Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/TJm-5NvpbaZkrrTEKcT_vHmmS_8.roa
File: TJm-5NvpbaZkrrTEKcT_vHmmS_8.roa (raw, json)
Hash identifier: 4yj4+Q0RRkFdK6x5297yuG/Bwl+IUSo12j6mxZTOhOE=
Subject key identifier: 4C:99:BE:E4:DB:E9:6D:A6:64:AE:B4:C4:29:C4:FF:BC:79:A6:4B:FF
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018ECC4A0848C878A6629B4787889B104AA9
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/TJm-5NvpbaZkrrTEKcT_vHmmS_8.roa
Signing time: Thu 11 Apr 2024 08:33:07 +0000
ROA not before: Thu 11 Apr 2024 08:33:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202656
IP address blocks: 31.41.251.0/24 maxlen: 24
31.41.254.0/24 maxlen: 24
45.87.126.0/24 maxlen: 24
45.95.29.0/24 maxlen: 24
45.128.125.0/24 maxlen: 24
45.128.126.0/24 maxlen: 24
45.128.127.0/24 maxlen: 24
45.128.128.0/24 maxlen: 24
88.151.8.0/24 maxlen: 24
94.154.190.0/24 maxlen: 24
176.116.15.0/24 maxlen: 24
176.126.96.0/24 maxlen: 24
193.28.178.0/24 maxlen: 24
193.187.105.0/24 maxlen: 24
194.59.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Aug 2024 21:26:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cc:4a:08:48:c8:78:a6:62:9b:47:87:88:9b:10:4a:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Apr 11 08:33:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c99bee4dbe96da664aeb4c429c4ffbc79a64bff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:52:1a:7c:a7:eb:85:5b:87:1f:24:fd:3f:bc:
47:a2:9e:e0:9d:3d:23:4a:a0:ea:a9:f1:08:4f:c1:
ed:db:d2:fa:74:b4:fa:68:8d:af:31:ee:8b:5e:3d:
a7:38:de:8a:e9:b0:de:a6:ea:d3:57:a8:84:43:96:
5b:35:de:9e:ed:9b:78:86:4d:94:1b:8b:f2:d9:3b:
ae:70:0f:c7:42:25:bf:c5:f9:97:56:48:c0:1b:e6:
21:e1:01:8c:b0:9b:af:6d:b9:f2:f2:a4:79:e1:c1:
50:fb:8d:5b:0c:6c:65:81:8f:55:a0:8f:90:54:c2:
fc:bc:d3:42:a5:b5:fb:70:fa:ed:fa:91:13:d9:ce:
dd:4c:32:0b:15:b4:d0:86:19:98:90:5d:3f:a7:fe:
53:3c:74:4c:a0:c5:54:c4:45:06:e7:57:83:82:05:
a5:6a:6e:e7:53:fb:ac:1b:fe:ab:c1:77:7b:73:d3:
64:b9:fc:00:5b:02:03:c6:36:ed:2b:26:30:3c:f4:
6d:21:40:7b:fb:85:8a:d6:e7:e7:ab:70:c3:68:d8:
b9:d1:a8:a8:59:7e:73:b9:10:98:c8:91:56:b3:68:
72:e4:ed:2e:d7:df:a5:4c:0b:bc:ba:df:43:31:e3:
63:45:72:5e:77:75:e9:46:5d:c5:24:fe:28:6e:cd:
6d:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:99:BE:E4:DB:E9:6D:A6:64:AE:B4:C4:29:C4:FF:BC:79:A6:4B:FF
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/TJm-5NvpbaZkrrTEKcT_vHmmS_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.251.0/24
31.41.254.0/24
45.87.126.0/24
