Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/Tkz6evdG6EYGXg04cZVrCHWHdv4.roa
File: Tkz6evdG6EYGXg04cZVrCHWHdv4.roa (raw, json)
Hash identifier: daUYsYrs7q060uTjchpksy12ZsbSIJ3hC+6hljcjdQ4=
Subject key identifier: 4E:4C:FA:7A:F7:46:E8:46:06:5E:0D:38:71:95:6B:08:75:87:76:FE
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 018BDEBB093DA89D386F9A20DC23B6364349
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/Tkz6evdG6EYGXg04cZVrCHWHdv4.roa
Signing time: Fri 17 Nov 2023 19:21:21 +0000
ROA not before: Fri 17 Nov 2023 19:21:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198484
IP address blocks: 141.226.132.0/24 maxlen: 24
37.26.144.0/21 maxlen: 21
37.26.145.0/24 maxlen: 24
37.26.146.0/24 maxlen: 24
37.26.147.0/24 maxlen: 24
37.26.148.0/24 maxlen: 24
37.26.149.0/24 maxlen: 24
2a03:c5c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:de:bb:09:3d:a8:9d:38:6f:9a:20:dc:23:b6:36:43:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Nov 17 19:21:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e4cfa7af746e846065e0d3871956b08758776fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:2a:24:1f:1e:1e:da:16:60:4a:01:ca:06:68:
d7:ba:32:bd:25:3f:6e:b5:32:14:cd:b9:f1:9f:93:
f0:4f:f8:af:8c:6a:5a:b3:13:3e:69:41:ff:87:cb:
68:7b:a6:fb:6f:8d:cd:3c:af:88:b0:ef:2d:bb:91:
73:9c:17:5b:b7:80:6d:81:48:6e:b9:1b:ea:74:49:
61:e9:40:b3:8b:86:49:80:0f:28:76:4f:66:2e:47:
b5:33:8f:57:d6:94:1d:5d:38:ee:41:45:0a:5c:3f:
58:ba:c7:d8:05:e1:31:01:d2:e6:f5:cb:32:83:e7:
f5:9b:3e:40:bd:39:ba:1a:66:e9:79:70:45:6c:16:
30:65:50:c4:ec:03:97:72:84:9e:dc:ac:a5:b9:07:
61:d3:de:f6:7c:31:1a:13:6a:43:3b:74:03:d3:d0:
63:28:37:83:29:b1:1e:f3:70:4c:ed:f5:c8:57:02:
66:8d:6a:c1:ba:a7:30:e1:e9:2f:00:3e:06:28:7d:
d5:a2:d3:c9:f5:da:bd:62:13:3e:33:08:d0:5e:e2:
04:92:48:d7:b0:18:1d:0d:d3:cb:e3:a8:a0:d0:66:
f5:2d:1b:f8:3b:1c:b9:b4:13:78:32:b7:09:09:4d:
d3:50:5b:31:31:27:dd:5c:42:8b:3f:49:f2:d3:bd:
59:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:4C:FA:7A:F7:46:E8:46:06:5E:0D:38:71:95:6B:08:75:87:76:FE
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/Tkz6evdG6EYGXg04cZVrCHWHdv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.26.144.0/21
141.226.132.0/24
IPv6:
2a03:c5c0::/32
Signature Algorithm: sha256WithRSAEncryption
37:c0:0a:ce:6d:66:93:3e:8c:6d:6d:b9:6a:27:4c:5e:bd:82:
83:02:c7:09:19:54:b5:01:f6:1c:4c:d4:68:37:cd:c5:58:2a:
44:18:d6:4a:bb:ca:61:3c:e6:ed:a6:4f:80:c2:ff:62:d8:35:
e0:1f:be:e8:9e:2e:5b:3b:98:33:d1:10:cf:72:cf:64:f8:17:
58:64:30:16:40:41:e4:b6:80:1c:90:fb:bd:98:51:de:bb:00:
0f:54:f6:bb:47:c5:c7:ff:74:5b:9d:34:1d:d8:e1:60:cf:da:
f2:03:de:2e:fb:e6:e2:a9:cd:e6:d3:18:20:a5:ae:ef:5b:7b:
72:bb:f4:cf:f7:7d:22:65:b1:80:55:a5:02:84:47:c1:78:38:
28:2b:3a:dd:7c:72:90:47:97:1a:2c:73:2a:4f:cb:26:e6:56:
e0:be:79:cc:f3:d5:04:34:78:4d:64:0f:fd:a4:4e:c5:c5:da:
c4:ab:91:ce:d3:79:2e:51:af:a5:6d:1b:9f:1a:73:15:7b:1e:
09:54:38:75:f0:d6:d2:66:b7:97:c7:50:07:5d:29:66:e4:e5:
ff:8f:97:4b:a9:ca:db:d1:3e:cc:d7:43:02:3d:77:7f:79:84:
70:c4:b1:7a:a4:aa:5e:ee:cc:13:6c:b7:da:83:ad:f5:3b:9c:
69:b5:f5:f6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYveuwk9qJ04b5og3CO2NkNJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjMxMTE3MTkyMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTRjZmE3YWY3NDZlODQ2MDY1ZTBkMzg3MTk1NmIwODc1ODc3NmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCokHx4e2hZgSgHKBmjXujK9JT9u
tTIUzbnxn5PwT/ivjGpasxM+aUH/h8toe6b7b43NPK+IsO8tu5FznBdbt4BtgUhu
uRvqdElh6UCzi4ZJgA8odk9mLke1M49X1pQdXTjuQUUKXD9YusfYBeExAdLm9csy
g+f1mz5AvTm6GmbpeXBFbBYwZVDE7AOXcoSe3KyluQdh0972fDEaE2pDO3QD09Bj
KDeDKbEe83BM7fXIVwJmjWrBuqcw4ekvAD4GKH3VotPJ9dq9YhM+MwjQXuIEkkjX
sBgdDdPL46ig0Gb1LRv4Oxy5tBN4MrcJCU3TUFsxMSfdXEKLP0ny071ZFwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFE5M+nr3RuhGBl4NOHGVawh1h3b+MB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvVGt6NmV2ZEc2RVlHWGcwNGNaVnJDSFdIZHY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJRqQAwQA
jeKEMA0EAgACMAcDBQAqA8XAMA0GCSqGSIb3DQEBCwUAA4IBAQA3wArObWaTPoxt
bblqJ0xevYKDAscJGVS1AfYcTNRoN83FWCpEGNZKu8phPObtpk+Awv9i2DXgH77o
ni5bO5gz0RDPcs9k+BdYZDAWQEHktoAckPu9mFHeuwAPVPa7R8XH/3RbnTQd2OFg
z9ryA94u++biqc3m0xggpa7vW3tyu/TP930iZbGAVaUChEfBeDgoKzrdfHKQR5ca
LHMqT8sm5lbgvnnM89UENHhNZA/9pE7FxdrEq5HO03kuUa+lbRufGnMVex4JVDh1
8NbSZreXx1AHXSlm5OX/j5dLqcrb0T7M10MCPXd/eYRwxLF6pKpe7swTbLfag631
O5xptfX2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:17 2024 by rpki-client on console-fra.rpki-client.org