Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/9ff645-e0f1-4b18-980f-eda59bc9ca2c/1/tcgehgb8jEKBxZ-eQK6E5ck9WnQ.roa
File: tcgehgb8jEKBxZ-eQK6E5ck9WnQ.roa (raw, json)
Hash identifier: oCHSxwehuV0mec7mPTr4Jm3bomG+7ucgdmDNpeY0taU=
Subject key identifier: B5:C8:1E:86:06:FC:8C:42:81:C5:9F:9E:40:AE:84:E5:C9:3D:5A:74
Certificate issuer: /CN=b62fccda29be666deef8ec62d6bc1e6cd067c35f
Certificate serial: 018CC34940F01E9A38BC3F4A94D5915FADE1
Authority key identifier: B6:2F:CC:DA:29:BE:66:6D:EE:F8:EC:62:D6:BC:1E:6C:D0:67:C3:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ti_M2im-Zm3u-Oxi1rwebNBnw18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/9ff645-e0f1-4b18-980f-eda59bc9ca2c/1/tcgehgb8jEKBxZ-eQK6E5ck9WnQ.roa
Signing time: Mon 01 Jan 2024 04:30:07 +0000
ROA not before: Mon 01 Jan 2024 04:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208343
IP address blocks: 45.144.32.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:50:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:40:f0:1e:9a:38:bc:3f:4a:94:d5:91:5f:ad:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b62fccda29be666deef8ec62d6bc1e6cd067c35f
Validity
Not Before: Jan 1 04:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5c81e8606fc8c4281c59f9e40ae84e5c93d5a74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b9:46:06:2d:0f:12:88:57:eb:5f:64:ab:a4:
3f:15:0b:9c:04:55:48:2c:9d:51:19:02:ec:ff:ca:
5f:27:86:88:58:33:e1:55:3d:88:a6:3e:70:23:10:
c6:f0:c5:08:de:f2:5a:6b:9b:cc:ef:ea:6b:58:4a:
13:8e:8d:0e:bf:2c:f0:d8:db:34:cc:a5:e1:d7:5e:
76:ee:ec:a4:80:7d:b5:e9:55:be:66:d8:39:4f:35:
3a:9a:d0:6d:56:b7:f4:77:91:ed:61:73:be:ee:2f:
84:43:80:9c:41:2e:84:83:f7:66:56:ce:a0:57:12:
9c:d2:83:d0:7f:9e:d1:8d:44:23:53:1f:72:29:73:
fd:06:7c:b0:f0:4f:5c:c5:7c:b9:16:81:38:1b:8d:
94:9a:b7:08:81:50:f1:ce:ca:5c:e5:69:01:37:8c:
0e:cc:8f:73:12:d2:24:59:92:41:62:13:67:f0:76:
42:3d:df:2b:3c:bd:d6:d8:94:f9:45:84:82:cd:72:
8c:ab:4d:f4:b9:04:ea:f3:88:4a:ee:bb:00:49:f7:
d9:86:34:a4:54:73:41:37:39:f4:63:a4:cc:93:00:
37:31:a5:97:1d:d9:4d:e7:0b:3e:d2:37:74:63:30:
59:2b:3c:0d:aa:f0:90:f2:27:f4:63:19:26:53:df:
f6:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:C8:1E:86:06:FC:8C:42:81:C5:9F:9E:40:AE:84:E5:C9:3D:5A:74
X509v3 Authority Key Identifier:
keyid:B6:2F:CC:DA:29:BE:66:6D:EE:F8:EC:62:D6:BC:1E:6C:D0:67:C3:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ti_M2im-Zm3u-Oxi1rwebNBnw18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9ff645-e0f1-4b18-980f-eda59bc9ca2c/1/tcgehgb8jEKBxZ-eQK6E5ck9WnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9ff645-e0f1-4b18-980f-eda59bc9ca2c/1/ti_M2im-Zm3u-Oxi1rwebNBnw18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.32.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:fa:96:cd:af:3e:22:2d:e0:85:e3:da:73:e2:24:e6:57:43:
a8:cf:e5:e4:2a:11:53:07:0a:47:d7:a8:34:e3:45:09:ef:de:
6e:78:83:ec:b5:2a:e9:8c:b3:b0:00:ac:c5:b2:91:9a:4b:47:
6e:5c:81:15:ea:c9:b0:0b:c4:48:13:b3:e2:99:0d:0d:01:7a:
84:98:d5:8b:7c:cd:af:74:41:33:c6:1c:2d:a0:d1:9b:d2:db:
36:bb:ff:0b:3c:37:3e:14:36:30:2d:70:d4:3a:8e:7c:a9:a5:
68:b0:f0:b1:ec:82:5b:41:c9:fa:01:16:1e:c6:23:d4:dd:95:
4f:52:f4:28:d9:5e:0e:97:50:c6:f4:10:18:da:68:cc:3d:c3:
58:de:63:41:1e:ab:3d:9b:a8:f0:f4:64:93:04:4d:10:0a:ba:
0b:6c:da:db:e0:ff:ef:94:77:7a:d8:a4:6a:9e:65:9c:a3:f0:
59:2f:a7:fa:36:97:90:ae:5c:a3:fe:2b:cf:89:7b:fa:c0:54:
43:39:ae:fa:99:00:4a:b8:47:c0:11:30:04:3f:9a:2b:29:9b:
a7:61:b6:35:06:1c:f0:80:13:73:36:ab:f2:bb:57:bb:98:7c:
30:82:12:f6:ab:f9:a1:d9:21:b8:85:52:d3:46:3a:81:a9:be:
d2:89:27:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSUDwHpo4vD9KlNWRX63hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MmZjY2RhMjliZTY2NmRlZWY4ZWM2MmQ2YmMxZTZjZDA2
N2MzNWYwHhcNMjQwMTAxMDQzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWM4MWU4NjA2ZmM4YzQyODFjNTlmOWU0MGFlODRlNWM5M2Q1YTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7lGBi0PEohX619kq6Q/FQucBFVI
LJ1RGQLs/8pfJ4aIWDPhVT2Ipj5wIxDG8MUI3vJaa5vM7+prWEoTjo0Ovyzw2Ns0
zKXh11527uykgH216VW+Ztg5TzU6mtBtVrf0d5HtYXO+7i+EQ4CcQS6Eg/dmVs6g
VxKc0oPQf57RjUQjUx9yKXP9Bnyw8E9cxXy5FoE4G42UmrcIgVDxzspc5WkBN4wO
zI9zEtIkWZJBYhNn8HZCPd8rPL3W2JT5RYSCzXKMq030uQTq84hK7rsASffZhjSk
VHNBNzn0Y6TMkwA3MaWXHdlN5ws+0jd0YzBZKzwNqvCQ8if0YxkmU9/2jQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLXIHoYG/IxCgcWfnkCuhOXJPVp0MB8GA1UdIwQY
MBaAFLYvzNopvmZt7vjsYta8HmzQZ8NfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGlfTTJpbS1abTN1LU94aTFyd2ViTkJudzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85ZmY2NDUtZTBmMS00YjE4LTk4MGYt
ZWRhNTliYzljYTJjLzEvdGNnZWhnYjhqRUtCeFotZVFLNkU1Y2s5V25RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85ZmY2NDUtZTBmMS00YjE4LTk4MGYtZWRhNTliYzljYTJj
LzEvdGlfTTJpbS1abTN1LU94aTFyd2ViTkJudzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZAgMA0G
CSqGSIb3DQEBCwUAA4IBAQA9+pbNrz4iLeCF49pz4iTmV0Ooz+XkKhFTBwpH16g0
40UJ795ueIPstSrpjLOwAKzFspGaS0duXIEV6smwC8RIE7PimQ0NAXqEmNWLfM2v
dEEzxhwtoNGb0ts2u/8LPDc+FDYwLXDUOo58qaVosPCx7IJbQcn6ARYexiPU3ZVP
UvQo2V4Ol1DG9BAY2mjMPcNY3mNBHqs9m6jw9GSTBE0QCroLbNrb4P/vlHd62KRq
nmWco/BZL6f6NpeQrlyj/ivPiXv6wFRDOa76mQBKuEfAETAEP5orKZunYbY1Bhzw
gBNzNqvyu1e7mHwwghL2q/mh2SG4hVLTRjqBqb7SiSdb
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:50:23 2025 by rpki-client