Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/TWTsaCCwsnf4M0bW1Q_1GzvGebc.roa
File: TWTsaCCwsnf4M0bW1Q_1GzvGebc.roa (raw, json)
Hash identifier: ZDvM2HIiUOrheBadd5CVK+5v3QGGG8OiOBesq+Q8rJs=
Subject key identifier: 4D:64:EC:68:20:B0:B2:77:F8:33:46:D6:D5:0F:F5:1B:3B:C6:79:B7
Certificate issuer: /CN=26a5aa918cbfeb3e12997f33890feb258907b343
Certificate serial: 018A00A0FC069A110CCF787589B3E7B5384F
Authority key identifier: 26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/TWTsaCCwsnf4M0bW1Q_1GzvGebc.roa
Signing time: Wed 16 Aug 2023 23:14:24 +0000
ROA not before: Wed 16 Aug 2023 23:14:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41079
IP address blocks: 185.204.216.0/22 maxlen: 24
195.114.0.0/23 maxlen: 24
185.25.148.0/22 maxlen: 24
185.5.96.0/22 maxlen: 24
91.199.22.0/24 maxlen: 24
193.17.184.0/24 maxlen: 24
178.250.40.0/21 maxlen: 24
91.239.66.0/23 maxlen: 24
185.201.112.0/22 maxlen: 24
185.208.164.0/24 maxlen: 24
194.169.227.0/24 maxlen: 24
185.123.160.0/22 maxlen: 24
185.243.52.0/22 maxlen: 24
195.242.116.0/23 maxlen: 24
195.78.66.0/23 maxlen: 24
193.218.152.0/22 maxlen: 24
91.234.146.0/24 maxlen: 24
195.2.254.0/23 maxlen: 24
91.228.196.0/22 maxlen: 24
185.180.204.0/22 maxlen: 24
91.237.52.0/24 maxlen: 24
185.193.112.0/22 maxlen: 24
2a02:1778::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:00:a0:fc:06:9a:11:0c:cf:78:75:89:b3:e7:b5:38:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26a5aa918cbfeb3e12997f33890feb258907b343
Validity
Not Before: Aug 16 23:14:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d64ec6820b0b277f83346d6d50ff51b3bc679b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:29:1e:f7:94:2d:5a:04:92:a4:f6:60:74:50:
06:10:e5:41:16:45:c2:04:41:9b:ec:db:b4:8f:da:
78:2b:36:00:7c:d7:26:c4:e2:a6:67:20:9f:2d:09:
cf:70:40:9d:a8:2f:92:9a:3d:3b:f6:c8:b5:67:8a:
e6:97:ed:87:85:f1:82:f2:e7:8c:e4:53:1e:24:31:
07:25:c9:8c:9e:c3:f7:56:f1:b3:f6:e4:03:55:5f:
46:3e:a8:29:74:63:00:9c:bb:2a:9c:61:89:f8:67:
8f:81:f1:60:04:15:bf:9f:1b:1c:10:9e:fe:52:19:
f2:20:2f:50:5b:86:3f:1a:df:df:8c:f2:cd:af:6a:
2e:02:c5:94:ee:e9:69:5a:bf:db:c4:a2:a7:3a:54:
ca:da:a3:af:a9:73:28:7b:6b:bd:1f:81:4c:98:b6:
00:10:4b:69:93:65:de:bd:88:91:b0:12:2d:3c:e1:
a4:76:41:7e:f4:07:f6:c6:e3:58:96:e5:a5:bc:ef:
9e:45:ac:bb:b1:8a:fb:be:a5:57:57:74:14:8c:2b:
bc:50:ab:0a:14:53:0b:4c:43:17:25:db:ef:1e:fe:
61:1f:0c:f0:80:91:5c:2e:71:24:42:4b:07:25:ea:
51:50:95:f5:0c:c6:d7:2c:6c:a9:69:3d:24:8d:97:
27:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:64:EC:68:20:B0:B2:77:F8:33:46:D6:D5:0F:F5:1B:3B:C6:79:B7
X509v3 Authority Key Identifier:
keyid:26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/TWTsaCCwsnf4M0bW1Q_1GzvGebc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.22.0/24
91.228.196.0/22
91.234.146.0/24
91.237.52.0/24
91.239.66.0/23
178.250.40.0/21
185.5.96.0/22
185.25.148.0/22
185.123.160.0/22
