Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/9d54cb-7ceb-458f-bd77-b2283c9a536f/1/tek_QeY9-vLL1zf3LFiJFEWkWd0.roa
File: tek_QeY9-vLL1zf3LFiJFEWkWd0.roa (raw, json)
Hash identifier: K9AeSY/MLW+N6moYf/C4xltu9okkk5z0X3OJ6+H/kNA=
Subject key identifier: B5:E9:3F:41:E6:3D:FA:F2:CB:D7:37:F7:2C:58:89:14:45:A4:59:DD
Certificate issuer: /CN=912f169fc744cbe895a9f85edab796d4ac700029
Certificate serial: 0190C8CA880B19C07E971DA7E006903BB5EC
Authority key identifier: 91:2F:16:9F:C7:44:CB:E8:95:A9:F8:5E:DA:B7:96:D4:AC:70:00:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kS8Wn8dEy-iVqfhe2reW1KxwACk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/9d54cb-7ceb-458f-bd77-b2283c9a536f/1/tek_QeY9-vLL1zf3LFiJFEWkWd0.roa
Signing time: Fri 19 Jul 2024 02:20:34 +0000
ROA not before: Fri 19 Jul 2024 02:20:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43594
IP address blocks: 95.215.124.0/22 maxlen: 22
95.215.124.0/24 maxlen: 24
95.215.125.0/24 maxlen: 24
95.215.126.0/24 maxlen: 24
185.184.232.0/22 maxlen: 22
185.184.232.0/24 maxlen: 24
185.184.233.0/24 maxlen: 24
185.184.234.0/24 maxlen: 24
185.184.235.0/24 maxlen: 24
2a0b:4380::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 24 Jul 2024 13:42:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c8:ca:88:0b:19:c0:7e:97:1d:a7:e0:06:90:3b:b5:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=912f169fc744cbe895a9f85edab796d4ac700029
Validity
Not Before: Jul 19 02:20:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5e93f41e63dfaf2cbd737f72c58891445a459dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:89:91:cb:c2:ac:f9:36:28:34:e7:7f:c9:c7:
c0:c5:de:7f:0d:d0:c8:ba:a3:69:37:c8:a2:1d:40:
fc:bc:71:30:3b:e3:d1:ae:32:a8:ae:6b:b6:fb:d8:
40:88:5f:7a:ee:8d:81:15:a7:f3:17:f5:57:b8:1e:
e2:74:15:a5:f2:f9:74:fd:41:0a:0c:6b:bc:f2:0e:
4c:3c:e6:0e:41:e1:e0:b0:af:bc:01:3b:fb:4d:db:
71:ff:7c:e3:e2:a3:c8:87:4f:31:a6:17:ad:a5:df:
bf:fc:ea:e9:c5:0c:61:65:7e:96:3e:bc:99:65:39:
48:bb:2b:b4:a6:ff:3a:18:99:3c:a9:72:d1:ea:63:
b7:d4:28:3b:84:41:20:4f:fe:62:60:6b:25:37:48:
09:28:b3:19:2d:f4:12:c0:c2:94:ea:47:8b:0e:87:
41:ee:68:52:f0:c3:26:e1:bf:ed:14:cd:53:86:76:
85:19:04:1d:a0:c4:c9:27:91:11:27:d4:12:d0:26:
e4:47:c1:db:dc:39:0e:3d:90:d7:6d:e9:00:d2:a2:
e9:1c:5d:8a:94:6f:bc:83:f0:41:d6:80:e1:00:20:
96:29:a3:70:f3:0e:6a:16:26:43:e1:4b:a0:3f:fc:
a6:df:bf:bc:8e:a2:89:b5:e3:11:a8:7c:d3:ce:88:
5f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:E9:3F:41:E6:3D:FA:F2:CB:D7:37:F7:2C:58:89:14:45:A4:59:DD
X509v3 Authority Key Identifier:
keyid:91:2F:16:9F:C7:44:CB:E8:95:A9:F8:5E:DA:B7:96:D4:AC:70:00:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kS8Wn8dEy-iVqfhe2reW1KxwACk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9d54cb-7ceb-458f-bd77-b2283c9a536f/1/tek_QeY9-vLL1zf3LFiJFEWkWd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9d54cb-7ceb-458f-bd77-b2283c9a536f/1/kS8Wn8dEy-iVqfhe2reW1KxwACk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.215.124.0/22
