Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/2a4bf5-40cf-447a-97e0-679cf0210d49/1/TQGNbA8QwyvkFdP7Pu8OPtTiNcU.roa
File: TQGNbA8QwyvkFdP7Pu8OPtTiNcU.roa (raw, json)
Hash identifier: 6P2oiGztdz/5kxsirOyn/ltTaOamw/XMQGoYdLl0rOs=
Subject key identifier: 4D:01:8D:6C:0F:10:C3:2B:E4:15:D3:FB:3E:EF:0E:3E:D4:E2:35:C5
Certificate issuer: /CN=0735daa8cfe25dd12a2c26e0ffcce97636748ebd
Certificate serial: 018CC9BC458C999E3BA54A0313A77DCF3E4B
Authority key identifier: 07:35:DA:A8:CF:E2:5D:D1:2A:2C:26:E0:FF:CC:E9:76:36:74:8E:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BzXaqM_iXdEqLCbg_8zpdjZ0jr0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/2a4bf5-40cf-447a-97e0-679cf0210d49/1/TQGNbA8QwyvkFdP7Pu8OPtTiNcU.roa
Signing time: Tue 02 Jan 2024 10:33:28 +0000
ROA not before: Tue 02 Jan 2024 10:33:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209255
IP address blocks: 92.119.54.0/24 maxlen: 24
92.119.52.0/22 maxlen: 22
2a09:b640::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:45:8c:99:9e:3b:a5:4a:03:13:a7:7d:cf:3e:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0735daa8cfe25dd12a2c26e0ffcce97636748ebd
Validity
Not Before: Jan 2 10:33:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d018d6c0f10c32be415d3fb3eef0e3ed4e235c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:9d:25:b6:12:89:00:de:10:03:4f:fb:d5:c0:
9f:ea:ce:1d:a6:2e:90:9d:1b:d7:76:86:c6:6d:10:
d9:4d:42:7b:52:c1:28:14:94:31:4f:4f:58:7e:db:
ca:67:33:cc:18:d7:ce:9a:f0:51:88:4d:ba:9a:8e:
86:cb:3c:cf:af:a0:ba:cc:ca:9b:84:2e:c6:fe:26:
e8:6b:50:ea:6e:7b:ec:f7:54:ce:ac:e4:02:31:e3:
fa:99:2f:77:17:74:eb:5b:d7:11:3f:ae:43:83:9a:
ae:a2:9b:29:d5:ff:27:3f:26:22:b2:1b:fc:de:c0:
3e:a2:b3:9a:bb:c9:ba:7e:36:22:6b:93:85:b0:fe:
cf:f1:4a:75:6c:37:2b:71:c0:f3:96:aa:ea:b1:56:
4d:b1:a7:e9:0a:c7:c2:7b:91:f9:cb:d6:cd:a2:cd:
46:e0:a7:29:e0:cb:e1:6b:63:a9:06:28:84:06:2d:
81:e3:c6:4b:dd:dd:ad:82:f2:20:28:d2:d1:94:74:
3a:0b:d2:0a:4c:8e:75:9d:c3:f9:45:56:b2:be:6d:
17:75:20:1b:e9:d5:c4:65:e4:96:bf:53:eb:5d:8e:
80:df:1e:c8:9a:1a:5b:88:90:d0:18:ec:93:5e:0d:
19:a2:ab:c4:b7:ee:92:45:10:86:ea:a0:c2:cc:80:
17:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:01:8D:6C:0F:10:C3:2B:E4:15:D3:FB:3E:EF:0E:3E:D4:E2:35:C5
X509v3 Authority Key Identifier:
keyid:07:35:DA:A8:CF:E2:5D:D1:2A:2C:26:E0:FF:CC:E9:76:36:74:8E:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BzXaqM_iXdEqLCbg_8zpdjZ0jr0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/2a4bf5-40cf-447a-97e0-679cf0210d49/1/TQGNbA8QwyvkFdP7Pu8OPtTiNcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/2a4bf5-40cf-447a-97e0-679cf0210d49/1/BzXaqM_iXdEqLCbg_8zpdjZ0jr0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.119.52.0/22
