Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/30282c-3c82-4730-b95e-e745948983ed/1/TkS9CMo2HQngEeFVNik2MxA5xpg.roa
File: TkS9CMo2HQngEeFVNik2MxA5xpg.roa (raw, json)
Hash identifier: K74B3Wh5hxBQ+OSlWnfcVIslhFWpEU9wnAhkn62beto=
Subject key identifier: 4E:44:BD:08:CA:36:1D:09:E0:11:E1:55:36:29:36:33:10:39:C6:98
Certificate issuer: /CN=09e5518e68467b4290c3509268b6d6d664962c86
Certificate serial: 01857355E414AEE9EDD1C265DCC850E19115
Authority key identifier: 09:E5:51:8E:68:46:7B:42:90:C3:50:92:68:B6:D6:D6:64:96:2C:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CeVRjmhGe0KQw1CSaLbW1mSWLIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/30282c-3c82-4730-b95e-e745948983ed/1/TkS9CMo2HQngEeFVNik2MxA5xpg.roa
Signing time: Mon 02 Jan 2023 16:34:46 +0000
ROA not before: Mon 02 Jan 2023 16:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31515
IP address blocks: 161.30.33.0/24 maxlen: 24
161.30.40.0/23 maxlen: 23
161.30.5.0/24 maxlen: 24
161.30.7.0/24 maxlen: 24
161.30.12.0/22 maxlen: 22
161.30.16.0/22 maxlen: 22
161.30.22.0/23 maxlen: 23
161.30.237.0/24 maxlen: 24
161.30.238.0/24 maxlen: 24
161.30.236.0/22 maxlen: 24
2a11:ae00::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:55:e4:14:ae:e9:ed:d1:c2:65:dc:c8:50:e1:91:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09e5518e68467b4290c3509268b6d6d664962c86
Validity
Not Before: Jan 2 16:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e44bd08ca361d09e011e155362936331039c698
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b9:c3:30:3f:f3:cc:76:91:d1:48:84:7c:fa:
79:fb:d5:f8:bf:eb:85:c0:d7:f1:98:72:04:9f:6d:
cb:fc:75:0b:74:3d:51:4c:98:dd:76:50:91:ae:a9:
36:bf:26:7e:d8:37:f2:45:ee:24:a6:c6:03:d0:80:
5e:ab:b0:df:36:89:98:d6:09:a2:c2:e7:e5:19:9a:
f5:e8:b1:d5:6b:2d:5e:a3:df:f5:c8:3e:92:a0:00:
37:2e:e2:c9:c7:34:e6:59:e8:4f:b7:63:e4:8f:b9:
90:e3:9c:1f:61:d3:6a:d5:e3:b5:8d:f4:fd:3c:bb:
7e:38:a7:2e:43:ea:fe:cd:56:13:9d:e1:54:1e:e2:
77:5c:c3:26:23:65:b3:7e:d2:37:5a:4d:fd:06:d1:
76:68:77:7a:dd:24:d6:c4:ee:a9:bf:41:ab:89:4c:
28:e9:11:69:d6:5b:87:7e:15:6a:ff:25:77:2c:94:
37:52:76:58:20:ac:72:3d:c2:05:fe:5c:48:50:f2:
cb:72:c1:a2:f7:99:1c:b7:11:2b:51:51:ab:a6:c8:
1d:91:88:58:c8:9c:3c:87:d6:8d:02:df:b3:5a:04:
b3:80:ff:6c:0d:22:2b:50:51:7f:72:ef:c4:f9:e9:
16:c7:b1:2c:d9:46:17:07:73:c8:39:cb:17:54:c6:
a5:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:44:BD:08:CA:36:1D:09:E0:11:E1:55:36:29:36:33:10:39:C6:98
X509v3 Authority Key Identifier:
keyid:09:E5:51:8E:68:46:7B:42:90:C3:50:92:68:B6:D6:D6:64:96:2C:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CeVRjmhGe0KQw1CSaLbW1mSWLIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/30282c-3c82-4730-b95e-e745948983ed/1/TkS9CMo2HQngEeFVNik2MxA5xpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/30282c-3c82-4730-b95e-e745948983ed/1/CeVRjmhGe0KQw1CSaLbW1mSWLIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
