Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/TBZ-wWxRxUoHLQyEuhDIzZoHB1U.roa
File: TBZ-wWxRxUoHLQyEuhDIzZoHB1U.roa (raw, json)
Hash identifier: o7h1zCDVjijkY+t99M6q+onwVPdUc3yxlTl4zvkYQgY=
Subject key identifier: 4C:16:7E:C1:6C:51:C5:4A:07:2D:0C:84:BA:10:C8:CD:9A:07:07:55
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018C7C3E4E2DEE21E21026C6D4DA78AD0109
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/TBZ-wWxRxUoHLQyEuhDIzZoHB1U.roa
Signing time: Mon 18 Dec 2023 09:25:07 +0000
ROA not before: Mon 18 Dec 2023 09:25:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61390
IP address blocks: 93.171.40.0/22 maxlen: 24
92.38.33.0/24 maxlen: 24
93.170.108.0/22 maxlen: 24
146.158.60.0/22 maxlen: 24
93.171.182.0/23 maxlen: 24
93.170.232.0/22 maxlen: 24
146.120.120.0/22 maxlen: 24
146.120.236.0/22 maxlen: 24
95.46.116.0/22 maxlen: 24
146.120.252.0/22 maxlen: 24
93.170.180.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7c:3e:4e:2d:ee:21:e2:10:26:c6:d4:da:78:ad:01:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Dec 18 09:25:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c167ec16c51c54a072d0c84ba10c8cd9a070755
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:97:55:4e:02:42:2b:1e:bb:05:09:aa:da:39:
38:43:a0:90:68:11:a2:c3:81:31:d2:71:df:e0:35:
cb:65:88:b3:65:6f:fe:4f:6a:d1:b6:e4:e1:8e:a9:
dd:5e:cb:41:51:27:61:8c:88:fe:67:88:23:31:01:
85:5a:8d:3b:ef:0d:76:0c:a1:b8:b1:87:cc:d8:61:
53:ca:3b:03:f7:3f:07:ca:36:b7:d5:df:d5:00:c5:
7a:12:ee:5d:c1:32:cb:0e:fb:97:67:1b:4c:50:ce:
67:43:6f:34:be:6f:4e:09:fa:bf:0f:dc:92:91:f7:
5a:6c:a5:80:3e:8e:5d:49:b3:aa:90:a7:0f:b8:14:
b6:af:61:cf:5b:43:58:7a:82:d2:48:92:48:86:0d:
49:c1:c2:a4:ba:c3:4c:0b:ed:dd:bd:bd:18:3e:7b:
b5:28:cc:7c:c4:53:08:47:52:ae:ca:76:5b:82:f5:
32:5e:7f:e6:2c:45:73:62:8d:4e:bf:e7:de:6b:2c:
ac:01:b3:dc:85:cc:7e:59:d7:13:4d:0f:99:d9:fc:
b8:86:dd:c9:2c:0d:f3:b4:a1:68:8b:5d:ef:64:6f:
d7:48:fc:c9:4f:be:be:d7:21:19:34:5c:a7:56:d8:
99:31:04:c4:a0:6d:5c:d1:a1:ec:10:ea:e5:f0:c3:
f1:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:16:7E:C1:6C:51:C5:4A:07:2D:0C:84:BA:10:C8:CD:9A:07:07:55
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/TBZ-wWxRxUoHLQyEuhDIzZoHB1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.38.33.0/24
93.170.108.0/22
93.170.180.0/22
93.170.232.0/22
93.171.40.0/22
93.171.182.0/23
95.46.116.0/22
