Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/04e8dd-de3c-47fa-a024-f33797e39bb2/1/T1nnlXAqMJkOZFZ1A8rJylFpK4M.roa
File: T1nnlXAqMJkOZFZ1A8rJylFpK4M.roa (raw, json)
Hash identifier: 1jamfDtS51sNmbvF5EQWl/h3bPh5Am9VkvGQO6WWjMs=
Subject key identifier: 4F:59:E7:95:70:2A:30:99:0E:64:56:75:03:CA:C9:CA:51:69:2B:83
Certificate issuer: /CN=c3a49f65a3d680c428fd94d67e65a2709f0292cf
Certificate serial: 018CC8DF76C60C99F514E9DB662DFBD33264
Authority key identifier: C3:A4:9F:65:A3:D6:80:C4:28:FD:94:D6:7E:65:A2:70:9F:02:92:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w6SfZaPWgMQo_ZTWfmWicJ8Cks8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/04e8dd-de3c-47fa-a024-f33797e39bb2/1/T1nnlXAqMJkOZFZ1A8rJylFpK4M.roa
Signing time: Tue 02 Jan 2024 06:32:17 +0000
ROA not before: Tue 02 Jan 2024 06:32:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205451
IP address blocks: 195.47.232.0/24 maxlen: 24
185.117.112.0/22 maxlen: 22
2a0c:3180::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:76:c6:0c:99:f5:14:e9:db:66:2d:fb:d3:32:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3a49f65a3d680c428fd94d67e65a2709f0292cf
Validity
Not Before: Jan 2 06:32:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f59e795702a30990e64567503cac9ca51692b83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:15:78:4c:cf:b8:87:0a:86:3d:3b:12:8c:df:
76:9c:36:d9:73:53:fd:7f:72:7d:76:1d:11:9d:0a:
e1:76:fe:e3:d3:4b:4c:47:d3:e9:c6:00:5e:ba:11:
43:6e:2b:61:9f:a8:19:c5:b8:19:53:9d:fc:65:ce:
bd:39:26:de:c4:19:69:ca:41:a3:7d:cd:9d:e1:ec:
7d:c6:e0:95:7a:d4:8f:3f:1a:93:c2:2f:55:97:1c:
a9:60:e0:ca:b4:18:f3:ba:70:0f:3c:d2:00:69:cb:
f2:f8:5e:92:b5:16:ed:0f:db:df:36:58:3e:f0:2b:
eb:04:01:4d:9d:0c:a9:17:3f:df:4e:ac:da:19:a0:
32:4d:3b:44:18:ae:41:e5:1c:a3:35:44:21:13:80:
0c:78:44:a4:ff:1a:c3:f5:7b:03:ba:19:04:b2:8f:
25:71:b2:1c:04:ef:73:cc:13:4d:03:4b:6d:73:43:
b6:d9:d5:a7:8a:e0:23:1a:f5:a1:e0:03:de:3d:8b:
55:e5:fb:74:29:85:eb:b7:1e:89:44:a0:43:f3:56:
1c:54:44:a6:1f:96:55:1e:9d:74:9b:fb:dd:b7:2d:
5d:b8:74:3c:88:c9:25:0f:05:ee:e4:f8:b6:c2:a2:
d6:3f:9f:38:bb:73:8e:a6:b2:f1:8b:e3:d2:a7:36:
bd:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:59:E7:95:70:2A:30:99:0E:64:56:75:03:CA:C9:CA:51:69:2B:83
X509v3 Authority Key Identifier:
keyid:C3:A4:9F:65:A3:D6:80:C4:28:FD:94:D6:7E:65:A2:70:9F:02:92:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w6SfZaPWgMQo_ZTWfmWicJ8Cks8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/04e8dd-de3c-47fa-a024-f33797e39bb2/1/T1nnlXAqMJkOZFZ1A8rJylFpK4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/04e8dd-de3c-47fa-a024-f33797e39bb2/1/w6SfZaPWgMQo_ZTWfmWicJ8Cks8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.112.0/22
