Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/TZ2-6_6FmnIu68L-DbtIlKv__Z0.roa
File: TZ2-6_6FmnIu68L-DbtIlKv__Z0.roa (raw, json)
Hash identifier: UM5bHmAKqSvyeiimghlvFFfvuB8wzIuL2kD/Ia/M0ic=
Subject key identifier: 4D:9D:BE:EB:FE:85:9A:72:2E:EB:C2:FE:0D:BB:48:94:AB:FF:FD:9D
Certificate issuer: /CN=d411abc4c0468ab2891eaacadba0dc0377936fd5
Certificate serial: 01857255AFA89CF5B5364A34D178C418E4E3
Authority key identifier: D4:11:AB:C4:C0:46:8A:B2:89:1E:AA:CA:DB:A0:DC:03:77:93:6F:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1BGrxMBGirKJHqrK26DcA3eTb9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/TZ2-6_6FmnIu68L-DbtIlKv__Z0.roa
Signing time: Mon 02 Jan 2023 11:54:56 +0000
ROA not before: Mon 02 Jan 2023 11:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 134963
IP address blocks: 212.31.96.0/24 maxlen: 24
31.153.230.0/23 maxlen: 23
195.14.157.0/24 maxlen: 24
195.14.154.0/24 maxlen: 24
212.31.123.0/24 maxlen: 24
212.31.124.0/24 maxlen: 24
212.31.125.0/24 maxlen: 24
212.31.127.0/24 maxlen: 24
128.0.107.0/24 maxlen: 24
81.4.190.0/23 maxlen: 24
46.199.88.0/24 maxlen: 24
195.14.130.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:55:af:a8:9c:f5:b5:36:4a:34:d1:78:c4:18:e4:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d411abc4c0468ab2891eaacadba0dc0377936fd5
Validity
Not Before: Jan 2 11:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d9dbeebfe859a722eebc2fe0dbb4894abfffd9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f5:c2:1a:c6:72:b5:03:09:85:98:ae:49:f6:
a7:3c:ab:06:75:c2:6e:78:f1:93:c5:6e:60:16:23:
9f:8d:4b:d5:12:e0:f0:a4:cf:85:3c:c1:25:4f:11:
57:62:d0:b8:c0:a3:8c:e4:29:a4:9f:ab:8f:9a:5f:
2a:71:a3:6c:54:97:c4:ee:11:1c:44:e1:25:63:1d:
3e:ef:aa:d3:60:a5:0d:6c:c3:36:33:e0:80:05:c8:
3d:d8:e5:2c:12:df:fb:26:f9:44:34:d1:d6:ba:81:
e0:e5:ca:ff:65:a7:bf:68:18:12:7f:58:49:56:d6:
16:20:10:fb:46:b5:99:15:22:5d:10:69:a5:f5:97:
37:ae:40:6b:95:4d:53:49:f6:da:08:c3:38:bc:13:
51:4f:c2:12:20:1a:af:c7:b2:39:7d:6b:4d:1d:30:
d5:ce:4d:98:a0:57:d6:2d:ef:0b:05:00:04:fc:f9:
cb:d4:e7:7b:83:e1:ea:fe:45:36:d3:b7:f3:d9:71:
5e:e9:37:69:af:86:12:ce:df:1b:15:69:92:16:d9:
7a:40:49:34:85:22:90:2b:b9:86:46:61:97:6d:07:
de:31:76:58:9d:8c:63:d2:60:9a:4d:2b:cc:c2:68:
72:8f:f9:ea:6c:0c:ca:1d:46:e5:f7:fa:dc:13:d8:
34:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:9D:BE:EB:FE:85:9A:72:2E:EB:C2:FE:0D:BB:48:94:AB:FF:FD:9D
X509v3 Authority Key Identifier:
keyid:D4:11:AB:C4:C0:46:8A:B2:89:1E:AA:CA:DB:A0:DC:03:77:93:6F:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1BGrxMBGirKJHqrK26DcA3eTb9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/TZ2-6_6FmnIu68L-DbtIlKv__Z0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/618e53-afc4-40df-8612-b0f4b9c37e49/1/1BGrxMBGirKJHqrK26DcA3eTb9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.153.230.0/23
