Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/TmwKaw_bX4zvGVPRddYpOL3eb1w.roa
File: TmwKaw_bX4zvGVPRddYpOL3eb1w.roa (raw, json)
Hash identifier: 1CVbvqVaWr1GyKH2tdUi481CU1EdP0+tRiwtvwiU21M=
Subject key identifier: 4E:6C:0A:6B:0F:DB:5F:8C:EF:19:53:D1:75:D6:29:38:BD:DE:6F:5C
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 0187E1930B88401DAD3CA74D7A6CA740848C
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/TmwKaw_bX4zvGVPRddYpOL3eb1w.roa
Signing time: Wed 03 May 2023 12:25:22 +0000
ROA not before: Wed 03 May 2023 12:25:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49505
IP address blocks: 195.208.52.0/22 maxlen: 24
212.192.195.0/24 maxlen: 24
212.192.196.0/22 maxlen: 24
195.19.0.0/23 maxlen: 24
193.232.40.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 May 2023 09:08:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e1:93:0b:88:40:1d:ad:3c:a7:4d:7a:6c:a7:40:84:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: May 3 12:25:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e6c0a6b0fdb5f8cef1953d175d62938bdde6f5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:29:38:f6:78:af:92:60:03:3c:09:11:34:99:
59:17:d6:50:33:bc:53:be:b6:27:af:90:b8:1e:69:
e5:41:d0:a7:11:30:bd:10:0d:e6:ed:bb:38:86:0a:
22:02:2b:74:16:f8:24:5e:62:d8:eb:8f:da:7c:cf:
dc:02:5e:4a:ca:84:39:8e:72:5e:51:15:fc:3c:51:
5e:3c:9b:e1:97:34:48:41:c0:be:2f:e3:9d:a9:e7:
00:14:f0:32:1d:2b:3a:15:1a:ea:3b:9f:96:fb:73:
b2:99:c4:d7:3a:94:eb:55:37:39:23:7f:c0:f1:46:
49:25:60:d4:92:bf:0c:66:55:30:29:2f:c3:ae:b5:
56:aa:f0:11:e9:d2:65:2a:db:40:5a:5d:25:24:d8:
34:58:05:42:2f:0c:60:45:11:84:03:bf:05:9d:1a:
8d:17:b7:72:21:e2:be:5c:58:8d:f2:c1:a9:da:62:
f1:d8:9b:5e:3c:ac:07:9a:38:2a:18:6d:a9:13:5d:
15:92:ea:e7:aa:46:8b:9b:6b:3f:c2:2e:7a:5e:9e:
54:4d:24:2d:a3:69:31:fe:92:b0:6c:7d:c0:77:ee:
df:79:d8:13:32:54:2c:07:dd:0d:26:ad:04:7b:8e:
97:e8:7d:4a:42:24:74:f1:4e:0a:b4:aa:09:96:07:
5b:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:6C:0A:6B:0F:DB:5F:8C:EF:19:53:D1:75:D6:29:38:BD:DE:6F:5C
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/TmwKaw_bX4zvGVPRddYpOL3eb1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.232.40.0/22
195.19.0.0/23
195.208.52.0/22
212.192.195.0-212.192.199.255
Signature Algorithm: sha256WithRSAEncryption
09:62:53:d2:cc:49:35:4a:81:d7:66:24:b1:5c:c4:00:b9:cb:
d1:a9:23:41:93:8b:a1:f1:9f:ca:34:f6:2f:75:ee:d9:ff:41:
5f:f2:97:1a:87:31:9e:9d:3c:54:11:74:58:76:c4:47:79:f4:
e8:4f:74:3e:47:c4:78:c0:ba:f0:9e:0c:4b:68:c6:a3:de:c9:
1e:a8:23:89:aa:b8:2a:4f:b2:5d:e1:03:00:28:97:af:21:88:
19:f4:1a:01:a8:c2:d1:c4:34:c8:d9:17:92:b9:43:a6:42:3a:
2c:17:12:a7:c5:7e:22:56:06:94:93:6d:ac:b5:f7:01:2f:97:
51:aa:bf:a2:d2:73:b1:b9:87:e0:ac:cc:69:b7:d7:2e:6c:11:
5c:7f:25:6f:f2:c9:b7:0c:e6:9e:39:01:a7:6c:13:58:85:e4:
f8:d3:ca:c9:57:d3:04:c7:02:44:f8:4a:7e:5e:46:5d:c4:52:
ae:12:af:90:8e:21:94:56:4c:4d:35:af:ec:e7:99:c1:a5:28:
ae:33:ea:6e:75:04:84:4f:9a:69:8f:9c:6e:77:be:2f:9e:6a:
d8:16:f8:b7:29:e2:a8:31:39:cc:10:99:50:9f:a0:db:86:e5:
5d:9b:95:81:fd:74:6d:90:d3:b9:36:af:e2:98:ef:4d:d9:fe:
0c:d5:44:76
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYfhkwuIQB2tPKdNemynQISMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjMwNTAzMTIyNTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTZjMGE2YjBmZGI1ZjhjZWYxOTUzZDE3NWQ2MjkzOGJkZGU2ZjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSk49nivkmADPAkRNJlZF9ZQM7xT
vrYnr5C4HmnlQdCnETC9EA3m7bs4hgoiAit0FvgkXmLY64/afM/cAl5KyoQ5jnJe
URX8PFFePJvhlzRIQcC+L+OdqecAFPAyHSs6FRrqO5+W+3OymcTXOpTrVTc5I3/A
8UZJJWDUkr8MZlUwKS/DrrVWqvAR6dJlKttAWl0lJNg0WAVCLwxgRRGEA78FnRqN
F7dyIeK+XFiN8sGp2mLx2JtePKwHmjgqGG2pE10VkurnqkaLm2s/wi56Xp5UTSQt
o2kx/pKwbH3Ad+7fedgTMlQsB90NJq0Ee46X6H1KQiR08U4KtKoJlgdbjwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFE5sCmsP21+M7xlT0XXWKTi93m9cMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvVG13S2F3X2JYNHp2R1ZQUmRkWXBPTDNlYjF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCwegoAwQB
wxMAAwQCw9A0MAwDBADUwMMDBAPUwMAwDQYJKoZIhvcNAQELBQADggEBAAliU9LM
STVKgddmJLFcxAC5y9GpI0GTi6Hxn8o09i917tn/QV/ylxqHMZ6dPFQRdFh2xEd5
9OhPdD5HxHjAuvCeDEtoxqPeyR6oI4mquCpPsl3hAwAol68hiBn0GgGowtHENMjZ
F5K5Q6ZCOiwXEqfFfiJWBpSTbay19wEvl1Gqv6LSc7G5h+CszGm31y5sEVx/JW/y
ybcM5p45AadsE1iF5PjTyslX0wTHAkT4Sn5eRl3EUq4Sr5COIZRWTE01r+znmcGl
KK4z6m51BIRPmmmPnG53vi+eatgW+Lcp4qgxOcwQmVCfoNuG5V2blYH9dG2Q07k2
r+KY703Z/gzVRHY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:56 2024 by rpki-client on console-fra.rpki-client.org