Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/de3890-8d06-427c-85f1-1fa9ac580b8e/1/TWkWoXjMCXN8HtpMi64zqgAfL5U.roa
File: TWkWoXjMCXN8HtpMi64zqgAfL5U.roa (raw, json)
Hash identifier: YBfgh+STjGOxCpI3/sucjHbnnr81RGuHsfpI+szIGFU=
Subject key identifier: 4D:69:16:A1:78:CC:09:73:7C:1E:DA:4C:8B:AE:33:AA:00:1F:2F:95
Certificate issuer: /CN=dea46eaae7aef2f44fe660162bb9dc70d6525af1
Certificate serial: 01864FA30B90C5052A19864E2209E10A24BA
Authority key identifier: DE:A4:6E:AA:E7:AE:F2:F4:4F:E6:60:16:2B:B9:DC:70:D6:52:5A:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3qRuqueu8vRP5mAWK7nccNZSWvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/de3890-8d06-427c-85f1-1fa9ac580b8e/1/TWkWoXjMCXN8HtpMi64zqgAfL5U.roa
Signing time: Tue 14 Feb 2023 11:15:30 +0000
ROA not before: Tue 14 Feb 2023 11:15:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9136
IP address blocks: 185.225.135.0/24 maxlen: 24
2a0d:c405::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4f:a3:0b:90:c5:05:2a:19:86:4e:22:09:e1:0a:24:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dea46eaae7aef2f44fe660162bb9dc70d6525af1
Validity
Not Before: Feb 14 11:15:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d6916a178cc09737c1eda4c8bae33aa001f2f95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ea:2d:f7:84:4c:ee:9d:94:d7:11:66:83:7c:
ba:dd:8a:b5:82:66:1f:1a:03:0a:82:be:01:cb:77:
8c:79:5a:9f:49:fc:f1:42:4e:ff:99:c5:e6:5a:b5:
e8:ca:ad:fd:23:b0:0e:17:a3:0e:ab:9a:50:62:cb:
02:a7:dc:b9:ab:e7:ed:c5:5e:50:e3:3f:02:03:35:
7e:4c:3f:ed:eb:06:12:5d:05:58:9f:0f:2d:39:2e:
0a:17:33:c4:b6:e5:03:3e:72:8a:cc:55:f6:f1:69:
f9:33:c9:f5:9a:7a:77:89:ec:81:a2:3e:97:c6:a1:
d0:cd:ab:29:ce:8e:ed:c6:33:6f:e8:f1:6e:f5:1d:
01:66:4f:1d:26:15:a3:c5:a9:6d:20:76:fb:a5:f9:
f0:ae:a2:bb:db:23:a8:40:fa:d1:46:64:4e:e2:5e:
97:dd:08:7f:a3:6b:07:04:ac:6f:de:14:79:fa:93:
4c:81:c7:e3:12:d0:00:a9:12:5e:6e:b9:43:09:e2:
09:84:ed:5f:e2:2b:62:d4:f2:9e:8a:44:58:f0:bd:
75:6b:87:24:66:64:5c:0c:e2:d4:9a:f2:7b:28:dd:
5c:06:7d:67:62:38:04:be:c4:fd:83:26:d9:66:b1:
e0:e7:1f:28:0c:e7:d9:9e:fe:bd:b9:b8:18:df:17:
ce:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:69:16:A1:78:CC:09:73:7C:1E:DA:4C:8B:AE:33:AA:00:1F:2F:95
X509v3 Authority Key Identifier:
keyid:DE:A4:6E:AA:E7:AE:F2:F4:4F:E6:60:16:2B:B9:DC:70:D6:52:5A:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3qRuqueu8vRP5mAWK7nccNZSWvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/de3890-8d06-427c-85f1-1fa9ac580b8e/1/TWkWoXjMCXN8HtpMi64zqgAfL5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/de3890-8d06-427c-85f1-1fa9ac580b8e/1/3qRuqueu8vRP5mAWK7nccNZSWvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.135.0/24
