Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/cce20b-4d5a-48f8-b88e-81039f3cf3fd/1/Ts5nl6khDv086Ad47ywH0vmxISY.roa
File: Ts5nl6khDv086Ad47ywH0vmxISY.roa (raw, json)
Hash identifier: dvNMA9hPUmFhdmMZUXTSmBWIwUodmFEhppcdwmt8ulw=
Subject key identifier: 4E:CE:67:97:A9:21:0E:FD:3C:E8:07:78:EF:2C:07:D2:F9:B1:21:26
Certificate issuer: /CN=7d02fa2c5ba2892045e7cd50a5adfd54d6dbb8c2
Certificate serial: 018E6F24C7DDC299F13F1DB925F0193CB7D3
Authority key identifier: 7D:02:FA:2C:5B:A2:89:20:45:E7:CD:50:A5:AD:FD:54:D6:DB:B8:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQL6LFuiiSBF581Qpa39VNbbuMI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/cce20b-4d5a-48f8-b88e-81039f3cf3fd/1/Ts5nl6khDv086Ad47ywH0vmxISY.roa
Signing time: Sun 24 Mar 2024 06:27:45 +0000
ROA not before: Sun 24 Mar 2024 06:27:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201205
IP address blocks: 37.230.120.0/21 maxlen: 21
78.24.168.0/21 maxlen: 21
147.12.64.0/19 maxlen: 24
147.12.64.0/24 maxlen: 24
176.62.136.0/21 maxlen: 21
185.29.4.0/22 maxlen: 22
185.160.220.0/22 maxlen: 24
193.53.101.0/24 maxlen: 24
193.53.102.0/24 maxlen: 24
2a01:5c00::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 20 Nov 2024 09:52:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:6f:24:c7:dd:c2:99:f1:3f:1d:b9:25:f0:19:3c:b7:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d02fa2c5ba2892045e7cd50a5adfd54d6dbb8c2
Validity
Not Before: Mar 24 06:27:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ece6797a9210efd3ce80778ef2c07d2f9b12126
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:48:3e:33:3f:41:e6:ad:0d:94:e9:8d:4f:e9:
e5:bd:43:b1:ce:88:d9:c6:8b:d9:a6:34:d6:19:38:
7b:1b:06:83:e2:ac:ae:ed:1b:93:66:0f:ce:de:38:
81:16:d5:b8:f8:d4:a0:27:c4:34:35:75:7c:ae:cb:
f5:9d:77:cc:e7:0d:f6:37:33:5c:08:a6:21:e6:f4:
ab:af:1b:c2:1a:d4:26:e4:93:76:c8:27:93:1e:8d:
f0:d2:e9:f6:89:8f:78:90:10:eb:26:41:da:1a:b0:
3a:27:b8:b1:8a:74:ec:ae:8a:aa:25:f8:13:7f:fc:
75:13:9a:8e:74:8d:a8:84:9b:8f:1c:ed:45:b5:fa:
54:85:58:fc:e0:ef:f3:a5:8a:71:3d:04:49:d4:a7:
b0:6f:94:58:af:29:89:2e:f2:ae:e3:88:26:77:20:
fb:3f:8f:ee:07:a8:5a:37:e9:28:aa:81:93:42:bd:
26:3a:5e:e4:f2:f8:47:47:ac:01:6a:9e:56:da:76:
d9:ca:c5:1d:92:ae:83:bb:49:51:a8:94:df:48:2e:
e0:27:f3:1d:67:a2:b6:f7:bc:72:86:b3:c6:9e:61:
b7:32:40:d6:16:b3:83:28:4e:a1:10:ec:ad:5e:11:
ef:41:a2:0a:5b:a8:6f:f3:f1:6b:75:39:64:f4:42:
e3:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:CE:67:97:A9:21:0E:FD:3C:E8:07:78:EF:2C:07:D2:F9:B1:21:26
X509v3 Authority Key Identifier:
keyid:7D:02:FA:2C:5B:A2:89:20:45:E7:CD:50:A5:AD:FD:54:D6:DB:B8:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQL6LFuiiSBF581Qpa39VNbbuMI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/cce20b-4d5a-48f8-b88e-81039f3cf3fd/1/Ts5nl6khDv086Ad47ywH0vmxISY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/cce20b-4d5a-48f8-b88e-81039f3cf3fd/1/fQL6LFuiiSBF581Qpa39VNbbuMI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.230.120.0/21
