Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/TYNOcIS_qnj7gOKS4oNnQAGRo2I.roa
File: TYNOcIS_qnj7gOKS4oNnQAGRo2I.roa (raw, json)
Hash identifier: fkbf46sxuGxEKVfGOWcVC9Dxse0h3aOyyEJMEr/w/w8=
Subject key identifier: 4D:83:4E:70:84:BF:AA:78:FB:80:E2:92:E2:83:67:40:01:91:A3:62
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018C154D1198425C8F036CE4470802EF3C77
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/TYNOcIS_qnj7gOKS4oNnQAGRo2I.roa
Signing time: Tue 28 Nov 2023 09:40:21 +0000
ROA not before: Tue 28 Nov 2023 09:40:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39543
IP address blocks: 195.28.2.0/23 maxlen: 23
193.19.192.0/22 maxlen: 22
193.19.192.0/24 maxlen: 24
193.19.193.0/24 maxlen: 24
193.19.195.0/24 maxlen: 24
193.19.194.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.47.96.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.35.158.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.122.0/24 maxlen: 24
89.47.121.0/24 maxlen: 24
89.47.120.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.38.228.0/24 maxlen: 24
89.38.229.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 04 Dec 2023 13:22:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:15:4d:11:98:42:5c:8f:03:6c:e4:47:08:02:ef:3c:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Nov 28 09:40:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d834e7084bfaa78fb80e292e28367400191a362
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ca:44:b0:d9:00:bf:4d:9b:49:87:a6:7d:8d:
bd:b3:bf:46:d5:34:7d:e0:ba:17:f4:5d:d2:4c:5c:
d0:94:67:96:75:c2:60:58:95:08:77:94:f5:f0:74:
09:65:67:f5:3f:ad:eb:b4:5f:f4:74:2e:71:8b:e3:
00:34:75:07:84:dd:5e:e3:42:1e:b8:71:05:42:2d:
07:ff:09:ca:98:29:18:14:90:cd:ff:98:db:a0:49:
49:7d:79:03:67:6b:3f:d0:2d:e2:94:ee:4d:0a:18:
fd:ab:ca:57:5b:bf:91:03:8d:3d:7d:0a:92:56:9f:
8f:8a:2e:b8:09:fb:e2:38:37:3d:2f:60:31:d5:f6:
ac:c2:18:37:4a:ee:2e:b6:41:6d:a4:da:08:d6:1d:
65:2c:65:85:9d:64:29:de:7c:da:4e:0a:47:03:b0:
06:6a:6e:ea:7a:d7:94:0e:e4:ae:4b:00:cd:cc:26:
cd:33:cc:00:5d:cd:e7:9e:a1:38:d6:dd:0c:0b:2a:
7c:d1:3b:4e:07:73:64:01:ca:ee:75:c2:8a:e7:73:
90:3c:c9:8e:1d:ee:bb:bc:8b:a0:7b:a2:5b:a9:30:
7f:dd:cb:f1:ec:4d:58:c7:44:63:eb:58:d6:0b:60:
56:f8:ca:1b:66:26:93:85:6e:0a:35:19:12:24:a6:
f6:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:83:4E:70:84:BF:AA:78:FB:80:E2:92:E2:83:67:40:01:91:A3:62
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/TYNOcIS_qnj7gOKS4oNnQAGRo2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.27.0/24
