Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/2d2570-ab91-4c27-9cb3-5fd716d67e4c/1/tbPHmaPfnm51NGp6pROUvQjwevY.roa
File: tbPHmaPfnm51NGp6pROUvQjwevY.roa (raw, json)
Hash identifier: UYVHwzxGEpnt0o0yLb4faUkqohalTsV5VD75VAYNwyc=
Subject key identifier: B5:B3:C7:99:A3:DF:9E:6E:75:34:6A:7A:A5:13:94:BD:08:F0:7A:F6
Certificate issuer: /CN=fee1be40bd4c10a02c78371af313d4e7da3d44a1
Certificate serial: 0192FC9254FD0EC2ACB82D6FF8981C1900ED
Authority key identifier: FE:E1:BE:40:BD:4C:10:A0:2C:78:37:1A:F3:13:D4:E7:DA:3D:44:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_uG-QL1MEKAseDca8xPU59o9RKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/2d2570-ab91-4c27-9cb3-5fd716d67e4c/1/tbPHmaPfnm51NGp6pROUvQjwevY.roa
Signing time: Tue 05 Nov 2024 13:45:01 +0000
ROA not before: Tue 05 Nov 2024 13:45:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48652
IP address blocks: 194.146.95.0/24 maxlen: 24
2a13:d080::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fc:92:54:fd:0e:c2:ac:b8:2d:6f:f8:98:1c:19:00:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fee1be40bd4c10a02c78371af313d4e7da3d44a1
Validity
Not Before: Nov 5 13:45:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5b3c799a3df9e6e75346a7aa51394bd08f07af6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:43:e7:83:3f:03:c7:0d:51:da:67:85:32:40:
fe:de:82:cf:92:5e:99:5d:5d:dd:34:e0:9e:18:0a:
cf:78:9f:2b:2c:2d:c2:c0:52:9e:45:e5:b4:5c:ca:
b3:25:9e:08:a0:4f:7e:07:3d:7a:73:03:09:31:a1:
8f:76:60:a6:bf:66:da:df:f1:b6:73:47:7e:74:bf:
62:fd:c9:f5:73:5e:2b:70:81:1e:d9:9f:96:10:21:
5d:d3:d8:41:ac:2e:90:83:b3:df:bc:1b:10:bc:53:
b5:df:1d:e8:ea:b1:22:b0:24:2e:4d:59:6f:77:9a:
3c:1d:cf:5f:32:cb:21:f8:3c:53:c5:11:0d:c5:59:
75:8a:48:6f:7d:19:bf:f5:ac:a3:3a:cb:13:e4:ff:
b2:19:8e:c2:ff:3d:6d:7a:69:9a:73:91:7e:52:51:
07:19:7d:c6:55:90:4f:ac:9e:b0:7b:14:c8:f3:04:
09:26:8c:07:20:a7:64:58:0c:47:ce:70:9e:be:45:
d5:3f:c1:8d:44:c4:80:c1:61:98:92:0e:69:5e:ad:
2a:f6:9f:1a:55:70:10:b3:62:e3:94:f3:92:57:21:
8c:02:a2:74:7f:05:4d:b4:96:99:93:a3:90:15:17:
4b:7c:a5:49:71:68:18:29:96:78:92:3c:2b:0e:59:
01:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:B3:C7:99:A3:DF:9E:6E:75:34:6A:7A:A5:13:94:BD:08:F0:7A:F6
X509v3 Authority Key Identifier:
keyid:FE:E1:BE:40:BD:4C:10:A0:2C:78:37:1A:F3:13:D4:E7:DA:3D:44:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_uG-QL1MEKAseDca8xPU59o9RKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/2d2570-ab91-4c27-9cb3-5fd716d67e4c/1/tbPHmaPfnm51NGp6pROUvQjwevY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/2d2570-ab91-4c27-9cb3-5fd716d67e4c/1/_uG-QL1MEKAseDca8xPU59o9RKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.146.95.0/24