78.24.168.0/21
147.12.64.0/19
176.62.136.0/21
185.29.4.0/22
185.160.220.0/22
193.53.101.0-193.53.102.255
IPv6:
2a01:5c00::/32
Signature Algorithm: sha256WithRSAEncryption
01:de:28:bc:6f:53:44:a6:63:86:b3:80:74:e3:31:6a:96:53:
90:97:f3:11:38:35:ff:c1:91:72:c2:78:8c:24:fe:e1:c3:91:
34:43:81:7d:87:23:71:43:10:c5:de:5e:db:00:33:5b:75:7d:
00:22:d7:be:00:03:2d:3f:58:f3:cd:70:9f:98:dd:c8:66:94:
10:d2:38:db:c6:cc:e5:83:d4:94:66:86:00:03:d6:53:4d:db:
98:20:ba:06:36:46:c8:56:00:a8:c0:29:90:48:e1:b8:cd:f6:
aa:6c:bd:02:80:fd:98:b5:23:cd:97:19:04:07:f4:d5:57:96:
9f:d4:f3:b9:7e:a4:ee:e9:a5:47:29:6d:48:2a:8d:f2:53:c8:
d6:47:5a:97:60:72:a4:4f:d0:37:31:87:2f:99:00:ff:69:2f:
f4:8a:dd:26:fa:5b:d3:88:c9:18:ac:f0:92:81:84:e1:fc:d9:
f3:14:b1:40:1e:eb:68:82:be:e1:f3:79:68:e1:c3:c1:ae:c7:
e1:53:6b:fc:7c:d9:3a:e8:2c:e8:bf:cf:f5:87:df:da:b8:91:
1e:3f:cb:da:98:b1:d3:3d:41:31:59:c3:bb:b8:e3:de:d0:db:
6d:25:32:61:9b:e1:13:70:9b:ed:a7:d2:bd:e9:b8:94:e1:14:
a9:4f:84:b3
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAY5vJMfdwpnxPx25JfAZPLfTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDJmYTJjNWJhMjg5MjA0NWU3Y2Q1MGE1YWRmZDU0ZDZk
YmI4YzIwHhcNMjQwMzI0MDYyNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWNlNjc5N2E5MjEwZWZkM2NlODA3NzhlZjJjMDdkMmY5YjEyMTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUg+Mz9B5q0NlOmNT+nlvUOxzojZ
xovZpjTWGTh7GwaD4qyu7RuTZg/O3jiBFtW4+NSgJ8Q0NXV8rsv1nXfM5w32NzNc
CKYh5vSrrxvCGtQm5JN2yCeTHo3w0un2iY94kBDrJkHaGrA6J7ixinTsroqqJfgT
f/x1E5qOdI2ohJuPHO1FtfpUhVj84O/zpYpxPQRJ1Kewb5RYrymJLvKu44gmdyD7
P4/uB6haN+koqoGTQr0mOl7k8vhHR6wBap5W2nbZysUdkq6Du0lRqJTfSC7gJ/Md
Z6K297xyhrPGnmG3MkDWFrODKE6hEOytXhHvQaIKW6hv8/FrdTlk9ELjXQIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFE7OZ5epIQ79POgHeO8sB9L5sSEmMB8GA1UdIwQY
MBaAFH0C+ixbookgRefNUKWt/VTW27jCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFMNkxGdWlpU0JGNTgxUXBhMzlWTmJidU1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jY2UyMGItNGQ1YS00OGY4LWI4OGUt
ODEwMzlmM2NmM2ZkLzEvVHM1bmw2a2hEdjA4NkFkNDd5d0gwdm14SVNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9jY2UyMGItNGQ1YS00OGY4LWI4OGUtODEwMzlmM2NmM2Zk
LzEvZlFMNkxGdWlpU0JGNTgxUXBhMzlWTmJidU1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyAwQDJeZ4AwQD
ThioAwQFkwxAAwQDsD6IAwQCuR0EAwQCuaDcMAwDBADBNWUDBADBNWYwDQQCAAIw
BwMFACoBXAAwDQYJKoZIhvcNAQELBQADggEBAAHeKLxvU0SmY4azgHTjMWqWU5CX
8xE4Nf/BkXLCeIwk/uHDkTRDgX2HI3FDEMXeXtsAM1t1fQAi174AAy0/WPPNcJ+Y
3chmlBDSONvGzOWD1JRmhgAD1lNN25ggugY2RshWAKjAKZBI4bjN9qpsvQKA/Zi1
I82XGQQH9NVXlp/U87l+pO7ppUcpbUgqjfJTyNZHWpdgcqRP0Dcxhy+ZAP9pL/SK
3Sb6W9OIyRis8JKBhOH82fMUsUAe62iCvuHzeWjhw8Gux+FTa/x82TroLOi/z/WH
39q4kR4/y9qYsdM9QTFZw7u4497Q220lMmGb4RNwm+2n0r3puJThFKlPhLM=
-----END CERTIFICATE-----
Generated at Wed Nov 20 13:14:12 2024 by rpki-client on console-fra.rpki-client.org