Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/TzQvgx6gSLqHKpcasuThfPxZez0.roa
File: TzQvgx6gSLqHKpcasuThfPxZez0.roa (raw, json)
Hash identifier: r/mDkUq9zfcnnaPoDk/mwqXwuZvV1K4en8ASVw2N+BY=
Subject key identifier: 4F:34:2F:83:1E:A0:48:BA:87:2A:97:1A:B2:E4:E1:7C:FC:59:7B:3D
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0190BEE62E2BC562E303EEC13E721EC667E5
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/TzQvgx6gSLqHKpcasuThfPxZez0.roa
Signing time: Wed 17 Jul 2024 04:14:34 +0000
ROA not before: Wed 17 Jul 2024 04:14:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
45.144.173.0/24 maxlen: 24
86.107.101.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
91.132.51.0/24 maxlen: 24
93.113.57.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
185.198.235.0/24 maxlen: 24
188.64.142.0/24 maxlen: 24
217.19.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jul 2024 06:13:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:be:e6:2e:2b:c5:62:e3:03:ee:c1:3e:72:1e:c6:67:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jul 17 04:14:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f342f831ea048ba872a971ab2e4e17cfc597b3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:95:1a:64:d9:e6:6b:64:fa:b4:6e:c2:c7:3c:
ef:34:db:49:2a:bc:43:49:59:cd:e6:6c:0a:88:97:
ab:58:a1:5e:91:ad:df:74:5f:ee:b9:2c:11:2b:d3:
4b:7b:f4:8d:44:d9:83:73:cb:96:bc:e3:6f:7e:b6:
7e:20:57:a0:8f:c3:c3:0f:70:bf:97:f5:60:2a:56:
37:7d:ed:4e:0d:50:f2:25:ef:17:a3:30:00:49:68:
ce:7d:62:52:db:cb:a1:8f:75:8e:93:85:d7:94:63:
59:59:2c:18:43:18:4d:04:71:85:ac:d1:8e:e3:fc:
3a:4b:36:cb:7b:92:dc:52:c5:2d:9b:e8:d0:cb:59:
e0:d1:e5:9e:e1:de:99:85:85:d3:ae:b3:1c:3b:e7:
e5:b5:e1:18:c2:1d:16:85:23:42:85:78:b2:9f:dd:
78:56:73:9c:73:0e:01:d8:79:70:53:c7:71:8a:87:
1a:ae:ce:a4:6d:c8:c0:4d:12:02:67:fc:bf:ec:a3:
79:4c:0f:e0:82:c8:42:95:a5:51:4f:da:94:08:ba:
1c:76:bc:c2:e3:20:62:f7:b3:8b:d4:d8:7b:d1:a6:
47:06:61:71:41:ba:18:cc:b8:63:33:ce:8a:8e:89:
44:7d:29:db:4c:0d:38:74:c9:6a:e3:0b:33:95:85:
ae:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:34:2F:83:1E:A0:48:BA:87:2A:97:1A:B2:E4:E1:7C:FC:59:7B:3D
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/TzQvgx6gSLqHKpcasuThfPxZez0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.182.0/23
45.144.173.0/24
86.107.101.0/24
89.34.106.0/24
91.132.51.0/24
93.113.57.0/24
93.114.183.0/24
185.198.235.0/24
188.64.142.0/24
217.19.4.0/24
Signature Algorithm: sha256WithRSAEncryption
46:b7:b6:b5:18:5e:c3:37:e3:19:55:fd:7d:86:c1:e2:27:9f:
5a:0a:29:79:0e:66:9b:26:fa:98:74:53:5a:bf:88:26:df:fc:
17:f0:2b:30:85:1c:c7:78:cc:14:3d:65:8b:9a:21:e6:9b:cb:
92:b8:b1:b6:ae:12:bd:d0:5d:c7:3c:f0:49:10:dd:27:43:42:
77:db:41:1c:63:09:e7:25:4d:3c:8f:38:16:2a:ad:48:5c:44:
5f:22:a5:3d:37:e1:fa:38:2f:06:4e:e7:cb:fe:58:fd:53:32:
fa:b1:c7:8d:4e:d3:d8:ce:b4:be:d7:1f:9b:7b:14:f5:74:b7:
be:2d:46:5c:97:f9:c4:9d:d2:ab:94:6c:d4:de:da:0b:0f:8c:
bf:dd:d6:69:5a:ac:9a:aa:f2:9e:a6:39:3f:12:44:4b:55:34:
b5:54:0f:84:76:8e:61:cf:22:b4:ce:8e:8f:e2:64:fc:81:b2:
27:67:8c:6e:3d:a3:1f:c8:80:e5:8b:78:4c:8b:a2:bc:d6:77:
05:cc:23:81:c2:4e:b6:cf:7f:e0:3f:06:29:c6:70:ce:e6:b8:
3d:49:c5:57:ec:18:8a:a4:22:36:0a:ac:a3:ab:01:38:b0:b6:
f3:23:00:98:20:45:55:1a:94:25:70:bb:7d:cd:b3:f1:19:72:
32:a1:60:aa
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZC+5i4rxWLjA+7BPnIexmflMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwNzE3MDQxNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjM0MmY4MzFlYTA0OGJhODcyYTk3MWFiMmU0ZTE3Y2ZjNTk3YjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJUaZNnma2T6tG7CxzzvNNtJKrxD
SVnN5mwKiJerWKFeka3fdF/uuSwRK9NLe/SNRNmDc8uWvONvfrZ+IFegj8PDD3C/
l/VgKlY3fe1ODVDyJe8XozAASWjOfWJS28uhj3WOk4XXlGNZWSwYQxhNBHGFrNGO
4/w6SzbLe5LcUsUtm+jQy1ng0eWe4d6ZhYXTrrMcO+flteEYwh0WhSNChXiyn914
VnOccw4B2HlwU8dxiocars6kbcjATRICZ/y/7KN5TA/ggshClaVRT9qUCLocdrzC
4yBi97OL1Nh70aZHBmFxQboYzLhjM86KjolEfSnbTA04dMlq4wszlYWu8QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFE80L4MeoEi6hyqXGrLk4Xz8WXs9MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvVHpRdmd4NmdTTHFIS3BjYXN1VGhmUHhaZXowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBLYe2AwQA
LZCtAwQAVmtlAwQAWSJqAwQAW4QzAwQAXXE5AwQAXXK3AwQAucbrAwQAvECOAwQA
2RMEMA0GCSqGSIb3DQEBCwUAA4IBAQBGt7a1GF7DN+MZVf19hsHiJ59aCil5Dmab
JvqYdFNav4gm3/wX8CswhRzHeMwUPWWLmiHmm8uSuLG2rhK90F3HPPBJEN0nQ0J3
20EcYwnnJU08jzgWKq1IXERfIqU9N+H6OC8GTufL/lj9UzL6sceNTtPYzrS+1x+b
exT1dLe+LUZcl/nEndKrlGzU3toLD4y/3dZpWqyaqvKepjk/EkRLVTS1VA+Edo5h
zyK0zo6P4mT8gbInZ4xuPaMfyIDli3hMi6K81ncFzCOBwk62z3/gPwYpxnDO5rg9
ScVX7BiKpCI2CqyjqwE4sLbzIwCYIEVVGpQlcLt9zbPxGXIyoWCq
-----END CERTIFICATE-----
Generated at Wed Jul 17 09:20:39 2024 by rpki-client on console-ams.rpki-client.org