Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/TqrVaKhA9NMYrB1pDgPKvoiOORc.roa
File: TqrVaKhA9NMYrB1pDgPKvoiOORc.roa (raw, json)
Hash identifier: r0YrtHdImSjJQs8lp7a+qbGnJ4tLTs84KkLM9xs3Pbc=
Subject key identifier: 4E:AA:D5:68:A8:40:F4:D3:18:AC:1D:69:0E:03:CA:BE:88:8E:39:17
Certificate issuer: /CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Certificate serial: 0192B9A5642349F2E00EEB11A1323C64E40A
Authority key identifier: E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/TqrVaKhA9NMYrB1pDgPKvoiOORc.roa
Signing time: Wed 23 Oct 2024 13:51:16 +0000
ROA not before: Wed 23 Oct 2024 13:51:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8400
IP address blocks: 5.154.225.0/24 maxlen: 24
62.101.128.0/20 maxlen: 20
77.46.128.0/17 maxlen: 17
79.101.0.0/16 maxlen: 16
79.101.0.0/21 maxlen: 21
79.101.21.0/24 maxlen: 24
87.250.32.0/19 maxlen: 19
89.39.144.0/23 maxlen: 23
89.46.126.0/23 maxlen: 23
89.47.40.0/23 maxlen: 23
91.150.64.0/18 maxlen: 18
91.150.64.0/23 maxlen: 23
91.150.66.0/24 maxlen: 24
91.150.91.0/24 maxlen: 24
92.244.128.0/19 maxlen: 19
93.86.0.0/15 maxlen: 15
93.86.0.0/16 maxlen: 16
93.87.0.0/16 maxlen: 16
93.87.38.0/24 maxlen: 24
93.87.39.0/24 maxlen: 24
93.87.50.0/24 maxlen: 24
93.87.58.0/24 maxlen: 24
109.72.48.0/20 maxlen: 20
109.92.0.0/15 maxlen: 15
109.122.64.0/18 maxlen: 24
109.122.77.0/24 maxlen: 24
109.198.0.0/19 maxlen: 19
178.79.0.0/18 maxlen: 18
178.220.0.0/15 maxlen: 15
178.222.0.0/16 maxlen: 16
178.223.0.0/17 maxlen: 17
178.223.128.0/18 maxlen: 18
178.223.192.0/19 maxlen: 19
185.26.172.0/22 maxlen: 22
185.71.88.0/22 maxlen: 22
185.157.104.0/22 maxlen: 24
185.190.152.0/22 maxlen: 22
195.178.32.0/19 maxlen: 19
212.62.59.0/24 maxlen: 24
212.200.0.0/16 maxlen: 16
212.200.0.0/17 maxlen: 17
212.200.0.0/21 maxlen: 21
212.200.8.0/22 maxlen: 22
212.200.12.0/23 maxlen: 23
212.200.45.0/24 maxlen: 24
212.200.50.0/24 maxlen: 24
212.200.51.0/24 maxlen: 24
212.200.52.0/24 maxlen: 24
212.200.123.0/24 maxlen: 24
212.200.128.0/17 maxlen: 17
212.200.128.0/18 maxlen: 18
212.200.132.0/24 maxlen: 24
212.200.192.0/19 maxlen: 19
212.200.224.0/24 maxlen: 24
212.200.225.0/24 maxlen: 24
212.200.226.0/23 maxlen: 23
212.200.228.0/22 maxlen: 22
212.200.232.0/21 maxlen: 21
212.200.240.0/20 maxlen: 20
213.196.96.0/20 maxlen: 20
2a00:e90::/32 maxlen: 32
2a06:5b00::/29 maxlen: 29
