Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/956e7d-6b93-42fb-993f-6b0038875a14/1/twUGz7gR7qbeyK00Bcv5wLiUffE.roa
File: twUGz7gR7qbeyK00Bcv5wLiUffE.roa (raw, json)
Hash identifier: 1JdKLCSVinY5IaRhOwWeHw5eZ0i1tmJcT8TZbGAA0gA=
Subject key identifier: B7:05:06:CF:B8:11:EE:A6:DE:C8:AD:34:05:CB:F9:C0:B8:94:7D:F1
Certificate issuer: /CN=7b75d372039b1ab2d416ad83bf6914058411c2a2
Certificate serial: 018CC7932E5CB338A75D60D75DCF8402FB3A
Authority key identifier: 7B:75:D3:72:03:9B:1A:B2:D4:16:AD:83:BF:69:14:05:84:11:C2:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e3XTcgObGrLUFq2Dv2kUBYQRwqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/956e7d-6b93-42fb-993f-6b0038875a14/1/twUGz7gR7qbeyK00Bcv5wLiUffE.roa
Signing time: Tue 02 Jan 2024 00:29:20 +0000
ROA not before: Tue 02 Jan 2024 00:29:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49099
IP address blocks: 109.94.166.0/24 maxlen: 24
109.94.167.0/24 maxlen: 24
109.94.166.0/23 maxlen: 23
193.34.246.0/24 maxlen: 24
193.34.244.0/24 maxlen: 24
193.34.244.0/23 maxlen: 23
193.34.245.0/24 maxlen: 24
193.34.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 25 May 2024 13:27:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:2e:5c:b3:38:a7:5d:60:d7:5d:cf:84:02:fb:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b75d372039b1ab2d416ad83bf6914058411c2a2
Validity
Not Before: Jan 2 00:29:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b70506cfb811eea6dec8ad3405cbf9c0b8947df1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:76:f8:a0:99:6e:45:2b:ec:7e:ff:fa:b4:06:
43:a1:23:6d:10:2d:e3:5b:65:b9:82:bb:d1:d5:24:
79:8e:39:f9:0f:4a:50:a9:7d:e5:34:5e:d8:a2:2b:
c2:4d:61:5d:1b:4b:5e:a2:ed:fa:a3:1e:6f:2c:ab:
9b:0f:77:a0:34:5b:d3:8a:a6:19:8f:2d:38:b5:e8:
aa:b0:1d:65:89:1b:5b:12:d8:fd:61:98:c1:fc:af:
e4:9d:ba:30:3c:e4:a3:0d:07:45:10:d0:2c:0a:bd:
61:64:67:eb:f4:5b:55:8e:77:34:ba:f5:99:a9:85:
63:a7:5a:d3:42:67:5a:de:1d:f3:bc:14:81:86:a9:
2b:0c:dc:e8:b2:c4:27:18:da:5a:e2:b1:ea:fa:ca:
7b:62:6c:40:03:6c:22:83:09:d2:8b:38:e5:7b:40:
14:71:b6:56:a2:31:54:91:76:40:b2:09:e0:82:99:
f8:95:de:18:08:51:13:43:1c:36:c4:f8:e5:b8:1c:
97:2f:8f:c9:2d:67:fd:77:3d:a6:b5:d8:92:a8:53:
d8:cb:7d:d3:e1:98:c4:fc:71:8d:72:5a:5f:b7:ac:
94:43:cc:96:7e:a9:05:05:23:f3:22:6d:68:08:99:
ba:61:ae:78:00:9d:e3:bb:e9:84:45:4f:43:06:4a:
9a:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:05:06:CF:B8:11:EE:A6:DE:C8:AD:34:05:CB:F9:C0:B8:94:7D:F1
X509v3 Authority Key Identifier:
keyid:7B:75:D3:72:03:9B:1A:B2:D4:16:AD:83:BF:69:14:05:84:11:C2:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3XTcgObGrLUFq2Dv2kUBYQRwqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/956e7d-6b93-42fb-993f-6b0038875a14/1/twUGz7gR7qbeyK00Bcv5wLiUffE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/956e7d-6b93-42fb-993f-6b0038875a14/1/e3XTcgObGrLUFq2Dv2kUBYQRwqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.94.166.0/23
