Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/TjLBnGErxFoDtBmOYzoGwDyXKWo.roa
File: TjLBnGErxFoDtBmOYzoGwDyXKWo.roa (raw, json)
Hash identifier: zcl/4z2qM7qe0pP3v/fzwA/3ylhXZHeztAQ0Xfe1PZs=
Subject key identifier: 4E:32:C1:9C:61:2B:C4:5A:03:B4:19:8E:63:3A:06:C0:3C:97:29:6A
Certificate issuer: /CN=dcf85c36c696d5db2cbb48fd43e821737ee34227
Certificate serial: 0188FBFCEF394D4634830245B7D818A4752C
Authority key identifier: DC:F8:5C:36:C6:96:D5:DB:2C:BB:48:FD:43:E8:21:73:7E:E3:42:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3PhcNsaW1dssu0j9Q-ghc37jQic.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/TjLBnGErxFoDtBmOYzoGwDyXKWo.roa
Signing time: Tue 27 Jun 2023 08:33:57 +0000
ROA not before: Tue 27 Jun 2023 08:33:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207174
IP address blocks: 185.211.212.0/22 maxlen: 24
5.181.240.0/22 maxlen: 24
185.49.192.0/22 maxlen: 24
185.249.108.0/22 maxlen: 24
2a0c:240::/29 maxlen: 48
2a01:a260::/32 maxlen: 48
2a0b:6b40::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:fb:fc:ef:39:4d:46:34:83:02:45:b7:d8:18:a4:75:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcf85c36c696d5db2cbb48fd43e821737ee34227
Validity
Not Before: Jun 27 08:33:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e32c19c612bc45a03b4198e633a06c03c97296a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d2:ab:22:c7:69:c5:0c:74:16:a8:9b:26:48:
72:03:5d:b3:38:f9:9a:f7:7e:f3:ed:f0:49:4c:96:
d7:3e:15:c9:66:c8:d2:28:76:e9:5f:36:1e:6f:2e:
ae:41:72:74:5b:86:23:a2:fe:9a:63:a8:a1:e6:f5:
a5:51:62:04:ad:02:ae:88:a9:3b:be:1b:bc:ca:96:
d8:07:fd:4b:90:4c:b3:a7:da:52:17:1d:7e:24:70:
1d:b6:d8:6a:cb:f9:58:3e:96:d3:69:12:6d:0c:94:
39:8c:ec:ec:9c:5f:d7:41:0d:8b:cf:51:72:56:3d:
bd:10:32:9d:3a:23:6b:ab:ba:d9:77:23:29:26:4a:
a8:68:1e:30:c8:1f:1e:d4:eb:95:07:98:46:7d:03:
a3:64:77:18:fe:1f:06:93:ce:6b:c5:cf:db:36:e7:
84:44:27:29:3b:de:6e:83:ea:ec:c8:d1:76:b1:2d:
93:94:f5:33:86:2f:8d:e9:ea:d0:be:81:3b:d1:52:
46:76:9e:f0:62:7a:62:4d:35:15:47:88:2c:3b:6c:
78:87:dc:9e:d2:c0:2d:9f:86:5a:fb:84:be:30:67:
37:82:ec:61:d3:b1:fc:ef:64:1a:08:57:5d:ea:72:
a9:b4:5e:0e:2d:a4:07:30:f0:6e:a1:3b:b8:3a:f5:
88:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:32:C1:9C:61:2B:C4:5A:03:B4:19:8E:63:3A:06:C0:3C:97:29:6A
X509v3 Authority Key Identifier:
keyid:DC:F8:5C:36:C6:96:D5:DB:2C:BB:48:FD:43:E8:21:73:7E:E3:42:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3PhcNsaW1dssu0j9Q-ghc37jQic.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/TjLBnGErxFoDtBmOYzoGwDyXKWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/cfbc62-5d54-4327-b072-0f52f867178d/1/3PhcNsaW1dssu0j9Q-ghc37jQic.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.240.0/22
185.49.192.0/22
185.211.212.0/22
