Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/e6506e-7685-48e7-a583-21af3dee8ee9/1/tcmkQdgn08YeNFdv3xOXyiPSbaM.roa
File: tcmkQdgn08YeNFdv3xOXyiPSbaM.roa (raw, json)
Hash identifier: pa3RYDsKMdKm15VyMcWOdEhmna9Oxi6I3Df8RBIQYcE=
Subject key identifier: B5:C9:A4:41:D8:27:D3:C6:1E:34:57:6F:DF:13:97:CA:23:D2:6D:A3
Certificate issuer: /CN=7f1d0e3298bed3a7f39fb3b244ed918bf6c4d7bf
Certificate serial: 01873BC897479F57968463DE10E582271298
Authority key identifier: 7F:1D:0E:32:98:BE:D3:A7:F3:9F:B3:B2:44:ED:91:8B:F6:C4:D7:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fx0OMpi-06fzn7OyRO2Ri_bE178.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/e6506e-7685-48e7-a583-21af3dee8ee9/1/tcmkQdgn08YeNFdv3xOXyiPSbaM.roa
Signing time: Sat 01 Apr 2023 07:46:54 +0000
ROA not before: Sat 01 Apr 2023 07:46:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9558
IP address blocks: 194.24.250.0/24 maxlen: 24
194.24.251.0/24 maxlen: 24
217.195.145.0/24 maxlen: 24
217.195.144.0/24 maxlen: 24
2a06:2340:2000::/44 maxlen: 44
2a06:2340:1000::/44 maxlen: 44
2a06:2340:3000::/44 maxlen: 44
2a0d:9e40:1000::/36 maxlen: 36
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:3b:c8:97:47:9f:57:96:84:63:de:10:e5:82:27:12:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f1d0e3298bed3a7f39fb3b244ed918bf6c4d7bf
Validity
Not Before: Apr 1 07:46:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5c9a441d827d3c61e34576fdf1397ca23d26da3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:3a:67:fd:26:9d:d6:4f:28:fb:78:f5:7c:92:
bc:52:27:51:d3:4c:c4:09:65:0b:fe:f9:5e:2d:74:
fd:75:6c:0d:92:b7:e7:32:0d:38:dd:26:34:80:de:
7f:a9:5f:c2:a5:b5:13:e0:74:70:01:fb:10:b3:60:
44:03:0e:0b:7e:54:04:81:33:25:d4:a4:82:c9:3b:
d7:9d:32:d3:44:6a:14:57:a3:23:77:c7:3a:1b:15:
be:c3:28:ab:95:53:03:50:fa:a8:a0:8f:ea:2b:8a:
e4:f7:79:37:30:7e:82:ab:fc:55:54:1b:3d:b7:30:
e9:48:5c:75:5c:91:b8:0f:2a:cd:90:8f:b9:c7:bf:
2a:eb:61:3b:fe:b1:e8:60:e3:4f:27:79:7a:1a:4f:
f0:61:14:7b:fc:43:8a:2c:fe:87:f8:95:c0:a0:ec:
1d:22:5a:b6:2d:49:6a:af:fa:0e:b8:02:e5:12:2c:
a0:3b:56:fa:7f:a9:68:d0:4f:3f:90:da:bd:db:da:
74:0d:91:35:6f:35:5c:f4:3a:db:60:89:4a:63:29:
94:69:d9:ce:3e:59:17:36:1e:aa:2b:eb:cd:7f:69:
a1:3c:7b:3e:e6:e9:fc:bf:05:2e:b9:63:1e:ff:d8:
74:93:4f:56:24:fa:71:a3:b2:68:7e:64:16:48:cc:
4b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:C9:A4:41:D8:27:D3:C6:1E:34:57:6F:DF:13:97:CA:23:D2:6D:A3
X509v3 Authority Key Identifier:
keyid:7F:1D:0E:32:98:BE:D3:A7:F3:9F:B3:B2:44:ED:91:8B:F6:C4:D7:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fx0OMpi-06fzn7OyRO2Ri_bE178.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/e6506e-7685-48e7-a583-21af3dee8ee9/1/tcmkQdgn08YeNFdv3xOXyiPSbaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/e6506e-7685-48e7-a583-21af3dee8ee9/1/fx0OMpi-06fzn7OyRO2Ri_bE178.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.24.250.0/23
