Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/4cd72d-d8a5-46ce-8674-0d22232c34a0/1/TgxE_9JEMkLEnXKdknLBR5ImGro.roa
File: TgxE_9JEMkLEnXKdknLBR5ImGro.roa (raw, json)
Hash identifier: BtFvkggr5zpiGVdvxkrJesnhPlNctdN56Ix4+oMERKM=
Subject key identifier: 4E:0C:44:FF:D2:44:32:42:C4:9D:72:9D:92:72:C1:47:92:26:1A:BA
Certificate issuer: /CN=a4eb9eb5547c7f5f1aafc0ada140805419618726
Certificate serial: 0185A676BA2586C1746075248A3B299E2AA4
Authority key identifier: A4:EB:9E:B5:54:7C:7F:5F:1A:AF:C0:AD:A1:40:80:54:19:61:87:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pOuetVR8f18ar8CtoUCAVBlhhyY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/4cd72d-d8a5-46ce-8674-0d22232c34a0/1/TgxE_9JEMkLEnXKdknLBR5ImGro.roa
Signing time: Thu 12 Jan 2023 14:51:16 +0000
ROA not before: Thu 12 Jan 2023 14:51:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35467
IP address blocks: 145.87.224.0/19 maxlen: 20
83.136.192.0/21 maxlen: 24
93.95.144.0/21 maxlen: 22
81.92.176.0/20 maxlen: 21
37.0.16.0/21 maxlen: 22
217.27.224.0/21 maxlen: 22
217.27.232.0/21 maxlen: 23
212.52.224.0/19 maxlen: 22
185.55.108.0/22 maxlen: 23
91.106.224.0/21 maxlen: 23
31.186.160.0/21 maxlen: 22
185.250.160.0/22 maxlen: 24
185.35.32.0/22 maxlen: 23
2a02:5b0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 19 Jan 2023 13:19:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a6:76:ba:25:86:c1:74:60:75:24:8a:3b:29:9e:2a:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4eb9eb5547c7f5f1aafc0ada140805419618726
Validity
Not Before: Jan 12 14:51:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e0c44ffd2443242c49d729d9272c14792261aba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ba:f5:73:8c:0d:dc:11:a6:68:5b:78:74:b0:
ad:95:95:01:ae:f8:05:12:ec:a7:84:75:bd:68:d1:
c5:ae:d3:70:b1:94:b0:88:56:c7:03:6b:77:39:c7:
67:99:a3:e0:87:74:61:42:bc:0f:34:a2:74:ee:af:
29:c7:ff:eb:4f:04:8c:ad:d4:8b:c3:30:c4:6c:9e:
8e:bb:7a:b8:d6:eb:34:7d:d8:70:69:9b:0b:54:39:
3c:11:7f:3e:55:9c:bc:b4:78:a4:82:bb:db:10:77:
f2:ab:93:f3:14:cd:ef:96:7e:b0:88:0a:0e:46:30:
38:f3:6d:b9:b1:90:51:1c:8a:46:81:f2:83:27:c4:
08:95:28:0d:64:4d:47:48:ee:5d:37:0d:44:7e:a0:
ce:3c:9a:38:82:55:44:b0:c8:4e:fa:db:85:00:36:
56:dc:04:16:85:35:50:db:3d:5f:95:48:3c:1c:b3:
79:f5:93:5d:cc:91:1a:3c:89:d8:a7:0c:68:23:1c:
af:f1:92:6c:84:89:fa:8a:9b:0e:6d:27:be:28:36:
6b:49:c2:a7:c3:c8:4f:02:cf:0c:25:e7:43:32:82:
6e:4d:ed:0b:db:fd:54:53:1a:50:7f:61:0a:53:4e:
df:14:c0:47:39:a6:c7:a4:7b:fb:ad:86:4d:74:17:
17:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:0C:44:FF:D2:44:32:42:C4:9D:72:9D:92:72:C1:47:92:26:1A:BA
X509v3 Authority Key Identifier:
keyid:A4:EB:9E:B5:54:7C:7F:5F:1A:AF:C0:AD:A1:40:80:54:19:61:87:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pOuetVR8f18ar8CtoUCAVBlhhyY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/4cd72d-d8a5-46ce-8674-0d22232c34a0/1/TgxE_9JEMkLEnXKdknLBR5ImGro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/4cd72d-d8a5-46ce-8674-0d22232c34a0/1/pOuetVR8f18ar8CtoUCAVBlhhyY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.160.0/21
