Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/a8e04b-0dba-40ec-b126-f457d404ae2f/1/TVBBnprIMnqujrVEp3RvOxX2L7E.roa
File: TVBBnprIMnqujrVEp3RvOxX2L7E.roa (raw, json)
Hash identifier: z3z6QMyNOb/7SvBvD0ecaBwgYyr0tqE5LGLS6I9sL8Y=
Subject key identifier: 4D:50:41:9E:9A:C8:32:7A:AE:8E:B5:44:A7:74:6F:3B:15:F6:2F:B1
Certificate issuer: /CN=2c88db81fdfbeccee75f4a9f698a3c1b3a84626e
Certificate serial: 018CC3B68090B2CEC89F38F0BE02093A0ACA
Authority key identifier: 2C:88:DB:81:FD:FB:EC:CE:E7:5F:4A:9F:69:8A:3C:1B:3A:84:62:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LIjbgf377M7nX0qfaYo8GzqEYm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/a8e04b-0dba-40ec-b126-f457d404ae2f/1/TVBBnprIMnqujrVEp3RvOxX2L7E.roa
Signing time: Mon 01 Jan 2024 06:29:26 +0000
ROA not before: Mon 01 Jan 2024 06:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58096
IP address blocks: 185.216.192.0/23 maxlen: 32
45.93.4.0/22 maxlen: 22
193.160.204.0/23 maxlen: 32
94.141.124.0/22 maxlen: 24
91.220.69.0/24 maxlen: 24
193.105.114.0/24 maxlen: 32
185.154.72.0/22 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Apr 2024 14:31:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:80:90:b2:ce:c8:9f:38:f0:be:02:09:3a:0a:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c88db81fdfbeccee75f4a9f698a3c1b3a84626e
Validity
Not Before: Jan 1 06:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d50419e9ac8327aae8eb544a7746f3b15f62fb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:5c:0b:4f:55:86:47:f6:df:1a:6d:13:44:30:
11:44:7a:45:b7:48:47:b9:56:2b:ce:04:5a:ef:0f:
89:1d:fd:cb:ee:d2:bc:b5:10:0d:7b:4f:cc:8e:e9:
02:b2:07:3d:35:2d:45:27:49:4c:9c:e8:54:c8:4c:
d3:ce:8b:28:dc:24:8f:52:a1:fa:ce:35:59:9a:0b:
65:b8:71:71:1b:f8:70:74:67:ad:63:54:b7:5d:b3:
40:13:b1:85:1a:5c:d0:ce:c4:6b:1b:32:b6:fb:a2:
92:a8:8b:6f:c5:89:61:c8:4f:df:b3:99:f3:cc:43:
a9:33:1f:76:07:1f:41:36:95:55:01:b6:dd:ce:b6:
7b:eb:ae:e6:76:f0:17:5d:ae:70:e7:fa:00:fb:81:
59:e3:ce:92:8c:39:b6:d0:13:2e:ef:ea:bb:e9:78:
2c:df:d8:1c:20:73:7d:fd:33:7f:49:5e:f2:11:2e:
84:8e:5a:3e:73:10:b4:d3:77:6a:3f:b5:0c:83:53:
51:7f:93:b0:ed:94:61:cc:84:98:7e:f4:7a:68:44:
0c:77:93:52:86:c4:ce:36:6c:9b:1d:31:17:1d:72:
68:8b:4f:7b:51:9b:d7:9d:b0:9a:51:b1:fb:75:1f:
24:f9:7a:f2:2b:a7:ab:58:42:4e:59:18:ed:ad:38:
5b:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:50:41:9E:9A:C8:32:7A:AE:8E:B5:44:A7:74:6F:3B:15:F6:2F:B1
X509v3 Authority Key Identifier:
keyid:2C:88:DB:81:FD:FB:EC:CE:E7:5F:4A:9F:69:8A:3C:1B:3A:84:62:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LIjbgf377M7nX0qfaYo8GzqEYm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a8e04b-0dba-40ec-b126-f457d404ae2f/1/TVBBnprIMnqujrVEp3RvOxX2L7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a8e04b-0dba-40ec-b126-f457d404ae2f/1/LIjbgf377M7nX0qfaYo8GzqEYm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.4.0/22
