Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/TMESk9tlFW6Le7PKkSW_X3JSR2A.roa
File: TMESk9tlFW6Le7PKkSW_X3JSR2A.roa (raw, json)
Hash identifier: RpvmxFx/rSDgP0PQs0m9TarIfx4+CVZE8PyidoiBQ1I=
Subject key identifier: 4C:C1:12:93:DB:65:15:6E:8B:7B:B3:CA:91:25:BF:5F:72:52:47:60
Certificate issuer: /CN=6696aea6bab79c48f5ddee4a46bf4ab64d863160
Certificate serial: 018CC8714A7420153D3D59753F53D488B27F
Authority key identifier: 66:96:AE:A6:BA:B7:9C:48:F5:DD:EE:4A:46:BF:4A:B6:4D:86:31:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zpauprq3nEj13e5KRr9Ktk2GMWA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/TMESk9tlFW6Le7PKkSW_X3JSR2A.roa
Signing time: Tue 02 Jan 2024 04:31:56 +0000
ROA not before: Tue 02 Jan 2024 04:31:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39122
IP address blocks: 185.97.236.0/22 maxlen: 22
81.17.240.0/20 maxlen: 24
194.36.58.0/23 maxlen: 23
91.197.234.0/23 maxlen: 23
194.36.64.0/23 maxlen: 23
176.52.222.0/23 maxlen: 23
185.152.72.0/22 maxlen: 22
185.209.164.0/22 maxlen: 22
200.69.8.0/21 maxlen: 21
185.206.192.0/22 maxlen: 22
78.153.192.0/19 maxlen: 24
185.2.64.0/22 maxlen: 22
46.22.128.0/20 maxlen: 20
2a01:a8::/32 maxlen: 32
2a01:ac::/32 maxlen: 32
2a01:ad::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 16 Jan 2024 17:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:4a:74:20:15:3d:3d:59:75:3f:53:d4:88:b2:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6696aea6bab79c48f5ddee4a46bf4ab64d863160
Validity
Not Before: Jan 2 04:31:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4cc11293db65156e8b7bb3ca9125bf5f72524760
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:95:60:64:fe:2d:07:04:71:91:4d:f6:e9:49:
6e:ba:af:84:7a:9e:81:a8:b2:ab:b1:66:0d:29:3d:
79:9c:de:8a:72:f0:e4:5d:25:ca:c6:3c:41:06:f3:
e7:24:e1:57:2d:1f:db:75:f5:60:5d:cd:b4:32:f0:
ec:5c:ec:98:44:20:0d:8a:c9:12:72:5b:50:c5:9f:
6b:57:5d:ac:e2:28:dc:55:4e:da:d9:06:46:bb:25:
99:af:2a:cd:24:8e:7e:d8:7c:48:24:67:1c:c3:70:
ad:e0:49:89:18:7b:98:69:7a:60:f1:a2:3e:fa:28:
02:3f:c5:b1:00:b2:13:37:db:05:aa:ae:32:9d:a1:
68:79:49:2f:08:1e:03:c4:fb:49:7b:98:c6:a2:75:
d5:f6:69:26:14:f9:ed:b1:26:36:92:56:94:b3:dc:
aa:3e:78:2a:ea:d6:43:e4:82:14:fa:62:8b:2f:f3:
8f:29:7e:b0:40:7b:a1:b3:4f:d2:91:f6:9b:7e:4a:
2b:bb:9e:52:b5:6e:a0:91:ad:17:c0:6e:37:86:e8:
db:04:cd:45:24:36:5e:08:4d:70:03:b0:14:ec:4a:
8d:90:fb:06:69:a4:19:eb:c2:b2:fe:02:d9:03:13:
bb:f9:f1:4c:7b:ae:44:db:76:4e:46:da:bb:9a:80:
c9:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:C1:12:93:DB:65:15:6E:8B:7B:B3:CA:91:25:BF:5F:72:52:47:60
X509v3 Authority Key Identifier:
keyid:66:96:AE:A6:BA:B7:9C:48:F5:DD:EE:4A:46:BF:4A:B6:4D:86:31:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zpauprq3nEj13e5KRr9Ktk2GMWA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/TMESk9tlFW6Le7PKkSW_X3JSR2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/452c2b-f2cf-4a92-a1cd-f0198c6c2474/1/Zpauprq3nEj13e5KRr9Ktk2GMWA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.22.128.0/20
