Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/c010dc-0910-4341-8b33-2e694b339933/1/TGHSMEartIbEvtVzNBY0LUEZ2iI.roa
File: TGHSMEartIbEvtVzNBY0LUEZ2iI.roa (raw, json)
Hash identifier: PucqwAnSWVz9Wqr5sNQpf3Gk/sQkdoiteZWFrxnQi64=
Subject key identifier: 4C:61:D2:30:46:AB:B4:86:C4:BE:D5:73:34:16:34:2D:41:19:DA:22
Certificate issuer: /CN=4a9c5e56aacd01ffb2825a931ed5ede41c3f92e6
Certificate serial: 018C683AFFCE6D4A8715ADDC032758A40793
Authority key identifier: 4A:9C:5E:56:AA:CD:01:FF:B2:82:5A:93:1E:D5:ED:E4:1C:3F:92:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SpxeVqrNAf-yglqTHtXt5Bw_kuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/c010dc-0910-4341-8b33-2e694b339933/1/TGHSMEartIbEvtVzNBY0LUEZ2iI.roa
Signing time: Thu 14 Dec 2023 12:09:06 +0000
ROA not before: Thu 14 Dec 2023 12:09:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201454
IP address blocks: 45.140.0.0/22 maxlen: 24
185.73.24.0/22 maxlen: 22
185.112.24.0/22 maxlen: 22
188.94.216.0/21 maxlen: 21
2a05:3f00::/29 maxlen: 29
2a01:6f80::/32 maxlen: 32
2a02:c340::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:68:3a:ff:ce:6d:4a:87:15:ad:dc:03:27:58:a4:07:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a9c5e56aacd01ffb2825a931ed5ede41c3f92e6
Validity
Not Before: Dec 14 12:09:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c61d23046abb486c4bed5733416342d4119da22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:27:22:20:a6:a2:82:98:03:fc:59:0d:86:01:
ad:41:37:44:0d:9b:68:28:ff:b1:4c:11:8a:18:9e:
bf:71:fd:e9:b6:c2:08:c9:0e:d1:54:7b:49:c0:73:
b5:3f:13:89:c4:d0:91:28:5f:ad:ea:15:b2:0e:f7:
72:ab:4d:5b:50:0f:3e:7d:0f:91:35:e7:9f:5e:72:
e8:e8:64:94:89:75:b4:46:b1:2a:2f:e3:a4:f7:bd:
93:d0:5c:ad:04:08:27:2d:c1:60:d6:08:b5:47:11:
91:d4:e2:c7:c1:a1:61:fb:74:96:5b:82:2a:8a:db:
be:ef:cd:07:ba:3c:7f:97:1a:06:d1:8b:a1:3b:fe:
91:92:9c:9f:63:31:15:1c:15:7d:01:2e:a1:48:ed:
af:0d:ff:62:90:16:9e:96:8f:84:5a:08:ba:e2:12:
8f:b4:ed:90:85:9a:f7:9c:35:30:f4:26:58:be:fe:
5a:0b:ce:b4:43:a5:f0:62:81:c6:2e:d8:64:d2:3d:
4f:58:e8:98:1e:9e:03:8d:39:dd:a3:17:84:43:8a:
5e:7e:50:dc:af:96:9c:e7:bc:c9:fe:63:dc:e1:62:
85:84:84:70:1f:fd:93:18:81:48:7f:a5:8a:ca:fb:
e6:ea:10:97:9d:2d:0c:2b:b6:70:06:72:de:78:4d:
dc:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:61:D2:30:46:AB:B4:86:C4:BE:D5:73:34:16:34:2D:41:19:DA:22
X509v3 Authority Key Identifier:
keyid:4A:9C:5E:56:AA:CD:01:FF:B2:82:5A:93:1E:D5:ED:E4:1C:3F:92:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SpxeVqrNAf-yglqTHtXt5Bw_kuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c010dc-0910-4341-8b33-2e694b339933/1/TGHSMEartIbEvtVzNBY0LUEZ2iI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c010dc-0910-4341-8b33-2e694b339933/1/SpxeVqrNAf-yglqTHtXt5Bw_kuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.0.0/22
