Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/tfeIPTjt17aal4Q56Nx0zbiqZ7w.roa
File: tfeIPTjt17aal4Q56Nx0zbiqZ7w.roa (raw, json)
Hash identifier: Om8enBJQ+i3iq2CZBwB223L7FPmglmIMOLwiLJyxjkQ=
Subject key identifier: B5:F7:88:3D:38:ED:D7:B6:9A:97:84:39:E8:DC:74:CD:B8:AA:67:BC
Certificate issuer: /CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Certificate serial: 0191B20BCA2890FD0C722F402EE673B53F00
Authority key identifier: E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/tfeIPTjt17aal4Q56Nx0zbiqZ7w.roa
Signing time: Mon 02 Sep 2024 09:23:22 +0000
ROA not before: Mon 02 Sep 2024 09:23:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8400
IP address blocks: 5.154.225.0/24 maxlen: 24
62.101.128.0/20 maxlen: 20
77.46.128.0/17 maxlen: 17
79.101.0.0/16 maxlen: 16
79.101.0.0/21 maxlen: 21
79.101.21.0/24 maxlen: 24
87.250.32.0/19 maxlen: 19
89.39.144.0/23 maxlen: 23
89.46.126.0/23 maxlen: 23
89.47.40.0/23 maxlen: 23
91.150.64.0/18 maxlen: 18
91.150.64.0/23 maxlen: 23
91.150.66.0/24 maxlen: 24
91.150.91.0/24 maxlen: 24
92.244.128.0/19 maxlen: 19
93.86.0.0/15 maxlen: 15
93.86.0.0/16 maxlen: 16
93.87.0.0/16 maxlen: 16
93.87.38.0/24 maxlen: 24
93.87.39.0/24 maxlen: 24
93.87.50.0/24 maxlen: 24
93.87.58.0/24 maxlen: 24
109.72.48.0/20 maxlen: 20
109.92.0.0/15 maxlen: 15
109.122.77.0/24 maxlen: 24
109.198.0.0/19 maxlen: 19
178.79.0.0/18 maxlen: 18
178.220.0.0/15 maxlen: 15
178.222.0.0/16 maxlen: 16
178.223.0.0/17 maxlen: 17
178.223.128.0/18 maxlen: 18
178.223.192.0/19 maxlen: 19
185.71.88.0/22 maxlen: 22
185.190.152.0/22 maxlen: 22
195.178.32.0/19 maxlen: 19
212.200.0.0/16 maxlen: 16
212.200.0.0/17 maxlen: 17
212.200.0.0/21 maxlen: 21
212.200.8.0/22 maxlen: 22
212.200.12.0/23 maxlen: 23
212.200.45.0/24 maxlen: 24
212.200.50.0/24 maxlen: 24
212.200.51.0/24 maxlen: 24
212.200.52.0/24 maxlen: 24
212.200.123.0/24 maxlen: 24
212.200.128.0/17 maxlen: 17
212.200.128.0/18 maxlen: 18
212.200.132.0/24 maxlen: 24
212.200.192.0/19 maxlen: 19
212.200.224.0/24 maxlen: 24
212.200.225.0/24 maxlen: 24
212.200.226.0/23 maxlen: 23
212.200.228.0/22 maxlen: 22
212.200.232.0/21 maxlen: 21
212.200.240.0/20 maxlen: 20
213.196.96.0/20 maxlen: 20
2a00:e90::/32 maxlen: 32
2a06:5b00::/29 maxlen: 29