146.120.120.0/22
146.120.236.0/22
146.120.252.0/22
146.158.60.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:02:dd:9f:a4:48:13:35:b6:fa:61:8c:93:04:a9:2d:93:a8:
1c:d5:76:d1:3e:48:65:c3:6a:ff:d6:a5:73:bd:32:d1:71:bd:
1a:4a:91:7c:29:3a:ed:78:0e:a8:09:c5:a5:25:b6:0b:49:41:
2d:1d:0d:da:bd:01:1d:35:42:a3:0a:bf:f2:7b:f6:ed:68:f0:
c8:97:e2:c3:f9:f2:45:c0:69:e5:d1:d9:3a:89:36:5c:4f:a4:
99:9a:7a:a7:1d:2a:b5:ae:38:4b:bd:30:52:49:ea:01:87:bc:
45:db:0e:43:de:df:7a:47:b6:26:21:81:61:b0:69:54:91:ec:
04:d2:2f:a8:8b:a7:5c:e0:0f:6d:cb:59:7e:e5:95:98:3f:8c:
8e:bf:01:b8:48:d5:05:ed:87:b7:99:c0:81:fb:9a:58:44:c8:
f3:70:12:26:b5:d0:79:0a:01:39:61:b5:d0:2e:b3:67:5c:79:
17:e0:7b:a3:60:d5:1f:ef:20:05:08:8a:2a:01:6a:e5:e4:45:
e3:18:5a:43:d5:d2:88:f1:26:ef:4c:96:bb:ed:2b:8c:c7:e5:
7b:1c:1f:93:e3:22:5f:44:8f:86:a1:4e:db:f0:a4:56:b5:e0:
09:0f:19:92:10:85:5f:11:58:96:46:36:48:c2:a6:4c:1b:da:
08:20:9b:e9
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYx8Pk4t7iHiECbG1Np4rQEJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMxMjE4MDkyNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzE2N2VjMTZjNTFjNTRhMDcyZDBjODRiYTEwYzhjZDlhMDcwNzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpdVTgJCKx67BQmq2jk4Q6CQaBGi
w4Ex0nHf4DXLZYizZW/+T2rRtuThjqndXstBUSdhjIj+Z4gjMQGFWo077w12DKG4
sYfM2GFTyjsD9z8Hyja31d/VAMV6Eu5dwTLLDvuXZxtMUM5nQ280vm9OCfq/D9yS
kfdabKWAPo5dSbOqkKcPuBS2r2HPW0NYeoLSSJJIhg1JwcKkusNMC+3dvb0YPnu1
KMx8xFMIR1KuynZbgvUyXn/mLEVzYo1Ov+feayysAbPchcx+WdcTTQ+Z2fy4ht3J
LA3ztKFoi13vZG/XSPzJT76+1yEZNFynVtiZMQTEoG1c0aHsEOrl8MPxQwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFEwWfsFsUcVKBy0MhLoQyM2aBwdVMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvVEJaLXdXeFJ4VW9ITFF5RXVoREl6Wm9IQjFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAXCYhAwQC
XapsAwQCXaq0AwQCXaroAwQCXasoAwQBXau2AwQCXy50AwQCknh4AwQCknjsAwQC
knj8AwQCkp48MA0GCSqGSIb3DQEBCwUAA4IBAQB+At2fpEgTNbb6YYyTBKktk6gc
1XbRPkhlw2r/1qVzvTLRcb0aSpF8KTrteA6oCcWlJbYLSUEtHQ3avQEdNUKjCr/y
e/btaPDIl+LD+fJFwGnl0dk6iTZcT6SZmnqnHSq1rjhLvTBSSeoBh7xF2w5D3t96
R7YmIYFhsGlUkewE0i+oi6dc4A9ty1l+5ZWYP4yOvwG4SNUF7Ye3mcCB+5pYRMjz
cBImtdB5CgE5YbXQLrNnXHkX4HujYNUf7yAFCIoqAWrl5EXjGFpD1dKI8SbvTJa7
7SuMx+V7HB+T4yJfRI+GoU7b8KRWteAJDxmSEIVfEViWRjZIwqZMG9oIIJvp
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:34:31 2024 by rpki-client on console-fra.rpki-client.org