185.73.24.0/22
185.112.24.0/22
188.94.216.0/21
IPv6:
2a01:6f80::/32
2a02:c340::/29
2a05:3f00::/29
Signature Algorithm: sha256WithRSAEncryption
46:46:27:30:4a:f8:f2:c0:74:f7:60:36:e6:a2:68:6d:f9:92:
5c:15:3d:42:b2:83:5a:72:05:04:96:d5:a0:bf:e5:da:c7:51:
93:a6:43:c5:20:dc:4d:a3:87:04:6f:52:6b:bb:7d:d5:b8:c6:
07:82:8f:32:7d:54:43:ca:52:fd:7d:f0:ad:4e:47:0f:84:a4:
45:ad:ed:ca:f3:82:d6:23:27:e3:3f:73:6c:0b:bc:09:f8:95:
17:d3:8f:d8:88:46:0e:bf:69:56:51:96:7c:10:95:17:46:51:
03:bb:6c:b4:ce:bc:36:5b:73:ee:94:6f:af:b8:df:66:08:63:
44:ae:a3:ac:85:a4:07:b4:15:3c:ca:6c:c7:ff:f4:33:70:25:
9b:65:5b:0b:a7:8f:97:b0:3d:4d:b5:5f:db:6b:9c:d5:42:1e:
09:61:ed:59:e3:ad:16:85:96:9f:49:fe:7a:f3:22:3d:2e:79:
b2:eb:da:68:c2:6b:b5:25:25:f6:5c:f5:9f:14:ef:9f:ba:8f:
9e:44:09:b3:de:d8:11:75:d3:1e:e0:5a:6a:f5:80:5a:3a:ee:
d2:e2:7a:b6:b7:4e:90:5a:34:11:94:96:33:70:9f:22:5c:77:
cc:c3:cd:9c:ce:6c:bc:13:7e:dc:af:03:15:9a:53:b3:74:9f:
b5:13:63:b5
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYxoOv/ObUqHFa3cAydYpAeTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhOWM1ZTU2YWFjZDAxZmZiMjgyNWE5MzFlZDVlZGU0MWMz
ZjkyZTYwHhcNMjMxMjE0MTIwOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzYxZDIzMDQ2YWJiNDg2YzRiZWQ1NzMzNDE2MzQyZDQxMTlkYTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiiciIKaigpgD/FkNhgGtQTdEDZto
KP+xTBGKGJ6/cf3ptsIIyQ7RVHtJwHO1PxOJxNCRKF+t6hWyDvdyq01bUA8+fQ+R
NeefXnLo6GSUiXW0RrEqL+Ok972T0FytBAgnLcFg1gi1RxGR1OLHwaFh+3SWW4Iq
itu+780Hujx/lxoG0YuhO/6RkpyfYzEVHBV9AS6hSO2vDf9ikBaelo+EWgi64hKP
tO2QhZr3nDUw9CZYvv5aC860Q6XwYoHGLthk0j1PWOiYHp4DjTndoxeEQ4peflDc
r5ac57zJ/mPc4WKFhIRwH/2TGIFIf6WKyvvm6hCXnS0MK7ZwBnLeeE3cMQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFExh0jBGq7SGxL7VczQWNC1BGdoiMB8GA1UdIwQY
MBaAFEqcXlaqzQH/soJakx7V7eQcP5LmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3B4ZVZxck5BZi15Z2xxVEh0WHQ1Qndfa3VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jMDEwZGMtMDkxMC00MzQxLThiMzMt
MmU2OTRiMzM5OTMzLzEvVEdIU01FYXJ0SWJFdnRWek5CWTBMVUVaMmlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jMDEwZGMtMDkxMC00MzQxLThiMzMtMmU2OTRiMzM5OTMz
LzEvU3B4ZVZxck5BZi15Z2xxVEh0WHQ1Qndfa3VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAeBAIAATAYAwQCLYwAAwQC
uUkYAwQCuXAYAwQDvF7YMBsEAgACMBUDBQAqAW+AAwUDKgLDQAMFAyoFPwAwDQYJ
KoZIhvcNAQELBQADggEBAEZGJzBK+PLAdPdgNuaiaG35klwVPUKyg1pyBQSW1aC/
5drHUZOmQ8Ug3E2jhwRvUmu7fdW4xgeCjzJ9VEPKUv198K1ORw+EpEWt7crzgtYj
J+M/c2wLvAn4lRfTj9iIRg6/aVZRlnwQlRdGUQO7bLTOvDZbc+6Ub6+432YIY0Su
o6yFpAe0FTzKbMf/9DNwJZtlWwunj5ewPU21X9trnNVCHglh7VnjrRaFlp9J/nrz
Ij0uebLr2mjCa7UlJfZc9Z8U75+6j55ECbPe2BF10x7gWmr1gFo67tLiera3TpBa
NBGUljNwnyJcd8zDzZzObLwTftyvAxWaU7N0n7UTY7U=
-----END CERTIFICATE-----
Generated at Wed Dec 20 14:37:05 2023 by rpki-client on console-ams.rpki-client.org