Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/TSKQIuMlQGtiUNYUALWryNFkzVU.roa
File: TSKQIuMlQGtiUNYUALWryNFkzVU.roa (raw, json)
Hash identifier: bgcqSpWtCm+9Q2+bgPSjpABYANRwT6RN6GFv81wY7gI=
Subject key identifier: 4D:22:90:22:E3:25:40:6B:62:50:D6:14:00:B5:AB:C8:D1:64:CD:55
Certificate issuer: /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial: 018F9B4B749A78610E85FB808F8851ACE236
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/TSKQIuMlQGtiUNYUALWryNFkzVU.roa
Signing time: Tue 21 May 2024 13:16:04 +0000
ROA not before: Tue 21 May 2024 13:16:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 193.68.89.0/24 maxlen: 24
213.21.232.0/24 maxlen: 24
213.21.236.0/24 maxlen: 24
213.21.237.0/24 maxlen: 24
213.21.243.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Jun 2024 10:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9b:4b:74:9a:78:61:0e:85:fb:80:8f:88:51:ac:e2:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Validity
Not Before: May 21 13:16:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d229022e325406b6250d61400b5abc8d164cd55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:22:47:e4:d4:f6:b0:11:5f:5d:85:4c:14:93:
d9:8a:79:1a:c7:b3:4e:eb:c1:c0:21:4a:7e:32:e9:
b5:c8:0f:59:ad:1b:45:42:42:5c:49:06:2e:12:00:
3f:68:d9:8e:ed:37:50:5b:fc:13:45:ab:c5:72:ec:
44:73:96:56:ba:2a:a8:0d:b2:dd:46:31:8b:ba:82:
da:49:6c:1c:3b:bd:77:99:f3:cf:cd:28:bb:dd:7c:
3c:13:85:f2:43:ec:a8:00:ec:26:cf:ac:dc:46:23:
70:42:96:fd:e3:31:9a:a8:51:9e:aa:10:48:37:f9:
05:16:d8:c6:4b:98:e7:8b:d4:0d:d4:1d:9c:3f:33:
c6:a2:ba:12:b1:57:0d:b5:68:ec:9b:81:6a:e3:4b:
a3:a1:bc:cd:19:bb:bc:89:e7:3d:ea:cb:50:09:1f:
23:6e:0b:22:91:6a:6d:4e:6a:76:ab:21:c3:45:7c:
f2:c6:00:07:2f:55:18:37:ef:58:2e:3f:74:2a:d5:
8c:d6:e2:f5:67:71:8b:45:67:f5:77:9e:d0:41:34:
db:3c:0d:00:50:b7:55:de:f7:66:f2:de:7e:e0:4e:
f4:8e:41:8f:15:1e:c3:a5:ce:54:8d:23:e5:94:9f:
d1:fb:01:be:a6:a7:bc:37:0a:64:59:48:cc:5f:8e:
1a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:22:90:22:E3:25:40:6B:62:50:D6:14:00:B5:AB:C8:D1:64:CD:55
X509v3 Authority Key Identifier:
keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/TSKQIuMlQGtiUNYUALWryNFkzVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.68.89.0/24
213.21.232.0/24
213.21.236.0/23
213.21.243.0/24
Signature Algorithm: sha256WithRSAEncryption
97:e3:7c:fa:21:eb:77:c0:cd:6a:57:a7:7f:05:a2:fb:ce:88:
61:10:9c:e6:c5:b4:77:ab:e3:68:38:e1:9e:e1:8f:34:53:96:
2a:9a:39:ab:4f:3e:2c:fb:05:b8:56:38:6a:b7:a8:cc:01:8f:
ad:b0:6b:cc:c3:41:05:68:6a:70:96:c9:56:60:8c:d2:52:aa:
28:c3:6f:51:3c:fc:a2:cf:7a:71:48:1a:55:f9:85:c4:46:a6:
82:43:b0:90:b9:23:0d:02:de:91:e8:fd:88:fd:a3:62:53:9c:
04:e8:17:1b:d5:4f:c3:da:d2:d9:0d:98:2e:58:ee:a4:c3:25:
11:21:a3:d9:a3:f7:89:dc:75:a1:8b:45:de:e4:78:3a:1b:b7:
cf:8a:43:73:02:93:c7:47:40:3a:ba:4d:67:c9:08:ee:4e:8a:
c6:3c:fd:d0:5b:ab:8a:a4:a1:5c:56:b6:96:1b:1a:5c:31:58:
a4:51:6d:6b:ab:f1:f3:84:6f:78:82:bf:fe:2a:ee:20:7d:65:
81:72:78:64:be:76:fd:ac:cb:84:55:3e:2b:7e:e6:4e:cf:cf:
15:38:32:54:3c:23:ba:57:96:09:06:da:51:e2:97:a6:ee:f0:
88:09:1b:b8:1e:91:4c:e4:d3:62:37:92:93:f7:c6:8a:f1:93:
c6:3a:9b:79
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY+bS3SaeGEOhfuAj4hRrOI2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjQwNTIxMTMxNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDIyOTAyMmUzMjU0MDZiNjI1MGQ2MTQwMGI1YWJjOGQxNjRjZDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCJH5NT2sBFfXYVMFJPZinkax7NO
68HAIUp+Mum1yA9ZrRtFQkJcSQYuEgA/aNmO7TdQW/wTRavFcuxEc5ZWuiqoDbLd
RjGLuoLaSWwcO713mfPPzSi73Xw8E4XyQ+yoAOwmz6zcRiNwQpb94zGaqFGeqhBI
N/kFFtjGS5jni9QN1B2cPzPGoroSsVcNtWjsm4Fq40ujobzNGbu8iec96stQCR8j
bgsikWptTmp2qyHDRXzyxgAHL1UYN+9YLj90KtWM1uL1Z3GLRWf1d57QQTTbPA0A
ULdV3vdm8t5+4E70jkGPFR7Dpc5UjSPllJ/R+wG+pqe8NwpkWUjMX44aRwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFE0ikCLjJUBrYlDWFAC1q8jRZM1VMB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEvVFNLUUl1TWxRR3RpVU5ZVUFMV3J5TkZrelZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwURZAwQA
1RXoAwQB1RXsAwQA1RXzMA0GCSqGSIb3DQEBCwUAA4IBAQCX43z6Iet3wM1qV6d/
BaL7zohhEJzmxbR3q+NoOOGe4Y80U5YqmjmrTz4s+wW4Vjhqt6jMAY+tsGvMw0EF
aGpwlslWYIzSUqoow29RPPyiz3pxSBpV+YXERqaCQ7CQuSMNAt6R6P2I/aNiU5wE
6Bcb1U/D2tLZDZguWO6kwyURIaPZo/eJ3HWhi0Xe5Hg6G7fPikNzApPHR0A6uk1n
yQjuTorGPP3QW6uKpKFcVraWGxpcMVikUW1rq/HzhG94gr/+Ku4gfWWBcnhkvnb9
rMuEVT4rfuZOz88VODJUPCO6V5YJBtpR4pem7vCICRu4HpFM5NNiN5KT98aK8ZPG
Opt5
-----END CERTIFICATE-----
Generated at Thu Jun 27 13:47:36 2024 by rpki-client on console-fra.rpki-client.org