2a06:63c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 02 Oct 2024 08:42:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b2:0b:ca:28:90:fd:0c:72:2f:40:2e:e6:73:b5:3f:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Validity
Not Before: Sep 2 09:23:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5f7883d38edd7b69a978439e8dc74cdb8aa67bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:1c:84:48:e4:8d:98:50:53:f2:2a:04:8e:5c:
92:ca:60:c7:3a:17:8c:57:ed:d8:14:2a:15:2f:94:
78:b9:fd:b3:2e:62:a9:80:1f:16:a7:b9:8a:65:f1:
79:4a:03:b5:80:28:12:33:6a:20:0f:5a:c9:4c:5c:
74:f7:62:bf:b1:72:38:21:d3:d8:2b:08:a4:49:59:
a7:e6:1c:f5:d1:ef:d3:36:e3:ae:ab:37:7c:d4:68:
20:54:b7:bf:da:06:5a:32:c9:75:02:b2:43:fe:c4:
b1:93:90:fd:c3:4a:3e:79:f7:0f:56:e3:4f:d3:4b:
0a:80:71:a5:6b:db:f1:e9:43:d7:d2:49:e9:67:42:
a0:aa:d9:43:81:eb:1a:2f:2e:c7:9c:69:b0:29:c3:
57:a4:6d:5c:8d:00:1d:66:95:7e:13:4c:dc:6a:3d:
61:cd:64:db:ab:97:4c:9f:77:ed:aa:56:66:0f:5d:
80:24:2f:c4:f6:78:af:a1:99:2c:4f:cc:b7:d2:28:
1a:a8:00:36:2f:67:99:57:f8:c4:54:8a:e7:e5:91:
65:b4:56:d8:c9:99:ed:8e:07:13:ae:e1:61:f6:3b:
2f:e4:7c:76:c4:5d:bd:05:fe:07:de:44:7b:f8:9a:
c5:b0:59:db:72:e4:6a:35:18:d9:cb:63:71:f7:10:
2c:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:F7:88:3D:38:ED:D7:B6:9A:97:84:39:E8:DC:74:CD:B8:AA:67:BC
X509v3 Authority Key Identifier:
keyid:E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/tfeIPTjt17aal4Q56Nx0zbiqZ7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/6bEyD7wk1vQ2bLZPz17S17G2vfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.225.0/24
62.101.128.0/20
77.46.128.0/17
79.101.0.0/16
87.250.32.0/19
89.39.144.0/23
89.46.126.0/23
89.47.40.0/23
91.150.64.0/18
92.244.128.0/19
93.86.0.0/15
109.72.48.0/20
109.92.0.0/15
109.122.77.0/24
109.198.0.0/19
178.79.0.0/18
178.220.0.0-178.223.223.255
185.71.88.0/22
185.190.152.0/22
195.178.32.0/19
212.200.0.0/16
213.196.96.0/20
IPv6:
2a00:e90::/32
2a06:5b00::/29
2a06:63c0::/29
Signature Algorithm: sha256WithRSAEncryption
a9:64:7b:b6:9e:40:91:64:23:d7:60:9f:98:c0:23:90:12:19:
ee:4d:8c:51:fc:d0:ee:0b:1c:e4:c5:39:37:86:b5:88:20:c4:
43:e1:14:c7:6f:23:bc:e3:00:08:e2:1f:58:87:3a:a2:d0:c9:
33:75:a4:09:e7:9a:af:a2:28:0a:21:87:14:a7:3b:06:76:e9:
26:75:15:f3:d2:d9:a4:aa:0f:3c:5a:e7:3b:f5:c5:57:1f:28:
f9:6b:78:52:c7:7f:f5:98:a9:8f:58:76:82:38:0b:66:41:b7:
a5:2a:58:fb:c5:72:b9:1c:7e:b5:5e:f4:96:b9:73:14:e4:97:
d6:42:01:e6:52:45:c7:ca:41:c8:1d:78:a0:b2:aa:96:37:19:
