Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/tgtT-ATGcNjNy4RCX9rR6HItDKc.roa
File: tgtT-ATGcNjNy4RCX9rR6HItDKc.roa (raw, json)
Hash identifier: pWZeqxFz7amq9ruMumcwRNQtKs4TVOJ/zMi8xPB3+3k=
Subject key identifier: B6:0B:53:F8:04:C6:70:D8:CD:CB:84:42:5F:DA:D1:E8:72:2D:0C:A7
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0190DA3C8AA2891CC7578B8FBBBDC4E6D4CB
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/tgtT-ATGcNjNy4RCX9rR6HItDKc.roa
Signing time: Mon 22 Jul 2024 11:38:38 +0000
ROA not before: Mon 22 Jul 2024 11:38:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42864
IP address blocks: 45.9.169.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.171.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.11.0/24 maxlen: 24
45.88.93.0/24 maxlen: 24
77.242.148.0/24 maxlen: 24
77.242.151.0/24 maxlen: 24
88.209.193.0/24 maxlen: 24
88.209.196.0/24 maxlen: 24
88.209.208.0/24 maxlen: 24
88.209.210.0/24 maxlen: 24
88.209.212.0/24 maxlen: 24
88.209.213.0/24 maxlen: 24
88.209.214.0/24 maxlen: 24
88.209.215.0/24 maxlen: 24
88.209.246.0/24 maxlen: 24
88.209.247.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
92.52.209.0/24 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.212.0/22 maxlen: 24
92.52.215.0/24 maxlen: 24
178.248.200.0/21 maxlen: 21
193.138.125.0/24 maxlen: 24
2a00:1f40::/29 maxlen: 29
2a05:f5c0::/29 maxlen: 29
2a05:f5c0::/32 maxlen: 32
2a0c:f1c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 29 Jul 2024 14:25:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:da:3c:8a:a2:89:1c:c7:57:8b:8f:bb:bd:c4:e6:d4:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jul 22 11:38:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b60b53f804c670d8cdcb84425fdad1e8722d0ca7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:55:2a:9a:24:75:7f:1a:6b:60:bb:42:75:b4:
f8:6c:67:9b:cf:70:22:d8:e6:0d:b9:7b:54:68:19:
8a:16:63:28:3b:9c:63:a6:09:61:ab:4c:d5:d8:d4:
25:15:de:f1:25:2c:4b:74:e7:18:8c:69:9a:50:7e:
15:22:2d:bd:ea:0a:74:48:1c:ec:c8:e0:a2:d3:48:
77:e6:b8:f3:d4:84:fd:65:71:2e:41:3f:9c:e7:db:
95:5c:9d:f2:b1:eb:4f:0a:36:10:0a:9f:a0:63:a5:
8c:fb:11:a4:37:bd:af:ff:11:37:62:f7:a6:c9:46:
b2:7f:30:dd:f3:48:92:9e:3b:ae:8a:aa:ec:75:e2:
ad:df:a2:cd:05:38:71:5d:38:f0:60:f0:9c:b6:c9:
72:e2:87:01:05:55:13:00:86:a5:59:f0:65:ca:ea:
1d:d7:5d:b9:7e:6f:c0:e0:c5:7a:6b:61:20:88:30:
07:76:73:b3:b3:1c:7a:47:be:f2:33:84:a8:2b:fa:
7c:9b:4a:83:b8:03:57:da:29:ea:e4:84:bd:ca:15:
39:71:e0:dc:f4:54:8f:ab:e6:2c:55:c3:6e:f9:eb:
29:38:ab:fd:f7:23:40:c5:4f:fc:9a:57:24:f5:3b:
cf:75:ba:56:8e:76:56:65:e1:45:e2:a5:c5:cf:43:
2d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:0B:53:F8:04:C6:70:D8:CD:CB:84:42:5F:DA:D1:E8:72:2D:0C:A7
