Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/0a5817-ba85-4244-a052-f7c4657b7b8d/1/TwbY52tXZGMuhzvPzKzzllfMhAo.roa
File: TwbY52tXZGMuhzvPzKzzllfMhAo.roa (raw, json)
Hash identifier: iKx4qyKX65bGbuSEE/Iff0Hu4DuFp5pA2owoKHRGwv8=
Subject key identifier: 4F:06:D8:E7:6B:57:64:63:2E:87:3B:CF:CC:AC:F3:96:57:CC:84:0A
Certificate issuer: /CN=849ace066a44ed2f95fe6bc2d0a7da412763bf2a
Certificate serial: 018CC424684B4EAB2B4E85F2E862087AFBC1
Authority key identifier: 84:9A:CE:06:6A:44:ED:2F:95:FE:6B:C2:D0:A7:DA:41:27:63:BF:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hJrOBmpE7S-V_mvC0KfaQSdjvyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/0a5817-ba85-4244-a052-f7c4657b7b8d/1/TwbY52tXZGMuhzvPzKzzllfMhAo.roa
Signing time: Mon 01 Jan 2024 08:29:29 +0000
ROA not before: Mon 01 Jan 2024 08:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43852
IP address blocks: 78.159.161.0/24 maxlen: 24
78.159.162.0/24 maxlen: 24
78.159.164.0/24 maxlen: 24
78.159.160.0/19 maxlen: 19
78.159.160.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:68:4b:4e:ab:2b:4e:85:f2:e8:62:08:7a:fb:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=849ace066a44ed2f95fe6bc2d0a7da412763bf2a
Validity
Not Before: Jan 1 08:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f06d8e76b5764632e873bcfccacf39657cc840a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:5e:c5:0d:e8:a9:aa:a0:fd:85:62:36:52:86:
d5:18:4c:7e:32:ed:27:85:d8:2e:d0:7c:aa:44:eb:
16:7f:b6:18:99:6c:6c:59:47:29:00:23:21:08:ac:
0e:f0:ee:df:b3:b8:18:69:9a:8b:85:ad:f5:53:97:
ae:90:57:2d:2c:02:b6:d8:74:f4:54:06:af:e7:47:
ed:be:28:45:1e:4b:c8:94:b3:3f:72:6d:b4:63:c4:
35:7c:69:9c:e8:9f:0f:5f:87:ba:0e:70:c3:7b:0e:
39:6e:82:0c:16:b7:fa:f5:5f:89:72:7b:02:68:92:
2a:03:bc:52:a4:4f:06:f6:06:97:4a:93:d7:64:3f:
e7:b6:e8:25:84:3b:8a:02:91:81:25:b0:17:06:b9:
0f:f7:96:e7:ae:1d:a5:62:81:64:69:a4:15:ad:14:
dd:c5:c1:92:9a:4d:69:4a:18:15:60:2b:85:ef:5e:
aa:7b:92:4e:20:4e:81:a8:54:b5:9a:56:7f:20:a0:
a1:cd:c2:d2:d3:20:2c:cd:45:04:30:5c:07:32:22:
0c:a0:c8:91:af:6f:0f:67:02:95:36:57:f3:bb:18:
d1:00:55:61:8e:7e:b9:64:f7:13:82:fa:c3:40:89:
23:6f:3a:ef:7f:57:f4:5b:84:2b:4a:fb:da:8c:b0:
82:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:06:D8:E7:6B:57:64:63:2E:87:3B:CF:CC:AC:F3:96:57:CC:84:0A
X509v3 Authority Key Identifier:
keyid:84:9A:CE:06:6A:44:ED:2F:95:FE:6B:C2:D0:A7:DA:41:27:63:BF:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hJrOBmpE7S-V_mvC0KfaQSdjvyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/0a5817-ba85-4244-a052-f7c4657b7b8d/1/TwbY52tXZGMuhzvPzKzzllfMhAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/0a5817-ba85-4244-a052-f7c4657b7b8d/1/hJrOBmpE7S-V_mvC0KfaQSdjvyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.159.160.0/19
