Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/TPWiaoNV8dTxmN-Vv4lWFGtz14s.roa
File: TPWiaoNV8dTxmN-Vv4lWFGtz14s.roa (raw, json)
Hash identifier: j7RXDEuufHSrBS7ewZ9nMDyyO0xPLx/twqqYDodH2Eg=
Subject key identifier: 4C:F5:A2:6A:83:55:F1:D4:F1:98:DF:95:BF:89:56:14:6B:73:D7:8B
Certificate issuer: /CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Certificate serial: 018CC5DC0F968843357BFCBC46348B5E7B30
Authority key identifier: BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/TPWiaoNV8dTxmN-Vv4lWFGtz14s.roa
Signing time: Mon 01 Jan 2024 16:29:42 +0000
ROA not before: Mon 01 Jan 2024 16:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 194.246.37.0/24 maxlen: 24
194.247.44.0/24 maxlen: 24
194.247.45.0/24 maxlen: 24
45.149.166.0/24 maxlen: 24
45.149.164.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Mar 2024 14:42:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:0f:96:88:43:35:7b:fc:bc:46:34:8b:5e:7b:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Validity
Not Before: Jan 1 16:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4cf5a26a8355f1d4f198df95bf8956146b73d78b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:49:04:e7:d3:e9:fd:5d:dc:a6:d4:f2:40:50:
56:73:62:ba:43:44:31:a8:9a:23:07:ff:fe:9f:e5:
80:b7:2d:b2:de:3b:ef:a3:53:5b:2b:5f:e8:ad:4c:
b1:5a:c1:8e:8a:42:af:9d:b8:23:cc:68:47:60:a9:
6a:47:1d:db:3b:78:b9:87:e7:25:79:3d:99:5a:fb:
3a:c5:06:64:0e:c7:fe:1e:c2:03:a1:fc:6d:b4:c6:
28:95:00:72:aa:07:18:49:f7:03:95:83:f4:e5:7f:
51:6c:7b:c3:45:12:81:ff:3d:11:53:00:c9:0b:f2:
8d:3a:7f:b1:6f:58:47:cd:a4:fb:83:68:57:65:f4:
e6:cf:03:bf:e2:52:fb:9b:2f:6e:e3:4a:63:42:b7:
18:e2:7d:21:96:71:44:20:fc:eb:9b:d0:d0:5b:b3:
c5:ba:54:28:63:aa:1a:d6:d7:3f:90:e1:2b:32:52:
9a:f0:9f:0b:1b:ef:75:66:c8:59:45:22:ba:49:80:
9e:35:ff:d3:21:05:c2:b6:e7:7b:e3:d1:52:6b:c7:
08:d0:fb:d6:23:6d:ae:47:d8:40:a8:5f:07:b8:40:
1d:ac:bd:27:fc:61:1b:5c:25:a1:be:95:22:6d:90:
42:a1:50:cb:89:6a:59:92:7b:32:3d:e4:e1:0b:cb:
d3:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:F5:A2:6A:83:55:F1:D4:F1:98:DF:95:BF:89:56:14:6B:73:D7:8B
X509v3 Authority Key Identifier:
keyid:BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/TPWiaoNV8dTxmN-Vv4lWFGtz14s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/uk0Oaat2n2W7KxVb36g6cYburEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.164.0/24
45.149.166.0/24
194.246.37.0/24
194.247.44.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:8c:27:ca:0d:14:3d:3b:96:2e:29:f4:a7:21:10:e1:d3:90:
b2:dc:0d:39:49:68:81:12:94:a7:80:6c:23:eb:41:8a:e1:6a:
cd:a3:5b:25:34:cb:8e:7d:30:b2:36:00:56:f2:d8:c0:d7:58:
a1:c9:2f:12:ae:8a:70:b4:e0:9e:51:3b:45:b1:9c:76:c8:89:
23:ac:b6:98:19:8a:04:cf:f9:28:ed:f8:15:96:1e:d0:9e:ab:
c9:75:d6:df:eb:63:68:3f:65:2f:99:64:d4:7c:29:10:ae:be:
86:03:6a:f4:70:41:ab:d7:46:00:ef:d3:9e:9f:74:ac:e6:b7:
d0:30:71:ed:09:09:af:70:62:d4:ea:40:3d:2b:3b:13:47:cb:
a3:2e:d0:8d:e9:6f:b2:84:ed:65:4b:d0:6d:6c:a2:66:55:f7:
c8:3a:70:da:b3:bf:70:08:fe:fd:d3:aa:5c:9b:c0:c9:82:75:
66:6d:b7:2e:bc:b7:ac:a1:ae:0f:87:a1:49:19:0d:ad:c4:98:
92:8e:8f:65:48:94:c7:6f:17:f8:a1:c3:29:18:46:d6:0b:52:
22:91:1b:f6:6f:89:8c:32:93:1f:9a:fc:a0:f3:45:ff:9d:14:
52:7d:d4:ed:ff:3e:70:e7:6b:4d:e1:8d:b6:69:08:be:d7:20:
77:77:51:7e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzF3A+WiEM1e/y8RjSLXnswMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNGQwZTY5YWI3NjlmNjViYjJiMTU1YmRmYTgzYTcxODZl
ZWFjNDQwHhcNMjQwMTAxMTYyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2Y1YTI2YTgzNTVmMWQ0ZjE5OGRmOTViZjg5NTYxNDZiNzNkNzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0kE59Pp/V3cptTyQFBWc2K6Q0Qx
qJojB//+n+WAty2y3jvvo1NbK1/orUyxWsGOikKvnbgjzGhHYKlqRx3bO3i5h+cl
eT2ZWvs6xQZkDsf+HsIDofxttMYolQByqgcYSfcDlYP05X9RbHvDRRKB/z0RUwDJ
C/KNOn+xb1hHzaT7g2hXZfTmzwO/4lL7my9u40pjQrcY4n0hlnFEIPzrm9DQW7PF
ulQoY6oa1tc/kOErMlKa8J8LG+91ZshZRSK6SYCeNf/TIQXCtud749FSa8cI0PvW
I22uR9hAqF8HuEAdrL0n/GEbXCWhvpUibZBCoVDLiWpZknsyPeThC8vTtwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEz1omqDVfHU8Zjflb+JVhRrc9eLMB8GA1UdIwQY
MBaAFLpNDmmrdp9luysVW9+oOnGG7qxEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgt
OGVmZjNmZDNjNDhhLzEvVFBXaWFvTlY4ZFR4bU4tVnY0bFdGR3R6MTRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgtOGVmZjNmZDNjNDhh
LzEvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZWkAwQA
LZWmAwQAwvYlAwQBwvcsMA0GCSqGSIb3DQEBCwUAA4IBAQBejCfKDRQ9O5YuKfSn
IRDh05Cy3A05SWiBEpSngGwj60GK4WrNo1slNMuOfTCyNgBW8tjA11ihyS8Sropw
tOCeUTtFsZx2yIkjrLaYGYoEz/ko7fgVlh7QnqvJddbf62NoP2UvmWTUfCkQrr6G
A2r0cEGr10YA79Oen3Ss5rfQMHHtCQmvcGLU6kA9KzsTR8ujLtCN6W+yhO1lS9Bt
bKJmVffIOnDas79wCP7906pcm8DJgnVmbbcuvLesoa4Ph6FJGQ2txJiSjo9lSJTH
bxf4ocMpGEbWC1IikRv2b4mMMpMfmvyg80X/nRRSfdTt/z5w52tN4Y22aQi+1yB3
d1F+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:51 2024 by rpki-client on console-fra.rpki-client.org