Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/TQq_lc-p1ni1lisxa-eL16mezSE.roa
File: TQq_lc-p1ni1lisxa-eL16mezSE.roa (raw, json)
Hash identifier: b6lFqt46lru/wVBBKkbmog/Lk2KhlhvvBIzxc+BYRFE=
Subject key identifier: 4D:0A:BF:95:CF:A9:D6:78:B5:96:2B:31:6B:E7:8B:D7:A9:9E:CD:21
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018DD1E8C762D5551F2D2964D09F4DEFCB2C
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/TQq_lc-p1ni1lisxa-eL16mezSE.roa
Signing time: Thu 22 Feb 2024 17:41:49 +0000
ROA not before: Thu 22 Feb 2024 17:41:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212667
IP address blocks: 2.59.48.0/24 maxlen: 24
37.221.80.0/24 maxlen: 24
45.11.22.0/24 maxlen: 24
45.14.221.0/24 maxlen: 24
45.89.68.0/24 maxlen: 24
45.89.71.0/24 maxlen: 24
91.188.220.0/24 maxlen: 24
94.158.188.0/24 maxlen: 24
176.124.34.0/24 maxlen: 24
185.212.112.0/24 maxlen: 24
193.3.18.0/24 maxlen: 24
193.201.114.0/24 maxlen: 24
194.32.240.0/24 maxlen: 24
195.18.26.0/24 maxlen: 24
195.69.148.0/24 maxlen: 24
195.69.150.0/24 maxlen: 24
195.225.96.0/24 maxlen: 24
212.18.100.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Feb 2024 18:35:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d1:e8:c7:62:d5:55:1f:2d:29:64:d0:9f:4d:ef:cb:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 22 17:41:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d0abf95cfa9d678b5962b316be78bd7a99ecd21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5a:f3:f3:6c:32:ca:1c:bb:df:ac:2d:5f:51:
05:52:89:90:bd:00:de:a5:0c:d3:6e:3b:58:7d:36:
01:da:ed:c3:a0:7d:1c:7a:db:38:0e:da:1c:40:80:
92:3a:a4:e2:dd:61:cf:63:c8:cc:d3:dc:95:96:10:
b6:4e:47:e0:0a:ba:39:13:aa:18:54:eb:c5:7c:68:
12:67:15:6e:50:1f:70:51:9f:6d:8d:37:a2:ac:37:
36:ee:dc:3a:6b:db:06:7d:39:97:a7:86:a8:a7:26:
e9:f2:79:57:1d:2e:4c:a0:10:96:53:da:ff:50:7f:
0e:ff:80:0d:e8:9a:fb:16:49:db:9c:1c:3e:54:4a:
f4:10:37:e9:7b:ef:c1:d9:14:13:6b:34:32:81:49:
d8:65:e2:9e:70:51:7b:80:31:a2:03:c0:d3:de:cd:
1d:42:5a:f4:43:38:4c:df:5b:03:74:35:cd:68:f7:
09:4b:89:dd:13:95:53:55:e1:f3:11:2d:cf:d9:8f:
a6:96:0e:9b:33:50:a1:18:c0:13:1c:83:05:2e:25:
2a:01:84:e7:7c:6d:65:23:67:d5:90:97:17:93:35:
82:9a:46:65:fc:73:b2:ec:4d:11:7c:0a:16:a3:ee:
8c:f0:b5:0b:da:2f:76:b6:b4:e6:20:87:a5:7d:41:
d7:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:0A:BF:95:CF:A9:D6:78:B5:96:2B:31:6B:E7:8B:D7:A9:9E:CD:21
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/TQq_lc-p1ni1lisxa-eL16mezSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.48.0/24
37.221.80.0/24
45.11.22.0/24
45.14.221.0/24
