Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/TW_2_679sO2J0w7tklvFycXNeNU.roa
File: TW_2_679sO2J0w7tklvFycXNeNU.roa (raw, json)
Hash identifier: F5szfaJuvx3SXwVbyLYgJNcXReL4eLE3DFGnyJgNZBk=
Subject key identifier: 4D:6F:F6:FF:AE:FD:B0:ED:89:D3:0E:ED:92:5B:C5:C9:C5:CD:78:D5
Certificate issuer: /CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Certificate serial: 018E1198A95DE081DF620A0F450D504F6D80
Authority key identifier: AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/TW_2_679sO2J0w7tklvFycXNeNU.roa
Signing time: Wed 06 Mar 2024 02:30:01 +0000
ROA not before: Wed 06 Mar 2024 02:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204137
IP address blocks: 134.19.128.0/21 maxlen: 21
134.19.128.0/24 maxlen: 24
134.19.129.0/24 maxlen: 24
134.19.130.0/24 maxlen: 24
134.19.131.0/24 maxlen: 24
134.19.132.0/24 maxlen: 24
134.19.133.0/24 maxlen: 24
134.19.134.0/24 maxlen: 24
134.19.135.0/24 maxlen: 24
2a05:7400:4000::/34 maxlen: 34
Validation: Failed, certificate revoked on Wed 06 Mar 2024 07:34:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:11:98:a9:5d:e0:81:df:62:0a:0f:45:0d:50:4f:6d:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Validity
Not Before: Mar 6 02:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d6ff6ffaefdb0ed89d30eed925bc5c9c5cd78d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d5:d4:78:2b:db:27:23:83:6c:96:9a:80:83:
f9:7d:1a:ed:8d:3d:eb:f0:ff:2c:29:71:22:69:3c:
9e:83:b0:38:8a:15:5e:26:37:fe:72:bb:2e:4d:a8:
d1:8d:00:73:71:8a:24:84:c0:05:40:37:61:ce:46:
b1:ea:e8:8b:c0:b0:bb:68:6d:42:b3:e9:eb:9d:5c:
e5:ac:5a:8b:22:f2:0b:a0:04:2f:52:b7:20:84:e1:
9b:38:39:06:59:fb:86:75:b9:12:5a:9a:26:63:de:
10:ee:3c:d2:88:f7:f6:74:1c:a9:4b:b0:0b:b7:6c:
3a:0f:61:d4:66:00:55:7b:4b:ea:49:33:d1:df:9a:
bf:af:30:30:10:91:5b:17:29:7a:f1:0d:06:61:1d:
27:e2:07:b2:fb:71:67:99:c8:61:44:1f:bc:da:aa:
85:73:6b:2c:aa:cc:26:98:21:10:1a:6b:6c:72:e5:
cd:d5:b2:05:34:f6:f0:72:61:1e:6b:fb:7d:67:86:
a6:ce:2a:9c:42:52:d4:ea:1d:44:a0:b5:87:d4:37:
72:ba:85:8f:31:27:d5:41:bb:ba:98:65:1e:0a:6d:
02:3d:e4:b9:5c:b9:07:23:c9:6c:d0:02:51:73:50:
e9:9f:f5:da:3a:64:45:60:66:44:b6:32:5b:ee:8a:
58:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:6F:F6:FF:AE:FD:B0:ED:89:D3:0E:ED:92:5B:C5:C9:C5:CD:78:D5
X509v3 Authority Key Identifier:
keyid:AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/TW_2_679sO2J0w7tklvFycXNeNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.19.128.0/21