89.35.158.0/24
89.38.228.0/23
89.39.111.0/24
89.40.67.0/24
89.45.164.0/24
89.47.96.0/20
89.47.114.0/23
89.47.118.0-89.47.122.255
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
28:cd:e6:f4:81:27:f1:13:8a:ca:3b:9f:05:70:74:ba:69:1e:
dd:72:7d:3f:e3:a5:b9:5b:c5:d5:cc:3b:37:64:47:d8:02:84:
0c:83:06:90:b5:e3:40:df:39:ac:8f:5a:f7:d9:65:70:8c:a6:
d0:fe:d2:75:7a:8e:d3:a0:95:aa:db:e9:26:bb:7b:53:05:be:
9a:47:a2:50:f6:d9:cb:e1:17:f2:b0:7f:ae:1e:b4:38:a0:3d:
20:ac:e2:a1:16:ce:a2:d8:8d:45:97:f3:cd:97:1f:86:69:b6:
29:0e:6c:8b:81:d5:02:69:3d:cc:84:b3:49:d5:08:2a:6f:43:
37:6b:52:94:9f:aa:0d:4b:27:47:ee:67:81:4b:6e:74:0d:f2:
8f:19:38:80:bd:26:0e:d7:42:12:96:9d:67:51:27:47:99:4b:
60:5e:9f:6c:d9:a7:95:5d:8d:44:43:c0:4b:3e:c4:6e:6b:b8:
0c:c5:2a:62:3a:15:6d:b0:b6:8e:e3:d1:4e:58:a0:b1:b1:ee:
58:1d:f3:95:c3:ee:2d:68:9c:4e:95:a9:33:55:cc:d3:c0:f1:
a5:b1:f0:af:e3:c3:c8:27:74:67:89:64:2f:77:9b:a6:a9:0b:
c2:d8:5d:9f:44:94:65:67:a9:06:27:68:f1:3e:4a:df:c5:0f:
71:ad:ef:a3
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAYwVTRGYQlyPA2zkRwgC7zx3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMTI4MDk0MDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDgzNGU3MDg0YmZhYTc4ZmI4MGUyOTJlMjgzNjc0MDAxOTFhMzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18pEsNkAv02bSYemfY29s79G1TR9
4LoX9F3STFzQlGeWdcJgWJUId5T18HQJZWf1P63rtF/0dC5xi+MANHUHhN1e40Ie
uHEFQi0H/wnKmCkYFJDN/5jboElJfXkDZ2s/0C3ilO5NChj9q8pXW7+RA409fQqS
Vp+Pii64CfviODc9L2Ax1faswhg3Su4utkFtpNoI1h1lLGWFnWQp3nzaTgpHA7AG
am7qeteUDuSuSwDNzCbNM8wAXc3nnqE41t0MCyp80TtOB3NkAcrudcKK53OQPMmO
He67vIuge6JbqTB/3cvx7E1Yx0Rj61jWC2BW+MobZiaThW4KNRkSJKb2JwIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFE2DTnCEv6p4+4DikuKDZ0ABkaNiMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvVFlOT2NJU19xbmo3Z09LUzRvTm5RQUdSbzJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwYgQCAAEwXAMEAFkiGwME
AFkjngMEAVkm5AMEAFknbwMEAFkoQwMEAFktpAMEBFkvYAMEAVkvcjAMAwQBWS92
AwQAWS96AwQAXXHMAwQAXXJPAwQAXXLCAwQCwRPAAwQBwxwCMA0EAgACMAcDBQAg
AU0YMA0GCSqGSIb3DQEBCwUAA4IBAQAozeb0gSfxE4rKO58FcHS6aR7dcn0/46W5
W8XVzDs3ZEfYAoQMgwaQteNA3zmsj1r32WVwjKbQ/tJ1eo7ToJWq2+kmu3tTBb6a
R6JQ9tnL4RfysH+uHrQ4oD0grOKhFs6i2I1Fl/PNlx+GabYpDmyLgdUCaT3MhLNJ
1Qgqb0M3a1KUn6oNSydH7meBS250DfKPGTiAvSYO10ISlp1nUSdHmUtgXp9s2aeV
XY1EQ8BLPsRua7gMxSpiOhVtsLaO49FOWKCxse5YHfOVw+4taJxOlakzVczTwPGl
sfCv48PIJ3RniWQvd5umqQvC2F2fRJRlZ6kGJ2jxPkrfxQ9xre+j
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org