IPv6:
2a13:d080::/29
Signature Algorithm: sha256WithRSAEncryption
78:f7:eb:f0:ec:da:51:e3:58:88:17:42:09:55:a0:07:17:fb:
58:85:69:e2:e3:71:6d:36:cf:f0:c2:55:fd:0e:d3:bc:c5:1d:
89:76:8a:67:b6:88:33:2d:06:9d:70:c1:88:c0:32:fc:32:c0:
87:1f:e4:5f:0b:27:cc:fb:21:55:ae:81:4a:35:b1:c0:b2:fb:
bb:b3:50:5c:5b:97:e4:78:c1:4b:9f:86:51:7c:f0:a4:eb:0a:
0e:31:55:3a:3e:e6:57:34:3b:97:64:ee:7b:42:73:e7:73:bf:
97:5b:52:ee:96:4f:95:a9:fa:3c:93:ca:e6:f5:05:ce:5f:2a:
54:5a:b2:14:6f:eb:75:c5:bc:fe:1d:d8:5b:8b:a1:0f:ff:30:
44:28:d3:c8:bc:41:31:94:f0:00:f4:24:81:37:e4:cf:b0:fd:
6d:d1:67:f0:34:94:d8:10:70:f8:02:63:cf:18:f4:fd:a3:ca:
45:a0:a4:e1:bb:b2:98:2e:cc:b4:5c:17:4d:4a:fc:6e:b0:75:
9c:0a:36:c1:ed:5c:f5:ae:99:3e:02:66:4e:01:e4:02:cd:8f:
6c:74:48:76:f7:1e:63:16:ed:fd:d7:8a:cc:71:18:66:e5:fa:
fc:c0:e2:c4:92:d0:f7:de:82:97:72:7c:db:31:28:83:0a:ce:
9b:e1:45:49
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZL8klT9DsKsuC1v+JgcGQDtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZTFiZTQwYmQ0YzEwYTAyYzc4MzcxYWYzMTNkNGU3ZGEz
ZDQ0YTEwHhcNMjQxMTA1MTM0NTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWIzYzc5OWEzZGY5ZTZlNzUzNDZhN2FhNTEzOTRiZDA4ZjA3YWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokPngz8Dxw1R2meFMkD+3oLPkl6Z
XV3dNOCeGArPeJ8rLC3CwFKeReW0XMqzJZ4IoE9+Bz16cwMJMaGPdmCmv2ba3/G2
c0d+dL9i/cn1c14rcIEe2Z+WECFd09hBrC6Qg7PfvBsQvFO13x3o6rEisCQuTVlv
d5o8Hc9fMssh+DxTxRENxVl1ikhvfRm/9ayjOssT5P+yGY7C/z1temmac5F+UlEH
GX3GVZBPrJ6wexTI8wQJJowHIKdkWAxHznCevkXVP8GNRMSAwWGYkg5pXq0q9p8a
VXAQs2LjlPOSVyGMAqJ0fwVNtJaZk6OQFRdLfKVJcWgYKZZ4kjwrDlkBBQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLWzx5mj355udTRqeqUTlL0I8Hr2MB8GA1UdIwQY
MBaAFP7hvkC9TBCgLHg3GvMT1OfaPUShMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3VHLVFMMU1FS0FzZURjYTh4UFU1OW85UktFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8yZDI1NzAtYWI5MS00YzI3LTljYjMt
NWZkNzE2ZDY3ZTRjLzEvdGJQSG1hUGZubTUxTkdwNnBST1V2UWp3ZXZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8yZDI1NzAtYWI5MS00YzI3LTljYjMtNWZkNzE2ZDY3ZTRj
LzEvX3VHLVFMMU1FS0FzZURjYTh4UFU1OW85UktFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwpJfMA0E
AgACMAcDBQMqE9CAMA0GCSqGSIb3DQEBCwUAA4IBAQB49+vw7NpR41iIF0IJVaAH
F/tYhWni43FtNs/wwlX9DtO8xR2JdopntogzLQadcMGIwDL8MsCHH+RfCyfM+yFV
roFKNbHAsvu7s1BcW5fkeMFLn4ZRfPCk6woOMVU6PuZXNDuXZO57QnPnc7+XW1Lu
lk+Vqfo8k8rm9QXOXypUWrIUb+t1xbz+Hdhbi6EP/zBEKNPIvEExlPAA9CSBN+TP
sP1t0WfwNJTYEHD4AmPPGPT9o8pFoKThu7KYLsy0XBdNSvxusHWcCjbB7Vz1rpk+
AmZOAeQCzY9sdEh29x5jFu3914rMcRhm5fr8wOLEktD33oKXcnzbMSiDCs6b4UVJ
-----END CERTIFICATE-----
Generated at Thu Jan 2 14:58:42 2025 by rpki-client on console-fra.rpki-client.org