91.220.69.0/24
94.141.124.0/22
185.154.72.0/22
185.216.192.0/23
193.105.114.0/24
193.160.204.0/23
Signature Algorithm: sha256WithRSAEncryption
30:e2:3d:8f:74:98:80:84:f0:b7:ae:11:bc:38:ad:81:16:fa:
1b:a6:25:3e:22:39:47:14:95:0b:94:9f:7e:31:02:d9:3a:87:
6d:d6:89:9d:b7:21:c0:34:45:eb:b4:bc:1f:76:41:ef:5b:af:
80:7f:8d:c1:1e:96:8b:ca:08:6a:b9:84:da:8d:33:88:ce:2b:
19:15:50:c6:b2:22:ec:75:c2:1f:6f:02:5d:24:a4:29:27:1d:
6e:75:fa:b3:c8:01:ae:8b:0e:37:cf:be:65:4e:b5:9c:3e:44:
64:5c:6e:90:e1:ea:72:c3:70:78:13:5c:4e:7f:86:6e:17:f0:
51:cb:ff:2f:6b:66:56:2a:c2:f8:6a:9c:c4:a3:10:75:b5:6c:
95:20:8a:1e:fc:3c:45:73:89:28:7a:2c:b9:4d:56:23:bd:23:
2d:3a:92:a4:15:8b:0a:67:22:fe:7e:78:54:f9:57:5e:0f:7b:
43:30:3c:11:00:a9:59:d7:9c:0d:50:51:23:d0:aa:b8:3f:1a:
01:bd:09:ae:4d:30:4a:e7:3e:c3:10:1c:14:c3:df:71:14:a6:
a9:04:5c:42:fd:d5:e1:e8:5d:9f:1c:fb:e4:2f:e9:a1:5f:0d:
4c:fb:5b:f6:15:be:72:2d:77:18:e6:e2:c8:2a:be:7a:5b:6b:
54:f4:bf:a9
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzDtoCQss7InzjwvgIJOgrKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjODhkYjgxZmRmYmVjY2VlNzVmNGE5ZjY5OGEzYzFiM2E4
NDYyNmUwHhcNMjQwMTAxMDYyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDUwNDE5ZTlhYzgzMjdhYWU4ZWI1NDRhNzc0NmYzYjE1ZjYyZmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFwLT1WGR/bfGm0TRDARRHpFt0hH
uVYrzgRa7w+JHf3L7tK8tRANe0/MjukCsgc9NS1FJ0lMnOhUyEzTzoso3CSPUqH6
zjVZmgtluHFxG/hwdGetY1S3XbNAE7GFGlzQzsRrGzK2+6KSqItvxYlhyE/fs5nz
zEOpMx92Bx9BNpVVAbbdzrZ7667mdvAXXa5w5/oA+4FZ486SjDm20BMu7+q76Xgs
39gcIHN9/TN/SV7yES6Ejlo+cxC003dqP7UMg1NRf5Ow7ZRhzISYfvR6aEQMd5NS
hsTONmybHTEXHXJoi097UZvXnbCaUbH7dR8k+XryK6erWEJOWRjtrThbxwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFE1QQZ6ayDJ6ro61RKd0bzsV9i+xMB8GA1UdIwQY
MBaAFCyI24H9++zO519Kn2mKPBs6hGJuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTElqYmdmMzc3TTduWDBxZmFZbzhHenFFWW00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9hOGUwNGItMGRiYS00MGVjLWIxMjYt
ZjQ1N2Q0MDRhZTJmLzEvVFZCQm5wcklNbnF1anJWRXAzUnZPeFgyTDdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9hOGUwNGItMGRiYS00MGVjLWIxMjYtZjQ1N2Q0MDRhZTJm
LzEvTElqYmdmMzc3TTduWDBxZmFZbzhHenFFWW00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLV0EAwQA
W9xFAwQCXo18AwQCuZpIAwQBudjAAwQAwWlyAwQBwaDMMA0GCSqGSIb3DQEBCwUA
A4IBAQAw4j2PdJiAhPC3rhG8OK2BFvobpiU+IjlHFJULlJ9+MQLZOodt1omdtyHA
NEXrtLwfdkHvW6+Af43BHpaLyghquYTajTOIzisZFVDGsiLsdcIfbwJdJKQpJx1u
dfqzyAGuiw43z75lTrWcPkRkXG6Q4epyw3B4E1xOf4ZuF/BRy/8va2ZWKsL4apzE
oxB1tWyVIIoe/DxFc4koeiy5TVYjvSMtOpKkFYsKZyL+fnhU+VdeD3tDMDwRAKlZ
15wNUFEj0Kq4PxoBvQmuTTBK5z7DEBwUw99xFKapBFxC/dXh6F2fHPvkL+mhXw1M
+1v2Fb5yLXcY5uLIKr56W2tU9L+p
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:37 2025 by rpki-client