Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/TQY7sXMvQ2Bzzl5jlufuZmrhNRA.roa
File: TQY7sXMvQ2Bzzl5jlufuZmrhNRA.roa (raw, json)
Hash identifier: 1j02iCvnH8SsMbqxF3EQXCNiBEtL2dHQGXxGK+gJumQ=
Subject key identifier: 4D:06:3B:B1:73:2F:43:60:73:CE:5E:63:96:E7:EE:66:6A:E1:35:10
Certificate issuer: /CN=66e92c341e769443fde1d27566044b4b65159060
Certificate serial: 01857094F8C2116A390AF33A05593F49AE3D
Authority key identifier: 66:E9:2C:34:1E:76:94:43:FD:E1:D2:75:66:04:4B:4B:65:15:90:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZuksNB52lEP94dJ1ZgRLS2UVkGA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/TQY7sXMvQ2Bzzl5jlufuZmrhNRA.roa
Signing time: Mon 02 Jan 2023 03:44:49 +0000
ROA not before: Mon 02 Jan 2023 03:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205072
IP address blocks: 185.149.108.0/22 maxlen: 24
109.109.128.0/20 maxlen: 24
45.155.21.0/24 maxlen: 24
45.155.20.0/22 maxlen: 22
195.5.176.0/24 maxlen: 24
45.137.36.0/22 maxlen: 22
87.239.16.0/21 maxlen: 24
45.147.88.0/22 maxlen: 22
193.22.80.0/24 maxlen: 24
195.5.161.0/24 maxlen: 24
195.5.170.0/24 maxlen: 24
195.5.168.0/24 maxlen: 24
2a0d:da00::/29 maxlen: 29
2a0d:da00::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 31 Oct 2023 09:21:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:94:f8:c2:11:6a:39:0a:f3:3a:05:59:3f:49:ae:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66e92c341e769443fde1d27566044b4b65159060
Validity
Not Before: Jan 2 03:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d063bb1732f436073ce5e6396e7ee666ae13510
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e4:63:29:ae:57:66:4b:0b:b2:f6:69:df:de:
11:de:61:b4:e3:d4:14:d0:69:40:82:4d:3b:33:6f:
72:fd:11:0e:c0:47:8e:09:61:b8:fa:1e:f8:b4:b0:
63:96:f8:f7:b3:92:bb:11:39:90:53:02:e8:05:e3:
09:27:8d:a2:52:3c:74:b3:14:37:d5:83:8a:33:d0:
f9:75:2a:6c:1a:28:83:6b:f2:16:1b:34:a5:70:56:
1e:0a:c2:a6:8c:36:4d:67:88:3a:a5:79:79:e7:fd:
2e:28:f3:e6:6b:c4:dc:14:56:3f:9f:82:9f:d3:9d:
91:a9:0c:a5:be:0d:4f:56:cd:f2:ba:e9:b8:d9:7d:
d9:c7:0c:84:20:60:19:8e:53:56:8c:43:53:85:0d:
56:9a:76:03:76:d7:28:4f:91:45:d3:2f:9a:cf:42:
20:5f:b6:3f:75:32:ae:90:89:5d:4e:0c:93:3a:76:
de:ff:fa:c7:1f:aa:6d:c7:b9:32:af:bc:c5:58:71:
34:48:1e:d2:79:96:1d:ca:69:92:2b:73:5c:58:0d:
80:0c:12:a7:10:78:4e:d8:56:8e:a6:77:e6:84:af:
98:20:56:4d:f2:f5:0c:a3:fa:54:b2:12:47:57:e1:
b9:a4:34:0d:ba:c1:48:37:cb:3a:e5:b8:28:a2:11:
c2:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:06:3B:B1:73:2F:43:60:73:CE:5E:63:96:E7:EE:66:6A:E1:35:10
X509v3 Authority Key Identifier:
keyid:66:E9:2C:34:1E:76:94:43:FD:E1:D2:75:66:04:4B:4B:65:15:90:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZuksNB52lEP94dJ1ZgRLS2UVkGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/TQY7sXMvQ2Bzzl5jlufuZmrhNRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/ZuksNB52lEP94dJ1ZgRLS2UVkGA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.36.0/22
