Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/TcV_dmq9zRPsxzi5FSKJIffZ9-Y.roa
File: TcV_dmq9zRPsxzi5FSKJIffZ9-Y.roa (raw, json)
Hash identifier: Ruphq+FLkZCigqHz74AmwZobf6lyAQPterpbl5f7R7c=
Subject key identifier: 4D:C5:7F:76:6A:BD:CD:13:EC:C7:38:B9:15:22:89:21:F7:D9:F7:E6
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 01856EA6B6A9011A9F0598B1DE01E1285D7C
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/TcV_dmq9zRPsxzi5FSKJIffZ9-Y.roa
Signing time: Sun 01 Jan 2023 18:44:57 +0000
ROA not before: Sun 01 Jan 2023 18:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34450
IP address blocks: 89.43.42.0/24 maxlen: 24
89.43.43.0/24 maxlen: 24
89.43.44.0/24 maxlen: 24
89.43.40.0/24 maxlen: 24
89.43.41.0/24 maxlen: 24
93.114.187.0/24 maxlen: 24
86.106.80.0/24 maxlen: 24
89.34.8.0/21 maxlen: 21
89.43.73.0/24 maxlen: 24
89.39.252.0/24 maxlen: 24
188.213.18.0/24 maxlen: 24
188.240.14.0/24 maxlen: 24
93.113.202.0/24 maxlen: 24
85.204.125.0/24 maxlen: 24
85.204.127.0/24 maxlen: 24
93.114.99.0/24 maxlen: 24
93.113.158.0/24 maxlen: 24
89.33.163.0/24 maxlen: 24
89.37.136.0/24 maxlen: 24
89.45.34.0/24 maxlen: 24
85.204.78.0/24 maxlen: 24
93.114.55.0/24 maxlen: 24
188.215.72.0/23 maxlen: 24
2a05:b680:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a6:b6:a9:01:1a:9f:05:98:b1:de:01:e1:28:5d:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Jan 1 18:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4dc57f766abdcd13ecc738b915228921f7d9f7e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:d5:dd:64:21:c2:14:4c:1c:c9:95:b9:92:3a:
83:05:d6:ed:14:5b:b1:d5:24:86:82:19:9e:b3:9d:
d7:c6:1a:98:b6:bf:c2:c4:25:43:0a:79:44:fe:9a:
b4:24:b6:25:57:f6:94:28:4d:7f:68:8f:1b:a0:1c:
9e:72:ec:c2:bc:5f:9a:9f:4a:f3:b9:14:af:51:38:
34:26:78:be:74:06:a0:52:36:ab:10:9f:d7:ed:d4:
c8:b5:8d:44:83:92:ce:be:4e:c0:e2:b7:ce:5d:1e:
b9:a8:59:d0:23:d6:b1:fb:ca:e8:fa:39:a9:ce:7c:
20:36:de:eb:e6:3e:1e:cf:3d:0b:9d:3f:33:3d:bf:
8c:2b:cc:30:6c:9c:55:00:e0:19:0b:52:72:6a:61:
0b:af:32:fb:db:35:1f:44:55:86:f1:75:1b:85:95:
9d:b5:45:aa:5f:f4:d9:84:52:0c:28:00:fd:73:43:
aa:48:67:45:df:80:bb:bd:26:53:fd:0f:4c:ab:39:
e7:67:48:a7:ad:62:ff:f7:75:53:41:c3:5e:87:22:
22:40:f4:65:f3:f0:8a:57:ea:bd:db:36:02:1c:2e:
7c:12:95:cd:27:04:1d:ee:95:ab:c8:55:63:04:c7:
19:f9:3f:8e:c1:3b:bc:f1:14:51:37:45:9a:82:3b:
d2:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:C5:7F:76:6A:BD:CD:13:EC:C7:38:B9:15:22:89:21:F7:D9:F7:E6
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/TcV_dmq9zRPsxzi5FSKJIffZ9-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.78.0/24
85.204.125.0/24
85.204.127.0/24
86.106.80.0/24
89.33.163.0/24