IPv6:
2a05:7400:4000::/34
Signature Algorithm: sha256WithRSAEncryption
5a:66:73:ed:e8:2f:16:2a:70:5d:6c:db:0f:49:36:53:a5:35:
56:72:dc:05:bc:b2:18:95:25:66:4b:8a:c4:fc:4f:b4:19:4d:
c8:44:d7:36:e7:1f:87:a5:f4:26:60:d7:bd:81:5e:33:7b:ec:
93:9f:ef:a4:6a:3b:a5:26:79:97:b1:81:2e:da:d4:27:09:a4:
5d:8e:ba:e9:79:71:a4:f5:6e:cd:f6:b9:ca:88:1a:8d:95:40:
2c:c5:f1:f1:57:a0:90:5f:79:f8:c0:2e:d1:ce:4c:e0:65:e8:
18:6d:61:5a:a3:a4:70:a9:1a:95:c5:87:72:ec:33:67:80:ab:
d6:37:05:ed:91:6a:f6:44:ae:85:b0:05:0b:6e:7d:23:fe:79:
6f:05:e7:d7:dc:18:82:68:3f:07:42:36:8a:f8:5e:2d:2f:a0:
07:3a:e4:2d:b7:6f:9c:36:61:e0:97:0e:e2:69:04:51:25:23:
cb:3c:f7:05:34:8b:bd:ba:fd:5b:7e:6f:90:63:13:77:61:25:
bf:80:24:20:a1:70:9b:ae:70:06:eb:fd:c9:95:12:7e:7b:57:
68:79:f6:3b:de:22:da:6b:75:a5:1b:bd:bb:ed:30:0e:31:dd:
19:02:28:dc:bb:9e:24:ce:c0:8e:bb:2c:b9:52:2e:d8:8a:03:
54:73:4c:17
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAY4RmKld4IHfYgoPRQ1QT22AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlN2Y3NDdkZjVmMjQzNTMxNTRkYzRkNGJmNzBkMmRkY2I1
M2U5MDAwHhcNMjQwMzA2MDIzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDZmZjZmZmFlZmRiMGVkODlkMzBlZWQ5MjViYzVjOWM1Y2Q3OGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtXUeCvbJyODbJaagIP5fRrtjT3r
8P8sKXEiaTyeg7A4ihVeJjf+crsuTajRjQBzcYokhMAFQDdhzkax6uiLwLC7aG1C
s+nrnVzlrFqLIvILoAQvUrcghOGbODkGWfuGdbkSWpomY94Q7jzSiPf2dBypS7AL
t2w6D2HUZgBVe0vqSTPR35q/rzAwEJFbFyl68Q0GYR0n4gey+3FnmchhRB+82qqF
c2ssqswmmCEQGmtscuXN1bIFNPbwcmEea/t9Z4amziqcQlLU6h1EoLWH1DdyuoWP
MSfVQbu6mGUeCm0CPeS5XLkHI8ls0AJRc1Dpn/XaOmRFYGZEtjJb7opYrwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFE1v9v+u/bDtidMO7ZJbxcnFzXjVMB8GA1UdIwQY
MBaAFK5/dH318kNTFU3E1L9w0t3LU+kAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2Et
YzZmMWU2YWM5YmE5LzEvVFdfMl82NzlzTzJKMHc3dGtsdkZ5Y1hOZU5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2EtYzZmMWU2YWM5YmE5
LzEvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQDhhOAMA4E
AgACMAgDBgYqBXQAQDANBgkqhkiG9w0BAQsFAAOCAQEAWmZz7egvFipwXWzbD0k2
U6U1VnLcBbyyGJUlZkuKxPxPtBlNyETXNucfh6X0JmDXvYFeM3vsk5/vpGo7pSZ5
l7GBLtrUJwmkXY666XlxpPVuzfa5yogajZVALMXx8VegkF95+MAu0c5M4GXoGG1h
WqOkcKkalcWHcuwzZ4Cr1jcF7ZFq9kSuhbAFC259I/55bwXn19wYgmg/B0I2ivhe
LS+gBzrkLbdvnDZh4JcO4mkEUSUjyzz3BTSLvbr9W35vkGMTd2Elv4AkIKFwm65w
Buv9yZUSfntXaHn2O94i2mt1pRu9u+0wDjHdGQIo3LueJM7AjrssuVIu2IoDVHNM
Fw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:23 2024 by rpki-client on console-fra.rpki-client.org