Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/TVquZsqXMXic-JhX9E-ERLOkDIg.roa
File: TVquZsqXMXic-JhX9E-ERLOkDIg.roa (raw, json)
Hash identifier: ZSPTR/uCXNK/kUXRhDILLpHRV7q5q9qeyJAkLaOuKCM=
Subject key identifier: 4D:5A:AE:66:CA:97:31:78:9C:F8:98:57:F4:4F:84:44:B3:A4:0C:88
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018D21F614DB0AEFA2CC46E8B3000A9DFC14
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/TVquZsqXMXic-JhX9E-ERLOkDIg.roa
Signing time: Fri 19 Jan 2024 13:43:11 +0000
ROA not before: Fri 19 Jan 2024 13:43:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 86.107.51.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
89.34.202.0/24 maxlen: 24
89.34.219.0/24 maxlen: 24
89.35.129.0/24 maxlen: 24
89.35.131.0/24 maxlen: 24
89.37.192.0/24 maxlen: 24
89.40.215.0/24 maxlen: 24
89.43.62.0/24 maxlen: 24
94.176.215.0/24 maxlen: 24
188.241.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Jan 2024 17:28:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:21:f6:14:db:0a:ef:a2:cc:46:e8:b3:00:0a:9d:fc:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 19 13:43:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d5aae66ca9731789cf89857f44f8444b3a40c88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:20:03:14:c8:64:26:96:86:04:10:15:a3:f4:
31:d5:78:1e:e4:1b:38:f5:23:7c:ee:36:a6:fd:0b:
6b:d9:70:5c:8e:d3:53:e9:71:fa:23:c7:2a:a8:c3:
57:5b:00:11:d9:39:ba:d6:54:73:8b:eb:32:cd:6a:
35:e8:d7:76:64:e1:0d:09:ce:1e:4e:74:3f:0c:17:
43:03:c9:0e:19:7e:aa:ab:d9:fa:48:f4:9e:31:04:
66:96:70:e4:8f:8f:b9:e2:26:27:f1:8c:d7:20:a9:
51:53:5c:7b:76:2e:a5:02:9a:44:dd:76:3f:85:39:
b1:d0:00:4d:5d:30:0d:eb:90:bd:90:d0:c5:3c:30:
03:a6:5a:b2:54:0b:e1:f8:fb:d2:22:2f:54:e4:68:
42:74:c8:5a:1a:49:91:0d:de:01:39:37:6c:1c:e4:
99:b4:76:e2:bf:46:3f:5f:9f:dc:79:8c:4a:ec:54:
e8:69:13:82:3e:42:e4:b2:bc:c9:04:82:75:d0:b7:
54:52:50:82:9e:58:1f:bc:2f:3c:f1:f0:eb:1b:cb:
36:a3:92:f7:5d:d6:ad:95:b2:ce:31:e8:30:94:58:
a4:b6:0b:01:e2:bb:8f:22:5a:d5:f8:dd:cf:8e:6e:
18:31:15:af:0b:6d:24:cd:aa:33:45:86:4b:fb:53:
b0:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:5A:AE:66:CA:97:31:78:9C:F8:98:57:F4:4F:84:44:B3:A4:0C:88
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/TVquZsqXMXic-JhX9E-ERLOkDIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.51.0/24
89.34.106.0/24
89.34.202.0/24
89.34.219.0/24
89.35.129.0/24
89.35.131.0/24
89.37.192.0/24
89.40.215.0/24
89.43.62.0/24
94.176.215.0/24
188.241.137.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:06:72:c2:0a:8f:80:8e:de:eb:7f:61:be:c4:7c:55:9d:d6:
78:79:c5:12:12:5a:ae:b0:48:9c:5b:5f:68:59:17:c8:77:d7:
6c:4c:ca:ac:09:ec:b6:1b:b1:fc:18:29:3e:df:5e:0f:57:2a:
0f:a8:c3:3f:50:18:1b:f2:2a:b4:d9:56:97:90:b3:f7:28:4c:
ea:28:45:38:20:c6:8e:ae:b1:43:d6:1a:95:2b:f2:00:11:cb:
4f:06:6c:83:02:f4:72:87:10:55:ff:0e:2f:ee:41:e3:01:ea:
77:9c:c8:a1:85:a6:91:46:ec:39:ad:9b:7b:29:8b:3a:89:0b:
ab:6e:e1:2a:b8:0c:58:ef:1d:50:84:f5:2a:7a:e9:a4:37:cf:
b1:55:1e:43:e3:e9:6b:c4:1a:6f:c9:32:97:b1:97:3a:d8:00:
61:61:fa:1e:2e:6a:c8:74:01:b6:2e:ee:ee:99:a7:d8:a2:74:
fc:19:6b:9c:68:7c:f3:16:f5:7d:f4:e5:01:2a:d5:5a:0b:46:
83:19:d4:1a:83:96:31:b4:70:b4:fe:09:0b:40:7a:5b:20:55:
14:b6:fb:de:3a:87:7c:97:62:09:4e:0f:b2:46:ac:b6:f6:0f:
0d:9f:8f:1e:97:54:b3:47:96:7a:8d:89:91:dd:cf:7f:42:51:
9f:06:10:a3
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAY0h9hTbCu+izEboswAKnfwUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwMTE5MTM0MzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDVhYWU2NmNhOTczMTc4OWNmODk4NTdmNDRmODQ0NGIzYTQwYzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyADFMhkJpaGBBAVo/Qx1Xge5Bs4
9SN87jam/Qtr2XBcjtNT6XH6I8cqqMNXWwAR2Tm61lRzi+syzWo16Nd2ZOENCc4e
TnQ/DBdDA8kOGX6qq9n6SPSeMQRmlnDkj4+54iYn8YzXIKlRU1x7di6lAppE3XY/
hTmx0ABNXTAN65C9kNDFPDADplqyVAvh+PvSIi9U5GhCdMhaGkmRDd4BOTdsHOSZ
tHbiv0Y/X5/ceYxK7FToaROCPkLksrzJBIJ10LdUUlCCnlgfvC888fDrG8s2o5L3
XdatlbLOMegwlFiktgsB4ruPIlrV+N3Pjm4YMRWvC20kzaozRYZL+1OwPQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFE1armbKlzF4nPiYV/RPhESzpAyIMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvVFZxdVpzcVhNWGljLUpoWDlFLUVSTE9rRElnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAVmszAwQA
WSJqAwQAWSLKAwQAWSLbAwQAWSOBAwQAWSODAwQAWSXAAwQAWSjXAwQAWSs+AwQA
XrDXAwQAvPGJMA0GCSqGSIb3DQEBCwUAA4IBAQCLBnLCCo+Ajt7rf2G+xHxVndZ4
ecUSElqusEicW19oWRfId9dsTMqsCey2G7H8GCk+314PVyoPqMM/UBgb8iq02VaX
kLP3KEzqKEU4IMaOrrFD1hqVK/IAEctPBmyDAvRyhxBV/w4v7kHjAep3nMihhaaR
Ruw5rZt7KYs6iQurbuEquAxY7x1QhPUqeumkN8+xVR5D4+lrxBpvyTKXsZc62ABh
YfoeLmrIdAG2Lu7umafYonT8GWucaHzzFvV99OUBKtVaC0aDGdQag5YxtHC0/gkL
QHpbIFUUtvveOod8l2IJTg+yRqy29g8Nn48el1SzR5Z6jYmR3c9/QlGfBhCj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:07 2024 by rpki-client on console-fra.rpki-client.org