Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/Tqlj96BH6-MGF4bx69A3di0XO0I.roa
File: Tqlj96BH6-MGF4bx69A3di0XO0I.roa (raw, json)
Hash identifier: ITJcQHNoJ61a5eBUVhviu+bOXn6giteqTLFEKy3x5W8=
Subject key identifier: 4E:A9:63:F7:A0:47:EB:E3:06:17:86:F1:EB:D0:37:76:2D:17:3B:42
Certificate issuer: /CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49
Certificate serial: 018A4C7584959A835EB92C6A73557A008A2E
Authority key identifier: DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/Tqlj96BH6-MGF4bx69A3di0XO0I.roa
Signing time: Thu 31 Aug 2023 16:38:04 +0000
ROA not before: Thu 31 Aug 2023 16:38:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28907
IP address blocks: 195.39.197.0/24 maxlen: 24
195.39.196.0/24 maxlen: 24
195.39.196.0/23 maxlen: 23
5.149.124.0/22 maxlen: 24
5.149.120.0/21 maxlen: 21
193.178.144.0/23 maxlen: 23
193.178.146.0/23 maxlen: 23
77.87.192.0/21 maxlen: 21
89.184.64.0/19 maxlen: 24
89.184.72.0/21 maxlen: 21
89.184.88.0/21 maxlen: 21
78.27.192.0/19 maxlen: 24
2a02:2278:235::/48 maxlen: 48
2a02:2278:204::/48 maxlen: 48
2a02:2278:100::/44 maxlen: 56
2a02:2278:236::/48 maxlen: 48
2a02:2278:ff00::/40 maxlen: 56
2a02:2278:7000::/40 maxlen: 56
2a02:2278:800::/40 maxlen: 56
2a02:2278:200::/40 maxlen: 56
2a02:2278::/40 maxlen: 56
2a02:2278::/32 maxlen: 32
2a02:2278:220::/48 maxlen: 48
2a02:2278:234::/48 maxlen: 48
2a02:2278:208::/48 maxlen: 48
2a02:2278:221::/48 maxlen: 48
2a02:2278:237::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 19 Dec 2023 09:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4c:75:84:95:9a:83:5e:b9:2c:6a:73:55:7a:00:8a:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49
Validity
Not Before: Aug 31 16:38:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ea963f7a047ebe3061786f1ebd037762d173b42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:89:fc:72:13:a2:ab:ab:44:56:e0:cb:f6:e5:
fe:5c:28:9e:08:1e:d5:13:ec:54:33:f8:65:c2:2f:
c7:27:2a:18:ee:11:64:01:c5:7a:07:c7:2e:31:c7:
d8:f0:11:7b:ee:7e:79:ad:c3:ac:cf:26:a2:80:4e:
e5:46:e8:48:0e:cb:5c:38:87:f9:ca:9a:e8:7f:06:
ce:85:d3:05:f4:df:39:6f:35:b3:5a:f3:35:6d:cc:
31:3d:88:f5:a7:36:4c:b5:8a:4a:69:06:72:bd:ce:
95:6d:2c:fa:00:a2:3a:84:fe:dc:b3:08:a3:2d:ca:
48:ec:ec:0a:a2:0e:d6:b1:24:a4:48:6b:2f:4c:ef:
6b:e5:2e:e3:f1:43:45:a3:6e:cc:90:4c:53:12:bf:
b2:6b:35:ac:a2:2b:b3:90:b5:db:ee:92:60:c7:e1:
e7:51:48:42:f4:6d:84:cd:ac:5d:ed:78:a8:b4:e8:
03:ac:fb:fb:84:7f:29:1b:7e:40:38:95:64:0d:20:
13:88:ef:da:4d:91:b9:dc:9c:97:40:0b:08:3e:a5:
35:79:0b:90:fb:1a:04:19:0b:6d:e0:87:bf:75:e0:
25:d3:7c:ae:38:18:6d:72:ae:05:54:91:a9:ef:c0:
20:55:04:4a:4d:89:d4:e6:bb:76:51:b5:85:1e:dd:
d0:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:A9:63:F7:A0:47:EB:E3:06:17:86:F1:EB:D0:37:76:2D:17:3B:42
X509v3 Authority Key Identifier:
