Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/TbUXxB9TJloH8a-vLLfPqmMSk3Q.roa
File: TbUXxB9TJloH8a-vLLfPqmMSk3Q.roa (raw, json)
Hash identifier: nGRYrWlTwuYulylNTAwbnQ6wlNlsCdeEzU1cY7WZ0BU=
Subject key identifier: 4D:B5:17:C4:1F:53:26:5A:07:F1:AF:AF:2C:B7:CF:AA:63:12:93:74
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 019176402D70002E60E07F0FBC58DCA912CC
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/TbUXxB9TJloH8a-vLLfPqmMSk3Q.roa
Signing time: Wed 21 Aug 2024 18:43:22 +0000
ROA not before: Wed 21 Aug 2024 18:43:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 62.197.144.0/24 maxlen: 24
62.197.147.0/24 maxlen: 24
62.197.148.0/24 maxlen: 24
62.197.150.0/24 maxlen: 24
62.197.152.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
92.62.121.0/24 maxlen: 24
185.184.134.0/24 maxlen: 24
185.205.190.0/24 maxlen: 24
185.239.241.0/24 maxlen: 24
185.244.137.0/24 maxlen: 24
185.245.5.0/24 maxlen: 24
188.240.68.0/24 maxlen: 24
188.240.74.0/24 maxlen: 24
193.19.108.0/24 maxlen: 24
193.218.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Aug 2024 07:37:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:76:40:2d:70:00:2e:60:e0:7f:0f:bc:58:dc:a9:12:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Aug 21 18:43:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4db517c41f53265a07f1afaf2cb7cfaa63129374
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:75:76:e5:86:4b:73:78:31:cd:32:aa:e7:d6:
ec:97:30:44:71:78:95:55:d6:77:c1:f5:cd:35:b6:
f0:d1:a9:d1:b3:c8:d5:d8:ce:69:7f:f4:ff:8d:74:
70:7b:78:e8:00:2b:34:c5:0f:f5:38:b2:7d:3f:9a:
66:7e:14:0e:8a:e5:e3:74:66:b3:4d:89:1f:c7:c8:
4c:ef:05:d0:e2:33:3c:c1:a7:a5:6f:4e:87:0b:6e:
b6:ee:33:f9:e2:c5:56:29:b6:e3:45:65:ef:82:f8:
9c:93:22:a6:cc:ce:82:d5:b1:e3:12:50:a8:ca:b8:
d4:50:d8:1c:a6:99:c3:5f:c6:37:a3:f9:81:59:37:
9d:be:a1:02:f1:e9:0e:23:46:d5:5f:62:0b:f4:3d:
d7:a8:a7:8f:cd:62:9f:58:d1:68:65:af:d2:09:96:
01:9d:c8:9b:31:01:e3:77:e4:7d:16:cd:13:43:dc:
0a:13:c8:82:8e:d4:1c:0f:14:e2:a1:33:1c:91:c5:
b3:b0:f6:b1:af:fa:60:75:75:7a:c6:fd:da:95:72:
ec:92:18:08:5b:88:44:6d:ba:b8:55:28:08:d1:a2:
ba:80:62:e2:af:c8:3f:a3:46:4d:90:ef:ab:7d:08:
52:d3:22:28:6d:41:80:c1:d9:39:c9:43:60:5a:68:
83:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:B5:17:C4:1F:53:26:5A:07:F1:AF:AF:2C:B7:CF:AA:63:12:93:74
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/TbUXxB9TJloH8a-vLLfPqmMSk3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.197.144.0/24
62.197.147.0-62.197.148.255
62.197.150.0/24
62.197.152.0/24
