Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/T0QIuuSEQdWYROz3keIATahrIJw.roa
File: T0QIuuSEQdWYROz3keIATahrIJw.roa (raw, json)
Hash identifier: 33tJka0enVty2p8sU4gRhzOTQVmog4FemJZjRrDDjKU=
Subject key identifier: 4F:44:08:BA:E4:84:41:D5:98:44:EC:F7:91:E2:00:4D:A8:6B:20:9C
Certificate issuer: /CN=363f09508fdf256448219b284bb09b23b2b51396
Certificate serial: 01938D4AC87AB31FCC27CA51BD0535E7D330
Authority key identifier: 36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/T0QIuuSEQdWYROz3keIATahrIJw.roa
Signing time: Tue 03 Dec 2024 16:11:48 +0000
ROA not before: Tue 03 Dec 2024 16:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 2.59.22.0/24 maxlen: 24
212.104.140.0/24 maxlen: 24
212.104.141.0/24 maxlen: 24
2a01:e943::/48 maxlen: 48
2a01:e945::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8d:4a:c8:7a:b3:1f:cc:27:ca:51:bd:05:35:e7:d3:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=363f09508fdf256448219b284bb09b23b2b51396
Validity
Not Before: Dec 3 16:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f4408bae48441d59844ecf791e2004da86b209c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:38:e1:8b:1c:32:0b:23:43:44:7c:66:0d:99:
29:23:37:5d:83:35:88:74:69:1d:d9:c2:91:03:7e:
74:65:f9:d0:02:ba:e7:75:36:5b:25:4e:26:de:8e:
96:72:ec:17:73:e3:e2:89:27:22:c3:66:e9:29:70:
ca:db:35:f5:82:06:de:b1:ef:45:1c:9a:68:3d:7c:
9d:d2:c1:e5:14:f9:4b:c0:c9:52:7f:38:da:d1:f0:
8a:95:f8:44:3a:85:c0:e3:31:7a:22:c4:5c:0a:ed:
bf:50:3b:4e:6d:18:41:53:85:d7:c2:f0:31:2c:bf:
01:67:04:51:05:cd:b7:74:46:32:a2:2b:21:06:32:
ff:2b:c8:4d:e2:96:a3:00:77:7e:59:37:03:70:25:
5a:33:8c:1c:56:c0:00:72:ba:9d:18:40:bf:df:d8:
04:a5:59:c5:4c:58:45:57:1f:b0:f5:92:7e:9a:5d:
75:26:81:62:9a:e0:5d:39:5b:3c:64:19:c6:d3:93:
b0:b5:7d:6e:18:e8:b3:2c:48:08:7c:f4:54:33:5a:
fa:09:6b:ef:18:9a:a3:ee:16:e2:f2:1c:5c:62:4d:
f2:8b:14:13:c6:d4:d5:78:2c:75:1a:ad:c2:d4:b0:
8d:56:6d:7e:52:f9:a0:92:f0:5c:97:d0:65:2a:8c:
29:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:44:08:BA:E4:84:41:D5:98:44:EC:F7:91:E2:00:4D:A8:6B:20:9C
X509v3 Authority Key Identifier:
keyid:36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/T0QIuuSEQdWYROz3keIATahrIJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.22.0/24
212.104.140.0/23
IPv6:
2a01:e943::/48
2a01:e945::/48
Signature Algorithm: sha256WithRSAEncryption
75:0d:60:7a:11:da:e5:91:09:87:b1:f3:3e:62:cb:7c:eb:ec:
11:3a:66:8c:56:40:6d:f5:a5:cc:04:27:fc:a0:7e:dc:b8:47:
78:e0:1a:01:ba:56:48:da:72:d0:88:86:66:fb:80:86:6e:2a:
ec:f2:4a:7d:ec:9e:2c:85:e7:3a:0a:8c:3a:67:a1:40:1e:a3:
ee:8d:6b:10:83:8d:de:82:96:2b:10:18:7f:d9:6f:25:42:2a:
45:e9:3a:01:50:67:63:24:03:75:86:0d:71:51:de:48:96:bf:
b5:d5:d2:91:71:bf:34:a4:f4:30:a0:ef:92:20:f5:04:83:7a:
b9:ff:f7:26:1e:63:a8:fa:62:6d:57:b7:1d:3e:5b:9d:af:77:
a9:b4:f7:9f:8c:b5:a8:89:4d:4d:05:20:2b:ab:87:1b:24:bc:
4a:85:a1:1c:6a:a0:12:4a:07:67:78:43:7f:cf:e7:9a:b0:d1:
0b:a1:8c:5c:6d:1d:95:03:47:61:aa:5e:85:7e:b4:ca:1d:d8:
e8:57:4e:84:53:61:06:6f:fb:75:b7:c2:af:af:bd:db:d3:14:
f0:ae:0e:93:35:fa:c9:84:7b:b3:f8:c2:f1:cd:92:f4:a9:4d:
e0:75:81:69:5a:90:31:87:73:3a:dd:35:5e:75:0c:fe:e7:31:
8e:db:77:64
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZONSsh6sx/MJ8pRvQU159MwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2M2YwOTUwOGZkZjI1NjQ0ODIxOWIyODRiYjA5YjIzYjJi
NTEzOTYwHhcNMjQxMjAzMTYxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjQ0MDhiYWU0ODQ0MWQ1OTg0NGVjZjc5MWUyMDA0ZGE4NmIyMDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTjhixwyCyNDRHxmDZkpIzddgzWI
dGkd2cKRA350ZfnQArrndTZbJU4m3o6WcuwXc+PiiSciw2bpKXDK2zX1ggbese9F
HJpoPXyd0sHlFPlLwMlSfzja0fCKlfhEOoXA4zF6IsRcCu2/UDtObRhBU4XXwvAx
LL8BZwRRBc23dEYyoishBjL/K8hN4pajAHd+WTcDcCVaM4wcVsAAcrqdGEC/39gE
pVnFTFhFVx+w9ZJ+ml11JoFimuBdOVs8ZBnG05OwtX1uGOizLEgIfPRUM1r6CWvv
GJqj7hbi8hxcYk3yixQTxtTVeCx1Gq3C1LCNVm1+UvmgkvBcl9BlKowpBwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFE9ECLrkhEHVmETs95HiAE2oayCcMB8GA1UdIwQY
MBaAFDY/CVCP3yVkSCGbKEuwmyOytROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTIt
ZmQ4MTQ0NTVhODY4LzEvVDBRSXV1U0VRZFdZUk96M2tlSUFUYWhySUp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTItZmQ4MTQ0NTVhODY4
LzEvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAAjsWAwQB
1GiMMBgEAgACMBIDBwAqAelDAAADBwAqAelFAAAwDQYJKoZIhvcNAQELBQADggEB
AHUNYHoR2uWRCYex8z5iy3zr7BE6ZoxWQG31pcwEJ/ygfty4R3jgGgG6VkjactCI
hmb7gIZuKuzySn3sniyF5zoKjDpnoUAeo+6NaxCDjd6ClisQGH/ZbyVCKkXpOgFQ
Z2MkA3WGDXFR3kiWv7XV0pFxvzSk9DCg75Ig9QSDern/9yYeY6j6Ym1Xtx0+W52v
d6m095+MtaiJTU0FICurhxskvEqFoRxqoBJKB2d4Q3/P55qw0QuhjFxtHZUDR2Gq
XoV+tMod2OhXToRTYQZv+3W3wq+vvdvTFPCuDpM1+smEe7P4wvHNkvSpTeB1gWla
kDGHczrdNV51DP7nMY7bd2Q=
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:30:22 2025 by rpki-client