Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/5ec970-7965-4e0b-b947-2857e8a23558/1/TQj0_1nMx62U2Us6cJFh154VhZk.roa
File: TQj0_1nMx62U2Us6cJFh154VhZk.roa (raw, json)
Hash identifier: /qB5+0taEsga+2NECQ8rqYn70e2d08GL6C34GrOGaLw=
Subject key identifier: 4D:08:F4:FF:59:CC:C7:AD:94:D9:4B:3A:70:91:61:D7:9E:15:85:99
Certificate issuer: /CN=e7796d8c19f32a1cafbd5b78f5276ce8df995d0a
Certificate serial: 018614B4A957178CD31E1B8A527553E43665
Authority key identifier: E7:79:6D:8C:19:F3:2A:1C:AF:BD:5B:78:F5:27:6C:E8:DF:99:5D:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/53ltjBnzKhyvvVt49Sds6N-ZXQo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/5ec970-7965-4e0b-b947-2857e8a23558/1/TQj0_1nMx62U2Us6cJFh154VhZk.roa
Signing time: Fri 03 Feb 2023 00:37:09 +0000
ROA not before: Fri 03 Feb 2023 00:37:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42742
IP address blocks: 188.191.0.0/20 maxlen: 20
185.211.164.0/22 maxlen: 22
78.157.224.0/19 maxlen: 19
78.157.254.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:14:b4:a9:57:17:8c:d3:1e:1b:8a:52:75:53:e4:36:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7796d8c19f32a1cafbd5b78f5276ce8df995d0a
Validity
Not Before: Feb 3 00:37:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d08f4ff59ccc7ad94d94b3a709161d79e158599
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7b:4f:fd:3c:2c:e7:ee:d4:24:bd:82:99:0a:
12:f4:a6:4f:61:53:51:1c:4c:b4:f6:78:35:2e:ae:
5d:11:8f:be:f0:3d:38:b2:66:46:e2:9f:ad:0d:5d:
17:e4:bd:b6:4f:39:27:8e:7e:76:1c:98:a3:60:5c:
98:4a:40:b4:fc:bb:1c:bf:77:3b:c2:a2:84:9e:5f:
f4:60:ea:89:6e:96:d5:11:9a:df:be:f9:e3:ac:ff:
14:4c:6a:38:a7:52:ac:3c:a1:03:e4:b8:fe:96:6a:
08:d6:f9:df:a9:b4:fe:2a:da:16:e6:43:7f:0f:22:
01:cc:3c:79:2f:ef:3d:6b:2e:09:3f:b3:b6:76:e3:
65:99:63:e4:f7:d2:de:6d:5e:58:ea:3e:d8:de:6e:
18:bb:d3:d0:91:6b:83:c5:75:54:3e:85:62:a7:e3:
23:dd:8d:49:26:6a:0e:06:1c:99:ef:8c:3c:e5:50:
54:24:2e:18:8b:0a:91:9b:a4:43:a9:d2:71:c3:e6:
b1:eb:ef:bc:dc:70:64:2f:90:5f:ba:1f:c6:56:6d:
48:78:3f:0b:a8:d8:ab:72:7c:bd:d0:dd:77:75:33:
9b:5b:7c:7f:3f:ff:64:67:55:5f:82:86:33:50:26:
1c:a9:c6:09:c2:bc:12:31:79:52:c0:33:54:15:ff:
5a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:08:F4:FF:59:CC:C7:AD:94:D9:4B:3A:70:91:61:D7:9E:15:85:99
X509v3 Authority Key Identifier:
keyid:E7:79:6D:8C:19:F3:2A:1C:AF:BD:5B:78:F5:27:6C:E8:DF:99:5D:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/53ltjBnzKhyvvVt49Sds6N-ZXQo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/5ec970-7965-4e0b-b947-2857e8a23558/1/TQj0_1nMx62U2Us6cJFh154VhZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/5ec970-7965-4e0b-b947-2857e8a23558/1/53ltjBnzKhyvvVt49Sds6N-ZXQo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.157.224.0/19