keyid:DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/Tqlj96BH6-MGF4bx69A3di0XO0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/3R2uzTCut0ZSu92l2tlnbOSIqkk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.120.0/21
77.87.192.0/21
78.27.192.0/19
89.184.64.0/19
193.178.144.0/22
195.39.196.0/23
IPv6:
2a02:2278::/32
Signature Algorithm: sha256WithRSAEncryption
a9:e6:b7:26:70:02:92:fe:fa:96:c8:42:66:8f:35:40:f2:63:
c2:95:cc:16:41:54:02:7a:90:45:28:99:ba:c7:e6:86:8e:22:
90:92:d0:de:f0:e7:39:16:e4:0f:b4:08:87:0a:cb:36:6a:3e:
33:da:ea:a7:22:be:b1:bd:96:ed:66:54:37:af:48:c4:ae:85:
d1:89:cf:00:e1:1e:c6:91:91:90:63:73:5a:cc:08:e6:ce:a6:
c0:bb:be:92:8e:53:4b:b5:de:19:2c:38:bb:45:2e:dc:85:35:
73:68:8f:2b:f3:42:53:da:e7:a1:8f:74:e0:57:fb:96:61:71:
5e:1b:d4:33:c1:0d:e8:00:5e:92:f1:1d:2c:06:f1:e3:34:64:
75:9d:b4:4a:a9:51:32:95:3b:1c:98:81:46:3a:d4:2f:eb:10:
42:39:03:4e:03:06:0b:0d:2d:79:81:57:37:f3:09:10:24:34:
32:c4:10:eb:72:62:eb:55:98:f9:b6:a6:25:83:6e:3c:1f:ba:
ee:1c:65:6c:30:e4:2a:e2:ce:98:75:07:d1:84:cf:72:45:cf:
5f:15:c0:60:be:70:b1:41:c0:ae:97:2d:22:69:ed:6e:f0:13:
fc:a4:4e:68:22:a7:36:81:8d:04:f9:fa:40:df:54:68:14:d4:
b5:0e:ae:e0
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYpMdYSVmoNeuSxqc1V6AIouMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMWRhZWNkMzBhZWI3NDY1MmJiZGRhNWRhZDk2NzZjZTQ4
OGFhNDkwHhcNMjMwODMxMTYzODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWE5NjNmN2EwNDdlYmUzMDYxNzg2ZjFlYmQwMzc3NjJkMTczYjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYn8chOiq6tEVuDL9uX+XCieCB7V
E+xUM/hlwi/HJyoY7hFkAcV6B8cuMcfY8BF77n55rcOszyaigE7lRuhIDstcOIf5
yprofwbOhdMF9N85bzWzWvM1bcwxPYj1pzZMtYpKaQZyvc6VbSz6AKI6hP7cswij
LcpI7OwKog7WsSSkSGsvTO9r5S7j8UNFo27MkExTEr+yazWsoiuzkLXb7pJgx+Hn
UUhC9G2Ezaxd7XiotOgDrPv7hH8pG35AOJVkDSATiO/aTZG53JyXQAsIPqU1eQuQ
+xoEGQtt4Ie/deAl03yuOBhtcq4FVJGp78AgVQRKTYnU5rt2UbWFHt3QDwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFE6pY/egR+vjBheG8evQN3YtFztCMB8GA1UdIwQY
MBaAFN0drs0wrrdGUrvdpdrZZ2zkiKpJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTct
MDYwYWMwODkwOTY2LzEvVHFsajk2Qkg2LU1HRjRieDY5QTNkaTBYTzBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTctMDYwYWMwODkwOTY2
LzEvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDBZV4AwQD
TVfAAwQFThvAAwQFWbhAAwQCwbKQAwQBwyfEMA0EAgACMAcDBQAqAiJ4MA0GCSqG
SIb3DQEBCwUAA4IBAQCp5rcmcAKS/vqWyEJmjzVA8mPClcwWQVQCepBFKJm6x+aG
jiKQktDe8Oc5FuQPtAiHCss2aj4z2uqnIr6xvZbtZlQ3r0jEroXRic8A4R7GkZGQ
Y3NazAjmzqbAu76SjlNLtd4ZLDi7RS7chTVzaI8r80JT2uehj3TgV/uWYXFeG9Qz
wQ3oAF6S8R0sBvHjNGR1nbRKqVEylTscmIFGOtQv6xBCOQNOAwYLDS15gVc38wkQ
JDQyxBDrcmLrVZj5tqYlg248H7ruHGVsMOQq4s6YdQfRhM9yRc9fFcBgvnCxQcCu
ly0iae1u8BP8pE5oIqc2gY0E+fpA31RoFNS1Dq7g
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:20 2024 by rpki-client on console-fra.rpki-client.org