Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/TGP-YT7BQo4JkH7wIZDds6-9qXE.roa
File: TGP-YT7BQo4JkH7wIZDds6-9qXE.roa (raw, json)
Hash identifier: WzbCRLtpi3EMSuecEY6CTKGY5sbkuT4sv3AzfLhTgn4=
Subject key identifier: 4C:63:FE:61:3E:C1:42:8E:09:90:7E:F0:21:90:DD:B3:AF:BD:A9:71
Certificate issuer: /CN=5f1fa06d5dbada43de44f4e4b1dc9492bb287c9d
Certificate serial: 01893022219FD4B93606F6CCE3F35F5D448E
Authority key identifier: 5F:1F:A0:6D:5D:BA:DA:43:DE:44:F4:E4:B1:DC:94:92:BB:28:7C:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xx-gbV262kPeRPTksdyUkrsofJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/TGP-YT7BQo4JkH7wIZDds6-9qXE.roa
Signing time: Fri 07 Jul 2023 11:34:50 +0000
ROA not before: Fri 07 Jul 2023 11:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34244
IP address blocks: 94.46.136.0/22 maxlen: 22
178.236.65.48/29 maxlen: 29
178.255.112.0/22 maxlen: 22
178.236.73.112/29 maxlen: 29
178.236.73.176/29 maxlen: 29
193.221.219.0/24 maxlen: 24
178.236.72.28/30 maxlen: 30
193.221.120.0/24 maxlen: 24
193.221.123.0/24 maxlen: 24
178.236.72.48/28 maxlen: 28
178.236.72.88/29 maxlen: 29
178.236.74.88/29 maxlen: 29
185.121.44.0/22 maxlen: 22
45.93.232.0/22 maxlen: 22
128.127.184.0/21 maxlen: 21
94.46.240.0/22 maxlen: 22
81.92.220.0/22 maxlen: 22
178.236.73.160/29 maxlen: 29
178.236.73.224/29 maxlen: 29
185.247.236.0/22 maxlen: 22
92.39.32.0/20 maxlen: 20
31.170.28.0/22 maxlen: 22
31.170.26.0/23 maxlen: 23
81.92.196.0/22 maxlen: 22
45.8.152.0/22 maxlen: 22
155.137.24.0/21 maxlen: 21
178.236.73.200/29 maxlen: 29
193.221.93.0/24 maxlen: 24
37.221.104.0/22 maxlen: 22
185.197.224.0/22 maxlen: 22
188.66.48.0/22 maxlen: 22
45.152.172.0/22 maxlen: 22
178.236.73.80/29 maxlen: 29
141.98.236.0/22 maxlen: 22
185.186.32.0/22 maxlen: 22
185.176.28.0/22 maxlen: 22
185.216.152.0/22 maxlen: 22
5.180.0.0/22 maxlen: 22
185.223.236.0/22 maxlen: 22
185.240.208.0/22 maxlen: 22
31.170.24.0/21 maxlen: 21
195.210.52.0/23 maxlen: 23
178.236.73.128/29 maxlen: 29
45.131.188.0/22 maxlen: 22
85.30.128.0/18 maxlen: 18
185.4.8.0/22 maxlen: 22
178.236.64.0/20 maxlen: 24
45.14.4.0/22 maxlen: 22
2a02:80::/32 maxlen: 32
2a02:1610::/32 maxlen: 32
2a02:80::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:30:22:21:9f:d4:b9:36:06:f6:cc:e3:f3:5f:5d:44:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f1fa06d5dbada43de44f4e4b1dc9492bb287c9d
Validity
