Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Tf2C5chm9rrX9kzpEDokuPorAtE.roa
File: Tf2C5chm9rrX9kzpEDokuPorAtE.roa (raw, json)
Hash identifier: SSzeeYSB22eGtmcfj5qX79J5qQpK0zW3heqzCFwQXOA=
Subject key identifier: 4D:FD:82:E5:C8:66:F6:BA:D7:F6:4C:E9:10:3A:24:B8:FA:2B:02:D1
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019428249666682D42BCA0AADD0C656E8F62
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Tf2C5chm9rrX9kzpEDokuPorAtE.roa
Signing time: Thu 02 Jan 2025 17:51:13 +0000
ROA not before: Thu 02 Jan 2025 17:51:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61254
IP address blocks: 87.121.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Jan 2025 14:53:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:96:66:68:2d:42:bc:a0:aa:dd:0c:65:6e:8f:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 17:51:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4dfd82e5c866f6bad7f64ce9103a24b8fa2b02d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:bc:e0:4f:1c:7b:20:77:6e:76:f7:38:5c:65:
cd:6d:2b:d0:07:1d:25:62:b3:50:2f:66:fe:a9:a0:
ca:95:50:e5:5c:67:c2:91:d8:de:5d:9d:36:82:3f:
29:b4:d6:0a:d5:98:14:47:29:7b:f5:e5:62:f1:76:
85:04:a8:be:2d:5b:92:fa:ab:1f:74:cf:87:31:af:
6f:4c:e4:d3:46:d3:ff:60:18:de:5a:70:e3:78:9b:
8a:f9:b9:e0:90:59:2b:37:e9:fe:2b:03:c7:63:b0:
93:e6:b9:c1:44:96:20:4f:ba:bc:ae:bd:4d:2f:c4:
96:de:79:0c:f8:d6:e5:f8:77:36:ef:5b:7c:17:d7:
4f:bd:a6:3d:8b:ca:43:6f:51:a2:5d:95:c2:f7:c8:
26:49:52:bc:75:05:ee:ec:03:29:60:3a:e9:94:af:
a2:bb:39:be:58:e2:1b:06:95:95:39:64:62:7b:6f:
d2:00:1f:56:44:ba:59:65:c9:a1:06:c3:43:0e:45:
77:0c:0a:5b:5a:54:79:4a:66:d0:f0:4d:23:df:ea:
ca:80:76:69:1d:13:09:11:1e:4e:9d:8f:55:8c:0e:
9b:e9:5a:05:a3:c4:e4:94:71:11:3a:72:1d:ce:67:
3b:2e:b6:b7:32:9a:82:37:0d:e8:21:ed:26:e0:a8:
c9:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:FD:82:E5:C8:66:F6:BA:D7:F6:4C:E9:10:3A:24:B8:FA:2B:02:D1
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Tf2C5chm9rrX9kzpEDokuPorAtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.121.221.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:33:de:e6:df:a4:eb:47:61:7b:e8:4e:e2:38:02:92:5a:d7:
72:5c:b5:30:0e:aa:4f:66:ee:e2:5c:61:4c:6d:4d:9f:48:cd:
27:8a:c0:4f:16:46:d1:7d:54:a5:b4:62:a0:7f:05:5a:5a:1f:
8c:78:f7:b8:f9:ce:7a:e0:96:9f:d7:97:db:2c:5d:43:57:f4:
09:7c:08:96:78:40:51:60:97:4d:40:b4:b5:29:a2:2e:e9:9e:
1a:28:75:0f:cd:0e:fe:5a:a6:1e:62:06:1f:ff:1f:11:2d:3e:
31:8b:13:40:a6:84:8d:40:8f:7d:88:1e:fa:f0:af:9e:57:46:
d2:8c:8f:d5:92:20:0f:4b:83:25:2e:db:1f:87:89:97:e4:22:
a9:bc:dc:02:8c:ad:20:55:ce:05:8a:0e:cc:82:ca:1f:2e:46:
bb:88:51:f5:c0:c3:a8:88:55:7d:84:5b:02:0d:c3:4e:29:37:
f0:c3:2f:27:5a:13:20:3e:97:9e:60:ac:bd:c1:87:3c:e3:cc:
13:ab:b5:17:a4:0f:dd:6e:4d:09:79:4f:c1:d0:96:d6:d4:33:
12:75:7d:4e:53:f2:1b:5b:cb:4a:fb:2c:3b:d3:06:c2:15:4c:
86:a0:a1:08:85:c3:6e:c7:28:70:fc:38:7f:3d:4f:5a:7b:3b:
bf:ab:b3:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJJZmaC1CvKCq3Qxlbo9iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTAyMTc1MTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGZkODJlNWM4NjZmNmJhZDdmNjRjZTkxMDNhMjRiOGZhMmIwMmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7zgTxx7IHdudvc4XGXNbSvQBx0l
YrNQL2b+qaDKlVDlXGfCkdjeXZ02gj8ptNYK1ZgURyl79eVi8XaFBKi+LVuS+qsf
dM+HMa9vTOTTRtP/YBjeWnDjeJuK+bngkFkrN+n+KwPHY7CT5rnBRJYgT7q8rr1N
L8SW3nkM+Nbl+Hc271t8F9dPvaY9i8pDb1GiXZXC98gmSVK8dQXu7AMpYDrplK+i
uzm+WOIbBpWVOWRie2/SAB9WRLpZZcmhBsNDDkV3DApbWlR5SmbQ8E0j3+rKgHZp
HRMJER5OnY9VjA6b6VoFo8TklHEROnIdzmc7Lra3MpqCNw3oIe0m4KjJkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE39guXIZva61/ZM6RA6JLj6KwLRMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVGYyQzVjaG05cnJYOWt6cEVEb2t1UG9yQXRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV3ndMA0G
CSqGSIb3DQEBCwUAA4IBAQCyM97m36TrR2F76E7iOAKSWtdyXLUwDqpPZu7iXGFM
bU2fSM0nisBPFkbRfVSltGKgfwVaWh+MePe4+c564Jaf15fbLF1DV/QJfAiWeEBR
YJdNQLS1KaIu6Z4aKHUPzQ7+WqYeYgYf/x8RLT4xixNApoSNQI99iB768K+eV0bS
jI/VkiAPS4MlLtsfh4mX5CKpvNwCjK0gVc4Fig7MgsofLka7iFH1wMOoiFV9hFsC
DcNOKTfwwy8nWhMgPpeeYKy9wYc848wTq7UXpA/dbk0JeU/B0JbW1DMSdX1OU/Ib
W8tK+yw70wbCFUyGoKEIhcNuxyhw/Dh/PU9aezu/q7MG
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:51:58 2025 by rpki-client