37.0.16.0/21
81.92.176.0/20
83.136.192.0/21
91.106.224.0/21
93.95.144.0/21
145.87.224.0/19
185.35.32.0/22
185.55.108.0/22
185.250.160.0/22
212.52.224.0/19
217.27.224.0/20
IPv6:
2a02:5b0::/32
Signature Algorithm: sha256WithRSAEncryption
44:a6:8d:4e:3e:6e:84:85:0a:2a:8f:8e:04:6b:2c:81:85:2a:
cb:d9:35:a5:98:3d:33:b8:09:a4:e4:d1:32:7f:d3:ee:f8:2d:
ba:01:a2:7d:07:b3:fd:4f:6b:89:d7:dc:a0:46:66:ff:4a:c8:
9e:59:52:dc:6d:da:88:a5:b8:cc:c2:2c:40:78:01:a3:75:77:
99:6d:b5:02:b5:42:05:90:0c:0a:58:ef:d8:92:cf:8d:02:86:
4c:29:2b:92:b9:0c:2a:7e:be:9c:e9:8a:42:74:19:92:c2:03:
60:06:d8:a7:a4:76:5c:cf:0f:56:be:88:1c:f5:3d:8e:f7:1f:
b7:f2:b5:46:e7:cf:e7:55:0f:17:53:42:db:9e:e9:eb:cb:b2:
64:db:ed:98:9e:08:35:1c:1a:44:f8:a4:72:46:14:86:8b:03:
0e:40:69:8e:fc:a2:3e:a1:23:99:47:a8:65:bd:a8:ca:b9:14:
e0:d4:e7:bb:21:ea:21:a2:5f:6a:b9:c1:53:31:1b:7c:85:54:
5f:b1:13:53:71:60:4b:11:26:37:97:c6:19:0c:0f:c2:91:40:
b7:93:47:68:20:08:28:86:d2:28:f3:48:6a:1d:3d:8d:21:07:
99:b9:6c:8b:bd:de:1e:55:9f:f7:26:ec:81:74:0e:a4:d2:a5:
61:5c:1e:4c
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYWmdrolhsF0YHUkijspniqkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZWI5ZWI1NTQ3YzdmNWYxYWFmYzBhZGExNDA4MDU0MTk2
MTg3MjYwHhcNMjMwMTEyMTQ1MTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTBjNDRmZmQyNDQzMjQyYzQ5ZDcyOWQ5MjcyYzE0NzkyMjYxYWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLr1c4wN3BGmaFt4dLCtlZUBrvgF
EuynhHW9aNHFrtNwsZSwiFbHA2t3OcdnmaPgh3RhQrwPNKJ07q8px//rTwSMrdSL
wzDEbJ6Ou3q41us0fdhwaZsLVDk8EX8+VZy8tHikgrvbEHfyq5PzFM3vln6wiAoO
RjA48225sZBRHIpGgfKDJ8QIlSgNZE1HSO5dNw1EfqDOPJo4glVEsMhO+tuFADZW
3AQWhTVQ2z1flUg8HLN59ZNdzJEaPInYpwxoIxyv8ZJshIn6ipsObSe+KDZrScKn
w8hPAs8MJedDMoJuTe0L2/1UUxpQf2EKU07fFMBHOabHpHv7rYZNdBcXRwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFE4MRP/SRDJCxJ1ynZJywUeSJhq6MB8GA1UdIwQY
MBaAFKTrnrVUfH9fGq/AraFAgFQZYYcmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE91ZXRWUjhmMThhcjhDdG9VQ0FWQmxoaHlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi80Y2Q3MmQtZDhhNS00NmNlLTg2NzQt
MGQyMjIzMmMzNGEwLzEvVGd4RV85SkVNa0xFblhLZGtuTEJSNUltR3JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi80Y2Q3MmQtZDhhNS00NmNlLTg2NzQtMGQyMjIzMmMzNGEw
LzEvcE91ZXRWUjhmMThhcjhDdG9VQ0FWQmxoaHlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDH7qgAwQD
JQAQAwQEUVywAwQDU4jAAwQDW2rgAwQDXV+QAwQFkVfgAwQCuSMgAwQCuTdsAwQC
ufqgAwQF1DTgAwQE2RvgMA0EAgACMAcDBQAqAgWwMA0GCSqGSIb3DQEBCwUAA4IB
AQBEpo1OPm6EhQoqj44EayyBhSrL2TWlmD0zuAmk5NEyf9Pu+C26AaJ9B7P9T2uJ
19ygRmb/SsieWVLcbdqIpbjMwixAeAGjdXeZbbUCtUIFkAwKWO/Yks+NAoZMKSuS
uQwqfr6c6YpCdBmSwgNgBtinpHZczw9Wvogc9T2O9x+38rVG58/nVQ8XU0Lbnunr
y7Jk2+2Yngg1HBpE+KRyRhSGiwMOQGmO/KI+oSOZR6hlvajKuRTg1Oe7Ieohol9q
ucFTMRt8hVRfsRNTcWBLESY3l8YZDA/CkUC3k0doIAgohtIo80hqHT2NIQeZuWyL
vd4eVZ/3JuyBdA6k0qVhXB5M
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:11 2024 by rpki-client on console-fra.rpki-client.org