2a06:63c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 31 Oct 2024 09:44:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b9:a5:64:23:49:f2:e0:0e:eb:11:a1:32:3c:64:e4:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Validity
Not Before: Oct 23 13:51:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4eaad568a840f4d318ac1d690e03cabe888e3917
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:27:70:8c:13:84:4b:48:d7:40:25:29:66:a9:
fe:3e:f9:20:24:7f:92:d5:00:06:12:de:e9:c4:f6:
4c:12:6f:05:fc:79:08:25:cf:90:b2:78:be:6d:d2:
be:e2:9c:b9:1d:5c:8e:85:f0:e4:96:bc:ff:70:9f:
b6:f3:c3:44:39:31:ad:a2:cf:37:70:32:d6:d7:71:
91:d6:f8:96:57:d1:6d:71:b6:c3:31:fc:ef:66:4e:
56:86:1c:b6:85:61:e4:98:da:a9:99:1f:04:11:4f:
b3:5c:2f:e5:85:98:b9:0f:99:05:76:93:08:b9:b4:
a1:44:36:74:6c:98:71:84:e2:0b:1a:9c:58:f2:88:
33:3f:ad:d7:9b:98:40:ad:3e:59:13:30:98:87:1e:
d2:7d:4b:00:00:d7:87:9e:a4:a9:00:bf:9d:be:c1:
2b:85:f9:81:f9:e2:4f:36:74:e8:35:2d:f9:9d:c6:
96:4a:30:bb:08:05:c4:a7:ba:5b:81:27:5a:52:65:
4c:6b:dd:42:e5:dd:2b:ab:7d:3a:f1:35:2f:a1:7a:
2b:25:31:2a:9f:70:46:ec:e9:97:93:76:fc:90:42:
b9:9c:04:b2:ff:60:9e:53:96:18:8f:9c:6b:3b:de:
e0:96:2a:ed:45:38:f6:f6:8d:66:12:34:df:5f:42:
60:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:AA:D5:68:A8:40:F4:D3:18:AC:1D:69:0E:03:CA:BE:88:8E:39:17
X509v3 Authority Key Identifier:
keyid:E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/TqrVaKhA9NMYrB1pDgPKvoiOORc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/6bEyD7wk1vQ2bLZPz17S17G2vfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.225.0/24
62.101.128.0/20
77.46.128.0/17
79.101.0.0/16
87.250.32.0/19
89.39.144.0/23
89.46.126.0/23
89.47.40.0/23
91.150.64.0/18
92.244.128.0/19
93.86.0.0/15
109.72.48.0/20
109.92.0.0/15
109.122.64.0/18
109.198.0.0/19
178.79.0.0/18
178.220.0.0-178.223.223.255
185.26.172.0/22
185.71.88.0/22
185.157.104.0/22
185.190.152.0/22
195.178.32.0/19
212.62.59.0/24
212.200.0.0/16
213.196.96.0/20
IPv6:
2a00:e90::/32
2a06:5b00::/29
2a06:63c0::/29
Signature Algorithm: sha256WithRSAEncryption
8a:c7:36:86:b4:67:8e:79:f8:c9:71:1d:88:10:92:af:48:95:
49:5c:2f:6e:ba:f1:f7:bf:2e:41:72:31:93:ac:f4:ea:bc:51:
31:81:0d:8e:22:ec:19:8e:30:bc:c0:af:b0:3f:2e:e6:5e:af:
7b:22:51:d4:a0:d6:8c:0f:f1:60:7d:7a:40:53:32:0a:02:be:
62:86:d5:bd:f2:aa:98:3a:1d:57:83:7f:f9:45:e6:e1:c7:be:
4c:8a:cd:f3:b4:80:56:cf:2d:fa:e3:a9:d1:24:72:62:3a:ae:
0d:a7:6f:3f:14:e4:e5:cc:01:62:92:02:d5:62:76:2c:e9:a9:
9c:fb:4b:bf:0b:9a:fd:39:69:ff:88:36:2e:21:74:50:56:8e:
0f:1d:a3:0b:97:89:e5:88:3f:12:f2:c4:eb:52:d1:70:27:7f:
09:86:b2:ed:c4:44:29:61:11:e7:60:31:8e:e0:83:a4:9e:1a:
bd:fe:94:38:7b:7e:26:6a:bc:0b:19:94:68:6e:20:11:6e:07:
d8:47:14:f2:42:5c:6f:dc:ef:f5:14:6c:f8:f7:44:94:84:cf:
39:3d:35:bb:bd:99:0b:8e:b1:fe:19:42:28:5f:65:64:f4:eb:
5b:f4:db:f4:96:94:9e:bc:1f:e9:ac:b5:98:70:3b:a6:84:49:
75:5c:64:1d
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgISAZK5pWQjSfLgDusRoTI8ZOQKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YjEzMjBmYmMyNGQ2ZjQzNjZjYjY0ZmNmNWVkMmQ3YjFi
NmJkZjcwHhcNMjQxMDIzMTM1MTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWFhZDU2OGE4NDBmNGQzMThhYzFkNjkwZTAzY2FiZTg4OGUzOTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ydwjBOES0jXQCUpZqn+PvkgJH+S
1QAGEt7pxPZMEm8F/HkIJc+Qsni+bdK+4py5HVyOhfDklrz/cJ+288NEOTGtos83
cDLW13GR1viWV9FtcbbDMfzvZk5Whhy2hWHkmNqpmR8EEU+zXC/lhZi5D5kFdpMI
ubShRDZ0bJhxhOILGpxY8ogzP63Xm5hArT5ZEzCYhx7SfUsAANeHnqSpAL+dvsEr
hfmB+eJPNnToNS35ncaWSjC7CAXEp7pbgSdaUmVMa91C5d0rq3068TUvoXorJTEq
n3BG7OmXk3b8kEK5nASy/2CeU5YYj5xrO97glirtRTj29o1mEjTfX0JgewIDAQAB
o4ICvjCCArowHQYDVR0OBBYEFE6q1WioQPTTGKwdaQ4Dyr6IjjkXMB8GA1UdIwQY
MBaAFOmxMg+8JNb0Nmy2T89e0textr33MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmJFeUQ3d2sxdlEyYkxaUHoxN1MxN0cydmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9kZjFjYjUtNWY0OC00NmEwLWE3NmUt
ZDNlMjgwMGJkNjQwLzEvVHFyVmFLaEE5Tk1ZckIxcERnUEt2b2lPT1JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9kZjFjYjUtNWY0OC00NmEwLWE3NmUtZDNlMjgwMGJkNjQw
LzEvNmJFeUQ3d2sxdlEyYkxaUHoxN1MxN0cydmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHTBggrBgEFBQcBBwEB/wSBwzCBwDCBoAQCAAEwgZkDBAAF
muEDBAQ+ZYADBAdNLoADAwBPZQMEBVf6IAMEAVknkAMEAVkufgMEAVkvKAMEBluW
QAMEBVz0gAMDAV1WAwQEbUgwAwMBbVwDBAZtekADBAVtxgADBAayTwAwCwMDArLc
AwQFst/AAwQCuRqsAwQCuUdYAwQCuZ1oAwQCub6YAwQFw7IgAwQA1D47AwMA1MgD
BATVxGAwGwQCAAIwFQMFACoADpADBQMqBlsAAwUDKgZjwDANBgkqhkiG9w0BAQsF
AAOCAQEAisc2hrRnjnn4yXEdiBCSr0iVSVwvbrrx978uQXIxk6z06rxRMYENjiLs
GY4wvMCvsD8u5l6veyJR1KDWjA/xYH16QFMyCgK+YobVvfKqmDodV4N/+UXm4ce+
TIrN87SAVs8t+uOp0SRyYjquDadvPxTk5cwBYpIC1WJ2LOmpnPtLvwua/Tlp/4g2
LiF0UFaODx2jC5eJ5Yg/EvLE61LRcCd/CYay7cREKWER52AxjuCDpJ4avf6UOHt+
Jmq8CxmUaG4gEW4H2EcU8kJcb9zv9RRs+PdElITPOT01u72ZC46x/hlCKF9lZPTr
W/Tb9JaUnrwf6ay1mHA7poRJdVxkHQ==
-----END CERTIFICATE-----
Generated at Thu Oct 31 13:43:43 2024 by rpki-client on console-ams.rpki-client.org