45.89.68.0/24
45.89.71.0/24
91.188.220.0/24
94.158.188.0/24
176.124.34.0/24
185.212.112.0/24
193.3.18.0/24
193.201.114.0/24
194.32.240.0/24
195.18.26.0/24
195.69.148.0/24
195.69.150.0/24
195.225.96.0/24
212.18.100.0/24
Signature Algorithm: sha256WithRSAEncryption
93:7a:42:08:5d:46:ea:0f:18:b4:05:15:f0:d8:b4:0a:b1:37:
54:0a:25:b6:29:83:68:58:6a:52:fd:95:81:1c:4e:00:1f:06:
8b:11:d7:89:14:24:36:9d:b2:d7:30:40:0b:35:7d:7f:11:1e:
df:8f:fe:75:b2:69:41:77:57:0f:83:82:bc:63:5e:89:54:0e:
47:92:36:9b:8a:ff:b6:47:a2:7c:e0:db:7e:4d:4b:fd:9b:b6:
72:84:74:62:de:a5:e1:23:fe:c3:06:f0:98:69:01:02:fa:b8:
e4:ea:7b:a7:72:8e:75:31:39:4e:d0:bc:db:77:eb:e2:26:4c:
1c:b5:69:9e:0a:52:e8:0f:c2:f0:a0:d2:d1:c5:85:b6:eb:cf:
76:af:39:b1:6e:aa:56:46:51:9c:82:16:9c:5b:84:e6:09:2c:
45:ea:7b:bd:73:2b:60:a6:d0:ab:79:07:c0:b4:e7:35:e2:41:
70:e4:40:77:cf:2c:69:78:8f:e1:0a:25:e4:a0:42:fb:44:92:
42:e3:ba:1f:83:ea:53:c1:86:e6:4f:e1:26:06:22:38:de:3e:
63:6d:2d:1f:0c:2d:c1:48:f8:78:72:fd:aa:2f:03:dc:3e:ba:
a7:14:8b:e9:9c:eb:15:15:8f:c4:10:6d:ab:bc:97:c3:2a:e6:
d4:95:13:49
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAY3R6Mdi1VUfLSlk0J9N78ssMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjIyMTc0MTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDBhYmY5NWNmYTlkNjc4YjU5NjJiMzE2YmU3OGJkN2E5OWVjZDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1rz82wyyhy736wtX1EFUomQvQDe
pQzTbjtYfTYB2u3DoH0cets4DtocQICSOqTi3WHPY8jM09yVlhC2TkfgCro5E6oY
VOvFfGgSZxVuUB9wUZ9tjTeirDc27tw6a9sGfTmXp4aopybp8nlXHS5MoBCWU9r/
UH8O/4AN6Jr7FknbnBw+VEr0EDfpe+/B2RQTazQygUnYZeKecFF7gDGiA8DT3s0d
Qlr0QzhM31sDdDXNaPcJS4ndE5VTVeHzES3P2Y+mlg6bM1ChGMATHIMFLiUqAYTn
fG1lI2fVkJcXkzWCmkZl/HOy7E0RfAoWo+6M8LUL2i92trTmIIelfUHXdwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFE0Kv5XPqdZ4tZYrMWvni9epns0hMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvVFFxX2xjLXAxbmkxbGlzeGEtZUwxNm1lelNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAAI7MAME
ACXdUAMEAC0LFgMEAC0O3QMEAC1ZRAMEAC1ZRwMEAFu83AMEAF6evAMEALB8IgME
ALnUcAMEAMEDEgMEAMHJcgMEAMIg8AMEAMMSGgMEAMNFlAMEAMNFlgMEAMPhYAME
ANQSZDANBgkqhkiG9w0BAQsFAAOCAQEAk3pCCF1G6g8YtAUV8Ni0CrE3VAoltimD
aFhqUv2VgRxOAB8GixHXiRQkNp2y1zBACzV9fxEe34/+dbJpQXdXD4OCvGNeiVQO
R5I2m4r/tkeifODbfk1L/Zu2coR0Yt6l4SP+wwbwmGkBAvq45Op7p3KOdTE5TtC8
23fr4iZMHLVpngpS6A/C8KDS0cWFtuvPdq85sW6qVkZRnIIWnFuE5gksRep7vXMr
YKbQq3kHwLTnNeJBcORAd88saXiP4Qol5KBC+0SSQuO6H4PqU8GG5k/hJgYiON4+
Y20tHwwtwUj4eHL9qi8D3D66pxSL6ZzrFRWPxBBtq7yXwyrm1JUTSQ==
-----END CERTIFICATE-----
Generated at Mon Feb 26 22:58:35 2024 by rpki-client on console-fra.rpki-client.org