89.34.8.0/21
89.37.136.0/24
89.39.252.0/24
89.43.40.0-89.43.44.255
89.43.73.0/24
89.45.34.0/24
93.113.158.0/24
93.113.202.0/24
93.114.55.0/24
93.114.99.0/24
93.114.187.0/24
188.213.18.0/24
188.215.72.0/23
188.240.14.0/24
IPv6:
2a05:b680:1::/48
Signature Algorithm: sha256WithRSAEncryption
03:5f:de:52:25:6d:4d:d3:66:32:85:cc:9e:f1:4d:ef:9b:9c:
b9:bf:82:c8:66:71:62:c1:63:98:8e:0f:c6:d0:62:9a:41:e7:
ae:13:13:8c:69:21:f2:af:96:94:f8:b1:6a:0e:2d:3e:64:15:
5a:b5:a8:bb:3e:19:b8:20:df:99:94:8a:15:73:00:f4:61:e8:
20:09:3c:f5:b1:19:72:2f:ee:38:6d:db:7a:61:18:57:73:9c:
9d:bf:85:4c:69:2f:98:15:92:a4:ae:82:97:e5:a8:cc:54:10:
7b:44:e3:99:bd:a1:b5:9a:ee:0e:85:d9:58:38:5c:1a:00:4d:
07:0b:19:f2:ef:3f:95:98:0b:55:21:b0:7d:e1:9d:8e:cc:4e:
03:49:95:77:09:fd:b8:17:13:be:51:7f:9c:ad:33:88:1d:25:
79:ed:10:8f:b3:f3:9e:47:ce:9b:08:ba:bb:8d:23:2f:80:44:
69:32:25:83:fb:02:e4:b9:28:f5:f9:97:82:2b:67:89:53:39:
86:ee:68:24:98:8d:c0:81:f8:28:88:2a:4e:18:f9:a1:21:ae:
61:78:3d:90:5b:87:7b:24:4e:b9:55:84:be:27:3e:de:28:24:
e3:4a:43:fd:e2:41:0b:4c:73:6b:a0:c2:e3:ca:a7:33:63:00:
c0:ca:19:76
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYVuprapARqfBZix3gHhKF18MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjMwMTAxMTg0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGM1N2Y3NjZhYmRjZDEzZWNjNzM4YjkxNTIyODkyMWY3ZDlmN2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdXdZCHCFEwcyZW5kjqDBdbtFFux
1SSGghmes53XxhqYtr/CxCVDCnlE/pq0JLYlV/aUKE1/aI8boByecuzCvF+an0rz
uRSvUTg0Jni+dAagUjarEJ/X7dTItY1Eg5LOvk7A4rfOXR65qFnQI9ax+8ro+jmp
znwgNt7r5j4ezz0LnT8zPb+MK8wwbJxVAOAZC1JyamELrzL72zUfRFWG8XUbhZWd
tUWqX/TZhFIMKAD9c0OqSGdF34C7vSZT/Q9MqznnZ0inrWL/93VTQcNehyIiQPRl
8/CKV+q92zYCHC58EpXNJwQd7pWryFVjBMcZ+T+OwTu88RRRN0WagjvSzQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFE3Ff3Zqvc0T7Mc4uRUiiSH32ffmMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvVGNWX2RtcTl6UlBzeHppNUZTS0pJZmZaOS1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBgAQCAAEwegMEAFXM
TgMEAFXMfQMEAFXMfwMEAFZqUAMEAFkhowMEA1kiCAMEAFkliAMEAFkn/DAMAwQD
WSsoAwQAWSssAwQAWStJAwQAWS0iAwQAXXGeAwQAXXHKAwQAXXI3AwQAXXJjAwQA
XXK7AwQAvNUSAwQBvNdIAwQAvPAOMA8EAgACMAkDBwAqBbaAAAEwDQYJKoZIhvcN
AQELBQADggEBAANf3lIlbU3TZjKFzJ7xTe+bnLm/gshmcWLBY5iOD8bQYppB564T
E4xpIfKvlpT4sWoOLT5kFVq1qLs+Gbgg35mUihVzAPRh6CAJPPWxGXIv7jht23ph
GFdznJ2/hUxpL5gVkqSugpflqMxUEHtE45m9obWa7g6F2Vg4XBoATQcLGfLvP5WY
C1UhsH3hnY7MTgNJlXcJ/bgXE75Rf5ytM4gdJXntEI+z855HzpsIuruNIy+ARGky
JYP7AuS5KPX5l4IrZ4lTOYbuaCSYjcCB+CiIKk4Y+aEhrmF4PZBbh3skTrlVhL4n
Pt4oJONKQ/3iQQtMc2ugwuPKpzNjAMDKGXY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:08 2023 by rpki-client on console-fra.rpki-client.org