IPv6:
2a09:b640::/29
Signature Algorithm: sha256WithRSAEncryption
a9:6c:f4:65:d9:4a:bb:a1:d9:8f:47:06:69:be:fe:82:12:05:
e9:67:03:90:37:bc:1c:f2:61:b6:bc:1b:b4:86:1d:6b:dc:4d:
da:6d:ec:54:c0:0a:ed:78:4c:86:1a:2a:8d:81:16:2e:e6:1a:
94:29:87:a0:b7:67:ea:d2:ad:b0:ba:80:75:5e:b4:2a:30:e4:
27:46:85:a2:c4:b8:52:f9:b1:6c:5a:a0:5d:b2:77:65:af:6a:
e1:14:73:9b:ea:70:fb:ff:d0:05:f3:c5:2c:fb:8b:b5:6a:76:
ee:53:89:ed:c2:e5:75:49:d2:90:37:7b:2c:1b:d3:e4:ce:50:
7f:cf:c8:87:f9:0d:2f:5e:3c:6f:44:dd:c4:03:db:f8:f9:17:
45:b8:2e:75:0b:d2:6d:0f:96:0c:aa:ea:90:7c:86:bc:20:d1:
5e:4e:cf:b4:73:33:ae:19:7c:35:a7:a4:d4:5e:b7:bd:d0:e5:
2b:88:1a:83:92:11:39:ba:07:ed:33:0e:cb:94:40:66:28:4c:
23:8c:01:05:9c:cf:e6:12:ee:8d:c4:77:45:d6:65:73:9b:24:
ec:90:ff:a8:72:60:eb:87:b3:07:f8:90:94:d7:4b:d0:16:85:
68:20:99:b9:a6:0d:3a:f1:d5:53:96:dd:07:6b:b9:80:8a:03:
09:14:6a:9b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJvEWMmZ47pUoDE6d9zz5LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3MzVkYWE4Y2ZlMjVkZDEyYTJjMjZlMGZmY2NlOTc2MzY3
NDhlYmQwHhcNMjQwMTAyMTAzMzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDAxOGQ2YzBmMTBjMzJiZTQxNWQzZmIzZWVmMGUzZWQ0ZTIzNWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAop0lthKJAN4QA0/71cCf6s4dpi6Q
nRvXdobGbRDZTUJ7UsEoFJQxT09YftvKZzPMGNfOmvBRiE26mo6GyzzPr6C6zMqb
hC7G/iboa1Dqbnvs91TOrOQCMeP6mS93F3TrW9cRP65Dg5quopsp1f8nPyYishv8
3sA+orOau8m6fjYia5OFsP7P8Up1bDcrccDzlqrqsVZNsafpCsfCe5H5y9bNos1G
4Kcp4Mvha2OpBiiEBi2B48ZL3d2tgvIgKNLRlHQ6C9IKTI51ncP5RVayvm0XdSAb
6dXEZeSWv1PrXY6A3x7ImhpbiJDQGOyTXg0ZoqvEt+6SRRCG6qDCzIAXDQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE0BjWwPEMMr5BXT+z7vDj7U4jXFMB8GA1UdIwQY
MBaAFAc12qjP4l3RKiwm4P/M6XY2dI69MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnpYYXFNX2lYZEVxTENiZ184enBkalowanIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8yYTRiZjUtNDBjZi00NDdhLTk3ZTAt
Njc5Y2YwMjEwZDQ5LzEvVFFHTmJBOFF3eXZrRmRQN1B1OE9QdFRpTmNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8yYTRiZjUtNDBjZi00NDdhLTk3ZTAtNjc5Y2YwMjEwZDQ5
LzEvQnpYYXFNX2lYZEVxTENiZ184enBkalowanIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCXHc0MA0E
AgACMAcDBQMqCbZAMA0GCSqGSIb3DQEBCwUAA4IBAQCpbPRl2Uq7odmPRwZpvv6C
EgXpZwOQN7wc8mG2vBu0hh1r3E3abexUwArteEyGGiqNgRYu5hqUKYegt2fq0q2w
uoB1XrQqMOQnRoWixLhS+bFsWqBdsndlr2rhFHOb6nD7/9AF88Us+4u1anbuU4nt
wuV1SdKQN3ssG9PkzlB/z8iH+Q0vXjxvRN3EA9v4+RdFuC51C9JtD5YMquqQfIa8
INFeTs+0czOuGXw1p6TUXre90OUriBqDkhE5ugftMw7LlEBmKEwjjAEFnM/mEu6N
xHdF1mVzmyTskP+ocmDrh7MH+JCU10vQFoVoIJm5pg068dVTlt0Ha7mAigMJFGqb
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:38 2025 by rpki-client