185.211.164.0/22
188.191.0.0/20
Signature Algorithm: sha256WithRSAEncryption
00:72:ce:f0:70:46:59:96:de:d6:72:e3:6b:29:6b:82:bc:5a:
e7:ec:54:a2:9d:3b:5e:70:ff:23:3e:5d:bd:3d:18:49:d9:ff:
81:88:42:cd:4c:b6:6c:9d:db:96:67:a0:75:17:7f:93:7c:03:
7e:66:d9:c4:18:c1:07:96:cb:64:fd:ef:30:3d:c1:da:59:ed:
c4:a5:3e:3f:4c:56:9a:96:be:d8:30:49:0a:8e:92:10:dd:d0:
d1:34:be:3b:29:75:1e:3b:3c:04:e5:e7:64:21:59:23:85:40:
28:a6:74:94:ea:5d:a6:79:ec:16:4a:27:9e:5e:22:b1:17:b7:
a8:1e:7d:65:3d:9a:7c:48:78:ad:23:9e:97:dd:1b:0f:1f:da:
db:d1:c6:e3:37:0d:e3:d4:9e:e1:43:80:b9:07:5a:a5:de:74:
f6:2f:d8:53:eb:56:2c:89:e7:d9:82:c4:cd:b3:c8:0d:55:73:
0a:85:e9:e9:ba:f7:ef:09:c6:bb:5c:f9:b5:30:f1:1d:5a:1a:
a2:88:ca:cb:dc:4b:7d:7d:7d:65:87:63:45:04:78:b4:61:3f:
9e:cb:f4:57:08:13:14:ae:d4:4e:ee:23:1d:5b:9b:ed:6b:3c:
71:a4:f9:4a:e3:67:9a:d3:df:c9:b7:4c:67:53:6d:2b:5d:b8:
6b:d9:bd:6d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYYUtKlXF4zTHhuKUnVT5DZlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Nzk2ZDhjMTlmMzJhMWNhZmJkNWI3OGY1Mjc2Y2U4ZGY5
OTVkMGEwHhcNMjMwMjAzMDAzNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDA4ZjRmZjU5Y2NjN2FkOTRkOTRiM2E3MDkxNjFkNzllMTU4NTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmntP/Tws5+7UJL2CmQoS9KZPYVNR
HEy09ng1Lq5dEY++8D04smZG4p+tDV0X5L22Tzknjn52HJijYFyYSkC0/Lscv3c7
wqKEnl/0YOqJbpbVEZrfvvnjrP8UTGo4p1KsPKED5Lj+lmoI1vnfqbT+KtoW5kN/
DyIBzDx5L+89ay4JP7O2duNlmWPk99LebV5Y6j7Y3m4Yu9PQkWuDxXVUPoVip+Mj
3Y1JJmoOBhyZ74w85VBUJC4YiwqRm6RDqdJxw+ax6++83HBkL5Bfuh/GVm1IeD8L
qNircny90N13dTObW3x/P/9kZ1VfgoYzUCYcqcYJwrwSMXlSwDNUFf9ahwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE0I9P9ZzMetlNlLOnCRYdeeFYWZMB8GA1UdIwQY
MBaAFOd5bYwZ8yocr71bePUnbOjfmV0KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTNsdGpCbnpLaHl2dlZ0NDlTZHM2Ti1aWFFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS81ZWM5NzAtNzk2NS00ZTBiLWI5NDct
Mjg1N2U4YTIzNTU4LzEvVFFqMF8xbk14NjJVMlVzNmNKRmgxNTRWaFprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS81ZWM5NzAtNzk2NS00ZTBiLWI5NDctMjg1N2U4YTIzNTU4
LzEvNTNsdGpCbnpLaHl2dlZ0NDlTZHM2Ti1aWFFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFTp3gAwQC
udOkAwQEvL8AMA0GCSqGSIb3DQEBCwUAA4IBAQAAcs7wcEZZlt7WcuNrKWuCvFrn
7FSinTtecP8jPl29PRhJ2f+BiELNTLZsnduWZ6B1F3+TfAN+ZtnEGMEHlstk/e8w
PcHaWe3EpT4/TFaalr7YMEkKjpIQ3dDRNL47KXUeOzwE5edkIVkjhUAopnSU6l2m
eewWSieeXiKxF7eoHn1lPZp8SHitI56X3RsPH9rb0cbjNw3j1J7hQ4C5B1ql3nT2
L9hT61YsiefZgsTNs8gNVXMKhenpuvfvCca7XPm1MPEdWhqiiMrL3Et9fX1lh2NF
BHi0YT+ey/RXCBMUrtRO7iMdW5vtazxxpPlK42ea09/Jt0xnU20rXbhr2b1t
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:01 2024 by rpki-client on console-fra.rpki-client.org