Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/TGKKHCZ1_iHu8Gkf3ZFj3UvU6PI.roa
File: TGKKHCZ1_iHu8Gkf3ZFj3UvU6PI.roa (raw, json)
Hash identifier: VykOUSCH8PtI4TrmYQIM949hNWA8cldsSodFAoNZoyw=
Subject key identifier: 4C:62:8A:1C:26:75:FE:21:EE:F0:69:1F:DD:91:63:DD:4B:D4:E8:F2
Certificate issuer: /CN=8817aafec61c3a6b024b6a9f54ffb764ca3df922
Certificate serial: 018CC80302FF06F1D6F23D022785E1BC5B9A
Authority key identifier: 88:17:AA:FE:C6:1C:3A:6B:02:4B:6A:9F:54:FF:B7:64:CA:3D:F9:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/TGKKHCZ1_iHu8Gkf3ZFj3UvU6PI.roa
Signing time: Tue 02 Jan 2024 02:31:29 +0000
ROA not before: Tue 02 Jan 2024 02:31:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25152
IP address blocks: 193.0.16.0/23 maxlen: 24
193.0.15.0/24 maxlen: 24
193.0.14.0/23 maxlen: 23
193.0.14.0/24 maxlen: 24
2001:7fd::/48 maxlen: 48
2001:7fd:16::/48 maxlen: 48
2001:7fd:17::/48 maxlen: 48
2001:7fd:15::/48 maxlen: 48
2001:7fd::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 24 Jul 2024 12:18:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:03:02:ff:06:f1:d6:f2:3d:02:27:85:e1:bc:5b:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8817aafec61c3a6b024b6a9f54ffb764ca3df922
Validity
Not Before: Jan 2 02:31:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c628a1c2675fe21eef0691fdd9163dd4bd4e8f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:31:b4:09:09:db:a7:42:07:14:c4:d6:1a:c1:
8e:92:d8:db:61:ec:ab:9f:22:ad:8b:3f:fc:7c:4a:
99:76:b3:e7:36:6e:7a:a5:9c:70:8d:27:00:c6:ba:
77:c1:d8:0d:1d:fc:68:e9:5f:7d:e0:36:2a:77:7a:
81:2e:ee:fa:a2:19:40:2f:20:94:9c:83:00:92:89:
28:e4:61:bd:fd:ba:a9:cb:7b:95:c5:3b:6a:5f:64:
c0:6e:83:c9:51:d8:9f:d5:23:b8:f2:91:75:dc:19:
48:45:b9:1b:64:99:5a:ff:2e:b5:18:67:7e:c7:3c:
d3:1a:0d:1d:c7:24:c1:3c:c2:01:86:f6:9c:79:ff:
1b:32:73:83:dd:43:c8:5b:9f:62:f4:ad:10:68:01:
5a:ca:10:cf:ba:15:e4:71:81:bf:c1:fe:d9:07:f0:
d5:db:8a:22:7f:d2:53:34:81:ab:bc:10:22:19:b2:
bb:b2:3a:5c:3b:24:de:36:b5:88:1f:57:8e:da:ef:
b4:3a:1c:e8:ae:40:89:7b:03:b8:19:9e:1c:52:11:
22:26:1c:3c:18:92:92:c4:bc:8a:6a:4c:1d:02:ff:
79:65:12:8a:07:a5:02:8e:b2:98:20:df:f8:03:93:
16:3f:f2:0e:95:c6:cb:63:2e:b5:c1:87:e6:16:4d:
20:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:62:8A:1C:26:75:FE:21:EE:F0:69:1F:DD:91:63:DD:4B:D4:E8:F2
X509v3 Authority Key Identifier:
keyid:88:17:AA:FE:C6:1C:3A:6B:02:4B:6A:9F:54:FF:B7:64:CA:3D:F9:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/TGKKHCZ1_iHu8Gkf3ZFj3UvU6PI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.14.0-193.0.17.255
IPv6:
2001:7fd::/32
