Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/TMO-Scnp9R7KSyNiOmHpHO3YhTw.roa
File: TMO-Scnp9R7KSyNiOmHpHO3YhTw.roa (raw, json)
Hash identifier: DnUdiyjHlVY8YIaK8U9/tDI2ntNSTLxDz3c/jGIk/18=
Subject key identifier: 4C:C3:BE:49:C9:E9:F5:1E:CA:4B:23:62:3A:61:E9:1C:ED:D8:85:3C
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018CEFD595584B82B413EFE57E7C8BC07FBF
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/TMO-Scnp9R7KSyNiOmHpHO3YhTw.roa
Signing time: Tue 09 Jan 2024 20:06:41 +0000
ROA not before: Tue 09 Jan 2024 20:06:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.227.146.0/23 maxlen: 24
185.220.250.0/23 maxlen: 24
185.230.66.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
45.8.21.0/24 maxlen: 24
185.251.229.0/24 maxlen: 24
185.223.82.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 18 Jan 2024 08:50:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ef:d5:95:58:4b:82:b4:13:ef:e5:7e:7c:8b:c0:7f:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 9 20:06:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4cc3be49c9e9f51eca4b23623a61e91cedd8853c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:2a:85:9b:64:ef:5d:a3:e6:f6:07:8d:6a:34:
8b:a3:50:e3:1b:9d:5f:3b:88:0c:4b:ac:d4:7c:2e:
83:21:14:36:44:42:f3:ba:e7:da:e0:00:0d:97:84:
77:2f:b7:f2:a9:c2:55:29:b1:a9:f9:a9:6a:f4:9e:
a6:a1:92:ef:4d:05:82:fa:20:16:b0:d3:50:ad:60:
39:d1:40:fb:af:6c:af:ae:0f:38:f5:21:6b:d2:bd:
2c:81:fb:58:9a:08:59:fd:35:3d:4f:7f:be:6c:d6:
8f:22:27:c0:ed:97:bf:75:5e:c0:02:37:57:47:c7:
ce:9e:7a:3f:36:11:23:7e:4e:4b:61:17:b8:31:64:
fc:d1:94:41:6d:6e:70:5d:fe:f7:1d:60:f9:b0:98:
2a:ba:66:87:70:70:20:2a:f3:ab:0e:d8:c8:9c:61:
30:f5:83:e2:05:17:72:3a:95:9f:42:6c:9e:17:18:
58:8b:4d:65:51:66:4d:7b:a8:be:9f:24:8a:05:29:
75:18:09:82:96:1a:f9:bf:3e:08:92:7f:75:b6:58:
29:11:a9:0d:a2:b7:54:6c:30:46:4d:62:7a:fc:f5:
ac:8a:ce:d8:a6:bc:18:f8:2d:6f:6a:c9:67:6a:06:
f3:75:dc:5a:30:da:14:b6:73:f4:67:57:70:97:65:
92:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:C3:BE:49:C9:E9:F5:1E:CA:4B:23:62:3A:61:E9:1C:ED:D8:85:3C
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/TMO-Scnp9R7KSyNiOmHpHO3YhTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
185.220.250.0/23
185.223.82.0/24
185.225.0.0/23
185.227.146.0/23
185.230.66.0/24
185.251.229.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
97:69:76:18:54:2c:3f:46:05:7c:4e:b9:05:b6:73:fc:55:4d:
34:a4:95:73:53:7a:f6:35:65:a8:f1:02:a0:86:13:23:d8:ba:
7b:10:93:de:b8:b1:0c:39:b5:46:f7:e6:38:ad:b7:6f:c7:2c:
e8:00:e4:47:a3:a0:a5:81:44:3d:cd:5b:b4:50:22:27:23:7d:
b4:ab:83:e6:74:98:3d:2b:d7:24:b2:4d:47:53:c4:bf:a0:35:
0d:8b:49:be:dd:30:11:a0:b1:4a:bd:56:fd:66:da:85:0b:09:
38:5e:b0:d1:fd:f3:1b:20:7b:96:08:97:b2:d6:04:e0:1d:a1:
72:38:ef:86:a0:4e:1d:71:c8:68:b3:62:0c:e2:da:1a:c1:1e:
ba:2b:14:ba:0e:1b:c3:62:64:7a:5f:e5:37:82:a3:a9:a0:9c:
ec:58:b2:97:6f:bf:5e:16:b5:89:36:07:19:18:11:1d:16:d2:
11:af:b1:1b:d0:b9:2b:6e:03:11:fa:11:f7:f9:a8:ec:05:0b:
63:a9:12:e8:80:c0:41:97:89:30:ee:76:51:ee:78:73:90:24:
4a:8a:8f:70:aa:a8:fe:90:5e:82:bb:03:a3:40:0f:0a:47:fe:
f9:d5:24:f2:eb:c2:ff:b5:9c:87:f6:6a:7c:bf:88:69:1b:ec:
31:bb:8c:e1
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzv1ZVYS4K0E+/lfnyLwH+/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTA5MjAwNjQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2MzYmU0OWM5ZTlmNTFlY2E0YjIzNjIzYTYxZTkxY2VkZDg4NTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7yqFm2TvXaPm9geNajSLo1DjG51f
O4gMS6zUfC6DIRQ2RELzuufa4AANl4R3L7fyqcJVKbGp+alq9J6moZLvTQWC+iAW
sNNQrWA50UD7r2yvrg849SFr0r0sgftYmghZ/TU9T3++bNaPIifA7Ze/dV7AAjdX
R8fOnno/NhEjfk5LYRe4MWT80ZRBbW5wXf73HWD5sJgqumaHcHAgKvOrDtjInGEw
9YPiBRdyOpWfQmyeFxhYi01lUWZNe6i+nySKBSl1GAmClhr5vz4Ikn91tlgpEakN
ordUbDBGTWJ6/PWsis7YprwY+C1vaslnagbzddxaMNoUtnP0Z1dwl2WSiQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFEzDvknJ6fUeyksjYjph6Rzt2IU8MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvVE1PLVNjbnA5UjdLU3lOaU9tSHBITzNZaFR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALQgVAwQB
udz6AwQAud9SAwQBueEAAwQBueOSAwQAueZCAwQAufvlAwQBwTqSMA0GCSqGSIb3
DQEBCwUAA4IBAQCXaXYYVCw/RgV8TrkFtnP8VU00pJVzU3r2NWWo8QKghhMj2Lp7
EJPeuLEMObVG9+Y4rbdvxyzoAORHo6ClgUQ9zVu0UCInI320q4PmdJg9K9cksk1H
U8S/oDUNi0m+3TARoLFKvVb9ZtqFCwk4XrDR/fMbIHuWCJey1gTgHaFyOO+GoE4d
cchos2IM4toawR66KxS6DhvDYmR6X+U3gqOpoJzsWLKXb79eFrWJNgcZGBEdFtIR
r7Eb0LkrbgMR+hH3+ajsBQtjqRLogMBBl4kw7nZR7nhzkCRKio9wqqj+kF6CuwOj
QA8KR/751STy68L/tZyH9mp8v4hpG+wxu4zh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:26 2024 by rpki-client on console-ams.rpki-client.org