Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/79e905-fb0d-4b8b-9390-50d2b70bcf31/1/TwIdEOONI2tOm3Ia9kIhb5R4nPU.roa
File: TwIdEOONI2tOm3Ia9kIhb5R4nPU.roa (raw, json)
Hash identifier: Fi/UCSsHjEZToqCJyIMEPLjVzg+LobWx0WuX//pbyog=
Subject key identifier: 4F:02:1D:10:E3:8D:23:6B:4E:9B:72:1A:F6:42:21:6F:94:78:9C:F5
Certificate issuer: /CN=f2e2810f49b36fdd641c326bd1de4e42d128b046
Certificate serial: 018B660C7D7CFD53C57CD353A477664EE15D
Authority key identifier: F2:E2:81:0F:49:B3:6F:DD:64:1C:32:6B:D1:DE:4E:42:D1:28:B0:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8uKBD0mzb91kHDJr0d5OQtEosEY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/79e905-fb0d-4b8b-9390-50d2b70bcf31/1/TwIdEOONI2tOm3Ia9kIhb5R4nPU.roa
Signing time: Wed 25 Oct 2023 08:56:16 +0000
ROA not before: Wed 25 Oct 2023 08:56:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15557
IP address blocks: 212.103.0.0/19 maxlen: 24
195.167.224.0/20 maxlen: 24
89.226.0.0/16 maxlen: 24
185.204.172.0/22 maxlen: 24
89.224.0.0/14 maxlen: 24
92.102.0.0/15 maxlen: 24
195.167.192.0/20 maxlen: 24
213.30.128.0/18 maxlen: 24
213.244.0.0/19 maxlen: 24
46.218.0.0/16 maxlen: 24
217.66.112.0/20 maxlen: 24
82.101.0.0/18 maxlen: 24
77.104.0.0/18 maxlen: 24
195.248.0.0/19 maxlen: 24
83.145.64.0/18 maxlen: 24
212.99.0.0/17 maxlen: 24
2a02:e000::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:66:0c:7d:7c:fd:53:c5:7c:d3:53:a4:77:66:4e:e1:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2e2810f49b36fdd641c326bd1de4e42d128b046
Validity
Not Before: Oct 25 08:56:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f021d10e38d236b4e9b721af642216f94789cf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7e:f0:e2:38:bb:06:16:43:94:df:72:35:20:
a0:7b:f1:42:de:1a:2b:8a:e9:e0:96:87:51:2a:08:
9a:45:02:54:ec:3e:ba:f9:5a:3b:53:3a:b9:fe:b6:
fe:3c:e3:e8:06:e8:6c:16:1c:f6:d2:65:47:c8:cc:
a3:1a:40:6c:b1:f7:67:62:b5:17:9d:c8:7e:ac:f3:
b6:e2:09:65:ba:6c:92:da:ec:a4:f4:2f:f2:e9:f3:
c5:b4:a1:53:43:ff:08:cf:10:06:4e:d2:b9:55:1c:
07:d7:18:61:82:93:c9:c3:a0:50:2c:38:28:7d:cf:
69:8f:19:cb:7d:40:d6:7d:2c:90:2c:7f:78:ac:f0:
47:37:a6:94:30:b7:4b:30:ec:45:5a:01:4b:f6:c2:
2d:a4:e5:c8:93:04:11:0c:a0:2b:67:f2:c7:99:71:
21:a0:0d:a5:96:34:fc:01:c6:43:ec:a7:c0:1f:c3:
f3:37:30:35:7e:47:c8:3f:f1:71:de:00:0a:3c:8d:
c2:85:57:c7:b1:c8:74:91:25:1b:04:b7:d7:4f:fa:
99:df:2c:32:79:a2:8b:dd:2c:34:27:be:66:f8:00:
19:80:4d:7e:39:7c:39:55:60:8c:e9:c5:1d:8c:7f:
8d:37:e7:11:0f:0c:7e:21:84:bb:2b:0d:73:8d:a9:
9c:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:02:1D:10:E3:8D:23:6B:4E:9B:72:1A:F6:42:21:6F:94:78:9C:F5
X509v3 Authority Key Identifier:
keyid:F2:E2:81:0F:49:B3:6F:DD:64:1C:32:6B:D1:DE:4E:42:D1:28:B0:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8uKBD0mzb91kHDJr0d5OQtEosEY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/79e905-fb0d-4b8b-9390-50d2b70bcf31/1/TwIdEOONI2tOm3Ia9kIhb5R4nPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/79e905-fb0d-4b8b-9390-50d2b70bcf31/1/8uKBD0mzb91kHDJr0d5OQtEosEY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.218.0.0/16
