Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/TwAAYXGIi3MaT32ie_QDZlNN_9w.roa
File: TwAAYXGIi3MaT32ie_QDZlNN_9w.roa (raw, json)
Hash identifier: ZjlyYxvxcjyU5s6O8hY/3Be4mjHG/dEO3Hme5iEmDTo=
Subject key identifier: 4F:00:00:61:71:88:8B:73:1A:4F:7D:A2:7B:F4:03:66:53:4D:FF:DC
Certificate issuer: /CN=464952bc165441ec6e2e2010c933dc830f361731
Certificate serial: 018CC3491A9F9DEF943F44613AA5AA3B4CB5
Authority key identifier: 46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/TwAAYXGIi3MaT32ie_QDZlNN_9w.roa
Signing time: Mon 01 Jan 2024 04:29:57 +0000
ROA not before: Mon 01 Jan 2024 04:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20668
IP address blocks: 93.113.128.0/24 maxlen: 24
188.213.35.0/24 maxlen: 24
93.113.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jan 2024 05:43:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:1a:9f:9d:ef:94:3f:44:61:3a:a5:aa:3b:4c:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=464952bc165441ec6e2e2010c933dc830f361731
Validity
Not Before: Jan 1 04:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f00006171888b731a4f7da27bf40366534dffdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:71:2a:38:74:55:1a:51:c5:8d:db:24:1e:8b:
75:22:b3:56:1d:c6:f8:29:05:d0:75:a4:73:f3:ee:
c0:63:16:af:33:a4:57:54:e2:77:21:d5:aa:14:d9:
eb:7b:5f:45:83:17:97:e0:49:d3:38:12:62:ad:39:
3e:77:52:9d:a8:15:87:fd:51:4d:3a:a8:20:05:e8:
6c:ec:ba:2f:56:66:1c:8f:35:12:16:70:ad:88:b2:
b6:bb:9a:2b:64:ce:3b:9e:2f:2f:9d:8b:e5:07:64:
3d:a6:74:91:0a:f5:d1:b9:fc:ed:2e:36:53:fd:21:
42:2b:94:0b:cb:04:31:0f:f0:2f:77:49:a3:4c:6c:
77:ec:41:3e:ad:a1:c1:7e:4a:d3:8c:58:21:b3:ac:
b6:e4:b4:b0:92:ac:51:36:f5:57:ad:f6:72:b8:6a:
48:5b:5a:3a:2a:82:cf:19:40:ba:da:54:85:a5:ca:
57:ee:f9:ec:6d:76:e9:50:e6:a2:08:c8:63:28:b9:
05:7a:6f:1e:75:57:9f:9b:37:7a:40:c7:5a:75:f2:
b3:f5:58:04:01:e6:d7:8c:bb:bc:7d:f4:7b:34:25:
ca:44:cd:18:e5:19:2d:25:4e:7d:46:1d:17:09:bb:
ea:2b:b4:5d:42:cd:c7:39:f1:02:d0:7a:53:93:a3:
99:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:00:00:61:71:88:8B:73:1A:4F:7D:A2:7B:F4:03:66:53:4D:FF:DC
X509v3 Authority Key Identifier:
keyid:46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/TwAAYXGIi3MaT32ie_QDZlNN_9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.113.128.0/24
93.113.205.0/24
188.213.35.0/24
Signature Algorithm: sha256WithRSAEncryption
80:96:5e:c8:c1:11:82:b4:ee:3c:de:12:fc:5d:7b:a5:40:a7:
3b:bf:dc:d3:43:c9:c0:90:18:bf:d2:6c:95:62:a9:52:4d:a6:
49:d3:32:ba:53:0c:c7:56:eb:6e:23:ea:fb:05:2e:6e:65:3a:
a9:be:9b:a9:b7:de:a6:02:8d:67:a7:d4:fd:75:01:c3:d8:fb:
8d:06:d9:b0:95:35:f6:49:8f:85:a2:1a:92:d2:80:4b:09:39:
17:ad:36:f1:ec:73:85:0f:10:f2:81:0e:16:d7:e4:91:32:e3:
78:7d:44:b9:d2:5c:51:5f:8e:6d:a2:5b:61:c7:bd:7f:7d:04:
08:38:85:08:56:f8:a6:d7:16:30:37:08:c7:35:2e:88:6e:5e:
e5:5e:9c:05:18:33:24:eb:2a:e1:73:44:61:0a:26:92:69:0d:
ad:11:10:e6:5e:96:b6:c6:ba:f2:54:cf:5d:6b:99:5d:97:da:
71:13:e2:64:f9:09:b2:03:22:af:c5:55:c1:04:84:fa:11:79:
4f:db:87:84:15:06:5f:37:e8:08:e1:ac:3f:4b:92:d7:da:dc:
07:ed:6a:f7:66:0c:b4:df:86:e8:8e:ad:e7:5d:d1:02:9d:c1:
3d:16:ae:b9:2e:66:d7:bf:3f:95:f3:28:af:e6:c6:b6:ed:46:
5f:00:a8:93
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDSRqfne+UP0RhOqWqO0y1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NDk1MmJjMTY1NDQxZWM2ZTJlMjAxMGM5MzNkYzgzMGYz
NjE3MzEwHhcNMjQwMTAxMDQyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjAwMDA2MTcxODg4YjczMWE0ZjdkYTI3YmY0MDM2NjUzNGRmZmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXEqOHRVGlHFjdskHot1IrNWHcb4
KQXQdaRz8+7AYxavM6RXVOJ3IdWqFNnre19FgxeX4EnTOBJirTk+d1KdqBWH/VFN
OqggBehs7LovVmYcjzUSFnCtiLK2u5orZM47ni8vnYvlB2Q9pnSRCvXRufztLjZT
/SFCK5QLywQxD/Avd0mjTGx37EE+raHBfkrTjFghs6y25LSwkqxRNvVXrfZyuGpI
W1o6KoLPGUC62lSFpcpX7vnsbXbpUOaiCMhjKLkFem8edVefmzd6QMdadfKz9VgE
AebXjLu8ffR7NCXKRM0Y5RktJU59Rh0XCbvqK7RdQs3HOfEC0HpTk6OZjwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE8AAGFxiItzGk99onv0A2ZTTf/cMB8GA1UdIwQY
MBaAFEZJUrwWVEHsbi4gEMkz3IMPNhcxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQt
ODQyODU4MTIyYmJjLzEvVHdBQVlYR0lpM01hVDMyaWVfUURabE5OXzl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQtODQyODU4MTIyYmJj
LzEvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXXGAAwQA
XXHNAwQAvNUjMA0GCSqGSIb3DQEBCwUAA4IBAQCAll7IwRGCtO483hL8XXulQKc7
v9zTQ8nAkBi/0myVYqlSTaZJ0zK6UwzHVutuI+r7BS5uZTqpvpupt96mAo1np9T9
dQHD2PuNBtmwlTX2SY+FohqS0oBLCTkXrTbx7HOFDxDygQ4W1+SRMuN4fUS50lxR
X45tolthx71/fQQIOIUIVvim1xYwNwjHNS6Ibl7lXpwFGDMk6yrhc0RhCiaSaQ2t
ERDmXpa2xrryVM9da5ldl9pxE+Jk+QmyAyKvxVXBBIT6EXlP24eEFQZfN+gI4aw/
S5LX2twH7Wr3Zgy034bojq3nXdECncE9Fq65LmbXvz+V8yiv5sa27UZfAKiT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:38 2024 by rpki-client on console-fra.rpki-client.org