Not Before: Jul 7 11:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c63fe613ec1428e09907ef02190ddb3afbda971
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:66:75:b0:d3:75:6e:95:02:49:f8:87:56:96:
c7:f8:bc:47:fc:c9:37:20:01:9d:27:d4:51:d6:e4:
8e:32:aa:2f:51:92:c5:77:38:04:7e:41:f7:03:bf:
a1:c3:9f:cd:44:19:77:a6:8f:2d:af:e8:e1:a5:53:
74:4a:45:5b:fc:df:24:fd:45:bc:1e:ee:3f:4e:d2:
62:53:5e:5e:db:29:51:86:cd:59:7e:33:c5:f6:bb:
30:9b:53:d2:27:34:c7:23:05:30:a7:6a:97:cb:c4:
3d:0e:57:fc:82:a5:b4:5c:ed:db:86:9b:40:0c:4b:
7a:1b:73:89:0b:1b:91:69:91:3b:e0:6e:88:7d:28:
f4:d0:69:b7:69:a5:47:25:cc:e2:05:ec:c8:e4:6b:
88:2d:60:a4:67:1c:b1:8f:02:ef:b3:83:c5:33:06:
6f:4d:a1:af:c7:2f:68:a8:ae:d5:8f:4b:7b:b7:8b:
42:24:1f:ed:c1:dd:e6:97:c5:a2:b6:23:a1:5f:73:
99:c3:c1:57:e5:d3:2c:57:96:33:41:4c:07:a9:ed:
f8:23:3b:97:4c:2e:ee:a3:f9:eb:61:a3:ae:be:be:
ef:51:4e:f6:84:60:f2:81:28:9f:bd:2f:43:82:20:
2a:1b:67:2f:a6:3f:4d:8b:8d:48:91:ce:cb:42:87:
fa:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:63:FE:61:3E:C1:42:8E:09:90:7E:F0:21:90:DD:B3:AF:BD:A9:71
X509v3 Authority Key Identifier:
keyid:5F:1F:A0:6D:5D:BA:DA:43:DE:44:F4:E4:B1:DC:94:92:BB:28:7C:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xx-gbV262kPeRPTksdyUkrsofJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/TGP-YT7BQo4JkH7wIZDds6-9qXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/Xx-gbV262kPeRPTksdyUkrsofJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.0.0/22
31.170.24.0/21
37.221.104.0/22
45.8.152.0/22
45.14.4.0/22
45.93.232.0/22
45.131.188.0/22
45.152.172.0/22
81.92.196.0/22
81.92.220.0/22
85.30.128.0/18
92.39.32.0/20
94.46.136.0/22
94.46.240.0/22
128.127.184.0/21
141.98.236.0/22
155.137.24.0/21
178.236.64.0/20
178.255.112.0/22
185.4.8.0/22
185.121.44.0/22
185.176.28.0/22
185.186.32.0/22
185.197.224.0/22
185.216.152.0/22
185.223.236.0/22
185.240.208.0/22
185.247.236.0/22
188.66.48.0/22
193.221.93.0/24
193.221.120.0/24
193.221.123.0/24
193.221.219.0/24
195.210.52.0/23
IPv6:
2a02:80::/29
2a02:1610::/32
Signature Algorithm: sha256WithRSAEncryption
96:51:0c:01:b1:46:60:b1:aa:26:f8:4c:71:61:7d:24:37:20:
c5:6c:0c:00:d6:3b:47:04:96:68:6c:e2:84:3a:d7:0f:22:a3:
dc:9e:0d:b3:11:ef:17:fe:a3:7b:92:eb:dc:af:a5:b2:c5:21:
55:da:cc:6c:d6:d1:9c:ac:d4:91:9e:66:28:c1:43:91:21:ca:
b9:d9:be:70:26:18:33:79:a6:a9:14:aa:3b:2a:0a:2d:40:2c:
1f:78:6e:df:ca:40:44:e6:b8:02:6e:84:c3:38:29:4c:90:0e:
83:02:78:8b:c6:30:66:04:21:25:3e:86:6f:de:96:c6:7b:a5:
80:fb:07:f7:a9:2b:1c:6a:d8:97:13:2e:67:31:42:cb:7a:63:
9b:92:b5:a2:13:71:55:6f:88:14:44:7f:d4:3f:1a:42:af:46:
65:b5:52:58:be:54:57:fd:4b:e0:78:10:d7:c2:10:f3:79:02:
1c:87:e6:0d:83:ba:8b:31:61:7f:2e:45:f4:94:55:7d:ed:7f:
c7:57:73:22:29:3f:87:77:21:99:89:f2:1d:51:bb:70:05:da:
f4:05:93:66:dd:d9:9c:a0:31:35:c3:2d:43:e1:c4:2b:f0:ac:
63:71:22:43:f2:7d:64:ec:9a:f8:1f:d1:69:69:5e:69:ce:83:
41:c4:38:52
-----BEGIN CERTIFICATE-----
MIIF3jCCBMagAwIBAgISAYkwIiGf1Lk2BvbM4/NfXUSOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMWZhMDZkNWRiYWRhNDNkZTQ0ZjRlNGIxZGM5NDkyYmIy
ODdjOWQwHhcNMjMwNzA3MTEzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzYzZmU2MTNlYzE0MjhlMDk5MDdlZjAyMTkwZGRiM2FmYmRhOTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGZ1sNN1bpUCSfiHVpbH+LxH/Mk3
IAGdJ9RR1uSOMqovUZLFdzgEfkH3A7+hw5/NRBl3po8tr+jhpVN0SkVb/N8k/UW8
Hu4/TtJiU15e2ylRhs1ZfjPF9rswm1PSJzTHIwUwp2qXy8Q9Dlf8gqW0XO3bhptA
DEt6G3OJCxuRaZE74G6IfSj00Gm3aaVHJcziBezI5GuILWCkZxyxjwLvs4PFMwZv
TaGvxy9oqK7Vj0t7t4tCJB/twd3ml8WitiOhX3OZw8FX5dMsV5YzQUwHqe34IzuX
TC7uo/nrYaOuvr7vUU72hGDygSifvS9DgiAqG2cvpj9Ni41Ikc7LQof6LQIDAQAB
o4IC6jCCAuYwHQYDVR0OBBYEFExj/mE+wUKOCZB+8CGQ3bOvvalxMB8GA1UdIwQY
MBaAFF8foG1dutpD3kT05LHclJK7KHydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHgtZ2JWMjYya1BlUlBUa3NkeVVrcnNvZkowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84NDdkMTctYmE3Yy00ZWFlLTlkNTUt
MjU4NDZkNTlmZDYwLzEvVEdQLVlUN0JRbzRKa0g3d0laRGRzNi05cVhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84NDdkMTctYmE3Yy00ZWFlLTlkNTUtMjU4NDZkNTlmZDYw
LzEvWHgtZ2JWMjYya1BlUlBUa3NkeVVrcnNvZkowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH/BggrBgEFBQcBBwEB/wSB7zCB7DCB0wQCAAEwgcwDBAIF
tAADBAMfqhgDBAIl3WgDBAItCJgDBAItDgQDBAItXegDBAItg7wDBAItmKwDBAJR
XMQDBAJRXNwDBAZVHoADBARcJyADBAJeLogDBAJeLvADBAOAf7gDBAKNYuwDBAOb
iRgDBASy7EADBAKy/3ADBAK5BAgDBAK5eSwDBAK5sBwDBAK5uiADBAK5xeADBAK5
2JgDBAK53+wDBAK58NADBAK59+wDBAK8QjADBADB3V0DBADB3XgDBADB3XsDBADB
3dsDBAHD0jQwFAQCAAIwDgMFAyoCAIADBQAqAhYQMA0GCSqGSIb3DQEBCwUAA4IB
AQCWUQwBsUZgsaom+ExxYX0kNyDFbAwA1jtHBJZobOKEOtcPIqPcng2zEe8X/qN7
kuvcr6WyxSFV2sxs1tGcrNSRnmYowUORIcq52b5wJhgzeaapFKo7KgotQCwfeG7f
ykBE5rgCboTDOClMkA6DAniLxjBmBCElPoZv3pbGe6WA+wf3qSscatiXEy5nMULL
emObkrWiE3FVb4gURH/UPxpCr0ZltVJYvlRX/UvgeBDXwhDzeQIch+YNg7qLMWF/
LkX0lFV97X/HV3MiKT+HdyGZifIdUbtwBdr0BZNm3dmcoDE1wy1D4cQr8KxjcSJD
8n1k7Jr4H9FpaV5pzoNBxDhS
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:04 2024 by rpki-client on console-ams.rpki-client.org