217.195.144.0/23
IPv6:
2a06:2340:1000::/44
2a06:2340:2000::/44
2a06:2340:3000::/44
2a0d:9e40:1000::/36
Signature Algorithm: sha256WithRSAEncryption
b8:a0:c3:f7:90:cc:c7:96:d6:b4:93:5e:18:84:ba:e9:5b:bc:
c5:c8:13:e2:3f:de:bb:be:88:14:d8:f5:68:4b:8f:1c:ba:0c:
93:5c:63:1d:0c:93:0b:7e:46:c1:be:07:b6:e9:92:74:72:d9:
62:dc:c6:64:39:0f:32:d1:0e:66:3f:9c:93:5c:7b:09:08:63:
29:9d:95:00:04:18:ee:c2:0f:68:46:0e:4f:02:02:16:dd:9f:
2e:57:2c:51:c2:eb:64:1a:f9:fe:ae:ba:b1:53:8e:e6:20:57:
3e:aa:9e:99:7e:d4:4c:5b:b8:d5:95:6d:ca:38:8a:70:8b:4b:
a8:db:c3:e7:ae:36:6e:2d:c1:77:b7:b2:51:cb:3b:29:a4:d7:
6c:8e:08:66:f3:3b:29:cc:8d:00:cd:06:ad:9c:e8:c8:a0:f1:
85:fd:a0:09:7c:90:ce:eb:47:53:1a:83:c3:06:63:b0:38:1c:
41:d9:61:f0:f8:ed:f9:fe:18:3e:c9:15:eb:36:8e:2f:1d:5f:
c0:71:9c:d8:9d:2a:c8:f9:4b:c2:01:11:e5:98:14:29:76:fb:
bd:1c:19:4e:af:98:f4:22:9d:65:c3:d7:d8:0e:c9:30:5d:82:
12:43:3f:cf:0a:a0:ae:23:e4:07:db:6c:99:5f:7e:87:43:2f:
e2:a1:e5:c0
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYc7yJdHn1eWhGPeEOWCJxKYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmMWQwZTMyOThiZWQzYTdmMzlmYjNiMjQ0ZWQ5MThiZjZj
NGQ3YmYwHhcNMjMwNDAxMDc0NjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWM5YTQ0MWQ4MjdkM2M2MWUzNDU3NmZkZjEzOTdjYTIzZDI2ZGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTpn/Sad1k8o+3j1fJK8UidR00zE
CWUL/vleLXT9dWwNkrfnMg043SY0gN5/qV/CpbUT4HRwAfsQs2BEAw4LflQEgTMl
1KSCyTvXnTLTRGoUV6Mjd8c6GxW+wyirlVMDUPqooI/qK4rk93k3MH6Cq/xVVBs9
tzDpSFx1XJG4DyrNkI+5x78q62E7/rHoYONPJ3l6Gk/wYRR7/EOKLP6H+JXAoOwd
Ilq2LUlqr/oOuALlEiygO1b6f6lo0E8/kNq929p0DZE1bzVc9DrbYIlKYymUadnO
PlkXNh6qK+vNf2mhPHs+5un8vwUuuWMe/9h0k09WJPpxo7JofmQWSMxLSwIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFLXJpEHYJ9PGHjRXb98Tl8oj0m2jMB8GA1UdIwQY
MBaAFH8dDjKYvtOn85+zskTtkYv2xNe/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZngwT01waS0wNmZ6bjdPeVJPMlJpX2JFMTc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9lNjUwNmUtNzY4NS00OGU3LWE1ODMt
MjFhZjNkZWU4ZWU5LzEvdGNta1FkZ24wOFllTkZkdjN4T1h5aVBTYmFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9lNjUwNmUtNzY4NS00OGU3LWE1ODMtMjFhZjNkZWU4ZWU5
LzEvZngwT01waS0wNmZ6bjdPeVJPMlJpX2JFMTc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzASBAIAATAMAwQBwhj6AwQB
2cOQMCkEAgACMCMDBwQqBiNAEAADBwQqBiNAIAADBwQqBiNAMAADBgQqDZ5AEDAN
BgkqhkiG9w0BAQsFAAOCAQEAuKDD95DMx5bWtJNeGIS66Vu8xcgT4j/eu76IFNj1
aEuPHLoMk1xjHQyTC35Gwb4HtumSdHLZYtzGZDkPMtEOZj+ck1x7CQhjKZ2VAAQY
7sIPaEYOTwICFt2fLlcsUcLrZBr5/q66sVOO5iBXPqqemX7UTFu41ZVtyjiKcItL
qNvD5642bi3Bd7eyUcs7KaTXbI4IZvM7KcyNAM0GrZzoyKDxhf2gCXyQzutHUxqD
wwZjsDgcQdlh8Pjt+f4YPskV6zaOLx1fwHGc2J0qyPlLwgER5ZgUKXb7vRwZTq+Y
9CKdZcPX2A7JMF2CEkM/zwqgriPkB9tsmV9+h0Mv4qHlwA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:09 2024 by rpki-client on console-fra.rpki-client.org