Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/TNZq5dXU9ycN6jVEO4IVr9mnAZs.roa
File: TNZq5dXU9ycN6jVEO4IVr9mnAZs.roa (raw, json)
Hash identifier: 71qCJrg9PWAdLIeW5h7GTCXnsediMuyNmr4p3O4J3fc=
Subject key identifier: 4C:D6:6A:E5:D5:D4:F7:27:0D:EA:35:44:3B:82:15:AF:D9:A7:01:9B
Certificate issuer: /CN=9e95a119d9c1a5d6e3f3e21f6fa863d87a2e4b0d
Certificate serial: 0190BC009B765135A720BBF0F9148ADB1515
Authority key identifier: 9E:95:A1:19:D9:C1:A5:D6:E3:F3:E2:1F:6F:A8:63:D8:7A:2E:4B:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWhGdnBpdbj8-Ifb6hj2HouSw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/TNZq5dXU9ycN6jVEO4IVr9mnAZs.roa
Signing time: Tue 16 Jul 2024 14:44:34 +0000
ROA not before: Tue 16 Jul 2024 14:44:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56478
IP address blocks: 31.14.248.0/22 maxlen: 22
37.156.72.0/22 maxlen: 22
185.24.120.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 17 Jul 2024 07:37:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bc:00:9b:76:51:35:a7:20:bb:f0:f9:14:8a:db:15:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a119d9c1a5d6e3f3e21f6fa863d87a2e4b0d
Validity
Not Before: Jul 16 14:44:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4cd66ae5d5d4f7270dea35443b8215afd9a7019b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:69:6b:e6:d9:06:e0:8b:b1:f0:a2:44:d5:d0:
b3:44:7c:fa:2c:f0:f5:6d:bf:ea:3f:65:de:10:04:
ff:7e:e3:ea:09:00:93:14:04:fd:9b:fd:75:70:55:
3d:c1:56:e8:42:3d:6e:d1:b7:8c:9d:9b:d1:d8:d7:
6e:cd:e6:d2:26:a9:2f:a9:60:8f:e9:ad:a6:a0:2d:
18:1c:7d:9a:2b:c2:7a:98:be:0f:b0:ea:9d:10:8e:
f9:38:a7:eb:4c:09:a0:1a:19:db:93:56:15:52:2e:
73:f3:b9:bd:25:4f:13:19:18:e1:68:d4:34:71:54:
0b:f3:49:43:19:2b:11:76:07:bf:59:ce:13:b7:17:
6d:47:4c:70:57:13:fb:ec:f6:2f:a4:29:75:52:a6:
d0:95:ea:1d:ff:3d:b7:03:95:57:52:a0:9b:ad:78:
e1:65:45:37:8d:8b:be:d8:42:93:67:e7:2e:ca:82:
a6:7f:ef:00:1e:a5:32:a7:3f:76:d9:dd:42:d3:d5:
87:c1:fe:1a:aa:23:29:21:cc:07:5f:39:5e:fb:e6:
06:2a:9f:a6:b2:42:5d:28:07:4f:df:69:89:07:3d:
1b:f9:16:8b:51:5a:45:3d:a9:6a:4f:76:2d:df:3b:
75:69:c4:92:c5:19:54:2a:b4:da:77:23:73:a8:c5:
2c:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:D6:6A:E5:D5:D4:F7:27:0D:EA:35:44:3B:82:15:AF:D9:A7:01:9B
X509v3 Authority Key Identifier:
keyid:9E:95:A1:19:D9:C1:A5:D6:E3:F3:E2:1F:6F:A8:63:D8:7A:2E:4B:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWhGdnBpdbj8-Ifb6hj2HouSw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/TNZq5dXU9ycN6jVEO4IVr9mnAZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/npWhGdnBpdbj8-Ifb6hj2HouSw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.248.0/22
