Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/42fc92-1663-4688-a31d-cf6a63e4efb6/1/TM9kSZDEBCD14jK6bC7e4Q52kK0.roa
File: TM9kSZDEBCD14jK6bC7e4Q52kK0.roa (raw, json)
Hash identifier: /bfiOwG69O3vKhlp/8Wp7Z0KeoPWZWmGVvn6+c4AdQM=
Subject key identifier: 4C:CF:64:49:90:C4:04:20:F5:E2:32:BA:6C:2E:DE:E1:0E:76:90:AD
Certificate issuer: /CN=5dfb074d47b7e0bc891ed06ea8fc67e38ecf50a1
Certificate serial: 018573BA88267901D1D40688EE755D2E162C
Authority key identifier: 5D:FB:07:4D:47:B7:E0:BC:89:1E:D0:6E:A8:FC:67:E3:8E:CF:50:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XfsHTUe34LyJHtBuqPxn447PUKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/42fc92-1663-4688-a31d-cf6a63e4efb6/1/TM9kSZDEBCD14jK6bC7e4Q52kK0.roa
Signing time: Mon 02 Jan 2023 18:24:42 +0000
ROA not before: Mon 02 Jan 2023 18:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203437
IP address blocks: 194.77.185.0/24 maxlen: 24
194.105.40.0/21 maxlen: 21
193.218.8.0/22 maxlen: 22
2a02:db00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:ba:88:26:79:01:d1:d4:06:88:ee:75:5d:2e:16:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dfb074d47b7e0bc891ed06ea8fc67e38ecf50a1
Validity
Not Before: Jan 2 18:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ccf644990c40420f5e232ba6c2edee10e7690ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:73:0f:ca:90:99:28:c4:9e:c8:0f:ef:e4:c9:
05:b5:ec:9f:32:52:b7:bd:c8:d6:df:7b:ca:b9:08:
45:e5:4a:52:53:69:58:63:b7:7f:80:55:0f:fb:77:
30:25:be:64:76:fe:40:02:ad:69:ba:46:29:69:09:
c3:f4:8f:08:8a:a1:35:af:4d:e8:69:2d:bf:ae:c8:
57:7b:20:8f:e6:ff:bf:96:f0:a4:fe:70:f2:47:7c:
a1:c0:cc:a0:59:39:89:e9:a9:61:c1:26:29:e0:69:
31:97:0d:4e:5a:0c:f7:05:4d:ee:10:c4:af:3a:30:
dc:31:53:c2:8f:5f:e8:71:53:69:07:9c:69:b3:c3:
b5:d9:a6:d9:10:b5:4b:dc:ed:9f:91:c9:65:bd:84:
01:9d:c9:45:5b:2e:47:aa:3c:a7:65:5b:1f:7c:0e:
43:8e:a2:39:22:c1:47:c9:e7:ff:3e:27:a2:45:45:
a6:11:59:41:e5:dc:c0:43:e5:9c:a2:13:fa:ca:15:
a6:a9:25:a5:f0:3e:35:29:89:29:5a:10:1f:1f:c8:
93:c9:1a:93:f8:31:4a:d2:7b:f6:c9:2c:ff:a3:5c:
14:94:23:08:f3:32:cd:f7:9f:db:f4:5b:a6:58:f1:
aa:77:27:6a:59:ba:9a:63:d3:8f:39:3f:a9:fc:f7:
d6:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:CF:64:49:90:C4:04:20:F5:E2:32:BA:6C:2E:DE:E1:0E:76:90:AD
X509v3 Authority Key Identifier:
keyid:5D:FB:07:4D:47:B7:E0:BC:89:1E:D0:6E:A8:FC:67:E3:8E:CF:50:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XfsHTUe34LyJHtBuqPxn447PUKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/42fc92-1663-4688-a31d-cf6a63e4efb6/1/TM9kSZDEBCD14jK6bC7e4Q52kK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/42fc92-1663-4688-a31d-cf6a63e4efb6/1/XfsHTUe34LyJHtBuqPxn447PUKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.218.8.0/22
