Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/TqkFB_FlNUcVE4MqOlHl62itG68.roa
File: TqkFB_FlNUcVE4MqOlHl62itG68.roa (raw, json)
Hash identifier: fHDfreNKL9kVt7/FLHGUv+MLKurTYrwxwHGGQQyCie4=
Subject key identifier: 4E:A9:05:07:F1:65:35:47:15:13:83:2A:3A:51:E5:EB:68:AD:1B:AF
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 018B60C8D339CD11C65A6AE0B7AA1AC37208
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/TqkFB_FlNUcVE4MqOlHl62itG68.roa
Signing time: Tue 24 Oct 2023 08:24:15 +0000
ROA not before: Tue 24 Oct 2023 08:24:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34471
IP address blocks: 185.228.124.0/22 maxlen: 24
185.176.104.0/22 maxlen: 24
185.10.248.0/22 maxlen: 24
109.235.16.0/21 maxlen: 24
185.83.132.0/22 maxlen: 24
185.153.16.0/22 maxlen: 24
185.70.152.0/22 maxlen: 24
89.40.84.0/22 maxlen: 24
37.122.219.0/24 maxlen: 24
194.156.72.0/22 maxlen: 24
185.5.84.0/22 maxlen: 24
46.28.160.0/21 maxlen: 24
91.242.148.0/22 maxlen: 24
176.56.64.0/19 maxlen: 24
193.246.154.0/23 maxlen: 24
193.246.156.0/23 maxlen: 24
185.4.32.0/22 maxlen: 24
31.25.176.0/21 maxlen: 24
185.239.160.0/22 maxlen: 24
185.205.253.0/24 maxlen: 24
185.205.254.0/24 maxlen: 24
2a09:eac0::/29 maxlen: 29
2a05:9b00::/29 maxlen: 29
2a0b:c40::/29 maxlen: 29
2a02:5fc0::/32 maxlen: 48
2a05:a800::/29 maxlen: 29
2a02:5dc0::/32 maxlen: 32
2a06:3c00::/29 maxlen: 29
2a03:440::/32 maxlen: 32
2a0a:1280::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:60:c8:d3:39:cd:11:c6:5a:6a:e0:b7:aa:1a:c3:72:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Oct 24 08:24:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ea90507f16535471513832a3a51e5eb68ad1baf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:e6:ba:99:0a:0a:93:46:7b:67:61:05:d7:18:
84:b6:3a:fe:21:13:e4:64:77:a6:4a:ae:f2:1b:53:
d9:d6:51:20:2a:1d:c6:83:c5:4b:ba:12:48:83:05:
73:29:2e:9d:15:52:1b:e4:80:98:f0:5c:a8:07:88:
2d:ca:f2:8e:42:a0:b8:9d:f8:65:ad:36:01:af:0b:
c6:42:f7:e1:ef:2a:bb:75:18:3e:44:8a:b9:73:02:
44:1b:4e:b2:d2:bc:7d:1d:99:d4:eb:2e:7d:1f:d5:
2d:af:50:5e:90:ea:a3:f9:49:7f:c5:68:e6:fb:0c:
77:9f:25:01:b5:23:57:8c:43:fb:4a:27:0f:aa:1b:
48:01:cb:90:35:18:61:ff:d5:8e:ed:23:07:a9:34:
76:31:aa:56:b0:3e:3e:cc:df:3d:68:b4:98:59:0a:
94:6f:40:6b:d1:f9:eb:cb:f7:d8:6a:42:4f:74:d6:
34:29:21:ce:d2:ce:fa:dc:cb:2b:91:65:61:b6:c9:
88:10:c4:87:d8:9f:0f:5d:a7:33:db:e5:40:46:b6:
8c:dc:1f:f2:55:63:5b:e5:fd:8a:9e:bf:95:fb:53:
48:d1:ab:d0:60:a6:a8:43:26:f3:40:df:72:3b:35:
99:1b:c9:80:87:13:14:3e:fa:b7:80:b0:aa:2d:b5:
1a:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:A9:05:07:F1:65:35:47:15:13:83:2A:3A:51:E5:EB:68:AD:1B:AF
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/TqkFB_FlNUcVE4MqOlHl62itG68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.176.0/21
37.122.219.0/24
46.28.160.0/21
89.40.84.0/22
91.242.148.0/22
109.235.16.0/21
176.56.64.0/19