Signature Algorithm: sha256WithRSAEncryption
60:89:5e:58:bf:b1:f3:b7:c3:22:8b:39:37:a4:90:bd:b6:80:
63:aa:73:36:d5:ce:5e:73:c2:c3:2c:2a:aa:d3:84:7f:c5:1f:
f1:0c:d5:72:12:99:b5:f0:a4:0d:32:48:24:62:7b:fe:c1:db:
38:83:ff:78:0d:f8:de:87:89:bc:73:e4:2f:b6:b1:1d:e7:ba:
d9:c9:b3:4b:89:ab:c5:e3:ae:3a:15:8b:da:6e:cb:7e:92:93:
d5:87:51:55:03:ed:f7:a7:44:96:bd:59:5e:4b:a0:08:f5:e9:
78:49:57:d6:28:4b:b4:25:12:2d:30:6e:25:7f:0a:5e:73:3b:
48:0c:6f:26:96:2a:74:d0:22:a0:4f:77:76:14:aa:5f:1b:ad:
4c:d8:a8:d5:9a:a4:b1:49:07:26:54:c0:aa:5c:53:41:7e:73:
83:0c:03:26:ea:11:ee:d7:4c:5c:9d:1a:f4:c6:b2:6e:b4:5f:
0e:93:9f:6c:4e:c0:37:de:17:de:f9:0a:8e:7a:95:3f:52:f3:
fb:35:9a:ff:eb:01:7e:b6:ed:4d:19:5a:3a:82:98:27:c0:ba:
b1:08:33:12:05:a4:ea:81:a2:0f:af:ac:6c:ea:83:bf:93:05:
cb:ee:2b:1e:cd:0f:64:bf:9f:69:47:05:12:3c:19:3a:75:1a:
ed:e7:1d:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJGhLTqsrToXy6GIIevvBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0OWFjZTA2NmE0NGVkMmY5NWZlNmJjMmQwYTdkYTQxMjc2
M2JmMmEwHhcNMjQwMTAxMDgyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjA2ZDhlNzZiNTc2NDYzMmU4NzNiY2ZjY2FjZjM5NjU3Y2M4NDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAml7FDeipqqD9hWI2UobVGEx+Mu0n
hdgu0HyqROsWf7YYmWxsWUcpACMhCKwO8O7fs7gYaZqLha31U5eukFctLAK22HT0
VAav50ftvihFHkvIlLM/cm20Y8Q1fGmc6J8PX4e6DnDDew45boIMFrf69V+JcnsC
aJIqA7xSpE8G9gaXSpPXZD/ntuglhDuKApGBJbAXBrkP95bnrh2lYoFkaaQVrRTd
xcGSmk1pShgVYCuF716qe5JOIE6BqFS1mlZ/IKChzcLS0yAszUUEMFwHMiIMoMiR
r28PZwKVNlfzuxjRAFVhjn65ZPcTgvrDQIkjbzrvf1f0W4QrSvvajLCCXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE8G2OdrV2RjLoc7z8ys85ZXzIQKMB8GA1UdIwQY
MBaAFISazgZqRO0vlf5rwtCn2kEnY78qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEpyT0JtcEU3Uy1WX212QzBLZmFRU2RqdnlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8wYTU4MTctYmE4NS00MjQ0LWEwNTIt
ZjdjNDY1N2I3YjhkLzEvVHdiWTUydFhaR011aHp2UHpLenpsbGZNaEFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8wYTU4MTctYmE4NS00MjQ0LWEwNTItZjdjNDY1N2I3Yjhk
LzEvaEpyT0JtcEU3Uy1WX212QzBLZmFRU2RqdnlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFTp+gMA0G
CSqGSIb3DQEBCwUAA4IBAQBgiV5Yv7Hzt8Miizk3pJC9toBjqnM21c5ec8LDLCqq
04R/xR/xDNVyEpm18KQNMkgkYnv+wds4g/94Dfjeh4m8c+QvtrEd57rZybNLiavF
4646FYvabst+kpPVh1FVA+33p0SWvVleS6AI9el4SVfWKEu0JRItMG4lfwpecztI
DG8mlip00CKgT3d2FKpfG61M2KjVmqSxSQcmVMCqXFNBfnODDAMm6hHu10xcnRr0
xrJutF8Ok59sTsA33hfe+QqOepU/UvP7NZr/6wF+tu1NGVo6gpgnwLqxCDMSBaTq
gaIPr6xs6oO/kwXL7isezQ9kv59pRwUSPBk6dRrt5x3X
-----END CERTIFICATE-----
Generated at Sat Apr 19 02:13:18 2025 by rpki-client