Signature Algorithm: sha256WithRSAEncryption
d3:40:1c:8a:1d:db:21:76:a3:5f:3e:6a:6f:12:79:c5:52:dc:
a7:3e:97:71:4c:fe:23:7d:35:ae:33:ff:ea:07:42:f6:8a:14:
a4:4e:01:c3:52:d3:30:31:bd:b4:18:7a:66:67:26:fe:ba:b1:
4a:79:0a:f4:2d:4d:60:74:90:fa:86:47:31:bd:00:3a:c2:45:
c4:86:5f:a2:a9:4e:7e:ee:04:ea:9b:50:ef:b1:52:12:8a:1b:
0c:fb:2a:c1:cf:a3:4d:fb:e7:ab:52:52:4d:63:e6:1b:73:d2:
e2:28:5c:1d:e7:f3:65:f5:ad:05:cc:8f:06:ce:41:80:fb:fc:
3a:6c:38:7f:99:ca:f8:dd:bc:2a:39:95:87:c8:61:58:5e:48:
8c:f3:70:5f:8e:18:4a:cb:e9:5b:ce:af:a1:bb:94:cf:b1:2e:
b3:c9:de:84:ae:46:f9:6b:e3:c1:24:b3:10:8e:0b:fc:d7:3d:
2c:d3:71:e9:0e:5e:39:c7:26:40:c7:77:8f:67:32:b0:22:c5:
a4:d7:52:cf:ef:87:6f:78:3f:4f:7a:d1:b6:ec:29:de:3b:cf:
97:74:2b:36:33:54:c9:e1:77:10:ab:3a:d8:a5:28:0d:db:d5:
e9:79:e1:2b:66:12:24:db:5d:74:84:75:4f:ff:1c:c1:2f:86:
6e:59:51:f4
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzIAwL/BvHW8j0CJ4XhvFuaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MTdhYWZlYzYxYzNhNmIwMjRiNmE5ZjU0ZmZiNzY0Y2Ez
ZGY5MjIwHhcNMjQwMTAyMDIzMTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzYyOGExYzI2NzVmZTIxZWVmMDY5MWZkZDkxNjNkZDRiZDRlOGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjG0CQnbp0IHFMTWGsGOktjbYeyr
nyKtiz/8fEqZdrPnNm56pZxwjScAxrp3wdgNHfxo6V994DYqd3qBLu76ohlALyCU
nIMAkoko5GG9/bqpy3uVxTtqX2TAboPJUdif1SO48pF13BlIRbkbZJla/y61GGd+
xzzTGg0dxyTBPMIBhvacef8bMnOD3UPIW59i9K0QaAFayhDPuhXkcYG/wf7ZB/DV
24oif9JTNIGrvBAiGbK7sjpcOyTeNrWIH1eO2u+0OhzorkCJewO4GZ4cUhEiJhw8
GJKSxLyKakwdAv95ZRKKB6UCjrKYIN/4A5MWP/IOlcbLYy61wYfmFk0gNwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFExiihwmdf4h7vBpH92RY91L1OjyMB8GA1UdIwQY
MBaAFIgXqv7GHDprAktqn1T/t2TKPfkiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJlcV9zWWNPbXNDUzJxZlZQLTNaTW85LVNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9mZTJkNzItYzJkZC00NmMxLTk0Mjkt
ZTY2MzY5NjQ5NDExLzEvVEdLS0hDWjFfaUh1OEdrZjNaRmozVXZVNlBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9mZTJkNzItYzJkZC00NmMxLTk0MjktZTY2MzY5NjQ5NDEx
LzEvaUJlcV9zWWNPbXNDUzJxZlZQLTNaTW85LVNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAHBAA4D
BAHBABAwDQQCAAIwBwMFACABB/0wDQYJKoZIhvcNAQELBQADggEBANNAHIod2yF2
o18+am8SecVS3Kc+l3FM/iN9Na4z/+oHQvaKFKROAcNS0zAxvbQYemZnJv66sUp5
CvQtTWB0kPqGRzG9ADrCRcSGX6KpTn7uBOqbUO+xUhKKGwz7KsHPo03756tSUk1j
5htz0uIoXB3n82X1rQXMjwbOQYD7/DpsOH+ZyvjdvCo5lYfIYVheSIzzcF+OGErL
6VvOr6G7lM+xLrPJ3oSuRvlr48EksxCOC/zXPSzTcekOXjnHJkDHd49nMrAixaTX
Us/vh294P0960bbsKd47z5d0KzYzVMnhdxCrOtilKA3b1el54StmEiTbXXSEdU//
HMEvhm5ZUfQ=
-----END CERTIFICATE-----
Generated at Wed Jul 24 13:50:23 2024 by rpki-client on console-fra.rpki-client.org