e:29:6f:04:4d:2a:1e:10:d6:9d:b0:cc:17:ea:26:af:ed:
3e:ac:0f:a2:c2:81:0e:61:d6:84:df:2b:9d:35:c0:14:d9:f9:
c6:39:76:16:67:b6:a2:3c:2f:fa:28:92:55:61:94:70:fb:d5:
c8:e8:03:9b:21:84:5c:8a:e8:15:62:db:35:73:fa:4b:b0:ce:
dd:e2:cd:94:dd:43:32:6a:2e:b5:be:83:81:3f:f1:a3:3c:96:
03:d1:43:35:11:99:8f:bd:1e:34:6c:75:9d:d7:5f:0f:e5:10:
38:df:e7:95:68:15:fb:4a:d4:58:78:71:2c:55:2f:57:38:97:
71:33:1d:ce:77:b1:e2:dd:7f:b3:ff:01:2e:78:50:d4:2a:44:
47:5f:79:f3:1e:89:69:20:b9:e4:a5:56:b2:55:50:04:24:bf:
59:5b:25:bc:b6:34:d5:b6:31:60:34:14:ac:21:b1:1f:33:3b:
81:00:a0:90:b1:ba:64:1d:3b:d9:a5:51:26:bb:64:f2:fe:65:
b6:31:52:e5:26:16:65:f1:d8:77:79:93:e4:93:eb:cc:63:91:
30:bf:ed:a1
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZDvcC4V1fuFVEosKxyUfz91MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQwNzI2MTQyNzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGE4N2QwOGRiMWIxNDU5MjQ1MWRkMTc5ZWI3NGQ3YjNlODAyY2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA16NOXzKkeJ/1cOeEYm3NKb+3ufqQ
kKtoSjM96LhHBq0t/6r3sNxCQqTgBhEBAiJixzXwps6WXJgScmWP+e9rUHOlMl3a
sF5Lo6Q33j1CvDwlvtGP0koO/dtevFM9RLKlmjmUSPwvwgQO65AyUOpydiWBDI3S
wUM0nEKvVjFTEN5KbuonBntkSo+OK1HxHFE3fMzxoXRCAybqulZPirP3x+Eqo+lV
8bbKhfL4Z349cwkSDXvqGywn3zW1ZdiEe+mhcJKEG8mgrHFWf5JdOGdbQy6Ne+zk
yDs0OotV6SZ7EtjaT+xj7JJyOnc9EvrTMoqdZzQyWBN/1PA8NivSNO21+QIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFE2ofQjbGxRZJFHdF563TXs+gCyrMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvVGFoOUNOc2JGRmtrVWQwWG5yZE5lejZBTEtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTB0BAIAATBuAwQFPs2A
AwQBXoMAAwQAXoMEAwQBXoMGAwQAX6QUAwQCX6QoMAwDBABfpDEDBABfpDIwDAME
Al+kNAMEAl+kODAMAwQDX6RIAwQAX6RMAwQCX6RQAwQAX6RcMAwDBAFfpKoDBARf
pKADBAPD1tAwDQQCAAIwBwMFACoBANAwDQYJKoZIhvcNAQELBQADggEBAHbRS5we
CaGy07E7mPm8NEwGynRRDe/4387TgTq6C14HxE8TmZM+KW8ETSoeENadsMwX6iav
7T6sD6LCgQ5h1oTfK501wBTZ+cY5dhZntqI8L/ooklVhlHD71cjoA5shhFyK6BVi
2zVz+kuwzt3izZTdQzJqLrW+g4E/8aM8lgPRQzURmY+9HjRsdZ3XXw/lEDjf55Vo
FftK1Fh4cSxVL1c4l3EzHc53seLdf7P/AS54UNQqREdfefMeiWkgueSlVrJVUAQk
v1lbJby2NNW2MWA0FKwhsR8zO4EAoJCxumQdO9mlUSa7ZPL+ZbYxUuUmFmXx2Hd5
k+ST68xjkTC/7aE=
-----END CERTIFICATE-----
Generated at Fri Sep 27 18:50:42 2024 by rpki-client on console-fra.rpki-client.org