Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/TWgmfibYsDRCuyYYvAV15hCsc90.roa
File: TWgmfibYsDRCuyYYvAV15hCsc90.roa (raw, json)
Hash identifier: VzdEnvDCdfXuzz7c0juiNVw0mxuZJlubXGMGW2x5z/Y=
Subject key identifier: 4D:68:26:7E:26:D8:B0:34:42:BB:26:18:BC:05:75:E6:10:AC:73:DD
Certificate issuer: /CN=aedaeea9117a1d5ccc320222955a09faa0798fd9
Certificate serial: 018CC64B1E296C247322D7BC9EFF1D78C03E
Authority key identifier: AE:DA:EE:A9:11:7A:1D:5C:CC:32:02:22:95:5A:09:FA:A0:79:8F:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/TWgmfibYsDRCuyYYvAV15hCsc90.roa
Signing time: Mon 01 Jan 2024 18:31:00 +0000
ROA not before: Mon 01 Jan 2024 18:31:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1828
IP address blocks: 45.133.82.0/24 maxlen: 24
45.133.80.0/22 maxlen: 22
45.133.80.0/24 maxlen: 24
45.133.81.0/24 maxlen: 24
185.92.123.0/24 maxlen: 24
185.92.120.0/24 maxlen: 24
185.92.121.0/24 maxlen: 24
185.92.122.0/24 maxlen: 24
45.15.192.0/22 maxlen: 22
45.15.192.0/24 maxlen: 24
45.15.193.0/24 maxlen: 24
45.15.194.0/24 maxlen: 24
45.15.195.0/24 maxlen: 24
2a05:f240::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 12 Apr 2024 11:53:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:1e:29:6c:24:73:22:d7:bc:9e:ff:1d:78:c0:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aedaeea9117a1d5ccc320222955a09faa0798fd9
Validity
Not Before: Jan 1 18:31:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d68267e26d8b03442bb2618bc0575e610ac73dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:37:53:25:06:8a:4b:73:14:ef:fa:f2:2f:78:
ba:d1:eb:c7:27:81:a5:ef:85:b1:d4:a6:e4:34:60:
01:35:d7:18:c5:cc:e8:fa:c4:a0:67:04:00:0f:e7:
1e:a8:ca:2f:b5:bd:eb:e1:71:f5:3f:08:27:d8:c8:
d5:b4:2d:25:38:7c:ce:c4:99:93:df:71:e1:b1:ba:
99:4d:25:e9:bd:7c:5d:c8:c5:71:a7:fd:56:67:d9:
24:cb:69:aa:05:96:fa:3b:53:f7:ca:92:63:16:95:
66:97:f0:c7:d1:20:72:14:66:47:aa:66:28:92:6b:
6a:0b:89:e6:e2:8a:11:64:8f:a6:ce:de:2a:1e:32:
19:fa:bd:52:cf:30:14:6e:d0:a1:bc:64:96:a1:d7:
40:60:99:ab:18:13:d6:6a:43:93:2d:20:b4:de:48:
c1:55:3e:8f:30:be:b4:ca:c7:83:6e:99:30:a1:ad:
30:3c:d0:82:0d:2d:64:82:99:15:8f:13:8c:e2:84:
2d:bb:ea:fb:6e:d4:5a:0b:ae:fa:d5:01:73:6d:08:
b0:ba:7c:64:d9:b9:eb:7c:91:c8:de:4f:1f:14:1a:
45:47:ba:35:07:9d:26:97:f9:cb:f5:42:13:1a:bb:
cf:e7:63:9d:4f:23:55:57:dc:96:be:4e:60:27:b2:
6c:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:68:26:7E:26:D8:B0:34:42:BB:26:18:BC:05:75:E6:10:AC:73:DD
X509v3 Authority Key Identifier:
keyid:AE:DA:EE:A9:11:7A:1D:5C:CC:32:02:22:95:5A:09:FA:A0:79:8F:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rtruqRF6HVzMMgIilVoJ-qB5j9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/TWgmfibYsDRCuyYYvAV15hCsc90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a13b01-4153-4ea5-bf21-99868c51329a/1/rtruqRF6HVzMMgIilVoJ-qB5j9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.192.0/22