185.180.204.0/22
185.193.112.0/22
185.201.112.0/22
185.204.216.0/22
185.208.164.0/24
185.243.52.0/22
193.17.184.0/24
193.218.152.0/22
194.169.227.0/24
195.2.254.0/23
195.78.66.0/23
195.114.0.0/23
195.242.116.0/23
IPv6:
2a02:1778::/32
Signature Algorithm: sha256WithRSAEncryption
bd:15:86:7e:7a:29:de:82:a1:e5:ee:d1:fb:5d:7a:50:f6:7a:
7a:07:9e:c9:ee:9e:28:81:19:25:f7:b7:e2:16:a8:10:8c:5b:
f4:4b:60:16:71:0b:e6:6a:fd:cf:7d:ab:1d:7a:7b:ea:3c:06:
3e:4b:2d:d2:67:ae:94:8f:05:19:ed:76:eb:d2:77:4c:03:9b:
ec:41:d6:22:c9:fe:44:8f:51:d9:0a:db:d5:ba:27:a2:76:bf:
d9:ac:77:31:25:ab:ec:a5:67:fb:3d:00:63:b2:b9:bc:a2:2f:
5c:b3:d7:7b:fa:e7:ae:60:6d:a4:cd:04:f5:3e:92:f9:26:50:
40:e7:82:e8:d2:d5:a0:6d:71:4c:2f:64:02:ef:ce:ae:31:28:
7c:5d:c4:83:1f:01:b4:fd:da:42:9c:08:45:a0:38:7d:b6:d6:
0b:2e:3a:26:b9:99:ed:5f:57:0e:86:69:2a:19:66:a1:c2:7f:
bf:1b:54:b1:c3:84:91:38:74:c9:f6:ee:29:5e:61:33:51:32:
2a:22:26:aa:36:5b:b3:f6:fa:e4:a8:73:9b:d2:34:ee:0e:22:
8c:79:b3:1d:cf:85:e2:e0:46:f0:d3:89:c1:6a:04:fe:ff:8f:
4b:0a:d6:35:9b:3e:ec:98:9c:7e:f2:8a:17:16:bd:c3:65:35:
b6:aa:bd:2b
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAYoAoPwGmhEMz3h1ibPntThPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YTVhYTkxOGNiZmViM2UxMjk5N2YzMzg5MGZlYjI1ODkw
N2IzNDMwHhcNMjMwODE2MjMxNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDY0ZWM2ODIwYjBiMjc3ZjgzMzQ2ZDZkNTBmZjUxYjNiYzY3OWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSke95QtWgSSpPZgdFAGEOVBFkXC
BEGb7Nu0j9p4KzYAfNcmxOKmZyCfLQnPcECdqC+Smj079si1Z4rml+2HhfGC8ueM
5FMeJDEHJcmMnsP3VvGz9uQDVV9GPqgpdGMAnLsqnGGJ+GePgfFgBBW/nxscEJ7+
UhnyIC9QW4Y/Gt/fjPLNr2ouAsWU7ulpWr/bxKKnOlTK2qOvqXMoe2u9H4FMmLYA
EEtpk2XevYiRsBItPOGkdkF+9Af2xuNYluWlvO+eRay7sYr7vqVXV3QUjCu8UKsK
FFMLTEMXJdvvHv5hHwzwgJFcLnEkQksHJepRUJX1DMbXLGypaT0kjZcnKwIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFE1k7GggsLJ3+DNG1tUP9Rs7xnm3MB8GA1UdIwQY
MBaAFCalqpGMv+s+Epl/M4kP6yWJB7NDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTIt
Mjk3ZTI4MmQ2NmE4LzEvVFdUc2FDQ3dzbmY0TTBiVzFRXzFHenZHZWJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTItMjk3ZTI4MmQ2NmE4
LzEvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGwBggrBgEFBQcBBwEB/wSBoDCBnTCBiwQCAAEwgYQDBABb
xxYDBAJb5MQDBABb6pIDBABb7TQDBAFb70IDBAOy+igDBAK5BWADBAK5GZQDBAK5
e6ADBAK5tMwDBAK5wXADBAK5yXADBAK5zNgDBAC50KQDBAK58zQDBADBEbgDBALB
2pgDBADCqeMDBAHDAv4DBAHDTkIDBAHDcgADBAHD8nQwDQQCAAIwBwMFACoCF3gw
DQYJKoZIhvcNAQELBQADggEBAL0Vhn56Kd6CoeXu0ftdelD2enoHnsnuniiBGSX3
t+IWqBCMW/RLYBZxC+Zq/c99qx16e+o8Bj5LLdJnrpSPBRntduvSd0wDm+xB1iLJ
/kSPUdkK29W6J6J2v9msdzElq+ylZ/s9AGOyubyiL1yz13v6565gbaTNBPU+kvkm
UEDngujS1aBtcUwvZALvzq4xKHxdxIMfAbT92kKcCEWgOH221gsuOia5me1fVw6G
aSoZZqHCf78bVLHDhJE4dMn27ileYTNRMioiJqo2W7P2+uSoc5vSNO4OIox5sx3P
heLgRvDTicFqBP7/j0sK1jWbPuyYnH7yihcWvcNlNbaqvSs=
-----END CERTIFICATE-----
Generated at Tue Sep 19 22:31:00 2023 by rpki-client on console-ams.rpki-client.org