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/tgtT-ATGcNjNy4RCX9rR6HItDKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.10.0/23
45.88.93.0/24
77.242.148.0/24
77.242.151.0/24
88.209.193.0/24
88.209.196.0/24
88.209.208.0/24
88.209.210.0/24
88.209.212.0/22
88.209.246.0/23
92.52.208.0/21
178.248.200.0/21
193.138.125.0/24
IPv6:
2a00:1f40::/29
2a05:f5c0::/29
2a0c:f1c0::/29
Signature Algorithm: sha256WithRSAEncryption
00:cd:9b:25:85:90:91:c1:d8:71:e5:36:49:3d:64:90:c7:08:
3d:1f:fa:d4:52:5e:ae:b1:2b:69:f7:d7:92:59:4e:7d:26:9c:
00:95:91:b1:11:db:5d:35:d9:aa:b5:52:ba:bb:43:c0:9a:93:
ed:08:6d:af:09:2b:83:56:1e:00:a8:4f:c8:16:c6:74:61:21:
34:5c:6a:78:e0:31:29:87:43:94:e3:b7:17:61:8c:45:1a:f1:
e6:2d:c9:6b:bc:3a:dd:90:79:57:a3:62:f2:04:75:e1:75:a5:
f0:f4:ee:b5:8e:28:02:af:76:13:ee:7a:3d:1d:a0:cf:c4:98:
21:03:f5:b4:5e:5e:39:dd:82:2f:82:87:df:f9:37:30:cc:0a:
43:dc:f3:5e:97:41:c5:20:3d:cd:02:cc:5c:b8:5e:ec:e8:b8:
66:cc:ec:c7:5f:d2:df:75:e2:0f:b9:be:1b:ad:e8:0f:79:48:
0e:44:34:8f:6e:8d:9c:b5:31:ef:50:f1:70:f1:ba:53:c5:cf:
92:5a:84:25:60:df:13:a9:a9:7e:26:53:91:20:49:ce:1f:27:
63:b5:4e:70:72:8a:85:25:eb:21:e4:af:44:13:1e:a4:27:f5:
2c:75:66:92:9a:dc:d6:d2:44:45:9b:c5:23:13:c7:4e:f1:72:
78:95:94:7a
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZDaPIqiiRzHV4uPu73E5tTLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwNzIyMTEzODM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjBiNTNmODA0YzY3MGQ4Y2RjYjg0NDI1ZmRhZDFlODcyMmQwY2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6lUqmiR1fxprYLtCdbT4bGebz3Ai
2OYNuXtUaBmKFmMoO5xjpglhq0zV2NQlFd7xJSxLdOcYjGmaUH4VIi296gp0SBzs
yOCi00h35rjz1IT9ZXEuQT+c59uVXJ3ysetPCjYQCp+gY6WM+xGkN72v/xE3Yvem
yUayfzDd80iSnjuuiqrsdeKt36LNBThxXTjwYPCctsly4ocBBVUTAIalWfBlyuod
1125fm/A4MV6a2EgiDAHdnOzsxx6R77yM4SoK/p8m0qDuANX2inq5IS9yhU5ceDc
9FSPq+YsVcNu+espOKv99yNAxU/8mlck9TvPdbpWjnZWZeFF4qXFz0MtMQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFLYLU/gExnDYzcuEQl/a0ehyLQynMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvdGd0VC1BVEdjTmpOeTRSQ1g5clI2SEl0REtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBiBAIAATBcMAwDBAAt
CakDBAItCagDBAEtDgoDBAAtWF0DBABN8pQDBABN8pcDBABY0cEDBABY0cQDBABY
0dADBABY0dIDBAJY0dQDBAFY0fYDBANcNNADBAOy+MgDBADBin0wGwQCAAIwFQMF
AyoAH0ADBQMqBfXAAwUDKgzxwDANBgkqhkiG9w0BAQsFAAOCAQEAAM2bJYWQkcHY
ceU2ST1kkMcIPR/61FJerrEraffXkllOfSacAJWRsRHbXTXZqrVSurtDwJqT7Qht
rwkrg1YeAKhPyBbGdGEhNFxqeOAxKYdDlOO3F2GMRRrx5i3Ja7w63ZB5V6Ni8gR1
4XWl8PTutY4oAq92E+56PR2gz8SYIQP1tF5eOd2CL4KH3/k3MMwKQ9zzXpdBxSA9
zQLMXLhe7Oi4Zszsx1/S33XiD7m+G63oD3lIDkQ0j26NnLUx71DxcPG6U8XPklqE
JWDfE6mpfiZTkSBJzh8nY7VOcHKKhSXrIeSvRBMepCf1LHVmkprc1tJERZvFIxPH
TvFyeJWUeg==
-----END CERTIFICATE-----
Generated at Mon Jul 29 17:58:36 2024 by rpki-client on console-fra.rpki-client.org