194.77.185.0/24
194.105.40.0/21
IPv6:
2a02:db00::/29
Signature Algorithm: sha256WithRSAEncryption
73:9d:dd:58:62:fc:5a:91:5d:64:0c:f2:da:f6:fe:09:93:4c:
23:3e:e2:59:c0:bb:4b:08:8b:c4:d1:61:49:f8:40:db:7b:76:
c2:cb:d8:db:c2:d8:5b:28:15:f3:92:a8:67:4c:7a:3d:da:d3:
12:cd:d9:47:c0:7f:38:dc:aa:52:6f:11:45:68:b8:1a:be:b4:
09:37:d3:7c:b1:fb:22:d6:c7:63:c5:82:31:d7:0f:58:fc:aa:
8d:74:5e:cd:a0:7a:47:00:00:7a:a8:85:bf:ad:63:9e:14:c4:
d6:8b:00:36:2f:df:60:cf:c8:67:74:64:78:32:aa:0c:75:a7:
61:78:e0:22:06:53:08:e6:32:0f:34:ef:72:37:28:6f:46:3e:
75:7a:56:e6:b3:b6:9c:e7:75:ad:33:16:61:55:f0:32:f1:12:
07:0b:22:85:22:8f:7a:5b:7f:50:a1:6c:b4:88:2d:fb:9c:e7:
01:f1:dd:6b:cd:fa:d2:4c:63:91:7f:ae:64:2f:83:55:6a:53:
8c:ea:e5:ef:1d:67:c2:a3:f6:29:64:16:d8:c3:63:bc:26:34:
3a:2d:ca:d6:a9:30:e8:e2:2e:81:97:bd:ef:f4:fa:ca:eb:43:
8d:d5:6a:2b:7a:75:29:7f:f7:df:53:c5:95:b5:4e:73:df:7a:
fb:37:2f:ba
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVzuogmeQHR1AaI7nVdLhYsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZmIwNzRkNDdiN2UwYmM4OTFlZDA2ZWE4ZmM2N2UzOGVj
ZjUwYTEwHhcNMjMwMTAyMTgyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2NmNjQ0OTkwYzQwNDIwZjVlMjMyYmE2YzJlZGVlMTBlNzY5MGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3MPypCZKMSeyA/v5MkFteyfMlK3
vcjW33vKuQhF5UpSU2lYY7d/gFUP+3cwJb5kdv5AAq1pukYpaQnD9I8IiqE1r03o
aS2/rshXeyCP5v+/lvCk/nDyR3yhwMygWTmJ6alhwSYp4Gkxlw1OWgz3BU3uEMSv
OjDcMVPCj1/ocVNpB5xps8O12abZELVL3O2fkcllvYQBnclFWy5HqjynZVsffA5D
jqI5IsFHyef/PieiRUWmEVlB5dzAQ+WcohP6yhWmqSWl8D41KYkpWhAfH8iTyRqT
+DFK0nv2ySz/o1wUlCMI8zLN95/b9FumWPGqdydqWbqaY9OPOT+p/PfWoQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEzPZEmQxAQg9eIyumwu3uEOdpCtMB8GA1UdIwQY
MBaAFF37B01Ht+C8iR7Qbqj8Z+OOz1ChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGZzSFRVZTM0THlKSHRCdXFQeG40NDdQVUtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi80MmZjOTItMTY2My00Njg4LWEzMWQt
Y2Y2YTYzZTRlZmI2LzEvVE05a1NaREVCQ0QxNGpLNmJDN2U0UTUya0swLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi80MmZjOTItMTY2My00Njg4LWEzMWQtY2Y2YTYzZTRlZmI2
LzEvWGZzSFRVZTM0THlKSHRCdXFQeG40NDdQVUtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCwdoIAwQA
wk25AwQDwmkoMA0EAgACMAcDBQMqAtsAMA0GCSqGSIb3DQEBCwUAA4IBAQBznd1Y
YvxakV1kDPLa9v4Jk0wjPuJZwLtLCIvE0WFJ+EDbe3bCy9jbwthbKBXzkqhnTHo9
2tMSzdlHwH843KpSbxFFaLgavrQJN9N8sfsi1sdjxYIx1w9Y/KqNdF7NoHpHAAB6
qIW/rWOeFMTWiwA2L99gz8hndGR4MqoMdadheOAiBlMI5jIPNO9yNyhvRj51elbm
s7ac53WtMxZhVfAy8RIHCyKFIo96W39QoWy0iC37nOcB8d1rzfrSTGORf65kL4NV
alOM6uXvHWfCo/YpZBbYw2O8JjQ6LcrWqTDo4i6Bl73v9PrK60ON1WorenUpf/ff
U8WVtU5z33r7Ny+6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:04 2024 by rpki-client on console-fra.rpki-client.org