Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/tmk_fIr13QWCYVSrX_6Hbq8RHW0.roa
File: tmk_fIr13QWCYVSrX_6Hbq8RHW0.roa (raw, json)
Hash identifier: WbZROcFZC1sYEsqWJGESzb/2+yh9FCtIuhd4itClVlE=
Subject key identifier: B6:69:3F:7C:8A:F5:DD:05:82:61:54:AB:5F:FE:87:6E:AF:11:1D:6D
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018D648C5AE20649E262E49DF22D00615DB4
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/tmk_fIr13QWCYVSrX_6Hbq8RHW0.roa
Signing time: Thu 01 Feb 2024 12:02:16 +0000
ROA not before: Thu 01 Feb 2024 12:02:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39543
IP address blocks: 86.106.81.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
89.35.158.0/24 maxlen: 24
89.38.228.0/24 maxlen: 24
89.38.229.0/24 maxlen: 24
89.39.111.0/24 maxlen: 24
89.40.67.0/24 maxlen: 24
89.45.164.0/24 maxlen: 24
89.47.96.0/20 maxlen: 20
89.47.96.0/24 maxlen: 24
89.47.97.0/24 maxlen: 24
89.47.98.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.100.0/24 maxlen: 24
89.47.101.0/24 maxlen: 24
89.47.102.0/24 maxlen: 24
89.47.103.0/24 maxlen: 24
89.47.104.0/24 maxlen: 24
89.47.105.0/24 maxlen: 24
89.47.106.0/24 maxlen: 24
89.47.107.0/24 maxlen: 24
89.47.108.0/24 maxlen: 24
89.47.109.0/24 maxlen: 24
89.47.110.0/24 maxlen: 24
89.47.111.0/24 maxlen: 24
89.47.114.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.120.0/24 maxlen: 24
89.47.122.0/24 maxlen: 24
93.113.204.0/24 maxlen: 24
93.114.79.0/24 maxlen: 24
93.114.194.0/24 maxlen: 24
188.241.3.0/24 maxlen: 24
193.19.192.0/22 maxlen: 22
193.19.192.0/24 maxlen: 24
193.19.193.0/24 maxlen: 24
193.19.194.0/24 maxlen: 24
193.19.195.0/24 maxlen: 24
195.28.2.0/23 maxlen: 23
2001:4d18::/32 maxlen: 32
2001:4d18::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 03 Feb 2024 07:59:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:64:8c:5a:e2:06:49:e2:62:e4:9d:f2:2d:00:61:5d:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Feb 1 12:02:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6693f7c8af5dd05826154ab5ffe876eaf111d6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:0a:61:f8:c1:70:99:93:b3:28:96:c2:a7:e3:
be:55:22:ae:98:6b:9c:09:71:5c:6f:c1:5d:20:79:
33:39:27:56:99:5b:38:4a:d0:99:80:ce:46:01:d4:
9d:5e:d1:67:35:55:71:d7:3d:66:ea:cb:13:a8:82:
b1:04:2c:ca:fc:28:3e:59:25:bb:c9:37:03:d9:49:
b6:0e:87:f3:0f:bc:23:a0:4d:6d:72:58:62:0c:3b:
07:50:32:2b:b3:cf:14:fc:6b:af:a6:51:b8:0f:b3:
8e:52:2d:16:ee:86:84:49:c5:b2:f8:e4:93:9d:ab:
3b:ff:b8:ce:d0:72:8a:91:92:af:4d:c9:6c:09:80:
15:87:14:8d:d0:6a:aa:e3:f3:b5:2f:e0:cb:1a:35:
b5:2a:8b:74:20:26:07:6b:f8:20:0c:4f:57:db:55:
6a:2e:d4:5f:77:f8:bf:6b:89:29:08:15:74:20:0e:
07:7c:0f:9e:d6:31:3f:ef:f1:65:6b:d5:23:55:0c:
ce:7f:25:98:40:ae:1e:6f:28:2e:48:e6:02:60:e7:
77:d5:3e:3f:f9:22:65:cc:24:aa:2f:bb:63:9c:23:
d5:e9:62:0b:5f:17:3b:93:db:18:f3:a9:82:04:70:
82:1e:db:c5:7e:e5:11:5e:d6:e7:18:5c:e3:a2:8f:
c9:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:69:3F:7C:8A:F5:DD:05:82:61:54:AB:5F:FE:87:6E:AF:11:1D:6D
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/tmk_fIr13QWCYVSrX_6Hbq8RHW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.81.0/24
89.34.27.0/24
89.35.158.0/24
89.38.228.0/23
89.39.111.0/24
89.40.67.0/24
89.45.164.0/24
89.47.96.0/20
89.47.114.0/23
89.47.120.0/24
89.47.122.0/24
93.113.204.0/24
93.114.79.0/24
93.114.194.0/24
188.241.3.0/24
193.19.192.0/22
195.28.2.0/23
IPv6:
2001:4d18::/32
Signature Algorithm: sha256WithRSAEncryption
7f:9a:82:75:75:94:ee:3f:ca:14:ec:67:45:11:ef:36:71:dd:
af:b9:75:7b:0d:12:14:b3:93:ce:3c:22:c0:fb:7d:a6:4b:36:
60:c7:66:0d:43:d8:d7:d8:ce:f1:0e:39:44:06:e6:af:f7:79:
b4:30:84:a1:58:37:2b:9d:28:ec:c9:3f:21:f0:e0:0e:b0:65:
93:b7:10:43:a7:b0:0e:c6:fa:d1:0a:2a:a3:a9:62:86:6a:69:
06:f0:f6:df:92:b1:3c:d9:80:5b:bf:3e:e3:8d:3e:11:b1:d6:
30:97:2e:15:cf:03:96:2a:4c:31:b6:c3:9f:a8:5d:e6:26:13:
fa:fd:55:eb:d2:71:8d:1b:b2:9a:74:9d:b2:e8:52:8b:6a:4f:
36:2e:4a:9f:83:68:c9:7d:53:57:67:03:46:b3:5e:7b:50:a8:
3a:ab:fd:e5:03:e2:5f:70:8f:77:e8:56:11:0c:e0:85:89:b4:
9e:4f:ed:68:64:a7:51:98:f4:82:94:d0:f7:66:fc:36:82:dd:
86:57:e3:14:95:9b:fc:86:2f:5b:69:07:8e:1f:a6:81:2c:af:
5b:1a:3b:0b:fd:7e:e1:4a:c2:71:15:47:1d:d0:1f:aa:fd:3f:
58:f4:8b:c3:bb:cf:fb:54:63:07:56:ed:2c:01:ff:d8:82:e0:
5d:95:b1:21
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAY1kjFriBkniYuSd8i0AYV20MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMjAxMTIwMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjY5M2Y3YzhhZjVkZDA1ODI2MTU0YWI1ZmZlODc2ZWFmMTExZDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQph+MFwmZOzKJbCp+O+VSKumGuc
CXFcb8FdIHkzOSdWmVs4StCZgM5GAdSdXtFnNVVx1z1m6ssTqIKxBCzK/Cg+WSW7
yTcD2Um2DofzD7wjoE1tclhiDDsHUDIrs88U/GuvplG4D7OOUi0W7oaEScWy+OST
nas7/7jO0HKKkZKvTclsCYAVhxSN0Gqq4/O1L+DLGjW1Kot0ICYHa/ggDE9X21Vq
LtRfd/i/a4kpCBV0IA4HfA+e1jE/7/Fla9UjVQzOfyWYQK4ebyguSOYCYOd31T4/
+SJlzCSqL7tjnCPV6WILXxc7k9sY86mCBHCCHtvFfuURXtbnGFzjoo/JNQIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFLZpP3yK9d0FgmFUq1/+h26vER1tMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvdG1rX2ZJcjEzUVdDWVZTclhfNkhicThSSFcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEAFZqUQME
AFkiGwMEAFkjngMEAVkm5AMEAFknbwMEAFkoQwMEAFktpAMEBFkvYAMEAVkvcgME
AFkveAMEAFkvegMEAF1xzAMEAF1yTwMEAF1ywgMEALzxAwMEAsETwAMEAcMcAjAN
BAIAAjAHAwUAIAFNGDANBgkqhkiG9w0BAQsFAAOCAQEAf5qCdXWU7j/KFOxnRRHv
NnHdr7l1ew0SFLOTzjwiwPt9pks2YMdmDUPY19jO8Q45RAbmr/d5tDCEoVg3K50o
7Mk/IfDgDrBlk7cQQ6ewDsb60Qoqo6lihmppBvD235KxPNmAW78+440+EbHWMJcu
Fc8DlipMMbbDn6hd5iYT+v1V69JxjRuymnSdsuhSi2pPNi5Kn4NoyX1TV2cDRrNe
e1CoOqv95QPiX3CPd+hWEQzghYm0nk/taGSnUZj0gpTQ92b8NoLdhlfjFJWb/IYv
W2kHjh+mgSyvWxo7C/1+4UrCcRVHHdAfqv0/WPSLw7vP+1RjB1btLAH/2ILgXZWx
IQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org