185.249.108.0/22
IPv6:
2a01:a260::/32
2a0b:6b40::/29
2a0c:240::/29
Signature Algorithm: sha256WithRSAEncryption
5a:51:48:44:90:aa:0d:82:1d:8e:42:92:39:ad:6e:67:a9:dd:
40:e2:a5:ad:b4:70:40:fc:2c:98:a6:4b:ba:d0:3d:57:c8:bd:
57:51:fd:23:19:67:c7:15:2f:b3:60:8f:bb:80:9c:a9:68:12:
d2:6d:fd:5a:53:13:fc:bf:27:eb:3c:eb:04:9b:35:01:0d:ba:
27:f6:02:16:e2:4f:d6:3c:99:ee:94:f0:69:11:76:c6:4a:72:
cd:9e:58:c2:dc:2f:79:40:3c:a4:41:f5:09:b4:06:04:bf:10:
34:16:62:a5:ff:8e:bb:4c:8b:d5:1a:c6:77:8b:1d:cb:09:37:
8d:86:b4:f1:fe:23:ee:79:23:9c:cc:54:4c:c8:6a:b6:de:36:
db:40:93:5f:7a:b3:75:93:c6:c5:31:4c:75:a1:17:36:34:6d:
a2:e3:ee:9d:19:9e:75:25:81:3f:38:01:8e:ec:a2:b4:ac:c7:
16:87:26:65:09:f8:cd:1e:57:f5:24:a5:6a:6c:10:d1:65:2b:
4d:a8:47:33:e5:f0:7d:87:52:80:f1:f1:6c:21:d9:30:92:60:
6f:18:e5:62:b9:2f:77:d4:6f:f0:93:10:7a:e1:43:bb:73:83:
c6:f9:77:27:46:88:a1:a4:b6:5b:fb:af:fa:dd:a4:a1:66:3f:
ee:57:93:45
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYj7/O85TUY0gwJFt9gYpHUsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZjg1YzM2YzY5NmQ1ZGIyY2JiNDhmZDQzZTgyMTczN2Vl
MzQyMjcwHhcNMjMwNjI3MDgzMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTMyYzE5YzYxMmJjNDVhMDNiNDE5OGU2MzNhMDZjMDNjOTcyOTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNKrIsdpxQx0FqibJkhyA12zOPma
937z7fBJTJbXPhXJZsjSKHbpXzYeby6uQXJ0W4Yjov6aY6ih5vWlUWIErQKuiKk7
vhu8ypbYB/1LkEyzp9pSFx1+JHAdtthqy/lYPpbTaRJtDJQ5jOzsnF/XQQ2Lz1Fy
Vj29EDKdOiNrq7rZdyMpJkqoaB4wyB8e1OuVB5hGfQOjZHcY/h8Gk85rxc/bNueE
RCcpO95ug+rsyNF2sS2TlPUzhi+N6erQvoE70VJGdp7wYnpiTTUVR4gsO2x4h9ye
0sAtn4Za+4S+MGc3guxh07H872QaCFdd6nKptF4OLaQHMPBuoTu4OvWIaQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFE4ywZxhK8RaA7QZjmM6BsA8lylqMB8GA1UdIwQY
MBaAFNz4XDbGltXbLLtI/UPoIXN+40InMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1BoY05zYVcxZHNzdTBqOVEtZ2hjMzdqUWljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9jZmJjNjItNWQ1NC00MzI3LWIwNzIt
MGY1MmY4NjcxNzhkLzEvVGpMQm5HRXJ4Rm9EdEJtT1l6b0d3RHlYS1dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9jZmJjNjItNWQ1NC00MzI3LWIwNzItMGY1MmY4NjcxNzhk
LzEvM1BoY05zYVcxZHNzdTBqOVEtZ2hjMzdqUWljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAeBAIAATAYAwQCBbXwAwQC
uTHAAwQCudPUAwQCuflsMBsEAgACMBUDBQAqAaJgAwUDKgtrQAMFAyoMAkAwDQYJ
KoZIhvcNAQELBQADggEBAFpRSESQqg2CHY5Ckjmtbmep3UDipa20cED8LJimS7rQ
PVfIvVdR/SMZZ8cVL7Ngj7uAnKloEtJt/VpTE/y/J+s86wSbNQENuif2AhbiT9Y8
me6U8GkRdsZKcs2eWMLcL3lAPKRB9Qm0BgS/EDQWYqX/jrtMi9UaxneLHcsJN42G
tPH+I+55I5zMVEzIarbeNttAk196s3WTxsUxTHWhFzY0baLj7p0ZnnUlgT84AY7s
orSsxxaHJmUJ+M0eV/UkpWpsENFlK02oRzPl8H2HUoDx8Wwh2TCSYG8Y5WK5L3fU
b/CTEHrhQ7tzg8b5dydGiKGktlv7r/rdpKFmP+5Xk0U=
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:28:38 2024 by rpki-client on console-fra.rpki-client.org