193.34.244.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:83:c7:41:70:63:2c:57:58:ca:3f:9b:c4:73:b8:4c:ec:b8:
0c:9d:81:fa:d1:f1:3d:18:b2:5e:ad:89:93:c6:61:8b:c7:e4:
b0:4a:d8:7d:df:96:81:5a:39:4e:a5:13:d6:0e:86:24:29:a3:
a2:8e:81:4c:e8:80:15:b9:7e:e8:4e:16:eb:c7:94:60:ef:cc:
3e:76:d0:9e:44:66:95:e4:43:ea:cc:e4:96:2b:08:27:c9:66:
5c:72:88:63:34:cb:fa:c8:90:9f:02:d4:8f:ba:b9:08:db:33:
df:3d:e2:88:61:3c:55:c4:93:65:e7:30:d8:b0:f2:bd:e0:65:
2b:d8:46:dd:2a:60:80:ed:25:8e:2f:7a:b4:0f:e9:fd:11:86:
da:85:e6:51:61:64:9e:ef:96:cf:31:04:0c:1e:99:cf:bc:b7:
05:1c:1a:c3:91:00:4e:85:d2:eb:78:35:a6:65:62:19:59:59:
69:d0:dc:85:f6:a7:9c:9b:50:d0:b4:7d:ea:9a:c4:e1:df:cf:
bd:a1:80:70:ce:4a:1f:7b:53:ca:50:af:e4:81:3e:b4:07:d2:
29:81:43:f1:82:da:a1:4c:0a:22:73:72:3a:02:fc:49:5d:2e:
90:63:5b:04:de:69:7a:ec:68:58:d9:ed:31:c4:5a:42:98:61:
b5:a7:9b:10
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHky5cszinXWDXXc+EAvs6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNzVkMzcyMDM5YjFhYjJkNDE2YWQ4M2JmNjkxNDA1ODQx
MWMyYTIwHhcNMjQwMTAyMDAyOTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzA1MDZjZmI4MTFlZWE2ZGVjOGFkMzQwNWNiZjljMGI4OTQ3ZGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3b4oJluRSvsfv/6tAZDoSNtEC3j
W2W5grvR1SR5jjn5D0pQqX3lNF7YoivCTWFdG0teou36ox5vLKubD3egNFvTiqYZ
jy04teiqsB1liRtbEtj9YZjB/K/knbowPOSjDQdFENAsCr1hZGfr9FtVjnc0uvWZ
qYVjp1rTQmda3h3zvBSBhqkrDNzossQnGNpa4rHq+sp7YmxAA2wigwnSizjle0AU
cbZWojFUkXZAsgnggpn4ld4YCFETQxw2xPjluByXL4/JLWf9dz2mtdiSqFPYy33T
4ZjE/HGNclpft6yUQ8yWfqkFBSPzIm1oCJm6Ya54AJ3ju+mERU9DBkqarwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLcFBs+4Ee6m3sitNAXL+cC4lH3xMB8GA1UdIwQY
MBaAFHt103IDmxqy1Batg79pFAWEEcKiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTNYVGNnT2JHckxVRnEyRHYya1VCWVFSd3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85NTZlN2QtNmI5My00MmZiLTk5M2Yt
NmIwMDM4ODc1YTE0LzEvdHdVR3o3Z1I3cWJleUswMEJjdjV3TGlVZmZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni85NTZlN2QtNmI5My00MmZiLTk5M2YtNmIwMDM4ODc1YTE0
LzEvZTNYVGNnT2JHckxVRnEyRHYya1VCWVFSd3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBbV6mAwQC
wSL0MA0GCSqGSIb3DQEBCwUAA4IBAQBag8dBcGMsV1jKP5vEc7hM7LgMnYH60fE9
GLJerYmTxmGLx+SwSth935aBWjlOpRPWDoYkKaOijoFM6IAVuX7oThbrx5Rg78w+
dtCeRGaV5EPqzOSWKwgnyWZccohjNMv6yJCfAtSPurkI2zPfPeKIYTxVxJNl5zDY
sPK94GUr2EbdKmCA7SWOL3q0D+n9EYbaheZRYWSe75bPMQQMHpnPvLcFHBrDkQBO
hdLreDWmZWIZWVlp0NyF9qecm1DQtH3qmsTh38+9oYBwzkofe1PKUK/kgT60B9Ip
gUPxgtqhTAoic3I6AvxJXS6QY1sE3ml67GhY2e0xxFpCmGG1p5sQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:13 2024 by rpki-client on console-fra.rpki-client.org