45.147.88.0/22
45.155.20.0/22
87.239.16.0/21
109.109.128.0/20
185.149.108.0/22
193.22.80.0/24
195.5.161.0/24
195.5.168.0/24
195.5.170.0/24
195.5.176.0/24
IPv6:
2a0d:da00::/29
Signature Algorithm: sha256WithRSAEncryption
2b:c3:ef:89:12:9b:ef:f6:fa:e0:f9:12:48:22:2a:a6:48:d7:
52:fc:10:d6:45:d4:88:78:4b:05:54:8c:b1:20:8a:cf:91:7e:
30:c5:ea:44:57:42:05:96:9c:1c:b3:f0:dd:b7:08:e6:c7:7c:
e8:57:51:d4:c2:41:7a:b4:04:55:7c:8a:4f:ec:9d:e2:df:98:
a1:4a:10:73:0e:fc:19:91:9a:d3:ac:6c:16:4a:e9:5f:5e:f8:
33:d7:d7:b8:1d:64:10:7d:ea:1f:03:2a:15:8a:88:96:b0:0b:
d9:86:52:b4:70:36:e9:4a:78:15:ae:df:08:15:a6:1b:41:bd:
0e:d5:8a:c1:49:90:3d:4f:9e:e0:03:6a:1b:67:15:15:d8:fe:
44:94:fe:d6:21:aa:43:76:4c:8a:53:85:51:04:15:59:c2:b4:
8e:df:17:54:0f:97:ad:d4:28:a1:29:73:9e:d8:3c:68:5d:ab:
12:35:b9:4e:36:9e:fc:02:36:cf:60:47:89:91:5b:3f:3c:ec:
50:61:80:71:54:56:66:65:c3:79:da:ca:f6:71:b5:ac:87:b9:
6d:03:d6:3e:44:4d:59:99:10:55:f9:2a:16:66:a0:56:4a:af:
3f:9d:2c:e4:00:80:aa:e0:4b:75:85:ad:48:4c:ba:ec:ad:3e:
02:f0:34:be
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYVwlPjCEWo5CvM6BVk/Sa49MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZTkyYzM0MWU3Njk0NDNmZGUxZDI3NTY2MDQ0YjRiNjUx
NTkwNjAwHhcNMjMwMTAyMDM0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDA2M2JiMTczMmY0MzYwNzNjZTVlNjM5NmU3ZWU2NjZhZTEzNTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleRjKa5XZksLsvZp394R3mG049QU
0GlAgk07M29y/REOwEeOCWG4+h74tLBjlvj3s5K7ETmQUwLoBeMJJ42iUjx0sxQ3
1YOKM9D5dSpsGiiDa/IWGzSlcFYeCsKmjDZNZ4g6pXl55/0uKPPma8TcFFY/n4Kf
052RqQylvg1PVs3yuum42X3ZxwyEIGAZjlNWjENThQ1WmnYDdtcoT5FF0y+az0Ig
X7Y/dTKukIldTgyTOnbe//rHH6ptx7kyr7zFWHE0SB7SeZYdymmSK3NcWA2ADBKn
EHhO2FaOpnfmhK+YIFZN8vUMo/pUshJHV+G5pDQNusFIN8s65bgoohHCxQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFE0GO7FzL0Ngc85eY5bn7mZq4TUQMB8GA1UdIwQY
MBaAFGbpLDQedpRD/eHSdWYES0tlFZBgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnVrc05CNTJsRVA5NGRKMVpnUkxTMlVWa0dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS84ZjE5NjgtYTc5YS00YTA3LWFjZTYt
YzFkMjk2ZjhmZDA3LzEvVFFZN3NYTXZRMkJ6emw1amx1ZnVabXJoTlJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS84ZjE5NjgtYTc5YS00YTA3LWFjZTYtYzFkMjk2ZjhmZDA3
LzEvWnVrc05CNTJsRVA5NGRKMVpnUkxTMlVWa0dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQCLYkkAwQC
LZNYAwQCLZsUAwQDV+8QAwQEbW2AAwQCuZVsAwQAwRZQAwQAwwWhAwQAwwWoAwQA
wwWqAwQAwwWwMA0EAgACMAcDBQMqDdoAMA0GCSqGSIb3DQEBCwUAA4IBAQArw++J
Epvv9vrg+RJIIiqmSNdS/BDWRdSIeEsFVIyxIIrPkX4wxepEV0IFlpwcs/Ddtwjm
x3zoV1HUwkF6tARVfIpP7J3i35ihShBzDvwZkZrTrGwWSulfXvgz19e4HWQQfeof
AyoVioiWsAvZhlK0cDbpSngVrt8IFaYbQb0O1YrBSZA9T57gA2obZxUV2P5ElP7W
IapDdkyKU4VRBBVZwrSO3xdUD5et1CihKXOe2DxoXasSNblONp78AjbPYEeJkVs/
POxQYYBxVFZmZcN52sr2cbWsh7ltA9Y+RE1ZmRBV+SoWZqBWSq8/nSzkAICq4Et1
ha1ITLrsrT4C8DS+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:22 2024 by rpki-client on console-fra.rpki-client.org