Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/33-TW_y7qMJwNMFK7vGYBE3uqLI.roa
File: 33-TW_y7qMJwNMFK7vGYBE3uqLI.roa (raw, json)
Hash identifier: oqMJ2yct0fDiQYLUQOloXC6WsixAS534L2yur6jmuZg=
Subject key identifier: DF:7F:93:5B:FC:BB:A8:C2:70:34:C1:4A:EE:F1:98:04:4D:EE:A8:B2
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018AFB53F61587958FFACEDD3B4BD4EEEB08
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/33-TW_y7qMJwNMFK7vGYBE3uqLI.roa
Signing time: Wed 04 Oct 2023 15:34:58 +0000
ROA not before: Wed 04 Oct 2023 15:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1257
IP address blocks: 193.234.87.0/24 maxlen: 24
193.180.240.0/24 maxlen: 24
192.71.220.0/24 maxlen: 24
193.180.247.0/24 maxlen: 24
194.103.24.0/22 maxlen: 24
193.181.2.0/24 maxlen: 24
192.71.180.0/24 maxlen: 24
193.234.177.0/24 maxlen: 24
193.180.207.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fb:53:f6:15:87:95:8f:fa:ce:dd:3b:4b:d4:ee:eb:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Oct 4 15:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df7f935bfcbba8c27034c14aeef198044deea8b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f2:4b:a1:e9:e1:bd:20:02:3d:7c:3c:66:b7:
15:cc:4c:e1:c8:9a:4b:42:5d:ed:fa:47:49:4d:1e:
08:1e:3b:65:d8:d6:27:78:83:58:6f:f6:88:60:d5:
81:79:60:e4:07:74:7a:3a:7b:a5:b0:65:fa:41:39:
85:26:80:ad:88:e3:ca:b0:3d:e8:b1:1d:1f:76:88:
d8:08:b5:6c:36:29:8f:10:64:83:89:49:8b:58:5d:
20:15:8a:46:a0:51:b2:b4:97:dd:bd:73:d6:0b:78:
1d:f7:0b:ae:e4:87:f1:53:31:5c:6a:34:18:53:9b:
d7:65:a7:7b:1c:23:51:6e:8b:20:df:9b:f7:8b:de:
aa:4b:91:15:67:d6:42:bc:50:60:cb:00:9d:cb:f5:
32:b6:c3:89:cd:14:a8:f4:1b:21:69:ba:02:1f:d3:
65:8b:1c:01:5d:d0:41:83:95:e4:91:f2:e1:1b:37:
dc:28:d2:74:f5:c9:c2:13:64:a1:ae:39:71:c8:e3:
ac:94:c6:de:b3:cc:6b:7c:d2:08:39:0e:c5:6b:33:
54:68:44:f6:b7:e7:70:c9:90:1f:d6:a4:a5:57:70:
fb:a1:c0:78:13:c4:c3:af:a8:6b:36:24:b1:a0:0c:
39:75:df:3f:d9:e9:ed:38:dc:87:f3:48:7c:0c:c0:
b4:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:7F:93:5B:FC:BB:A8:C2:70:34:C1:4A:EE:F1:98:04:4D:EE:A8:B2
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/33-TW_y7qMJwNMFK7vGYBE3uqLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.180.0/24
192.71.220.0/24
193.180.207.0/24
193.180.240.0/24
193.180.247.0/24
193.181.2.0/24
193.234.87.0/24
193.234.177.0/24
194.103.24.0/22
Signature Algorithm: sha256WithRSAEncryption
15:05:13:ae:99:c8:ad:bc:4f:07:c5:41:3f:48:41:c7:4c:2c:
d4:4e:c3:84:e8:77:51:4b:5c:37:98:78:7a:b6:3b:7e:ad:f9:
db:b8:b0:09:c2:b4:63:93:c8:da:e4:3e:8a:4c:db:35:d3:44:
bc:56:fc:76:6d:f2:2e:74:96:95:fd:f3:7a:56:4f:72:4f:37:
52:cc:79:6e:0c:f8:68:87:72:58:60:91:a9:d0:53:2e:8e:56:
7a:67:10:73:30:2c:c0:02:bd:d9:1c:80:a1:79:10:07:bd:1d:
5d:7f:2f:a4:64:6b:3b:a3:3d:26:a4:e1:3c:84:82:1f:c2:b4:
09:af:6c:ce:1f:dc:a3:43:f2:39:2c:b6:46:2b:5d:45:de:79:
ca:d4:a1:4c:89:82:53:85:9a:96:26:9e:e3:4e:69:e0:51:c4:
c8:15:41:14:bd:16:65:55:c4:11:41:53:9d:2f:a4:89:f8:c4:
46:f6:52:4a:76:08:94:f4:9f:a8:bb:5c:ad:37:6a:33:c5:2c:
51:0b:f6:44:db:aa:fd:9d:29:3b:a2:9a:c6:58:1d:b9:91:a5:
0a:31:02:cb:e4:31:46:91:f5:02:e8:91:0a:86:99:4e:44:9e:
71:6a:fd:12:c1:bc:ca:72:d4:62:c3:87:e3:76:99:6d:59:9a:
b0:77:2f:37
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYr7U/YVh5WP+s7dO0vU7usIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMxMDA0MTUzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjdmOTM1YmZjYmJhOGMyNzAzNGMxNGFlZWYxOTgwNDRkZWVhOGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfJLoenhvSACPXw8ZrcVzEzhyJpL
Ql3t+kdJTR4IHjtl2NYneINYb/aIYNWBeWDkB3R6OnulsGX6QTmFJoCtiOPKsD3o
sR0fdojYCLVsNimPEGSDiUmLWF0gFYpGoFGytJfdvXPWC3gd9wuu5IfxUzFcajQY
U5vXZad7HCNRbosg35v3i96qS5EVZ9ZCvFBgywCdy/UytsOJzRSo9BshaboCH9Nl
ixwBXdBBg5XkkfLhGzfcKNJ09cnCE2ShrjlxyOOslMbes8xrfNIIOQ7FazNUaET2
t+dwyZAf1qSlV3D7ocB4E8TDr6hrNiSxoAw5dd8/2entONyH80h8DMC0tQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFN9/k1v8u6jCcDTBSu7xmARN7qiyMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvMzMtVFdfeTdxTUp3Tk1GSzd2R1lCRTN1cUxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAwEe0AwQA
wEfcAwQAwbTPAwQAwbTwAwQAwbT3AwQAwbUCAwQAwepXAwQAweqxAwQCwmcYMA0G
CSqGSIb3DQEBCwUAA4IBAQAVBROumcitvE8HxUE/SEHHTCzUTsOE6HdRS1w3mHh6
tjt+rfnbuLAJwrRjk8ja5D6KTNs100S8Vvx2bfIudJaV/fN6Vk9yTzdSzHluDPho
h3JYYJGp0FMujlZ6ZxBzMCzAAr3ZHICheRAHvR1dfy+kZGs7oz0mpOE8hIIfwrQJ
r2zOH9yjQ/I5LLZGK11F3nnK1KFMiYJThZqWJp7jTmngUcTIFUEUvRZlVcQRQVOd
L6SJ+MRG9lJKdgiU9J+ou1ytN2ozxSxRC/ZE26r9nSk7oprGWB25kaUKMQLL5DFG
kfUC6JEKhplORJ5xav0SwbzKctRiw4fjdpltWZqwdy83
Generated at Wed Nov 22 08:50:09 2023 by rpki-client on console-fra.rpki-client.org