89.33.84.0/24
89.37.62.0/24
92.62.121.0/24
185.184.134.0/24
185.205.190.0/24
185.239.241.0/24
185.244.137.0/24
185.245.5.0/24
188.240.68.0/24
188.240.74.0/24
193.19.108.0/24
193.218.32.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:ab:db:24:52:16:11:f7:8d:ae:7c:65:80:a4:c0:bd:6b:92:
ed:3c:a6:b5:ce:68:03:98:07:5e:77:26:4b:03:33:0f:ec:0c:
d6:af:78:74:bc:b4:5b:e4:77:b8:55:f1:da:e7:95:5a:8b:ed:
44:bd:16:03:cb:4b:98:c2:13:79:4c:e8:e3:c6:71:b7:0f:54:
cd:ed:fc:39:c4:8c:e5:43:b2:9c:63:4f:e1:9e:d8:ea:2a:b6:
31:2d:ba:09:9d:d4:52:b6:45:10:80:08:56:dc:93:73:9a:da:
53:d5:e3:ed:05:fb:dc:1a:8b:dc:90:35:ec:ef:f6:99:65:17:
a4:02:de:c0:0f:5d:78:56:2c:70:5e:58:42:bc:5a:24:41:b8:
52:dd:72:f1:fa:af:c6:e9:52:e2:7e:37:1a:d1:81:1e:ee:29:
03:b4:01:9f:4d:5d:7b:44:a8:19:b6:40:6a:87:8d:0d:e1:2e:
5a:0b:25:3a:1d:08:38:f5:3a:e2:ca:4e:94:75:25:92:8e:f0:
cc:9b:8f:34:26:af:d5:f4:0b:d8:6c:f1:17:85:92:00:ae:94:
58:f9:1a:3e:ca:f5:36:5e:27:42:04:2b:35:0c:fc:87:83:37:
af:d1:06:ff:01:86:11:92:ab:10:9b:76:30:0d:d1:4a:b6:10:
3e:8d:ea:db
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZF2QC1wAC5g4H8PvFjcqRLMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwODIxMTg0MzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGI1MTdjNDFmNTMyNjVhMDdmMWFmYWYyY2I3Y2ZhYTYzMTI5Mzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHV25YZLc3gxzTKq59bslzBEcXiV
VdZ3wfXNNbbw0anRs8jV2M5pf/T/jXRwe3joACs0xQ/1OLJ9P5pmfhQOiuXjdGaz
TYkfx8hM7wXQ4jM8waelb06HC2627jP54sVWKbbjRWXvgvickyKmzM6C1bHjElCo
yrjUUNgcppnDX8Y3o/mBWTedvqEC8ekOI0bVX2IL9D3XqKePzWKfWNFoZa/SCZYB
ncibMQHjd+R9Fs0TQ9wKE8iCjtQcDxTioTMckcWzsPaxr/pgdXV6xv3alXLskhgI
W4hEbbq4VSgI0aK6gGLir8g/o0ZNkO+rfQhS0yIobUGAwdk5yUNgWmiDUwIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFE21F8QfUyZaB/Gvryy3z6pjEpN0MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvVGJVWHhCOVRKbG9IOGEtdkxMZlBxbU1TazNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAD7FkDAM
AwQAPsWTAwQAPsWUAwQAPsWWAwQAPsWYAwQAWSFUAwQAWSU+AwQAXD55AwQAubiG
AwQAuc2+AwQAue/xAwQAufSJAwQAufUFAwQAvPBEAwQAvPBKAwQAwRNsAwQAwdog
MA0GCSqGSIb3DQEBCwUAA4IBAQCOq9skUhYR942ufGWApMC9a5LtPKa1zmgDmAde
dyZLAzMP7AzWr3h0vLRb5He4VfHa55Vai+1EvRYDy0uYwhN5TOjjxnG3D1TN7fw5
xIzlQ7KcY0/hntjqKrYxLboJndRStkUQgAhW3JNzmtpT1ePtBfvcGovckDXs7/aZ
ZRekAt7AD114VixwXlhCvFokQbhS3XLx+q/G6VLifjca0YEe7ikDtAGfTV17RKgZ
tkBqh40N4S5aCyU6HQg49Triyk6UdSWSjvDMm480Jq/V9AvYbPEXhZIArpRY+Ro+
yvU2XidCBCs1DPyHgzev0Qb/AYYRkqsQm3YwDdFKthA+jerb
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:17 2024 by rpki-client on console-fra.rpki-client.org