37.156.72.0/22
185.24.120.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:c9:18:93:e1:76:b7:4e:e0:6f:4a:47:74:fe:39:71:18:90:
9d:a0:f4:0a:87:f7:74:a0:e1:dc:04:d7:39:a1:81:96:74:bf:
c0:42:56:a4:51:48:a3:ca:54:b9:13:4b:7c:c6:a2:e7:c2:0f:
50:d4:6f:da:06:14:54:b2:f7:59:a4:d2:42:c0:94:3d:26:83:
b2:48:6a:fc:9b:d4:bc:13:65:57:2f:84:77:b2:10:7c:58:f4:
25:f9:34:02:a4:82:74:37:35:5b:f8:a7:50:28:1b:7b:bc:95:
85:6e:3c:61:63:67:a7:04:04:c3:c1:7b:5a:6b:c6:e6:b7:19:
a0:16:05:9a:e2:93:c4:82:d3:72:78:81:b8:ea:8d:76:14:d6:
e7:2d:dd:a7:84:b9:21:b1:3c:81:54:75:cb:76:80:4b:1b:11:
ee:22:e4:e8:0a:82:63:af:72:57:81:43:ac:51:40:ae:c9:f3:
09:70:f1:08:82:1f:a3:cd:8a:2b:cf:6e:6f:2b:b1:16:f6:86:
6a:93:28:f4:e1:0a:cf:7b:72:97:55:76:1b:9a:5c:f3:43:46:
b6:28:b4:28:23:04:ae:79:fe:2c:63:70:32:14:90:5d:ef:e1:
f4:aa:60:73:7c:1a:fb:7c:a2:ef:b1:85:ad:1f:09:b1:91:b7:
2b:cb:54:c9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZC8AJt2UTWnILvw+RSK2xUVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMTE5ZDljMWE1ZDZlM2YzZTIxZjZmYTg2M2Q4N2Ey
ZTRiMGQwHhcNMjQwNzE2MTQ0NDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2Q2NmFlNWQ1ZDRmNzI3MGRlYTM1NDQzYjgyMTVhZmQ5YTcwMTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA12lr5tkG4Iux8KJE1dCzRHz6LPD1
bb/qP2XeEAT/fuPqCQCTFAT9m/11cFU9wVboQj1u0beMnZvR2NduzebSJqkvqWCP
6a2moC0YHH2aK8J6mL4PsOqdEI75OKfrTAmgGhnbk1YVUi5z87m9JU8TGRjhaNQ0
cVQL80lDGSsRdge/Wc4TtxdtR0xwVxP77PYvpCl1UqbQleod/z23A5VXUqCbrXjh
ZUU3jYu+2EKTZ+cuyoKmf+8AHqUypz922d1C09WHwf4aqiMpIcwHXzle++YGKp+m
skJdKAdP32mJBz0b+RaLUVpFPalqT3Yt3zt1acSSxRlUKrTadyNzqMUsYwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEzWauXV1PcnDeo1RDuCFa/ZpwGbMB8GA1UdIwQY
MBaAFJ6VoRnZwaXW4/PiH2+oY9h6LksNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXaEdkbkJwZGJqOC1JZmI2aGoySG91U3cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9hOTM1MmUtOWEzYS00OWFhLWFkNzct
N2JlNmViNmJjZTg3LzEvVE5acTVkWFU5eWNONmpWRU80SVZyOW1uQVpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9hOTM1MmUtOWEzYS00OWFhLWFkNzctN2JlNmViNmJjZTg3
LzEvbnBXaEdkbkJwZGJqOC1JZmI2aGoySG91U3cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCHw74AwQC
JZxIAwQCuRh4MA0GCSqGSIb3DQEBCwUAA4IBAQAdyRiT4Xa3TuBvSkd0/jlxGJCd
oPQKh/d0oOHcBNc5oYGWdL/AQlakUUijylS5E0t8xqLnwg9Q1G/aBhRUsvdZpNJC
wJQ9JoOySGr8m9S8E2VXL4R3shB8WPQl+TQCpIJ0NzVb+KdQKBt7vJWFbjxhY2en
BATDwXtaa8bmtxmgFgWa4pPEgtNyeIG46o12FNbnLd2nhLkhsTyBVHXLdoBLGxHu
IuToCoJjr3JXgUOsUUCuyfMJcPEIgh+jzYorz25vK7EW9oZqkyj04QrPe3KXVXYb
mlzzQ0a2KLQoIwSuef4sY3AyFJBd7+H0qmBzfBr7fKLvsYWtHwmxkbcry1TJ
-----END CERTIFICATE-----
Generated at Sat Apr 19 02:40:45 2025 by rpki-client