Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/TTFxCl96RSO42E6SyFGD6Rgv9p0.roa
File: TTFxCl96RSO42E6SyFGD6Rgv9p0.roa (raw, json)
Hash identifier: BIX/BVr8S0hx+tNdiEaRQhQOFiBJk35eAfyPqAmVbRs=
Subject key identifier: 4D:31:71:0A:5F:7A:45:23:B8:D8:4E:92:C8:51:83:E9:18:2F:F6:9D
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 018C39374E3DC119A251DB83C46265BD3E71
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/TTFxCl96RSO42E6SyFGD6Rgv9p0.roa
Signing time: Tue 05 Dec 2023 09:02:54 +0000
ROA not before: Tue 05 Dec 2023 09:02:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3267
IP address blocks: 82.137.137.0/24 maxlen: 24
86.110.96.0/19 maxlen: 19
86.110.96.0/22 maxlen: 22
193.27.214.0/23 maxlen: 24
194.85.32.0/20 maxlen: 20
86.110.101.0/24 maxlen: 24
86.110.102.0/24 maxlen: 24
86.110.103.0/24 maxlen: 24
82.179.128.0/17 maxlen: 17
86.110.112.0/20 maxlen: 20
194.85.174.0/23 maxlen: 23
83.149.192.0/18 maxlen: 24
82.137.176.0/22 maxlen: 22
82.137.184.0/22 maxlen: 22
82.137.180.0/22 maxlen: 22
82.137.188.0/22 maxlen: 22
80.250.160.0/19 maxlen: 24
80.250.172.0/23 maxlen: 23
80.250.170.0/23 maxlen: 23
80.250.176.0/20 maxlen: 20
80.250.175.0/24 maxlen: 24
194.85.160.0/21 maxlen: 21
194.85.168.0/22 maxlen: 22
185.71.96.0/22 maxlen: 22
194.190.241.0/24 maxlen: 24
194.190.242.0/23 maxlen: 23
194.190.244.0/22 maxlen: 22
194.190.248.0/21 maxlen: 21
85.143.224.0/21 maxlen: 21
82.179.64.0/18 maxlen: 18
85.142.64.0/24 maxlen: 24
188.93.107.0/24 maxlen: 24
85.142.78.0/24 maxlen: 24
194.190.224.0/19 maxlen: 24
85.142.8.0/21 maxlen: 21
194.190.232.0/21 maxlen: 24
82.179.32.0/19 maxlen: 19
194.190.240.0/24 maxlen: 24
2a00:db8::/32 maxlen: 48
2a07:a6c0::/29 maxlen: 29
2001:b08:26::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 14 Dec 2023 08:27:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:39:37:4e:3d:c1:19:a2:51:db:83:c4:62:65:bd:3e:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Dec 5 09:02:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d31710a5f7a4523b8d84e92c85183e9182ff69d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:20:88:8a:24:78:8e:bd:06:fb:ba:55:32:b7:
17:07:b6:b8:0c:e4:85:ce:75:59:29:4e:6d:90:1d:
dc:09:1b:5e:b3:d8:15:8c:3d:0d:bc:98:fd:ef:f3:
36:13:be:55:40:da:e2:fb:8e:8f:b3:95:dc:40:28:
c5:2b:2b:06:0d:50:81:ca:ea:b1:fb:9e:b8:55:a3:
d2:de:5f:53:43:5b:a9:2c:d0:b4:4d:ed:f1:e0:49:
14:2f:e8:bd:6e:4e:46:00:e2:d9:3a:ac:1a:7e:60:
90:d9:86:17:85:bf:35:80:e6:86:34:4b:87:26:af:
74:bf:df:8b:e4:d1:e5:bc:dd:b2:3f:04:b7:1e:56:
8c:12:5d:35:65:34:5d:56:5c:53:c4:1c:23:04:ff:
ec:3a:ff:3a:6e:50:54:4f:98:38:32:30:a8:63:61:
77:92:0f:8a:db:fc:d5:26:c9:12:f0:49:b0:6a:88:
e5:6c:d3:01:4a:d5:23:88:64:95:df:bf:7a:86:b8:
34:ff:33:8d:08:68:40:3c:fe:f6:2d:c6:56:26:0b:
32:ca:59:f9:2e:d7:9d:c7:2b:2b:b1:39:ba:ad:f1:
3c:0e:7c:87:08:4e:d3:d4:65:bf:da:40:73:0a:e8:
d7:94:c0:9f:41:f9:a0:81:76:10:95:8c:40:8a:7d:
2d:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:31:71:0A:5F:7A:45:23:B8:D8:4E:92:C8:51:83:E9:18:2F:F6:9D
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/TTFxCl96RSO42E6SyFGD6Rgv9p0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.250.160.0/19
82.137.137.0/24
82.137.176.0/20
82.179.32.0-82.179.255.255
83.149.192.0/18
85.142.8.0/21
85.142.64.0/24
85.142.78.0/24
85.143.224.0/21
86.110.96.0/19
185.71.96.0/22
188.93.107.0/24
193.27.214.0/23
194.85.32.0/20
194.85.160.0-194.85.171.255
194.85.174.0/23
194.190.224.0/19
IPv6:
2001:b08:26::/48
2a00:db8::/32
2a07:a6c0::/29
Signature Algorithm: sha256WithRSAEncryption
5d:29:11:6a:37:ff:ed:1c:b5:e9:7d:0e:2a:ec:ed:cd:01:0a:
88:39:80:c8:06:b7:25:92:77:f7:ce:4a:56:7d:5b:20:85:15:
87:dc:f9:cf:51:0e:f1:24:64:af:98:f1:c8:8d:99:cb:e8:47:
9e:cc:b1:80:40:dd:a7:ff:55:cf:b1:d3:48:ad:e5:e5:74:d9:
c5:a7:f5:ed:5c:c9:1e:03:51:25:8d:b9:8d:d1:d0:7f:c3:8c:
6a:38:b6:0c:da:0a:34:94:ed:97:a8:21:1b:de:5e:26:ad:80:
74:45:7f:46:4d:2a:53:da:fa:36:93:14:04:f9:12:4a:f6:13:
63:e1:b4:4f:13:84:94:aa:d0:0a:f4:77:28:56:a3:01:1e:70:
5a:f7:87:22:c2:de:c9:61:a0:d9:4d:87:3b:76:8d:e3:cf:79:
74:ff:37:88:1a:0b:9e:56:67:4c:1d:bf:5a:18:92:5b:a6:5b:
46:e4:b5:33:28:56:ec:74:69:e6:49:d2:6f:8f:3e:d3:5d:a5:
a3:45:8f:0b:f1:59:51:ca:c3:2a:f9:79:5e:10:5f:1a:33:92:
66:a9:32:19:d3:09:50:da:c9:3a:d2:74:db:bf:d3:3a:c0:21:
0b:2b:3b:54:e9:42:1f:95:35:e5:6a:c8:c7:2d:2e:08:0e:9b:
6e:b7:54:9b
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAYw5N049wRmiUduDxGJlvT5xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjMxMjA1MDkwMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDMxNzEwYTVmN2E0NTIzYjhkODRlOTJjODUxODNlOTE4MmZmNjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAliCIiiR4jr0G+7pVMrcXB7a4DOSF
znVZKU5tkB3cCRtes9gVjD0NvJj97/M2E75VQNri+46Ps5XcQCjFKysGDVCByuqx
+564VaPS3l9TQ1upLNC0Te3x4EkUL+i9bk5GAOLZOqwafmCQ2YYXhb81gOaGNEuH
Jq90v9+L5NHlvN2yPwS3HlaMEl01ZTRdVlxTxBwjBP/sOv86blBUT5g4MjCoY2F3
kg+K2/zVJskS8EmwaojlbNMBStUjiGSV3796hrg0/zONCGhAPP72LcZWJgsyyln5
LtedxysrsTm6rfE8DnyHCE7T1GW/2kBzCujXlMCfQfmggXYQlYxAin0tGQIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFE0xcQpfekUjuNhOkshRg+kYL/adMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvVFRGeENsOTZSU080MkU2U3lGR0Q2Umd2OXAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDB7BAIAATB1AwQFUPqg
AwQAUomJAwQEUomwMAsDBAVSsyADAwJSsAMEBlOVwAMEA1WOCAMEAFWOQAMEAFWO
TgMEA1WP4AMEBVZuYAMEArlHYAMEALxdawMEAcEb1gMEBMJVIDAMAwQFwlWgAwQC
wlWoAwQBwlWuAwQFwr7gMB0EAgACMBcDBwAgAQsIACYDBQAqAA24AwUDKgemwDAN
BgkqhkiG9w0BAQsFAAOCAQEAXSkRajf/7Ry16X0OKuztzQEKiDmAyAa3JZJ3985K
Vn1bIIUVh9z5z1EO8SRkr5jxyI2Zy+hHnsyxgEDdp/9Vz7HTSK3l5XTZxaf17VzJ
HgNRJY25jdHQf8OMaji2DNoKNJTtl6ghG95eJq2AdEV/Rk0qU9r6NpMUBPkSSvYT
Y+G0TxOElKrQCvR3KFajAR5wWveHIsLeyWGg2U2HO3aN4895dP83iBoLnlZnTB2/
WhiSW6ZbRuS1MyhW7HRp5knSb48+012lo0WPC/FZUcrDKvl5XhBfGjOSZqkyGdMJ
UNrJOtJ027/TOsAhCys7VOlCH5U15WrIxy0uCA6bbrdUmw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:01 2024 by rpki-client on console-ams.rpki-client.org