161.30.5.0/24
161.30.7.0/24
161.30.12.0-161.30.19.255
161.30.22.0/23
161.30.33.0/24
161.30.40.0/23
161.30.236.0/22
IPv6:
2a11:ae00::/32
Signature Algorithm: sha256WithRSAEncryption
7c:de:b3:8b:cd:4d:ad:0b:cb:22:78:7a:b8:c0:b9:bb:6a:10:
c3:66:3b:6c:dc:f4:2f:09:d1:61:35:7c:10:f2:33:27:7e:9e:
f9:2f:1b:c0:b3:aa:31:bd:42:2f:50:70:9f:02:72:b4:a0:7e:
d3:44:26:71:c2:4b:9b:69:81:48:53:10:ed:b9:30:84:f3:d3:
d0:be:13:b2:b7:70:42:d2:dd:d2:6b:a4:18:72:ec:5a:70:81:
f6:b3:37:8c:05:48:3e:f7:f9:08:d5:9e:a3:cb:5b:f6:71:65:
40:5c:fb:9a:e5:d6:44:ee:37:17:eb:fe:4c:24:51:36:3d:82:
f8:07:f0:61:1a:35:e8:00:d2:c0:33:88:18:91:16:2f:cb:98:
cf:df:d5:53:bc:5d:89:10:90:8f:04:fa:34:3b:53:20:84:ae:
6e:96:cb:e4:7e:b3:96:ae:24:b0:3c:0d:ff:61:22:10:3e:17:
22:18:d9:34:a8:1c:97:d7:ab:b7:f1:3c:74:2c:f8:1e:c4:f9:
6b:cd:79:14:c1:d0:c2:00:87:e9:a4:36:fd:88:69:2a:3e:c5:
bc:6c:87:74:71:23:2d:64:a7:bb:a9:71:e8:ee:5a:33:20:ca:
13:97:7a:f8:5f:c6:bd:90:af:f0:4e:9e:60:6a:88:13:7e:83:
d5:0a:02:16
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYVzVeQUrunt0cJl3MhQ4ZEVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZTU1MThlNjg0NjdiNDI5MGMzNTA5MjY4YjZkNmQ2NjQ5
NjJjODYwHhcNMjMwMTAyMTYzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTQ0YmQwOGNhMzYxZDA5ZTAxMWUxNTUzNjI5MzYzMzEwMzljNjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrnDMD/zzHaR0UiEfPp5+9X4v+uF
wNfxmHIEn23L/HULdD1RTJjddlCRrqk2vyZ+2DfyRe4kpsYD0IBeq7DfNomY1gmi
wuflGZr16LHVay1eo9/1yD6SoAA3LuLJxzTmWehPt2Pkj7mQ45wfYdNq1eO1jfT9
PLt+OKcuQ+r+zVYTneFUHuJ3XMMmI2WzftI3Wk39BtF2aHd63STWxO6pv0GriUwo
6RFp1luHfhVq/yV3LJQ3UnZYIKxyPcIF/lxIUPLLcsGi95kctxErUVGrpsgdkYhY
yJw8h9aNAt+zWgSzgP9sDSIrUFF/cu/E+ekWx7Es2UYXB3PIOcsXVMal3wIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFE5EvQjKNh0J4BHhVTYpNjMQOcaYMB8GA1UdIwQY
MBaAFAnlUY5oRntCkMNQkmi21tZkliyGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2VWUmptaEdlMEtRdzFDU2FMYlcxbVNXTElZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8zMDI4MmMtM2M4Mi00NzMwLWI5NWUt
ZTc0NTk0ODk4M2VkLzEvVGtTOUNNbzJIUW5nRWVGVk5pazJNeEE1eHBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC8zMDI4MmMtM2M4Mi00NzMwLWI5NWUtZTc0NTk0ODk4M2Vk
LzEvQ2VWUmptaEdlMEtRdzFDU2FMYlcxbVNXTElZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyAwQAoR4FAwQA
oR4HMAwDBAKhHgwDBAKhHhADBAGhHhYDBAChHiEDBAGhHigDBAKhHuwwDQQCAAIw
BwMFACoRrgAwDQYJKoZIhvcNAQELBQADggEBAHzes4vNTa0LyyJ4erjAubtqEMNm
O2zc9C8J0WE1fBDyMyd+nvkvG8CzqjG9Qi9QcJ8CcrSgftNEJnHCS5tpgUhTEO25
MITz09C+E7K3cELS3dJrpBhy7FpwgfazN4wFSD73+QjVnqPLW/ZxZUBc+5rl1kTu
Nxfr/kwkUTY9gvgH8GEaNegA0sAziBiRFi/LmM/f1VO8XYkQkI8E+jQ7UyCErm6W
y+R+s5auJLA8Df9hIhA+FyIY2TSoHJfXq7fxPHQs+B7E+WvNeRTB0MIAh+mkNv2I
aSo+xbxsh3RxIy1kp7upcejuWjMgyhOXevhfxr2Qr/BOnmBqiBN+g9UKAhY=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:50 2023 by rpki-client on console-ams.rpki-client.org