Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/TQcfyXRNMTOM91R6RcOjfqqPcak.roa
File: TQcfyXRNMTOM91R6RcOjfqqPcak.roa (raw, json)
Hash identifier: LpAIRved354tF1a4wLm/D5w1myrDgc4Fsiysoys2j/Q=
Subject key identifier: 4D:07:1F:C9:74:4D:31:33:8C:F7:54:7A:45:C3:A3:7E:AA:8F:71:A9
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018894EF53671B72408058667F557F615A95
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/TQcfyXRNMTOM91R6RcOjfqqPcak.roa
Signing time: Wed 07 Jun 2023 08:18:12 +0000
ROA not before: Wed 07 Jun 2023 08:18:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200482
IP address blocks: 194.5.65.0/24 maxlen: 24
185.218.100.0/24 maxlen: 24
185.218.102.0/24 maxlen: 24
185.210.232.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Jun 2023 08:27:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:94:ef:53:67:1b:72:40:80:58:66:7f:55:7f:61:5a:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 7 08:18:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d071fc9744d31338cf7547a45c3a37eaa8f71a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a5:46:57:da:56:63:3e:54:90:eb:c7:07:1d:
e0:6b:a3:b7:ba:33:7e:67:2c:c5:5d:0f:db:30:31:
52:33:d0:9b:11:4d:52:63:5c:f9:64:45:db:ff:fc:
c4:59:a8:40:ed:3a:1f:f0:3b:ea:d6:9a:05:ec:89:
40:4d:0c:8b:a1:b0:c8:15:9a:18:b3:de:16:e1:f4:
32:57:12:9a:c6:bf:23:3b:05:66:1c:81:06:45:43:
f7:39:95:89:69:cb:6e:d2:ad:a9:9a:6f:9f:38:66:
f8:fe:2c:49:83:11:88:19:e8:01:4f:f0:f5:fb:b8:
ef:dc:45:b3:bd:ed:b4:6f:8e:1a:f9:3b:f6:35:39:
00:c7:23:1c:ee:bb:7a:be:82:3d:37:55:48:51:d5:
f5:a4:eb:86:05:33:59:d9:cb:ef:51:13:92:a0:f5:
55:39:3e:b9:99:dd:e9:95:e1:96:b6:f5:c1:7d:b4:
99:70:06:ad:25:37:e3:26:1e:2f:2a:80:e9:af:6a:
a1:b9:fc:7e:bd:db:8c:98:a0:ae:e5:f7:ca:ff:45:
11:86:36:f2:05:07:5a:08:c5:42:0e:35:06:7a:6e:
07:b4:ed:69:3f:47:40:8f:33:ac:7e:d0:b5:80:da:
cb:bc:ad:9d:28:a5:04:30:d5:e2:e8:f2:70:fb:c0:
6b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:07:1F:C9:74:4D:31:33:8C:F7:54:7A:45:C3:A3:7E:AA:8F:71:A9
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/TQcfyXRNMTOM91R6RcOjfqqPcak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.232.0/24
185.218.100.0/24
185.218.102.0/24
194.5.65.0/24
Signature Algorithm: sha256WithRSAEncryption
62:d4:90:f8:13:06:82:e6:67:9d:19:87:73:d2:44:1f:bf:65:
80:a7:af:f6:19:79:70:76:60:c6:cc:80:66:2f:33:dd:7f:e4:
f8:d7:8b:88:03:c2:55:5a:49:31:74:71:75:a5:e2:61:a5:fd:
c1:ec:73:1e:27:cc:59:71:7f:f9:32:40:2a:f7:6e:c9:80:6b:
68:51:b1:9c:6c:1a:6a:45:a7:c8:3f:f2:32:f8:dc:ff:6f:b5:
2c:33:0e:70:bc:45:f0:34:0b:9a:da:a3:4e:92:e8:05:68:a6:
f3:bc:69:17:38:67:e5:1e:18:cf:16:c8:d4:54:84:cc:6d:4d:
3d:14:6c:cf:32:c6:93:7c:81:fe:58:e7:bd:0d:51:1c:ef:93:
f0:e6:ef:ac:f7:8d:0e:60:86:dd:76:a6:92:25:5a:7f:28:33:
65:d2:6e:c4:a9:dd:fa:bb:20:fe:73:14:cc:9f:19:4d:6d:60:
51:3e:32:20:86:3d:86:f1:56:70:0d:d9:1d:93:12:0c:f0:98:
91:05:3a:5a:2e:fa:1b:f1:b2:ae:fc:18:3d:b7:71:a7:ee:e8:
fd:4c:ab:85:ee:87:c9:30:93:ca:8c:ec:e5:46:0b:2b:0e:d7:
84:ef:71:26:d7:de:3a:84:25:7b:d5:37:65:2f:6b:02:bb:4a:
cc:f4:45:16
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYiU71NnG3JAgFhmf1V/YVqVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNjA3MDgxODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDA3MWZjOTc0NGQzMTMzOGNmNzU0N2E0NWMzYTM3ZWFhOGY3MWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqVGV9pWYz5UkOvHBx3ga6O3ujN+
ZyzFXQ/bMDFSM9CbEU1SY1z5ZEXb//zEWahA7Tof8Dvq1poF7IlATQyLobDIFZoY
s94W4fQyVxKaxr8jOwVmHIEGRUP3OZWJactu0q2pmm+fOGb4/ixJgxGIGegBT/D1
+7jv3EWzve20b44a+Tv2NTkAxyMc7rt6voI9N1VIUdX1pOuGBTNZ2cvvUROSoPVV
OT65md3pleGWtvXBfbSZcAatJTfjJh4vKoDpr2qhufx+vduMmKCu5ffK/0URhjby
BQdaCMVCDjUGem4HtO1pP0dAjzOsftC1gNrLvK2dKKUEMNXi6PJw+8BrkwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFE0HH8l0TTEzjPdUekXDo36qj3GpMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvVFFjZnlYUk5NVE9NOTFSNlJjT2pmcXFQY2FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAudLoAwQA
udpkAwQAudpmAwQAwgVBMA0GCSqGSIb3DQEBCwUAA4IBAQBi1JD4EwaC5medGYdz
0kQfv2WAp6/2GXlwdmDGzIBmLzPdf+T414uIA8JVWkkxdHF1peJhpf3B7HMeJ8xZ
cX/5MkAq927JgGtoUbGcbBpqRafIP/Iy+Nz/b7UsMw5wvEXwNAua2qNOkugFaKbz
vGkXOGflHhjPFsjUVITMbU09FGzPMsaTfIH+WOe9DVEc75Pw5u+s940OYIbddqaS
JVp/KDNl0m7Eqd36uyD+cxTMnxlNbWBRPjIghj2G8VZwDdkdkxIM8JiRBTpaLvob
8bKu/Bg9t3Gn7uj9TKuF7ofJMJPKjOzlRgsrDteE73Em1946hCV71TdlL2sCu0rM
9EUW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:42 2024 by rpki-client on console-fra.rpki-client.org