IPv6:
2a0d:c405::/32
Signature Algorithm: sha256WithRSAEncryption
67:ef:3b:23:78:64:27:d0:cd:27:4b:31:65:b5:39:35:0e:0c:
a8:07:f6:1d:78:eb:5c:b9:a7:f0:60:1c:22:cb:58:79:ff:ba:
d0:36:05:1e:95:59:c4:b1:6f:55:6f:b9:02:65:bf:8c:48:7a:
f8:71:03:52:21:00:21:72:8c:67:93:14:a1:63:ee:12:c1:13:
ba:ab:b8:41:1a:41:ed:d4:65:d3:7e:55:38:d4:01:2f:8d:87:
d0:6b:c2:40:75:cf:e4:b3:aa:3b:00:35:75:72:50:72:48:18:
5a:ab:fa:aa:4b:ba:2e:0f:40:8a:8b:88:c3:e2:8b:1f:db:18:
60:ca:e4:9f:1e:56:8c:03:cb:61:35:32:05:6d:84:10:ad:f5:
61:21:48:60:2b:29:04:c0:fe:7b:4c:1b:fc:c4:2c:e6:6f:4d:
fd:ed:5a:aa:22:8d:b6:c1:e9:01:b7:ec:32:28:6c:31:f4:d9:
02:29:4c:84:3f:f2:f5:3a:bd:f0:b0:b8:06:ee:19:60:0f:b4:
61:e8:94:b9:3e:38:bd:b2:e6:b2:af:9d:18:f5:92:6e:7c:36:
6b:90:c9:3d:29:11:b0:6d:24:9d:85:1e:a4:57:48:00:70:e5:
6f:66:03:d1:3b:a0:43:cf:a0:f0:c9:18:f1:79:f1:75:fc:ea:
45:50:a9:e5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYZPowuQxQUqGYZOIgnhCiS6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlYTQ2ZWFhZTdhZWYyZjQ0ZmU2NjAxNjJiYjlkYzcwZDY1
MjVhZjEwHhcNMjMwMjE0MTExNTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDY5MTZhMTc4Y2MwOTczN2MxZWRhNGM4YmFlMzNhYTAwMWYyZjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+ot94RM7p2U1xFmg3y63Yq1gmYf
GgMKgr4By3eMeVqfSfzxQk7/mcXmWrXoyq39I7AOF6MOq5pQYssCp9y5q+ftxV5Q
4z8CAzV+TD/t6wYSXQVYnw8tOS4KFzPEtuUDPnKKzFX28Wn5M8n1mnp3ieyBoj6X
xqHQzaspzo7txjNv6PFu9R0BZk8dJhWjxaltIHb7pfnwrqK72yOoQPrRRmRO4l6X
3Qh/o2sHBKxv3hR5+pNMgcfjEtAAqRJebrlDCeIJhO1f4iti1PKeikRY8L11a4ck
ZmRcDOLUmvJ7KN1cBn1nYjgEvsT9gybZZrHg5x8oDOfZnv69ubgY3xfOWQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE1pFqF4zAlzfB7aTIuuM6oAHy+VMB8GA1UdIwQY
MBaAFN6kbqrnrvL0T+ZgFiu53HDWUlrxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3FSdXF1ZXU4dlJQNW1BV0s3bmNjTlpTV3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kZTM4OTAtOGQwNi00MjdjLTg1ZjEt
MWZhOWFjNTgwYjhlLzEvVFdrV29Yak1DWE44SHRwTWk2NHpxZ0FmTDVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kZTM4OTAtOGQwNi00MjdjLTg1ZjEtMWZhOWFjNTgwYjhl
LzEvM3FSdXF1ZXU4dlJQNW1BV0s3bmNjTlpTV3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAueGHMA0E
AgACMAcDBQAqDcQFMA0GCSqGSIb3DQEBCwUAA4IBAQBn7zsjeGQn0M0nSzFltTk1
DgyoB/YdeOtcuafwYBwiy1h5/7rQNgUelVnEsW9Vb7kCZb+MSHr4cQNSIQAhcoxn
kxShY+4SwRO6q7hBGkHt1GXTflU41AEvjYfQa8JAdc/ks6o7ADV1clBySBhaq/qq
S7ouD0CKi4jD4osf2xhgyuSfHlaMA8thNTIFbYQQrfVhIUhgKykEwP57TBv8xCzm
b0397VqqIo22wekBt+wyKGwx9NkCKUyEP/L1Or3wsLgG7hlgD7Rh6JS5Pji9suay
r50Y9ZJufDZrkMk9KRGwbSSdhR6kV0gAcOVvZgPRO6BDz6DwyRjxefF1/OpFUKnl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:51 2024 by rpki-client on console-ams.rpki-client.org