Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/TqL6OuxX4wVNOPPTRCB4JCP8sxg.roa
File: TqL6OuxX4wVNOPPTRCB4JCP8sxg.roa (raw, json)
Hash identifier: uqa+c0Z2gl00auIl9kDYXEDN9x3hlg119feYVJIjXus=
Subject key identifier: 4E:A2:FA:3A:EC:57:E3:05:4D:38:F3:D3:44:20:78:24:23:FC:B3:18
Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Certificate serial: 018C1AB9ED0470BC0009B26556222ECE6033
Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/TqL6OuxX4wVNOPPTRCB4JCP8sxg.roa
Signing time: Wed 29 Nov 2023 10:57:21 +0000
ROA not before: Wed 29 Nov 2023 10:57:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1273
IP address blocks: 46.190.137.0/24 maxlen: 24
46.108.0.0/16 maxlen: 24
46.190.254.0/24 maxlen: 24
85.205.0.0/16 maxlen: 24
62.213.128.0/23 maxlen: 24
62.213.156.0/22 maxlen: 24
46.190.128.0/17 maxlen: 24
139.47.192.0/18 maxlen: 24
195.233.0.0/16 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1a:b9:ed:04:70:bc:00:09:b2:65:56:22:2e:ce:60:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Validity
Not Before: Nov 29 10:57:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ea2fa3aec57e3054d38f3d34420782423fcb318
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:fc:dd:43:b3:2f:fa:96:d9:fc:4a:79:c1:95:
1f:2c:6c:75:f5:e1:97:70:53:a8:ff:00:d8:60:a7:
24:ec:9e:12:e2:1d:54:e9:47:1a:6a:d0:66:67:21:
77:63:98:0f:6b:58:64:2e:13:18:3a:e3:b7:d4:a9:
c2:aa:6e:03:7b:50:8d:64:82:13:fc:f3:ad:4e:82:
00:c9:8a:1d:54:16:ee:3c:42:2e:fb:e3:21:30:4e:
8b:44:d5:01:6e:97:79:b4:06:e2:41:82:91:2e:3f:
22:35:29:96:8e:e2:1e:fe:9e:80:38:e2:47:d6:a0:
0a:af:90:c4:ea:22:98:44:6d:47:93:26:01:08:5f:
24:8f:24:20:4d:64:27:9e:34:5c:a5:2c:ba:5a:1d:
eb:bc:37:9c:fb:37:14:32:3b:3b:37:cc:d8:91:6e:
21:47:b7:75:bf:31:dd:fe:2a:8f:bf:fd:28:db:97:
96:6e:2f:91:ec:61:9f:06:73:87:63:fe:84:d7:6f:
ef:59:4c:7b:a1:5c:d5:74:70:33:b3:80:28:13:97:
77:8a:e9:4e:9f:a2:74:6a:0a:eb:da:a9:5a:62:17:
39:4a:df:00:38:e3:76:b0:3f:f7:d9:e6:d6:2d:c4:
30:b7:2c:29:1e:0f:05:8f:33:c3:53:43:e2:ce:c2:
f2:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:A2:FA:3A:EC:57:E3:05:4D:38:F3:D3:44:20:78:24:23:FC:B3:18
X509v3 Authority Key Identifier:
keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/TqL6OuxX4wVNOPPTRCB4JCP8sxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.108.0.0/16
46.190.128.0/17
62.213.128.0/23
62.213.156.0/22
85.205.0.0/16
139.47.192.0/18
195.233.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2f:61:d6:12:aa:ed:ea:7e:4c:3e:bc:9a:db:ee:cc:7c:ec:ac:
f3:25:2a:6c:b9:ca:e4:8a:72:0f:36:fe:ab:c0:b2:1d:e2:b8:
93:9d:d2:f3:d7:40:c3:18:ea:04:46:62:f0:bc:6a:68:85:db:
38:39:81:ae:6c:d3:a4:82:f7:e8:04:7d:a9:6d:84:8c:60:ca:
3b:72:64:c5:da:29:1f:84:a0:00:6b:12:cd:7b:69:13:a5:08:
bb:40:83:eb:be:cd:71:6d:f7:a1:04:7c:e1:b5:04:4a:61:5e:
f1:53:69:54:4a:77:f6:cf:5a:8b:4e:75:db:3c:c9:11:0f:e0:
f2:eb:33:67:cb:b1:31:f3:ed:6a:c5:ef:05:f2:1a:a9:39:d9:
da:62:d4:ed:a1:51:c9:41:4d:45:00:f3:a9:f0:63:0a:ef:b6:
3b:be:1b:88:73:d2:af:40:d0:69:b6:97:50:09:69:89:69:23:
03:41:20:58:a1:f8:81:9a:a1:5f:f7:84:a1:88:c4:9b:6f:06:
9d:6c:96:19:b0:b2:4c:6c:c6:e8:e7:cd:15:34:b5:f9:5f:9c:
4f:c4:b9:cd:c6:70:84:47:8b:6b:2f:37:05:f2:9d:83:ae:8c:
63:f6:da:a2:77:66:6b:bd:13:9b:02:43:6d:47:11:15:7c:c0:
13:6d:00:b5
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYwaue0EcLwACbJlViIuzmAzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3
NTE1ZDIwHhcNMjMxMTI5MTA1NzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWEyZmEzYWVjNTdlMzA1NGQzOGYzZDM0NDIwNzgyNDIzZmNiMzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPzdQ7Mv+pbZ/Ep5wZUfLGx19eGX
cFOo/wDYYKck7J4S4h1U6UcaatBmZyF3Y5gPa1hkLhMYOuO31KnCqm4De1CNZIIT
/POtToIAyYodVBbuPEIu++MhME6LRNUBbpd5tAbiQYKRLj8iNSmWjuIe/p6AOOJH
1qAKr5DE6iKYRG1HkyYBCF8kjyQgTWQnnjRcpSy6Wh3rvDec+zcUMjs7N8zYkW4h
R7d1vzHd/iqPv/0o25eWbi+R7GGfBnOHY/6E12/vWUx7oVzVdHAzs4AoE5d3iulO
n6J0agrr2qlaYhc5St8AOON2sD/32ebWLcQwtywpHg8FjzPDU0PizsLy+QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFE6i+jrsV+MFTTjz00QgeCQj/LMYMB8GA1UdIwQY
MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt
ZWVjNWQ1MGVmYTk0LzEvVHFMNk91eFg0d1ZOT1BQVFJDQjRKQ1A4c3hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0
LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAtBAIAATAnAwMALmwDBAcu
voADBAE+1YADBAI+1ZwDAwBVzQMEBosvwAMDAMPpMA0GCSqGSIb3DQEBCwUAA4IB
AQAvYdYSqu3qfkw+vJrb7sx87KzzJSpsucrkinIPNv6rwLId4riTndLz10DDGOoE
RmLwvGpohds4OYGubNOkgvfoBH2pbYSMYMo7cmTF2ikfhKAAaxLNe2kTpQi7QIPr
vs1xbfehBHzhtQRKYV7xU2lUSnf2z1qLTnXbPMkRD+Dy6zNny7Ex8+1qxe8F8hqp
OdnaYtTtoVHJQU1FAPOp8GMK77Y7vhuIc9KvQNBptpdQCWmJaSMDQSBYofiBmqFf
94ShiMSbbwadbJYZsLJMbMbo580VNLX5X5xPxLnNxnCER4trLzcF8p2Droxj9tqi
d2ZrvRObAkNtRxEVfMATbQC1
-----END CERTIFICATE-----
Generated at Tue Jan 2 18:21:32 2024 by rpki-client on console-ams.rpki-client.org