Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/TQTea4iWUiQp_wOurnWI5a9OZfE.roa
File: TQTea4iWUiQp_wOurnWI5a9OZfE.roa (raw, json)
Hash identifier: Rh3Ijt+4RbOmhL7v6r9WQusUsZkceqtu77QFPEo12d0=
Subject key identifier: 4D:04:DE:6B:88:96:52:24:29:FF:03:AE:AE:75:88:E5:AF:4E:65:F1
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01893B5DCDECB810CAE21C1F8307FCE1F915
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/TQTea4iWUiQp_wOurnWI5a9OZfE.roa
Signing time: Sun 09 Jul 2023 15:55:50 +0000
ROA not before: Sun 09 Jul 2023 15:55:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.209.38.0/24 maxlen: 24
185.230.52.0/24 maxlen: 24
185.210.233.0/24 maxlen: 24
185.209.74.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
193.58.146.0/24 maxlen: 24
45.147.224.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
185.214.108.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 10 Jul 2023 08:49:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:3b:5d:cd:ec:b8:10:ca:e2:1c:1f:83:07:fc:e1:f9:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jul 9 15:55:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d04de6b8896522429ff03aeae7588e5af4e65f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:19:69:99:f3:3c:34:7d:38:05:15:d7:62:fa:
79:cc:7b:ad:b2:9f:18:c8:cd:83:1f:38:92:a9:35:
80:ea:98:e4:3c:65:10:bc:11:d9:66:a9:0b:49:4e:
31:54:22:05:93:54:cf:8e:e9:40:59:05:57:8e:65:
f3:d4:15:6e:13:ca:26:8a:0f:32:c4:b2:d5:2b:d0:
33:e7:ed:b8:67:74:54:1a:3b:17:da:07:10:2d:39:
5b:fd:c7:10:eb:d0:37:df:c5:9e:a6:44:f4:9a:81:
86:ea:90:c8:f2:2f:54:ae:de:56:85:a9:eb:b4:73:
8f:86:d2:cc:34:4d:85:74:9b:f3:f8:1d:f6:0d:48:
1d:71:c7:93:66:b8:09:c5:2c:cc:4e:34:fe:cd:70:
c0:c3:44:61:24:3f:e8:20:d3:ec:64:e3:26:86:02:
34:65:b5:2f:af:b2:05:0c:49:08:56:09:e9:a9:a4:
1d:88:07:ab:02:21:de:5b:5a:45:f8:2c:7c:2c:a2:
97:0a:aa:52:6c:ec:09:32:b2:04:ef:2e:76:31:b9:
d3:75:34:fe:40:8a:05:13:50:87:66:c4:0a:fe:72:
8f:8d:e1:39:43:fa:f5:06:65:23:2a:53:95:c1:0d:
ee:ba:f7:86:fe:93:7d:28:25:8f:78:b5:a6:3f:ed:
d4:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:04:DE:6B:88:96:52:24:29:FF:03:AE:AE:75:88:E5:AF:4E:65:F1
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/TQTea4iWUiQp_wOurnWI5a9OZfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.147.224.0/24
185.209.38.0/24
185.209.74.0/24
185.210.233.0/24
185.214.108.0/24
185.225.0.0/23
185.230.52.0/24
193.58.146.0/23
Signature Algorithm: sha256WithRSAEncryption
a5:fb:e7:ce:87:ce:c8:47:5c:16:b2:a9:c2:2e:09:cc:52:e5:
51:c0:26:f4:03:d4:af:6f:4a:3e:91:0b:26:01:f7:f9:59:b8:
9a:98:4b:0c:92:6d:8b:96:d0:42:06:f4:ba:69:01:0f:ed:7a:
cd:cb:a6:06:f3:5d:57:f9:f7:2c:d7:7b:3c:c6:8c:0b:70:cc:
c2:e0:5c:ba:5d:b9:67:63:f2:5f:6a:36:64:71:40:f5:b3:5d:
57:8f:9c:65:38:4a:2a:fe:3b:1a:2b:1b:dc:16:32:4d:17:b9:
98:c7:8d:48:33:74:26:6d:66:3b:46:f4:ab:26:2b:1f:74:84:
ab:7a:1f:90:51:0f:16:ac:09:a9:58:3b:1a:ee:54:5e:f9:aa:
46:6d:51:5f:42:cb:d9:91:56:ab:d8:91:a3:f5:36:23:40:11:
09:7a:21:36:4d:1e:72:cf:41:94:66:5d:8f:ee:0f:73:fe:eb:
b3:65:0d:78:02:80:55:2d:44:c8:88:b2:27:2b:68:3a:71:3f:
b6:9c:7f:01:ef:7d:32:d0:97:1a:93:4b:56:97:05:a8:3a:b2:
fc:22:4f:a9:42:3b:9c:2b:06:d3:4f:5b:ee:dd:a3:23:a8:6b:
cf:4a:57:13:f3:1f:a4:0f:ce:ea:ab:d0:b8:84:9a:82:9c:98:
9c:e3:72:97
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYk7Xc3suBDK4hwfgwf84fkVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNzA5MTU1NTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDA0ZGU2Yjg4OTY1MjI0MjlmZjAzYWVhZTc1ODhlNWFmNGU2NWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRlpmfM8NH04BRXXYvp5zHutsp8Y
yM2DHziSqTWA6pjkPGUQvBHZZqkLSU4xVCIFk1TPjulAWQVXjmXz1BVuE8omig8y
xLLVK9Az5+24Z3RUGjsX2gcQLTlb/ccQ69A338WepkT0moGG6pDI8i9Urt5Whanr
tHOPhtLMNE2FdJvz+B32DUgdcceTZrgJxSzMTjT+zXDAw0RhJD/oINPsZOMmhgI0
ZbUvr7IFDEkIVgnpqaQdiAerAiHeW1pF+Cx8LKKXCqpSbOwJMrIE7y52MbnTdTT+
QIoFE1CHZsQK/nKPjeE5Q/r1BmUjKlOVwQ3uuveG/pN9KCWPeLWmP+3UzwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFE0E3muIllIkKf8Drq51iOWvTmXxMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvVFFUZWE0aVdVaVFwX3dPdXJuV0k1YTlPWmZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALQgVAwQA
LZPgAwQAudEmAwQAudFKAwQAudLpAwQAudZsAwQBueEAAwQAueY0AwQBwTqSMA0G
CSqGSIb3DQEBCwUAA4IBAQCl++fOh87IR1wWsqnCLgnMUuVRwCb0A9Svb0o+kQsm
Aff5WbiamEsMkm2LltBCBvS6aQEP7XrNy6YG811X+fcs13s8xowLcMzC4Fy6Xbln
Y/JfajZkcUD1s11Xj5xlOEoq/jsaKxvcFjJNF7mYx41IM3QmbWY7RvSrJisfdISr
eh+QUQ8WrAmpWDsa7lRe+apGbVFfQsvZkVar2JGj9TYjQBEJeiE2TR5yz0GUZl2P
7g9z/uuzZQ14AoBVLUTIiLInK2g6cT+2nH8B730y0Jcak0tWlwWoOrL8Ik+pQjuc
KwbTT1vu3aMjqGvPSlcT8x+kD87qq9C4hJqCnJic43KX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:26 2024 by rpki-client on console-ams.rpki-client.org