77.104.0.0/18
82.101.0.0/18
83.145.64.0/18
89.224.0.0/14
92.102.0.0/15
185.204.172.0/22
195.167.192.0/20
195.167.224.0/20
195.248.0.0/19
212.99.0.0/17
212.103.0.0/19
213.30.128.0/18
213.244.0.0/19
217.66.112.0/20
IPv6:
2a02:e000::/29
Signature Algorithm: sha256WithRSAEncryption
07:d5:a2:8b:a1:8c:e2:4f:90:9b:68:86:dc:6e:f9:60:43:d1:
df:4a:04:75:20:14:c2:ec:e6:55:52:09:a6:4d:5a:8d:7f:8a:
1e:a9:ff:ed:ca:dc:a8:b7:a2:e0:ed:65:28:38:dd:a2:e9:47:
bf:aa:08:74:a1:d6:da:d9:2e:e7:3c:48:08:50:31:93:aa:96:
4c:34:dd:1a:a4:cc:e1:dc:a8:60:5d:8b:1c:07:14:0e:07:93:
6a:96:42:d6:31:c4:38:05:e1:08:59:8c:3d:c4:f6:42:81:dc:
39:e8:76:53:18:4e:44:94:78:5b:1d:c8:7b:2c:e7:1f:63:96:
3f:51:c4:b1:cb:24:b2:28:30:0e:f0:bd:fc:41:df:08:a1:54:
2f:b9:89:fb:9f:b7:4a:70:20:f5:37:1f:b7:d5:d9:90:93:a0:
02:0e:bb:07:2e:71:6e:5d:f8:fb:a4:7a:22:b1:2c:a9:d6:dd:
39:10:64:6b:02:0e:13:22:f3:ed:0e:95:35:76:6a:ba:50:7d:
a1:80:6a:8a:aa:8e:cd:3d:85:a4:75:6e:a8:db:c7:d8:0a:59:
e4:23:f8:24:7a:b3:bf:72:1a:5f:53:bb:c0:33:c3:18:79:3c:
0a:08:de:a3:8f:e4:27:9a:6f:6c:1a:84:a4:8e:08:20:d0:c6:
87:f0:5a:fb
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYtmDH18/VPFfNNTpHdmTuFdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyZTI4MTBmNDliMzZmZGQ2NDFjMzI2YmQxZGU0ZTQyZDEy
OGIwNDYwHhcNMjMxMDI1MDg1NjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjAyMWQxMGUzOGQyMzZiNGU5YjcyMWFmNjQyMjE2Zjk0Nzg5Y2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqX7w4ji7BhZDlN9yNSCge/FC3hor
iunglodRKgiaRQJU7D66+Vo7Uzq5/rb+POPoBuhsFhz20mVHyMyjGkBssfdnYrUX
nch+rPO24gllumyS2uyk9C/y6fPFtKFTQ/8IzxAGTtK5VRwH1xhhgpPJw6BQLDgo
fc9pjxnLfUDWfSyQLH94rPBHN6aUMLdLMOxFWgFL9sItpOXIkwQRDKArZ/LHmXEh
oA2lljT8AcZD7KfAH8PzNzA1fkfIP/Fx3gAKPI3ChVfHsch0kSUbBLfXT/qZ3ywy
eaKL3Sw0J75m+AAZgE1+OXw5VWCM6cUdjH+NN+cRDwx+IYS7Kw1zjamcvwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFE8CHRDjjSNrTptyGvZCIW+UeJz1MB8GA1UdIwQY
MBaAFPLigQ9Js2/dZBwya9HeTkLRKLBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHVLQkQwbXpiOTFrSERKcjBkNU9RdEVvc0VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi83OWU5MDUtZmIwZC00YjhiLTkzOTAt
NTBkMmI3MGJjZjMxLzEvVHdJZEVPT05JMnRPbTNJYTlrSWhiNVI0blBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi83OWU5MDUtZmIwZC00YjhiLTkzOTAtNTBkMmI3MGJjZjMx
LzEvOHVLQkQwbXpiOTFrSERKcjBkNU9RdEVvc0VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBdBAIAATBXAwMALtoDBAZN
aAADBAZSZQADBAZTkUADAwJZ4AMDAVxmAwQCucysAwQEw6fAAwQEw6fgAwQFw/gA
AwQH1GMAAwQF1GcAAwQG1R6AAwQF1fQAAwQE2UJwMA0EAgACMAcDBQMqAuAAMA0G
CSqGSIb3DQEBCwUAA4IBAQAH1aKLoYziT5CbaIbcbvlgQ9HfSgR1IBTC7OZVUgmm
TVqNf4oeqf/tytyot6Lg7WUoON2i6Ue/qgh0odba2S7nPEgIUDGTqpZMNN0apMzh
3KhgXYscBxQOB5NqlkLWMcQ4BeEIWYw9xPZCgdw56HZTGE5ElHhbHch7LOcfY5Y/
UcSxyySyKDAO8L38Qd8IoVQvuYn7n7dKcCD1Nx+31dmQk6ACDrsHLnFuXfj7pHoi
sSyp1t05EGRrAg4TIvPtDpU1dmq6UH2hgGqKqo7NPYWkdW6o28fYClnkI/gkerO/
chpfU7vAM8MYeTwKCN6jj+Qnmm9sGoSkjggg0MaH8Fr7
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:23:44 2024 by rpki-client on console-ams.rpki-client.org