45.133.80.0/22
185.92.120.0/22
IPv6:
2a05:f240::/29
Signature Algorithm: sha256WithRSAEncryption
5e:fa:e5:d9:59:fd:1d:10:58:96:f1:5a:a4:82:40:54:26:69:
89:88:14:c8:73:a9:68:c6:34:c7:0a:74:fd:38:56:e2:74:6c:
a6:20:06:9e:4c:ee:50:d2:bf:6d:73:4a:27:18:96:fb:2b:1c:
a4:a5:74:84:80:50:7e:23:36:c6:f4:21:b1:75:99:60:9b:5b:
7a:e5:80:0e:ab:b9:08:1e:87:48:d7:4f:3b:8d:26:46:13:cc:
1e:f1:d4:11:c0:a4:23:9c:41:64:d2:9b:a0:40:f2:f4:c0:34:
9f:6a:d5:3b:78:54:41:8a:f3:49:da:e3:97:dc:43:1e:ce:c6:
66:85:74:ca:3f:08:6b:68:d9:d6:88:1f:96:fb:75:1b:05:6c:
c4:22:5b:12:b8:f9:e0:d8:f5:8a:29:96:a0:be:22:c8:81:0b:
f6:30:b6:71:39:55:28:0a:b7:b7:ce:dc:89:9f:ca:5f:c7:42:
e6:9d:d9:85:45:a8:7a:74:0f:62:c4:83:d9:60:e0:bb:ff:bb:
b4:5f:d8:2c:46:90:80:3e:40:77:8c:6f:87:cd:4b:47:62:cc:
01:1c:38:bc:0a:07:ca:7b:fc:18:2c:c3:c9:54:00:01:76:23:
60:5e:93:f7:b2:cf:ce:06:9f:f5:d3:75:61:75:41:d1:df:01:
7c:30:de:bf
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzGSx4pbCRzIte8nv8deMA+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZGFlZWE5MTE3YTFkNWNjYzMyMDIyMjk1NWEwOWZhYTA3
OThmZDkwHhcNMjQwMTAxMTgzMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDY4MjY3ZTI2ZDhiMDM0NDJiYjI2MThiYzA1NzVlNjEwYWM3M2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzjdTJQaKS3MU7/ryL3i60evHJ4Gl
74Wx1KbkNGABNdcYxczo+sSgZwQAD+ceqMovtb3r4XH1Pwgn2MjVtC0lOHzOxJmT
33HhsbqZTSXpvXxdyMVxp/1WZ9kky2mqBZb6O1P3ypJjFpVml/DH0SByFGZHqmYo
kmtqC4nm4ooRZI+mzt4qHjIZ+r1SzzAUbtChvGSWoddAYJmrGBPWakOTLSC03kjB
VT6PML60yseDbpkwoa0wPNCCDS1kgpkVjxOM4oQtu+r7btRaC6761QFzbQiwunxk
2bnrfJHI3k8fFBpFR7o1B50ml/nL9UITGrvP52OdTyNVV9yWvk5gJ7JsiQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFE1oJn4m2LA0QrsmGLwFdeYQrHPdMB8GA1UdIwQY
MBaAFK7a7qkReh1czDICIpVaCfqgeY/ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnRydXFSRjZIVnpNTWdJaWxWb0otcUI1ajlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hMTNiMDEtNDE1My00ZWE1LWJmMjEt
OTk4NjhjNTEzMjlhLzEvVFdnbWZpYllzRFJDdXlZWXZBVjE1aENzYzkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hMTNiMDEtNDE1My00ZWE1LWJmMjEtOTk4NjhjNTEzMjlh
LzEvcnRydXFSRjZIVnpNTWdJaWxWb0otcUI1ajlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLQ/AAwQC
LYVQAwQCuVx4MA0EAgACMAcDBQMqBfJAMA0GCSqGSIb3DQEBCwUAA4IBAQBe+uXZ
Wf0dEFiW8VqkgkBUJmmJiBTIc6loxjTHCnT9OFbidGymIAaeTO5Q0r9tc0onGJb7
KxykpXSEgFB+IzbG9CGxdZlgm1t65YAOq7kIHodI1087jSZGE8we8dQRwKQjnEFk
0pugQPL0wDSfatU7eFRBivNJ2uOX3EMezsZmhXTKPwhraNnWiB+W+3UbBWzEIlsS
uPng2PWKKZagviLIgQv2MLZxOVUoCre3ztyJn8pfx0LmndmFRah6dA9ixIPZYOC7
/7u0X9gsRpCAPkB3jG+HzUtHYswBHDi8CgfKe/wYLMPJVAABdiNgXpP3ss/OBp/1
03VhdUHR3wF8MN6/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:02 2024 by rpki-client on console-ams.rpki-client.org