Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/tmu4MS3HJwXJEmE0pDw1ghqWr08.roa
File: tmu4MS3HJwXJEmE0pDw1ghqWr08.roa (raw, json)
Hash identifier: zJuHfQuXc7is2/ZJy0GBA3JguV/VJqWGRL2BqcrrRE4=
Subject key identifier: B6:6B:B8:31:2D:C7:27:05:C9:12:61:34:A4:3C:35:82:1A:96:AF:4F
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 01956A26C308DEEFC939C0E1E6706CBBD407
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/tmu4MS3HJwXJEmE0pDw1ghqWr08.roa
Signing time: Thu 06 Mar 2025 06:31:19 +0000
ROA not before: Thu 06 Mar 2025 06:31:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199218
IP address blocks: 85.239.144.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 04 Apr 2025 11:11:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6a:26:c3:08:de:ef:c9:39:c0:e1:e6:70:6c:bb:d4:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Mar 6 06:31:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b66bb8312dc72705c9126134a43c35821a96af4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:72:42:c2:ce:9d:45:0b:45:3a:f5:a0:12:c7:
ff:21:f4:51:17:a5:07:25:d9:ad:71:b7:fc:5b:01:
0f:bd:1f:c6:be:c8:58:1e:9b:0e:5d:6a:08:d2:19:
2e:77:96:0b:e7:97:11:01:b1:20:67:98:ca:3f:60:
89:af:cf:30:d4:63:c7:07:71:f4:79:0d:a6:e0:e7:
74:5c:bd:aa:8a:9d:fa:c7:1d:af:0c:95:c2:a5:ba:
a2:78:cb:01:0c:96:93:22:0a:19:8b:f5:4a:cb:03:
e7:9e:16:ac:3a:78:7f:99:c6:d6:ad:68:00:66:76:
20:d3:9e:76:ed:0a:0d:1d:42:cd:10:58:19:55:c6:
eb:c4:0e:1b:03:2e:90:52:cc:eb:5e:cd:00:91:94:
70:77:fa:de:c2:18:cf:46:84:d0:35:07:ae:4e:c2:
fb:63:f9:17:4a:8f:1d:8a:59:3b:29:37:24:e3:c3:
fb:6a:8f:74:b6:e3:fa:1a:d8:88:9b:e1:28:a3:25:
d5:48:53:59:2f:44:87:1c:b1:db:97:48:2c:10:9f:
e5:80:c5:ae:d4:82:56:bc:5b:12:b4:9c:e2:29:ce:
38:4b:93:e5:34:d1:8d:1f:1f:73:ba:e4:9d:c4:11:
b8:8e:8f:ba:73:1b:97:d7:b9:a0:a6:19:0f:cd:53:
77:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:6B:B8:31:2D:C7:27:05:C9:12:61:34:A4:3C:35:82:1A:96:AF:4F
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/tmu4MS3HJwXJEmE0pDw1ghqWr08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.144.0/24
Signature Algorithm: sha256WithRSAEncryption
02:e1:e2:8c:a4:20:63:85:94:3b:38:84:d0:cc:03:92:77:0d:
78:9a:20:52:97:6e:c6:da:ef:19:7d:14:a9:26:08:2d:a8:1e:
c1:76:35:c0:32:45:e0:79:b2:c2:30:8f:f8:e4:d4:d6:e5:e6:
69:9e:20:ae:f7:e2:be:73:ec:bd:44:4e:85:db:ab:2e:0c:34:
4d:22:96:ac:ca:ad:27:f1:43:96:a8:ca:1e:42:b8:8b:8e:c9:
70:20:16:a6:17:e1:f4:cb:28:87:18:55:3d:cc:73:3a:3b:23:
65:6e:1d:6e:c8:5d:30:b4:1f:10:d5:ee:68:41:ee:df:4a:98:
85:84:f8:21:7d:5e:10:78:43:dd:99:f2:be:5b:77:a1:62:f7:
18:ce:32:6d:8f:4e:47:ea:34:e1:3e:f7:63:80:4d:39:29:e0:
e1:de:ca:8b:54:40:63:ed:fc:96:1f:3d:80:e2:19:fe:4d:b1:
a2:80:14:17:df:22:03:6e:f2:34:a9:2c:f7:d8:ab:c1:19:81:
eb:5f:bc:43:19:40:3a:89:5e:52:19:a0:3b:b3:eb:0e:f0:bd:
00:88:da:f2:f7:69:b4:02:94:be:f0:99:6a:a0:ec:18:41:19:
da:93:88:26:2e:58:1f:33:18:fd:02:cc:3c:04:1a:f0:40:7d:
6a:30:da:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVqJsMI3u/JOcDh5nBsu9QHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjUwMzA2MDYzMTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjZiYjgzMTJkYzcyNzA1YzkxMjYxMzRhNDNjMzU4MjFhOTZhZjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2nJCws6dRQtFOvWgEsf/IfRRF6UH
Jdmtcbf8WwEPvR/GvshYHpsOXWoI0hkud5YL55cRAbEgZ5jKP2CJr88w1GPHB3H0
eQ2m4Od0XL2qip36xx2vDJXCpbqieMsBDJaTIgoZi/VKywPnnhasOnh/mcbWrWgA
ZnYg05527QoNHULNEFgZVcbrxA4bAy6QUszrXs0AkZRwd/rewhjPRoTQNQeuTsL7
Y/kXSo8dilk7KTck48P7ao90tuP6GtiIm+EooyXVSFNZL0SHHLHbl0gsEJ/lgMWu
1IJWvFsStJziKc44S5PlNNGNHx9zuuSdxBG4jo+6cxuX17mgphkPzVN39wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLZruDEtxycFyRJhNKQ8NYIalq9PMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvdG11NE1TM0hKd1hKRW1FMHBEdzFnaHFXcjA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVe+QMA0G
CSqGSIb3DQEBCwUAA4IBAQAC4eKMpCBjhZQ7OITQzAOSdw14miBSl27G2u8ZfRSp
JggtqB7BdjXAMkXgebLCMI/45NTW5eZpniCu9+K+c+y9RE6F26suDDRNIpasyq0n
8UOWqMoeQriLjslwIBamF+H0yyiHGFU9zHM6OyNlbh1uyF0wtB8Q1e5oQe7fSpiF
hPghfV4QeEPdmfK+W3ehYvcYzjJtj05H6jThPvdjgE05KeDh3sqLVEBj7fyWHz2A
4hn+TbGigBQX3yIDbvI0qSz32KvBGYHrX7xDGUA6iV5SGaA7s+sO8L0AiNry92m0
ApS+8JlqoOwYQRnak4gmLlgfMxj9Asw8BBrwQH1qMNrU
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:36:53 2025 by rpki-client