45.95.29.0/24
45.128.125.0-45.128.128.255
88.151.8.0/24
94.154.190.0/24
176.116.15.0/24
176.126.96.0/24
193.28.178.0/24
193.187.105.0/24
194.59.187.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:9a:18:18:58:5a:e4:9e:a5:d0:fd:1b:ff:03:73:42:6f:4d:
8f:b1:86:9d:82:9a:df:62:f8:3a:31:ed:35:0b:cd:72:1c:4b:
71:81:2e:0e:05:42:3c:23:57:04:82:00:15:63:a6:93:dc:2e:
91:95:6c:4b:47:15:ec:0f:6b:ea:72:b5:ca:f8:0e:7a:db:9c:
1a:af:70:ce:f7:5b:b3:23:38:ca:a4:9c:aa:3a:14:86:f1:72:
90:ef:71:c7:3c:9c:e0:2d:9d:df:0b:09:9d:f6:77:bc:1b:22:
df:94:32:03:14:f0:ec:0f:1c:33:df:46:6e:a0:29:8d:ff:27:
d1:2a:c7:09:55:02:95:fb:6c:de:cc:24:7e:7e:25:8b:02:7a:
9d:27:5e:38:6a:41:5e:7c:c1:c1:33:68:2c:20:ce:99:55:48:
ed:28:43:6b:a4:c7:5a:c4:d8:e1:4d:28:fb:22:a3:86:3e:cf:
40:89:e5:d0:3b:a5:e8:09:2d:7e:24:00:d3:7c:16:cd:06:fb:
8e:30:43:15:ff:88:ae:e2:46:1e:cd:77:d1:9f:23:9d:f1:5e:
e1:37:ef:42:30:7d:8f:67:95:b6:38:19:3b:c9:2f:be:69:80:
16:e9:61:79:f2:5a:fc:a5:87:26:5e:ab:fe:dd:a1:46:19:ff:
80:23:d5:3b
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAY7MSghIyHimYptHh4ibEEqpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNDExMDgzMzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yzk5YmVlNGRiZTk2ZGE2NjRhZWI0YzQyOWM0ZmZiYzc5YTY0YmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlIafKfrhVuHHyT9P7xHop7gnT0j
SqDqqfEIT8Ht29L6dLT6aI2vMe6LXj2nON6K6bDepurTV6iEQ5ZbNd6e7Zt4hk2U
G4vy2TuucA/HQiW/xfmXVkjAG+Yh4QGMsJuvbbny8qR54cFQ+41bDGxlgY9VoI+Q
VML8vNNCpbX7cPrt+pET2c7dTDILFbTQhhmYkF0/p/5TPHRMoMVUxEUG51eDggWl
am7nU/usG/6rwXd7c9NkufwAWwIDxjbtKyYwPPRtIUB7+4WK1ufnq3DDaNi50aio
WX5zuRCYyJFWs2hy5O0u19+lTAu8ut9DMeNjRXJed3XpRl3FJP4obs1tGQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFEyZvuTb6W2mZK60xCnE/7x5pkv/MB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvVEptLTVOdnBiYVprcnJURUtjVF92SG1tU184LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAHyn7AwQA
Hyn+AwQALVd+AwQALV8dMAwDBAAtgH0DBAAtgIADBABYlwgDBABemr4DBACwdA8D
BACwfmADBADBHLIDBADBu2kDBADCO7swDQYJKoZIhvcNAQELBQADggEBABqaGBhY
WuSepdD9G/8Dc0JvTY+xhp2Cmt9i+Dox7TULzXIcS3GBLg4FQjwjVwSCABVjppPc
LpGVbEtHFewPa+pytcr4DnrbnBqvcM73W7MjOMqknKo6FIbxcpDvccc8nOAtnd8L
CZ32d7wbIt+UMgMU8OwPHDPfRm6gKY3/J9EqxwlVApX7bN7MJH5+JYsCep0nXjhq
QV58wcEzaCwgzplVSO0oQ2ukx1rE2OFNKPsio4Y+z0CJ5dA7pegJLX4kANN8Fs0G
+44wQxX/iK7iRh7Nd9GfI53xXuE370IwfY9nlbY4GTvJL75pgBbpYXnyWvylhyZe
q/7doUYZ/4Aj1Ts=
-----END CERTIFICATE-----
Generated at Mon Aug 12 23:53:59 2024 by rpki-client on console-ams.rpki-client.org