Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/TZHLR4pvFd_NDTfVoBKiA9veseY.roa
File: TZHLR4pvFd_NDTfVoBKiA9veseY.roa (raw, json)
Hash identifier: T7VKNqj9ld8vUNIF+DgTUBrXzaCzTsBTaIKwd4mH55w=
Subject key identifier: 4D:91:CB:47:8A:6F:15:DF:CD:0D:37:D5:A0:12:A2:03:DB:DE:B1:E6
Certificate issuer: /CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Certificate serial: 01856F94C2A840D4AEF9F999BEA26AB59393
Authority key identifier: 5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/TZHLR4pvFd_NDTfVoBKiA9veseY.roa
Signing time: Sun 01 Jan 2023 23:04:58 +0000
ROA not before: Sun 01 Jan 2023 23:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39650
IP address blocks: 176.221.70.0/24 maxlen: 24
176.221.68.0/24 maxlen: 24
46.32.21.0/24 maxlen: 24
46.32.23.0/24 maxlen: 24
46.32.26.0/24 maxlen: 24
46.32.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Feb 2023 08:05:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:94:c2:a8:40:d4:ae:f9:f9:99:be:a2:6a:b5:93:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Validity
Not Before: Jan 1 23:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d91cb478a6f15dfcd0d37d5a012a203dbdeb1e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:75:1e:00:8d:28:38:20:2b:94:60:bf:ee:16:
2a:16:be:a4:9f:4b:f2:4d:73:a9:97:65:fa:91:f7:
08:b4:ec:fd:93:1c:ce:7f:96:b0:f2:8f:7e:51:b3:
7c:28:16:14:d6:76:02:e8:c9:02:b8:4c:ec:4a:a3:
6f:b3:4c:67:92:3c:a9:01:f0:2d:7f:ef:ca:40:79:
a9:97:11:37:92:a0:a9:12:7e:82:63:44:ad:5f:90:
d2:0b:70:da:5c:6b:3f:cf:15:34:aa:4d:05:8b:1b:
6b:84:32:90:c4:28:8c:0c:b6:c5:b3:db:62:02:8e:
34:63:9d:c9:1c:30:65:31:e0:e9:a0:66:8b:b3:5a:
7a:5b:fa:f0:fe:58:7a:5f:67:e8:a0:67:6f:c7:b4:
f5:d6:81:35:b9:0c:ff:ce:a4:19:54:4c:bf:9c:6e:
fb:0e:92:c1:f6:e7:c7:55:50:7c:9a:3e:ad:b3:9c:
fb:25:0d:d3:83:7a:7e:d3:c7:98:2e:a9:a5:9e:31:
91:57:53:92:8a:d3:a0:fa:ec:6a:70:d7:04:b6:c3:
ea:3e:9e:df:79:e2:ef:fc:54:f1:0e:bb:9c:ce:53:
22:92:6b:aa:b0:cf:7a:0c:7b:f8:1f:41:03:6a:7e:
af:c5:c9:dc:42:1b:96:06:4a:dc:9b:1c:51:96:01:
5a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:91:CB:47:8A:6F:15:DF:CD:0D:37:D5:A0:12:A2:03:DB:DE:B1:E6
X509v3 Authority Key Identifier:
keyid:5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/TZHLR4pvFd_NDTfVoBKiA9veseY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.32.21.0/24
46.32.23.0/24
46.32.26.0/23
176.221.68.0/24
176.221.70.0/24
Signature Algorithm: sha256WithRSAEncryption