46.199.88.0/24
81.4.190.0/23
128.0.107.0/24
195.14.130.0/24
195.14.154.0/24
195.14.157.0/24
212.31.96.0/24
212.31.123.0-212.31.125.255
212.31.127.0/24
Signature Algorithm: sha256WithRSAEncryption
47:4b:69:47:1a:fe:a7:ba:bc:43:10:e8:c7:8c:a6:3d:31:5c:
94:12:de:87:ef:c2:66:ce:21:f8:88:5a:8e:57:27:6d:c4:11:
84:d0:9a:53:b3:e8:fc:1c:f4:8f:fb:3c:64:ac:66:57:9f:4c:
8a:7c:40:04:0a:26:ad:21:cc:b8:40:ab:88:c3:dd:19:fc:9b:
08:a4:26:5f:cb:4d:53:c2:0e:25:ff:64:d6:ef:ef:ee:b3:b1:
78:56:43:45:da:b9:8d:c9:14:80:5d:0e:ba:f0:22:ee:5d:ec:
5e:db:f5:76:01:a5:b7:92:3a:f0:6f:da:5e:6f:5d:59:cf:06:
8c:76:01:3c:98:cc:f2:10:78:ab:b1:6c:c1:e5:f0:be:32:82:
3e:ed:2a:8a:68:3c:c1:cf:6c:88:eb:90:c6:9b:02:4c:ff:52:
f0:22:a1:41:1e:07:87:9d:5b:94:8f:97:e3:6a:b9:87:bb:1d:
48:6c:dc:b7:36:bc:0c:62:5c:de:f9:2d:0f:28:89:9c:92:e9:
cc:d6:0e:56:ae:83:cd:0a:cd:1d:66:5b:86:3d:29:52:c3:7a:
0a:96:64:a6:cb:bc:1b:2d:2b:0a:76:74:27:a5:40:d6:e1:1d:
6a:44:96:7b:69:4a:26:af:f5:24:34:55:0a:3e:4d:f5:08:9d:
38:19:0b:b1
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYVyVa+onPW1Nko00XjEGOTjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MTFhYmM0YzA0NjhhYjI4OTFlYWFjYWRiYTBkYzAzNzc5
MzZmZDUwHhcNMjMwMTAyMTE1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDlkYmVlYmZlODU5YTcyMmVlYmMyZmUwZGJiNDg5NGFiZmZmZDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfXCGsZytQMJhZiuSfanPKsGdcJu
ePGTxW5gFiOfjUvVEuDwpM+FPMElTxFXYtC4wKOM5Cmkn6uPml8qcaNsVJfE7hEc
ROElYx0+76rTYKUNbMM2M+CABcg92OUsEt/7JvlENNHWuoHg5cr/Zae/aBgSf1hJ
VtYWIBD7RrWZFSJdEGml9Zc3rkBrlU1TSfbaCMM4vBNRT8ISIBqvx7I5fWtNHTDV
zk2YoFfWLe8LBQAE/PnL1Od7g+Hq/kU207fz2XFe6Tdpr4YSzt8bFWmSFtl6QEk0
hSKQK7mGRmGXbQfeMXZYnYxj0mCaTSvMwmhyj/nqbAzKHUbl9/rcE9g0BwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFE2dvuv+hZpyLuvC/g27SJSr//2dMB8GA1UdIwQY
MBaAFNQRq8TARoqyiR6qytug3AN3k2/VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUJHcnhNQkdpcktKSHFySzI2RGNBM2VUYjlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My82MThlNTMtYWZjNC00MGRmLTg2MTIt
YjBmNGI5YzM3ZTQ5LzEvVFoyLTZfNkZtbkl1NjhMLURidElsS3ZfX1owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My82MThlNTMtYWZjNC00MGRmLTg2MTItYjBmNGI5YzM3ZTQ5
LzEvMUJHcnhNQkdpcktKSHFySzI2RGNBM2VUYjlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQBH5nmAwQA
LsdYAwQBUQS+AwQAgABrAwQAww6CAwQAww6aAwQAww6dAwQA1B9gMAwDBADUH3sD
BAHUH3wDBADUH38wDQYJKoZIhvcNAQELBQADggEBAEdLaUca/qe6vEMQ6MeMpj0x
XJQS3ofvwmbOIfiIWo5XJ23EEYTQmlOz6Pwc9I/7PGSsZlefTIp8QAQKJq0hzLhA
q4jD3Rn8mwikJl/LTVPCDiX/ZNbv7+6zsXhWQ0XauY3JFIBdDrrwIu5d7F7b9XYB
pbeSOvBv2l5vXVnPBox2ATyYzPIQeKuxbMHl8L4ygj7tKopoPMHPbIjrkMabAkz/
UvAioUEeB4edW5SPl+NquYe7HUhs3Lc2vAxiXN75LQ8oiZyS6czWDlaug80KzR1m
W4Y9KVLDegqWZKbLvBstKwp2dCelQNbhHWpElntpSiav9SQ0VQo+TfUInTgZC7E=
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:03:03 2024 by rpki-client on console-ams.rpki-client.org