78.153.192.0/19
81.17.240.0/20
91.197.234.0/23
176.52.222.0/23
185.2.64.0/22
185.97.236.0/22
185.152.72.0/22
185.206.192.0/22
185.209.164.0/22
194.36.58.0/23
194.36.64.0/23
200.69.8.0/21
IPv6:
2a01:a8::/32
2a01:ac::/31
Signature Algorithm: sha256WithRSAEncryption
2b:91:c9:ab:94:0b:db:ab:d2:fb:24:19:89:f4:55:1e:d7:89:
82:30:01:ce:4f:f1:da:22:5e:39:39:e9:df:dc:34:2f:b6:68:
53:63:22:df:81:29:a5:30:50:00:34:26:a4:09:8d:43:4d:a2:
ac:f9:d6:4c:45:51:2c:ce:de:d6:7f:c6:79:bc:ad:78:5c:c6:
67:87:f6:e8:9c:b6:6b:45:93:46:8e:83:32:ec:bc:c3:34:f6:
41:5e:94:71:20:d5:0a:61:f0:8e:66:a2:5f:d8:f0:00:53:e8:
2b:f3:30:c4:65:f7:d3:51:03:a4:d9:61:d5:b9:0d:75:fb:38:
a3:62:a0:f5:1b:12:90:c5:e4:fe:77:48:c6:f6:f0:11:3c:a3:
93:64:96:6b:dc:dc:d6:7d:55:13:22:48:2c:d0:aa:62:44:21:
d2:2b:b8:91:77:96:ac:6b:ee:b8:08:80:3f:10:8e:1d:72:94:
17:d9:66:83:9a:a4:57:13:ef:3f:d7:d8:e7:24:5b:4c:aa:38:
0f:85:22:44:f1:b2:af:cd:c9:3d:bb:07:19:c8:06:08:b2:80:
9c:ed:5e:e0:25:c5:17:64:12:39:2e:5f:81:5e:9a:13:33:e4:
c4:88:c6:83:8a:fa:0c:9b:84:2e:c4:23:83:c1:32:82:7e:a3:
c0:08:dd:5c
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAYzIcUp0IBU9PVl1P1PUiLJ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OTZhZWE2YmFiNzljNDhmNWRkZWU0YTQ2YmY0YWI2NGQ4
NjMxNjAwHhcNMjQwMTAyMDQzMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2MxMTI5M2RiNjUxNTZlOGI3YmIzY2E5MTI1YmY1ZjcyNTI0NzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJVgZP4tBwRxkU326Uluuq+Eep6B
qLKrsWYNKT15nN6KcvDkXSXKxjxBBvPnJOFXLR/bdfVgXc20MvDsXOyYRCANiskS
cltQxZ9rV12s4ijcVU7a2QZGuyWZryrNJI5+2HxIJGccw3Ct4EmJGHuYaXpg8aI+
+igCP8WxALITN9sFqq4ynaFoeUkvCB4DxPtJe5jGonXV9mkmFPntsSY2klaUs9yq
Pngq6tZD5IIU+mKLL/OPKX6wQHuhs0/Skfabfkoru55StW6gka0XwG43hujbBM1F
JDZeCE1wA7AU7EqNkPsGaaQZ68Ky/gLZAxO7+fFMe65E23ZORtq7moDJQQIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFEzBEpPbZRVui3uzypElv19yUkdgMB8GA1UdIwQY
MBaAFGaWrqa6t5xI9d3uSka/SrZNhjFgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnBhdXBycTNuRWoxM2U1S1JyOUt0azJHTVdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My80NTJjMmItZjJjZi00YTkyLWExY2Qt
ZjAxOThjNmMyNDc0LzEvVE1FU2s5dGxGVzZMZTdQS2tTV19YM0pTUjJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My80NTJjMmItZjJjZi00YTkyLWExY2QtZjAxOThjNmMyNDc0
LzEvWnBhdXBycTNuRWoxM2U1S1JyOUt0azJHTVdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBUBAIAATBOAwQELhaAAwQF
TpnAAwQEURHwAwQBW8XqAwQBsDTeAwQCuQJAAwQCuWHsAwQCuZhIAwQCuc7AAwQC
udGkAwQBwiQ6AwQBwiRAAwQDyEUIMBQEAgACMA4DBQAqAQCoAwUBKgEArDANBgkq
hkiG9w0BAQsFAAOCAQEAK5HJq5QL26vS+yQZifRVHteJgjABzk/x2iJeOTnp39w0
L7ZoU2Mi34EppTBQADQmpAmNQ02irPnWTEVRLM7e1n/GebyteFzGZ4f26Jy2a0WT
Ro6DMuy8wzT2QV6UcSDVCmHwjmaiX9jwAFPoK/MwxGX301EDpNlh1bkNdfs4o2Kg
9RsSkMXk/ndIxvbwETyjk2SWa9zc1n1VEyJILNCqYkQh0iu4kXeWrGvuuAiAPxCO
HXKUF9lmg5qkVxPvP9fY5yRbTKo4D4UiRPGyr83JPbsHGcgGCLKAnO1e4CXFF2QS
OS5fgV6aEzPkxIjGg4r6DJuELsQjg8Eygn6jwAjdXA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:36 2024 by rpki-client on console-ams.rpki-client.org