Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/TBhoKkGZ8xrecAPxA1KG3Cp1Vk8.roa
File: TBhoKkGZ8xrecAPxA1KG3Cp1Vk8.roa (raw, json)
Hash identifier: /1mbUDu0VW/5M03ZJwuYZP1B3zky5ry6TfUcUWKc7FM=
Subject key identifier: 4C:18:68:2A:41:99:F3:1A:DE:70:03:F1:03:52:86:DC:2A:75:56:4F
Certificate issuer: /CN=c868ca82147ed2277b4bcc69a5285bae735f2e44
Certificate serial: 018E1ACFF98BD57AA853F2855C96F41A824C
Authority key identifier: C8:68:CA:82:14:7E:D2:27:7B:4B:CC:69:A5:28:5B:AE:73:5F:2E:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yGjKghR-0id7S8xppShbrnNfLkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/TBhoKkGZ8xrecAPxA1KG3Cp1Vk8.roa
Signing time: Thu 07 Mar 2024 21:27:01 +0000
ROA not before: Thu 07 Mar 2024 21:27:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60032
IP address blocks: 2.59.68.0/22 maxlen: 22
2.59.72.0/22 maxlen: 22
5.252.60.0/22 maxlen: 22
5.252.88.0/22 maxlen: 22
45.11.148.0/22 maxlen: 22
45.65.104.0/21 maxlen: 22
45.85.176.0/22 maxlen: 22
45.90.224.0/22 maxlen: 22
45.129.48.0/22 maxlen: 22
45.152.184.0/22 maxlen: 22
80.240.176.0/21 maxlen: 21
80.240.184.0/22 maxlen: 22
80.240.188.0/22 maxlen: 22
91.92.18.0/23 maxlen: 23
95.214.44.0/22 maxlen: 22
109.70.16.0/21 maxlen: 22
128.127.16.0/21 maxlen: 22
185.13.180.0/22 maxlen: 22
185.61.144.0/22 maxlen: 22
185.107.84.0/22 maxlen: 24
185.128.140.0/22 maxlen: 23
185.163.60.0/22 maxlen: 22
185.203.180.0/22 maxlen: 22
185.229.176.0/22 maxlen: 22
185.253.36.0/22 maxlen: 22
188.92.64.0/21 maxlen: 22
193.8.116.0/22 maxlen: 22
193.56.168.0/22 maxlen: 22
194.36.137.0/24 maxlen: 24
194.36.167.0/24 maxlen: 24
194.36.169.0/24 maxlen: 24
194.36.221.0/24 maxlen: 24
194.182.112.0/20 maxlen: 22
212.104.240.0/20 maxlen: 20
2a02:79e0::/32 maxlen: 32
2a02:cfc0::/29 maxlen: 32
2a06:4280::/29 maxlen: 32
Validation: Failed, certificate revoked on Wed 13 Mar 2024 10:32:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1a:cf:f9:8b:d5:7a:a8:53:f2:85:5c:96:f4:1a:82:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c868ca82147ed2277b4bcc69a5285bae735f2e44
Validity
Not Before: Mar 7 21:27:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c18682a4199f31ade7003f1035286dc2a75564f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a8:e3:de:5b:f2:7f:c0:e1:21:bd:bb:45:71:
83:f2:ef:66:c6:d4:66:2c:4f:bf:84:e3:25:9e:91:
f3:8d:91:a2:39:84:64:24:42:cf:63:99:3e:8b:bd:
b7:76:6c:63:24:37:15:a7:28:12:5d:d8:94:e8:fc:
9d:70:c2:2e:cf:b1:69:7e:2f:f8:36:6d:9f:0d:8d:
84:d2:1a:0b:be:27:4e:ca:7b:2e:93:6d:5d:35:43:
b1:19:ce:11:f9:93:69:1e:4d:78:fe:3b:52:00:4c:
00:b7:c4:47:5a:cc:39:aa:52:21:d5:24:05:cf:bc:
d8:b2:d8:85:81:9a:30:23:ef:47:33:c5:7b:db:7b:
f9:0c:c9:c6:53:ea:ef:0c:19:e6:ac:6d:34:8b:c6:
7c:78:29:da:cb:a2:98:50:d0:a2:9d:22:5a:1f:47:
07:af:4e:ac:58:ba:bb:53:e1:ff:bc:1d:75:7d:ef:
cf:44:4f:52:2d:9b:b5:3d:88:b6:83:36:08:cc:4f:
c8:a7:32:da:7f:12:9b:73:d7:63:e3:71:e6:31:ad:
6d:41:1b:00:42:1f:bf:c5:85:88:ff:72:a4:f6:31:
0c:5b:35:1b:d1:a4:75:2d:ac:65:3a:26:5e:30:d5:
5d:5b:06:1c:91:16:5a:38:b9:be:16:77:fb:2f:a4:
a3:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:18:68:2A:41:99:F3:1A:DE:70:03:F1:03:52:86:DC:2A:75:56:4F
X509v3 Authority Key Identifier:
keyid:C8:68:CA:82:14:7E:D2:27:7B:4B:CC:69:A5:28:5B:AE:73:5F:2E:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yGjKghR-0id7S8xppShbrnNfLkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/TBhoKkGZ8xrecAPxA1KG3Cp1Vk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/yGjKghR-0id7S8xppShbrnNfLkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.68.0-2.59.75.255
5.252.60.0/22
5.252.88.0/22
45.11.148.0/22
45.65.104.0/21
45.85.176.0/22
45.90.224.0/22
45.129.48.0/22
45.152.184.0/22
80.240.176.0/20
91.92.18.0/23
95.214.44.0/22
109.70.16.0/21
128.127.16.0/21
185.13.180.0/22
185.61.144.0/22
185.107.84.0/22
185.128.140.0/22
185.163.60.0/22
185.203.180.0/22
185.229.176.0/22
185.253.36.0/22
188.92.64.0/21
193.8.116.0/22
193.56.168.0/22
194.36.137.0/24
194.36.167.0/24
194.36.169.0/24
194.36.221.0/24
194.182.112.0/20
212.104.240.0/20
IPv6:
2a02:79e0::/32
2a02:cfc0::/29
2a06:4280::/29
Signature Algorithm: sha256WithRSAEncryption
9a:1c:fd:a0:06:4f:72:99:d2:59:5d:b4:9c:36:d4:c8:5f:d2:
8d:ac:d2:72:7a:92:e0:5b:db:bb:ad:2f:b3:25:21:ad:2a:02:
8a:3c:c4:90:f7:11:cf:2a:cf:3a:e5:4d:b5:e2:5e:50:db:bd:
18:3a:58:fe:f3:95:65:30:b6:aa:41:93:1d:63:fb:2b:80:3c:
e7:e3:da:33:d9:be:81:6a:12:65:33:0a:7c:88:3e:e7:63:84:
85:1e:9a:15:73:c8:0b:6b:79:04:c9:b4:79:c6:ef:ac:5c:b2:
ee:0b:e9:df:e0:a5:0c:a1:36:6b:10:ae:9d:7d:2a:3f:5e:a5:
70:59:a6:5d:50:07:71:33:93:1b:b9:2e:24:26:0a:77:0a:db:
54:44:6a:c2:de:3b:fc:94:f5:8b:b6:fb:34:76:05:fd:ec:2e:
b4:6a:f0:a7:99:21:3f:67:c1:1b:c9:6c:35:0b:92:8d:e1:4f:
a6:d9:8b:12:ce:b3:e1:fa:f7:11:8b:99:dd:95:13:2b:8c:a3:
03:47:44:2f:df:a6:87:d5:6b:1b:ad:81:c9:45:74:3e:a8:4a:
8c:16:fb:f4:1c:e4:55:07:b9:9e:53:52:5b:6d:49:e7:2b:1d:
76:ee:4c:7c:73:a4:f5:a9:78:fa:0e:22:db:54:fb:52:a3:82:
09:f7:d8:09
-----BEGIN CERTIFICATE-----
MIIF2zCCBMOgAwIBAgISAY4az/mL1XqoU/KFXJb0GoJMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NjhjYTgyMTQ3ZWQyMjc3YjRiY2M2OWE1Mjg1YmFlNzM1
ZjJlNDQwHhcNMjQwMzA3MjEyNzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzE4NjgyYTQxOTlmMzFhZGU3MDAzZjEwMzUyODZkYzJhNzU1NjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6jj3lvyf8DhIb27RXGD8u9mxtRm
LE+/hOMlnpHzjZGiOYRkJELPY5k+i723dmxjJDcVpygSXdiU6PydcMIuz7Fpfi/4
Nm2fDY2E0hoLvidOynsuk21dNUOxGc4R+ZNpHk14/jtSAEwAt8RHWsw5qlIh1SQF
z7zYstiFgZowI+9HM8V723v5DMnGU+rvDBnmrG00i8Z8eCnay6KYUNCinSJaH0cH
r06sWLq7U+H/vB11fe/PRE9SLZu1PYi2gzYIzE/IpzLafxKbc9dj43HmMa1tQRsA
Qh+/xYWI/3Kk9jEMWzUb0aR1LaxlOiZeMNVdWwYckRZaOLm+Fnf7L6Sj9QIDAQAB
o4IC5zCCAuMwHQYDVR0OBBYEFEwYaCpBmfMa3nAD8QNShtwqdVZPMB8GA1UdIwQY
MBaAFMhoyoIUftIne0vMaaUoW65zXy5EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUdqS2doUi0waWQ3Uzh4cHBTaGJybk5mTGtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8wNDJjMzMtYWI2Yi00OGJlLWE0OTIt
NjY4NDkwMTk2MjdlLzEvVEJob0trR1o4eHJlY0FQeEExS0czQ3AxVms4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8wNDJjMzMtYWI2Yi00OGJlLWE0OTItNjY4NDkwMTk2Mjdl
LzEveUdqS2doUi0waWQ3Uzh4cHBTaGJybk5mTGtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH8BggrBgEFBQcBBwEB/wSB7DCB6TCByQQCAAEwgcIwDAME
AgI7RAMEAgI7SAMEAgX8PAMEAgX8WAMEAi0LlAMEAy1BaAMEAi1VsAMEAi1a4AME
Ai2BMAMEAi2YuAMEBFDwsAMEAVtcEgMEAl/WLAMEA21GEAMEA4B/EAMEArkNtAME
Ark9kAMEArlrVAMEArmAjAMEArmjPAMEArnLtAMEArnlsAMEArn9JAMEA7xcQAME
AsEIdAMEAsE4qAMEAMIkiQMEAMIkpwMEAMIkqQMEAMIk3QMEBMK2cAMEBNRo8DAb
BAIAAjAVAwUAKgJ54AMFAyoCz8ADBQMqBkKAMA0GCSqGSIb3DQEBCwUAA4IBAQCa
HP2gBk9ymdJZXbScNtTIX9KNrNJyepLgW9u7rS+zJSGtKgKKPMSQ9xHPKs865U21
4l5Q270YOlj+85VlMLaqQZMdY/srgDzn49oz2b6BahJlMwp8iD7nY4SFHpoVc8gL
a3kEybR5xu+sXLLuC+nf4KUMoTZrEK6dfSo/XqVwWaZdUAdxM5MbuS4kJgp3CttU
RGrC3jv8lPWLtvs0dgX97C60avCnmSE/Z8EbyWw1C5KN4U+m2YsSzrPh+vcRi5nd
lRMrjKMDR0Qv36aH1WsbrYHJRXQ+qEqMFvv0HORVB7meU1JbbUnnKx127kx8c6T1
qXj6DiLbVPtSo4IJ99gJ
-----END CERTIFICATE-----
Generated at Wed Mar 13 13:54:08 2024 by rpki-client on console-ams.rpki-client.org