6d:3e:1e:be:b3:32:a8:bc:a6:2a:65:17:3b:b4:d2:00:dd:1c:
08:24:96:80:e0:68:11:ac:16:2f:7b:af:c2:81:31:af:cc:81:
85:46:fe:f5:e2:3e:60:8e:5f:3c:3e:9a:24:72:9b:33:b7:82:
05:21:81:50:7d:10:a0:45:06:19:69:d1:2d:1b:2b:05:41:14:
b8:01:eb:dd:91:bc:de:d6:3c:7b:04:4f:dd:2f:d0:eb:24:e8:
b4:27:04:ee:5c:42:77:74:09:8e:72:81:b0:ad:7e:07:8d:5e:
61:36:8b:47
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAZGyC8ookP0Mci9ALuZztT8AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YjEzMjBmYmMyNGQ2ZjQzNjZjYjY0ZmNmNWVkMmQ3YjFi
NmJkZjcwHhcNMjQwOTAyMDkyMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWY3ODgzZDM4ZWRkN2I2OWE5Nzg0MzllOGRjNzRjZGI4YWE2N2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRyESOSNmFBT8ioEjlySymDHOheM
V+3YFCoVL5R4uf2zLmKpgB8Wp7mKZfF5SgO1gCgSM2ogD1rJTFx092K/sXI4IdPY
KwikSVmn5hz10e/TNuOuqzd81GggVLe/2gZaMsl1ArJD/sSxk5D9w0o+efcPVuNP
00sKgHGla9vx6UPX0knpZ0KgqtlDgesaLy7HnGmwKcNXpG1cjQAdZpV+E0zcaj1h
zWTbq5dMn3ftqlZmD12AJC/E9nivoZksT8y30igaqAA2L2eZV/jEVIrn5ZFltFbY
yZntjgcTruFh9jsv5Hx2xF29Bf4H3kR7+JrFsFnbcuRqNRjZy2Nx9xAsIQIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFLX3iD047de2mpeEOejcdM24qme8MB8GA1UdIwQY
MBaAFOmxMg+8JNb0Nmy2T89e0textr33MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmJFeUQ3d2sxdlEyYkxaUHoxN1MxN0cydmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9kZjFjYjUtNWY0OC00NmEwLWE3NmUt
ZDNlMjgwMGJkNjQwLzEvdGZlSVBUanQxN2FhbDRRNTZOeDB6YmlxWjd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9kZjFjYjUtNWY0OC00NmEwLWE3NmUtZDNlMjgwMGJkNjQw
LzEvNmJFeUQ3d2sxdlEyYkxaUHoxN1MxN0cydmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBjgQCAAEwgYcDBAAF
muEDBAQ+ZYADBAdNLoADAwBPZQMEBVf6IAMEAVknkAMEAVkufgMEAVkvKAMEBluW
QAMEBVz0gAMDAV1WAwQEbUgwAwMBbVwDBABtek0DBAVtxgADBAayTwAwCwMDArLc
AwQFst/AAwQCuUdYAwQCub6YAwQFw7IgAwMA1MgDBATVxGAwGwQCAAIwFQMFACoA
DpADBQMqBlsAAwUDKgZjwDANBgkqhkiG9w0BAQsFAAOCAQEAqWR7tp5AkWQj12Cf
mMAjkBIZ7k2MUfzQ7gsc5MU5N4a1iCDEQ+EUx28jvOMACOIfWIc6otDJM3WkCeea
r6IoCiGHFKc7BnbpJnUV89LZpKoPPFrnO/XFVx8o+Wt4Usd/9Zipj1h2gjgLZkG3
pSpY+8VyuRx+tV70lrlzFOSX1kIB5lJFx8pByB14oLKqljcZbT4evrMyqLymKmUX
O7TSAN0cCCSWgOBoEawWL3uvwoExr8yBhUb+9eI+YI5fPD6aJHKbM7eCBSGBUH0Q
oEUGGWnRLRsrBUEUuAHr3ZG83tY8ewRP3S/Q6yTotCcE7lxCd3QJjnKBsK1+B41e
YTaLRw==
-----END CERTIFICATE-----
Generated at Wed Oct 2 10:29:21 2024 by rpki-client on console-fra.rpki-client.org