Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/4578a6-1a1c-4944-a773-c25d7fca0037/1/TQ-PE4f6zAxaru3oBZCW7mP5-sw.roa
File: TQ-PE4f6zAxaru3oBZCW7mP5-sw.roa (raw, json)
Hash identifier: Nf9tcImz+V/kh1fuJlLGzRp6LsJHmE/zBWghain7Yu4=
Subject key identifier: 4D:0F:8F:13:87:FA:CC:0C:5A:AE:ED:E8:05:90:96:EE:63:F9:FA:CC
Certificate issuer: /CN=0324d16977eee2f58beb1bb7aa2f4b2fa1abfc48
Certificate serial: 01856DEF60E64D8D5519130DEF764BD31703
Authority key identifier: 03:24:D1:69:77:EE:E2:F5:8B:EB:1B:B7:AA:2F:4B:2F:A1:AB:FC:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AyTRaXfu4vWL6xu3qi9LL6Gr_Eg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/4578a6-1a1c-4944-a773-c25d7fca0037/1/TQ-PE4f6zAxaru3oBZCW7mP5-sw.roa
Signing time: Sun 01 Jan 2023 15:24:42 +0000
ROA not before: Sun 01 Jan 2023 15:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208906
IP address blocks: 78.24.232.0/21 maxlen: 21
2a0d:8f40::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ef:60:e6:4d:8d:55:19:13:0d:ef:76:4b:d3:17:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0324d16977eee2f58beb1bb7aa2f4b2fa1abfc48
Validity
Not Before: Jan 1 15:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d0f8f1387facc0c5aaeede8059096ee63f9facc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:6e:78:f0:62:dc:d8:e5:18:36:0c:8a:f4:1a:
9e:c3:d3:38:ca:70:02:58:48:9a:e5:18:4d:e4:56:
80:30:8f:08:f0:fe:74:b8:1e:21:e7:0b:41:ef:75:
59:47:9d:86:7f:d7:58:a7:0c:d6:a4:7b:a2:5e:f0:
03:da:d0:7e:91:4f:04:7a:78:63:27:55:34:f9:8a:
69:7a:c9:a4:4f:47:6a:dd:12:78:7a:4c:de:36:c5:
ac:9d:dc:fa:97:97:a9:5b:91:c3:ff:35:d8:2f:f9:
df:82:fb:18:b6:42:88:43:27:db:ef:dc:06:d9:de:
8e:f7:ef:0e:e7:ad:5b:3f:f2:0a:48:68:d9:8f:de:
43:b0:a2:d6:91:3c:68:c5:4e:41:0b:39:b7:83:34:
ee:3e:92:c2:4c:7c:44:5f:ad:f6:90:ed:dd:2c:d4:
dd:96:4e:02:7c:98:1b:8c:af:4a:af:3b:14:3c:75:
73:98:52:51:f3:0b:14:56:b8:89:36:d1:fd:bb:f6:
dd:b5:2d:99:a8:7b:54:31:f8:de:99:7f:f7:80:4f:
eb:38:70:0c:f0:f2:1d:1d:ce:54:51:93:0e:46:e2:
83:95:03:16:3b:ea:e7:37:12:96:c9:9f:bb:c0:4c:
8a:33:de:32:7b:06:79:42:c0:52:a2:86:57:b3:2b:
12:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:0F:8F:13:87:FA:CC:0C:5A:AE:ED:E8:05:90:96:EE:63:F9:FA:CC
X509v3 Authority Key Identifier:
keyid:03:24:D1:69:77:EE:E2:F5:8B:EB:1B:B7:AA:2F:4B:2F:A1:AB:FC:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AyTRaXfu4vWL6xu3qi9LL6Gr_Eg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/4578a6-1a1c-4944-a773-c25d7fca0037/1/TQ-PE4f6zAxaru3oBZCW7mP5-sw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/4578a6-1a1c-4944-a773-c25d7fca0037/1/AyTRaXfu4vWL6xu3qi9LL6Gr_Eg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.232.0/21