195.47.232.0/24
IPv6:
2a0c:3180::/32
Signature Algorithm: sha256WithRSAEncryption
61:71:96:a8:55:f5:a2:27:38:b5:0f:1a:c4:b7:39:69:db:f7:
72:4c:7a:b6:7d:0d:ab:f1:f6:a3:a9:3c:f7:43:cf:33:54:30:
7c:25:78:40:ae:e2:3c:95:59:2e:12:f6:80:0d:d4:e2:87:af:
cc:d8:88:32:2f:4e:2b:12:b3:34:df:00:4b:df:3d:51:a9:28:
31:b5:fb:f7:8b:c9:b0:6e:38:67:a2:84:e4:b3:0a:29:92:0f:
be:26:fe:f5:88:d1:78:29:12:39:13:97:a8:9b:28:7d:05:3a:
aa:cf:90:d5:aa:54:77:50:0a:99:87:28:99:5f:0a:0a:66:80:
60:a3:4c:4b:a0:23:89:bb:3f:b0:43:c4:cd:ff:9b:35:48:9d:
98:71:55:b8:72:a3:95:06:15:3c:13:c5:76:75:8a:a8:4e:1d:
17:e3:10:9d:75:cd:4a:c2:e3:98:ab:dd:57:91:31:19:e2:17:
1a:f2:64:b7:1e:2a:ec:b7:c3:1f:66:02:41:0a:a6:93:9a:ce:
ce:3a:10:d0:f3:68:a7:e8:54:0a:32:6c:9e:da:c6:9f:36:fd:
4a:a0:a5:9a:62:90:7f:ef:23:76:2b:01:63:96:76:b8:6c:c7:
17:0f:ce:e8:58:27:ae:92:db:84:24:95:ac:7b:22:fc:96:d9:
82:fd:1b:3f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzI33bGDJn1FOnbZi370zJkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYTQ5ZjY1YTNkNjgwYzQyOGZkOTRkNjdlNjVhMjcwOWYw
MjkyY2YwHhcNMjQwMTAyMDYzMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjU5ZTc5NTcwMmEzMDk5MGU2NDU2NzUwM2NhYzljYTUxNjkyYjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxV4TM+4hwqGPTsSjN92nDbZc1P9
f3J9dh0RnQrhdv7j00tMR9PpxgBeuhFDbithn6gZxbgZU538Zc69OSbexBlpykGj
fc2d4ex9xuCVetSPPxqTwi9VlxypYODKtBjzunAPPNIAacvy+F6StRbtD9vfNlg+
8CvrBAFNnQypFz/fTqzaGaAyTTtEGK5B5RyjNUQhE4AMeESk/xrD9XsDuhkEso8l
cbIcBO9zzBNNA0ttc0O22dWniuAjGvWh4APePYtV5ft0KYXrtx6JRKBD81YcVESm
H5ZVHp10m/vdty1duHQ8iMklDwXu5Pi2wqLWP584u3OOprLxi+PSpza9uQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFE9Z55VwKjCZDmRWdQPKycpRaSuDMB8GA1UdIwQY
MBaAFMOkn2Wj1oDEKP2U1n5lonCfApLPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzZTZlphUFdnTVFvX1pUV2ZtV2ljSjhDa3M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS8wNGU4ZGQtZGUzYy00N2ZhLWEwMjQt
ZjMzNzk3ZTM5YmIyLzEvVDFubmxYQXFNSmtPWkZaMUE4ckp5bEZwSzRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS8wNGU4ZGQtZGUzYy00N2ZhLWEwMjQtZjMzNzk3ZTM5YmIy
LzEvdzZTZlphUFdnTVFvX1pUV2ZtV2ljSjhDa3M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuXVwAwQA
wy/oMA0EAgACMAcDBQAqDDGAMA0GCSqGSIb3DQEBCwUAA4IBAQBhcZaoVfWiJzi1
DxrEtzlp2/dyTHq2fQ2r8fajqTz3Q88zVDB8JXhAruI8lVkuEvaADdTih6/M2Igy
L04rErM03wBL3z1RqSgxtfv3i8mwbjhnooTkswopkg++Jv71iNF4KRI5E5eomyh9
BTqqz5DVqlR3UAqZhyiZXwoKZoBgo0xLoCOJuz+wQ8TN/5s1SJ2YcVW4cqOVBhU8
E8V2dYqoTh0X4xCddc1KwuOYq91XkTEZ4hca8mS3Hirst8MfZgJBCqaTms7OOhDQ
82in6FQKMmye2safNv1KoKWaYpB/7yN2KwFjlna4bMcXD87oWCeuktuEJJWseyL8
ltmC/Rs/
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:07:22 2025 by rpki-client