Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/TMS7-9Nm5rCuFh4JAbURSZmlKJM.roa
File: TMS7-9Nm5rCuFh4JAbURSZmlKJM.roa (raw, json)
Hash identifier: Y5X02h7zPavg/UuTudnHq/9ZmM3ngXlYzamMdc339s8=
Subject key identifier: 4C:C4:BB:FB:D3:66:E6:B0:AE:16:1E:09:01:B5:11:49:99:A5:28:93
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018CE33B5F81D9559E1A0E166AC776311112
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/TMS7-9Nm5rCuFh4JAbURSZmlKJM.roa
Signing time: Sun 07 Jan 2024 09:22:48 +0000
ROA not before: Sun 07 Jan 2024 09:22:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.163.68.0/22 maxlen: 24
5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
31.186.180.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 13 Jan 2024 19:54:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e3:3b:5f:81:d9:55:9e:1a:0e:16:6a:c7:76:31:11:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jan 7 09:22:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4cc4bbfbd366e6b0ae161e0901b5114999a52893
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d9:0f:1a:5b:4d:83:cd:90:52:44:a3:fe:03:
a7:c6:07:99:84:39:74:4e:56:b1:db:eb:73:a8:08:
b9:71:21:9f:29:d9:63:ad:0e:e1:13:90:f3:95:0c:
12:65:38:c4:0e:8f:7c:d5:d0:aa:12:e8:4f:ab:b8:
42:f3:be:b0:66:9e:df:1b:57:e9:31:c1:cb:67:e4:
a4:dd:01:7f:cb:70:86:c0:7a:52:26:94:f6:e2:c5:
e4:97:eb:6a:2e:b8:db:1d:08:93:37:ff:4e:1b:49:
99:d4:24:b5:45:9b:38:aa:00:69:6e:d2:f2:02:08:
08:93:bc:30:ed:fa:2d:63:46:38:6b:d0:44:c6:2d:
69:78:4d:e3:31:6c:44:4a:a0:cc:da:d7:41:b3:b2:
41:74:bb:95:a7:84:fd:5b:fe:7b:d8:87:21:d1:be:
70:0d:91:7a:a8:1f:0a:ed:84:0f:23:d3:cc:05:c3:
36:22:ba:87:5e:9b:5b:4c:90:d5:e5:04:14:c3:82:
ef:83:cd:f4:03:37:cf:54:e5:ca:3c:ee:50:7e:80:
3c:7e:bd:de:6f:99:96:f6:13:a2:7c:db:bf:ea:44:
ec:98:24:09:cb:3f:43:b9:5c:2f:73:3f:32:62:d8:
65:60:dc:60:f3:d3:75:43:c6:59:6a:f7:a5:01:05:
23:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:C4:BB:FB:D3:66:E6:B0:AE:16:1E:09:01:B5:11:49:99:A5:28:93
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/TMS7-9Nm5rCuFh4JAbURSZmlKJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
31.186.180.0/22
82.163.68.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:89:b5:4d:88:6f:03:4d:eb:33:55:00:90:e0:a0:71:e7:10:
10:79:b6:bf:26:6a:a8:2f:b9:8e:e2:f2:3b:95:bd:d3:eb:b5:
55:c6:08:ae:7b:c6:f1:42:51:d6:4f:be:9c:88:ef:86:5f:db:
91:d6:65:77:c0:ab:72:77:1b:61:1e:59:2e:a2:cf:da:5d:24:
ae:f4:9d:34:3f:de:87:29:69:36:18:50:67:96:f8:e7:5a:4d:
d5:51:7c:a5:53:af:73:e5:df:b8:94:41:43:90:8d:24:fe:f2:
b3:eb:c6:39:6f:47:4a:25:82:39:39:50:a8:0f:57:61:1f:09:
53:13:28:b3:26:0e:47:79:48:97:3f:99:fe:f8:02:d3:7c:8f:
dd:dc:07:37:8d:ca:2b:9a:d5:08:3c:53:13:34:4b:d7:96:2a:
ab:c4:40:d6:ae:ff:ff:64:55:e3:41:c5:dc:a3:3c:bd:66:dc:
82:7c:fe:e2:97:de:e3:8c:17:e1:e7:49:81:7d:61:5e:c7:0d:
88:53:bd:d9:bd:e0:c4:25:4d:d8:16:17:81:00:71:bf:b5:69:
72:af:12:16:7e:be:7f:6c:50:84:a6:87:2f:5f:10:c5:16:28:
28:7c:a5:50:b6:7b:1d:98:f0:38:4e:81:b4:0c:a0:cc:71:ad:
99:11:b1:32
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzjO1+B2VWeGg4Wasd2MRESMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwMTA3MDkyMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2M0YmJmYmQzNjZlNmIwYWUxNjFlMDkwMWI1MTE0OTk5YTUyODkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNkPGltNg82QUkSj/gOnxgeZhDl0
Tlax2+tzqAi5cSGfKdljrQ7hE5DzlQwSZTjEDo981dCqEuhPq7hC876wZp7fG1fp
McHLZ+Sk3QF/y3CGwHpSJpT24sXkl+tqLrjbHQiTN/9OG0mZ1CS1RZs4qgBpbtLy
AggIk7ww7fotY0Y4a9BExi1peE3jMWxESqDM2tdBs7JBdLuVp4T9W/572Ich0b5w
DZF6qB8K7YQPI9PMBcM2IrqHXptbTJDV5QQUw4Lvg830AzfPVOXKPO5QfoA8fr3e
b5mW9hOifNu/6kTsmCQJyz9DuVwvcz8yYthlYNxg89N1Q8ZZavelAQUjrwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEzEu/vTZuawrhYeCQG1EUmZpSiTMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvVE1TNy05Tm01ckN1Rmg0SkFiVVJTWm1sS0pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEBWZgAwQC
H7q0AwQCUqNEMA0GCSqGSIb3DQEBCwUAA4IBAQChibVNiG8DTeszVQCQ4KBx5xAQ
eba/JmqoL7mO4vI7lb3T67VVxgiue8bxQlHWT76ciO+GX9uR1mV3wKtydxthHlku
os/aXSSu9J00P96HKWk2GFBnlvjnWk3VUXylU69z5d+4lEFDkI0k/vKz68Y5b0dK
JYI5OVCoD1dhHwlTEyizJg5HeUiXP5n++ALTfI/d3Ac3jcormtUIPFMTNEvXliqr
xEDWrv//ZFXjQcXcozy9ZtyCfP7il97jjBfh50mBfWFexw2IU73ZveDEJU3YFheB
AHG/tWlyrxIWfr5/bFCEpocvXxDFFigofKVQtnsdmPA4ToG0DKDMca2ZEbEy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org