IPv6:
2a0d:8f40::/29
Signature Algorithm: sha256WithRSAEncryption
14:b4:ae:2f:68:5c:84:e8:84:0e:ef:d9:7e:4a:fb:88:92:ac:
1f:21:d7:89:cd:d7:09:87:09:3f:18:3c:4f:40:80:a8:76:4e:
5c:9f:58:e0:3f:a4:05:c1:29:a2:22:4b:87:42:74:16:eb:3d:
26:36:d7:f2:1f:4c:14:cc:91:08:4d:63:78:4d:79:d7:0f:c1:
9a:dd:d2:df:e6:45:0e:24:18:81:72:23:53:9e:54:98:7c:2a:
24:f5:c1:95:c3:61:30:92:c0:f4:a6:e5:77:1b:65:48:91:72:
2b:0b:db:94:eb:56:b0:8d:10:0e:9a:f7:04:b3:83:44:b6:69:
6a:e8:ed:bf:14:e6:7b:3b:a7:c8:72:b9:74:be:0d:87:e0:f8:
ca:c7:64:b6:e7:4e:53:18:bd:4b:88:e1:62:79:8d:b6:4e:70:
23:85:bc:a7:5e:35:ea:5e:f6:6d:d5:ce:e6:98:df:56:fa:eb:
00:92:db:0f:32:9f:b2:96:c4:64:d6:16:2b:ec:0f:14:f9:75:
1b:bd:c4:ca:5c:47:13:00:16:2d:6d:1e:2a:9c:3f:06:f9:67:
35:bf:a9:55:62:3b:3c:9c:68:ba:34:46:f4:f0:87:94:77:f7:
5e:7e:8c:78:8c:53:38:05:cc:bc:af:36:5e:83:17:7d:dd:88:
d0:7e:c6:0d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVt72DmTY1VGRMN73ZL0xcDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMjRkMTY5NzdlZWUyZjU4YmViMWJiN2FhMmY0YjJmYTFh
YmZjNDgwHhcNMjMwMTAxMTUyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDBmOGYxMzg3ZmFjYzBjNWFhZWVkZTgwNTkwOTZlZTYzZjlmYWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkG548GLc2OUYNgyK9Bqew9M4ynAC
WEia5RhN5FaAMI8I8P50uB4h5wtB73VZR52Gf9dYpwzWpHuiXvAD2tB+kU8Eenhj
J1U0+YppesmkT0dq3RJ4ekzeNsWsndz6l5epW5HD/zXYL/nfgvsYtkKIQyfb79wG
2d6O9+8O561bP/IKSGjZj95DsKLWkTxoxU5BCzm3gzTuPpLCTHxEX632kO3dLNTd
lk4CfJgbjK9KrzsUPHVzmFJR8wsUVriJNtH9u/bdtS2ZqHtUMfjemX/3gE/rOHAM
8PIdHc5UUZMORuKDlQMWO+rnNxKWyZ+7wEyKM94yewZ5QsBSooZXsysScwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE0PjxOH+swMWq7t6AWQlu5j+frMMB8GA1UdIwQY
MBaAFAMk0Wl37uL1i+sbt6ovSy+hq/xIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXlUUmFYZnU0dldMNnh1M3FpOUxMNkdyX0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS80NTc4YTYtMWExYy00OTQ0LWE3NzMt
YzI1ZDdmY2EwMDM3LzEvVFEtUEU0ZjZ6QXhhcnUzb0JaQ1c3bVA1LXN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS80NTc4YTYtMWExYy00OTQ0LWE3NzMtYzI1ZDdmY2EwMDM3
LzEvQXlUUmFYZnU0dldMNnh1M3FpOUxMNkdyX0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDThjoMA0E
AgACMAcDBQMqDY9AMA0GCSqGSIb3DQEBCwUAA4IBAQAUtK4vaFyE6IQO79l+SvuI
kqwfIdeJzdcJhwk/GDxPQICodk5cn1jgP6QFwSmiIkuHQnQW6z0mNtfyH0wUzJEI
TWN4TXnXD8Ga3dLf5kUOJBiBciNTnlSYfCok9cGVw2EwksD0puV3G2VIkXIrC9uU
61awjRAOmvcEs4NEtmlq6O2/FOZ7O6fIcrl0vg2H4PjKx2S2505TGL1LiOFieY22
TnAjhbynXjXqXvZt1c7mmN9W+usAktsPMp+ylsRk1hYr7A8U+XUbvcTKXEcTABYt
bR4qnD8G+Wc1v6lVYjs8nGi6NEb08IeUd/defox4jFM4Bcy8rzZegxd93YjQfsYN
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:53:50 2024 by rpki-client on console-ams.rpki-client.org