80:cb:e8:50:f0:5e:1a:30:ab:e6:d2:3f:3b:6a:cd:b4:eb:18:
c5:03:16:0e:9d:bc:a8:0b:49:3e:2e:4f:48:f5:f1:fa:3b:e7:
51:7c:99:e1:d4:f0:61:2e:f2:c5:5f:5a:c1:ca:be:6b:a0:f8:
25:8d:d3:da:24:d7:9a:be:d7:ef:d5:49:b9:b6:86:00:93:52:
3c:f5:c7:4b:83:9c:58:3e:a1:f6:c6:f8:cc:6e:96:3d:79:79:
c0:e0:fb:49:5b:7b:80:bb:88:b6:3c:c8:c2:7c:51:39:c6:5c:
03:c8:65:a3:f3:97:6d:0c:1d:aa:d2:b7:72:20:e7:a7:70:c9:
78:0e:92:80:38:3d:80:e8:fa:d5:0b:33:2a:b3:da:9f:89:da:
7d:d1:86:40:67:cb:18:c3:12:1a:0a:1f:5d:09:3e:ee:d8:33:
d5:68:da:85:5b:9e:03:40:5e:42:1d:f2:11:4b:3d:5b:af:17:
04:07:4e:58:6d:6c:18:08:9b:2b:51:6e:47:60:3b:c0:6c:74:
2b:4c:1b:db:2c:37:7a:a5:ab:07:df:4f:d9:c4:e6:ea:ab:16:
f3:53:7c:a2:c8:e3:38:79:75:35:42:e5:f3:ca:3a:a4:de:a0:
02:46:31:e3:df:3b:b8:62:95:d8:09:3d:94:5c:a0:28:86:7f:
07:5c:12:47
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVvlMKoQNSu+fmZvqJqtZOTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNjk4YzRiNjEyYWZlZTJjYmIxY2RkNTA5ZTRmMDI0NmZi
YjgwZTEwHhcNMjMwMTAxMjMwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDkxY2I0NzhhNmYxNWRmY2QwZDM3ZDVhMDEyYTIwM2RiZGViMWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnUeAI0oOCArlGC/7hYqFr6kn0vy
TXOpl2X6kfcItOz9kxzOf5aw8o9+UbN8KBYU1nYC6MkCuEzsSqNvs0xnkjypAfAt
f+/KQHmplxE3kqCpEn6CY0StX5DSC3DaXGs/zxU0qk0FixtrhDKQxCiMDLbFs9ti
Ao40Y53JHDBlMeDpoGaLs1p6W/rw/lh6X2fooGdvx7T11oE1uQz/zqQZVEy/nG77
DpLB9ufHVVB8mj6ts5z7JQ3Tg3p+08eYLqmlnjGRV1OSitOg+uxqcNcEtsPqPp7f
eeLv/FTxDruczlMikmuqsM96DHv4H0EDan6vxcncQhuWBkrcmxxRlgFaCwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFE2Ry0eKbxXfzQ031aASogPb3rHmMB8GA1UdIwQY
MBaAFFtpjEthKv7iy7HN1Qnk8CRvu4DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMt
Y2MyZmFmZTNhOGI0LzEvVFpITFI0cHZGZF9ORFRmVm9CS2lBOXZlc2VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMtY2MyZmFmZTNhOGI0
LzEvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALiAVAwQA
LiAXAwQBLiAaAwQAsN1EAwQAsN1GMA0GCSqGSIb3DQEBCwUAA4IBAQCAy+hQ8F4a
MKvm0j87as206xjFAxYOnbyoC0k+Lk9I9fH6O+dRfJnh1PBhLvLFX1rByr5roPgl
jdPaJNeavtfv1Um5toYAk1I89cdLg5xYPqH2xvjMbpY9eXnA4PtJW3uAu4i2PMjC
fFE5xlwDyGWj85dtDB2q0rdyIOencMl4DpKAOD2A6PrVCzMqs9qfidp90YZAZ8sY
wxIaCh9dCT7u2DPVaNqFW54DQF5CHfIRSz1brxcEB05YbWwYCJsrUW5HYDvAbHQr
TBvbLDd6pasH30/ZxObqqxbzU3yiyOM4eXU1QuXzyjqk3qACRjHj3zu4YpXYCT2U
XKAohn8HXBJH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:02 2024 by rpki-client on console-fra.rpki-client.org