185.184.232.0/22
IPv6:
2a0b:4380::/32
Signature Algorithm: sha256WithRSAEncryption
28:5b:58:0d:e3:06:3d:49:44:9f:cd:53:02:57:6c:d0:7e:f3:
b6:6f:29:71:ec:de:10:74:85:25:ad:5d:04:3e:54:bb:9c:47:
aa:ef:a0:57:77:e0:5e:ea:2f:93:26:e2:d1:32:24:4a:4c:c8:
f0:17:b0:0f:be:29:3e:f6:57:a5:01:93:42:99:d1:47:fa:d5:
55:1e:2b:43:d1:03:6f:45:23:ea:9f:9c:9a:f7:32:37:ad:65:
2c:79:bd:1e:b1:3c:2e:ce:16:df:c8:6b:cd:2a:b7:40:d7:bf:
5b:f1:c7:ee:1a:df:fe:31:a5:79:cc:14:17:3e:cb:5b:a7:55:
e8:84:1f:ce:19:5f:2d:18:b2:bd:ac:0b:cf:e2:42:c7:a2:c4:
f1:3e:f3:49:64:36:63:3e:06:23:0c:70:7c:cf:ae:a6:3d:ab:
57:ea:89:32:a2:a7:e1:c2:03:2c:fa:98:e6:18:74:6a:0f:f3:
98:df:27:2e:24:70:dc:8a:d8:3d:25:8f:75:0e:ab:d3:95:0a:
8d:4d:62:2c:0e:a6:4a:dd:08:80:7a:69:36:a8:02:a6:64:f5:
ab:f5:19:45:48:39:49:4c:51:1a:7a:24:80:12:3a:c2:23:af:
b9:77:cf:22:98:28:d4:cb:86:34:ad:ab:a1:03:45:5b:1f:30:
68:9e:5d:29
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZDIyogLGcB+lx2n4AaQO7XsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMmYxNjlmYzc0NGNiZTg5NWE5Zjg1ZWRhYjc5NmQ0YWM3
MDAwMjkwHhcNMjQwNzE5MDIyMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWU5M2Y0MWU2M2RmYWYyY2JkNzM3ZjcyYzU4ODkxNDQ1YTQ1OWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYmRy8Ks+TYoNOd/ycfAxd5/DdDI
uqNpN8iiHUD8vHEwO+PRrjKormu2+9hAiF967o2BFafzF/VXuB7idBWl8vl0/UEK
DGu88g5MPOYOQeHgsK+8ATv7Tdtx/3zj4qPIh08xphetpd+//OrpxQxhZX6WPryZ
ZTlIuyu0pv86GJk8qXLR6mO31Cg7hEEgT/5iYGslN0gJKLMZLfQSwMKU6keLDodB
7mhS8MMm4b/tFM1ThnaFGQQdoMTJJ5ERJ9QS0CbkR8Hb3DkOPZDXbekA0qLpHF2K
lG+8g/BB1oDhACCWKaNw8w5qFiZD4UugP/ym37+8jqKJteMRqHzTzohf4QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLXpP0HmPfryy9c39yxYiRRFpFndMB8GA1UdIwQY
MBaAFJEvFp/HRMvolan4Xtq3ltSscAApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1M4V244ZEV5LWlWcWZoZTJyZVcxS3h3QUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy85ZDU0Y2ItN2NlYi00NThmLWJkNzct
YjIyODNjOWE1MzZmLzEvdGVrX1FlWTktdkxMMXpmM0xGaUpGRVdrV2QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy85ZDU0Y2ItN2NlYi00NThmLWJkNzctYjIyODNjOWE1MzZm
LzEva1M4V244ZEV5LWlWcWZoZTJyZVcxS3h3QUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCX9d8AwQC
ubjoMA0EAgACMAcDBQAqC0OAMA0GCSqGSIb3DQEBCwUAA4IBAQAoW1gN4wY9SUSf
zVMCV2zQfvO2bylx7N4QdIUlrV0EPlS7nEeq76BXd+Be6i+TJuLRMiRKTMjwF7AP
vik+9lelAZNCmdFH+tVVHitD0QNvRSPqn5ya9zI3rWUseb0esTwuzhbfyGvNKrdA
179b8cfuGt/+MaV5zBQXPstbp1XohB/OGV8tGLK9rAvP4kLHosTxPvNJZDZjPgYj
DHB8z66mPatX6okyoqfhwgMs+pjmGHRqD/OY3ycuJHDcitg9JY91DqvTlQqNTWIs
DqZK3QiAemk2qAKmZPWr9RlFSDlJTFEaeiSAEjrCI6+5d88imCjUy4Y0rauhA0Vb
HzBonl0p
-----END CERTIFICATE-----
Generated at Wed Jul 24 16:28:32 2024 by rpki-client on console-fra.rpki-client.org