185.4.32.0/22
185.5.84.0/22
185.10.248.0/22
185.70.152.0/22
185.83.132.0/22
185.153.16.0/22
185.176.104.0/22
185.205.253.0-185.205.254.255
185.228.124.0/22
185.239.160.0/22
193.246.154.0-193.246.157.255
194.156.72.0/22
IPv6:
2a02:5dc0::/32
2a02:5fc0::/32
2a03:440::/32
2a05:9b00::/29
2a05:a800::/29
2a06:3c00::/29
2a09:eac0::/29
2a0a:1280::/29
2a0b:c40::/29
Signature Algorithm: sha256WithRSAEncryption
b1:42:ac:1b:e2:bf:b5:f2:f4:be:8d:7e:c1:32:43:d7:83:27:
24:23:81:32:0b:4b:74:03:6c:c1:1c:1f:61:f6:55:90:60:4f:
2f:4e:bc:48:b8:1e:46:4c:9c:16:65:3d:4d:4d:f7:fe:a0:43:
7a:d7:6c:5e:af:74:33:92:b2:e1:b9:b4:9c:50:05:1e:24:bc:
c5:17:62:76:c9:c2:b4:15:e2:0f:21:df:96:40:cc:d7:67:33:
8c:60:7e:c9:d2:b6:97:7e:54:52:2a:6f:44:bd:5e:df:e2:9c:
04:00:41:8a:15:68:9f:3a:a0:bf:11:ce:e4:33:3c:b0:91:96:
5c:de:82:ff:06:f4:89:01:57:24:53:54:e1:32:f6:41:97:57:
b4:1c:4e:b8:71:80:68:90:68:0a:37:9a:a8:5e:fa:c2:23:13:
46:35:80:70:2a:6b:03:4e:c5:09:9f:a3:26:36:57:ef:92:65:
99:6e:a5:8b:cd:eb:6e:4a:5d:d9:af:f2:77:54:c9:f8:d2:ae:
af:49:e5:79:d8:b7:d3:fa:23:b9:27:0f:43:cf:62:b6:47:91:
38:da:b3:45:f1:62:45:a2:d2:f5:10:ca:a8:ec:47:7a:2f:29:
c0:e6:d6:4e:74:c3:0d:e8:c5:fe:c7:42:e1:f6:ec:ba:c8:7f:
02:c7:68:48
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgISAYtgyNM5zRHGWmrgt6oaw3IIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjMxMDI0MDgyNDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWE5MDUwN2YxNjUzNTQ3MTUxMzgzMmEzYTUxZTVlYjY4YWQxYmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgua6mQoKk0Z7Z2EF1xiEtjr+IRPk
ZHemSq7yG1PZ1lEgKh3Gg8VLuhJIgwVzKS6dFVIb5ICY8FyoB4gtyvKOQqC4nfhl
rTYBrwvGQvfh7yq7dRg+RIq5cwJEG06y0rx9HZnU6y59H9Utr1BekOqj+Ul/xWjm
+wx3nyUBtSNXjEP7SicPqhtIAcuQNRhh/9WO7SMHqTR2MapWsD4+zN89aLSYWQqU
b0Br0fnry/fYakJPdNY0KSHO0s763MsrkWVhtsmIEMSH2J8PXacz2+VARraM3B/y
VWNb5f2Knr+V+1NI0avQYKaoQybzQN9yOzWZG8mAhxMUPvq3gLCqLbUaiwIDAQAB
o4IC0TCCAs0wHQYDVR0OBBYEFE6pBQfxZTVHFRODKjpR5etorRuvMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvVHFrRkJfRmxOVWNWRTRNcU9sSGw2Mml0RzY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHmBggrBgEFBQcBBwEB/wSB1jCB0zCBiQQCAAEwgYIDBAMf
GbADBAAletsDBAMuHKADBAJZKFQDBAJb8pQDBANt6xADBAWwOEADBAK5BCADBAK5
BVQDBAK5CvgDBAK5RpgDBAK5U4QDBAK5mRADBAK5sGgwDAMEALnN/QMEALnN/gME
ArnkfAMEArnvoDAMAwQBwfaaAwQBwfacAwQCwpxIMEUEAgACMD8DBQAqAl3AAwUA
KgJfwAMFACoDBEADBQMqBZsAAwUDKgWoAAMFAyoGPAADBQMqCerAAwUDKgoSgAMF
AyoLDEAwDQYJKoZIhvcNAQELBQADggEBALFCrBviv7Xy9L6NfsEyQ9eDJyQjgTIL
S3QDbMEcH2H2VZBgTy9OvEi4HkZMnBZlPU1N9/6gQ3rXbF6vdDOSsuG5tJxQBR4k
vMUXYnbJwrQV4g8h35ZAzNdnM4xgfsnStpd+VFIqb0S9Xt/inAQAQYoVaJ86oL8R
zuQzPLCRllzegv8G9IkBVyRTVOEy9kGXV7QcTrhxgGiQaAo3mqhe+sIjE0Y1gHAq
awNOxQmfoyY2V++SZZlupYvN625KXdmv8ndUyfjSrq9J5XnYt9P6I7knD0PPYrZH
kTjas0XxYkWi0vUQyqjsR3ovKcDm1k50ww3oxf7HQuH27LrIfwLHaEg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:47 2024 by rpki-client on console-ams.rpki-client.org