Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/5a337f-c843-45f4-8d99-163fb7003e5d/1/TBlx2rTButfA4fzPca69WXyFyNE.roa
File: TBlx2rTButfA4fzPca69WXyFyNE.roa (raw, json)
Hash identifier: 6bm0BLotXgft8EoMtInrZn7/0+OPrAPgefyemQdN7es=
Subject key identifier: 4C:19:71:DA:B4:C1:BA:D7:C0:E1:FC:CF:71:AE:BD:59:7C:85:C8:D1
Certificate issuer: /CN=62d190b238d97af7900bdcbd02304b782ffcaf2a
Certificate serial: 01941F8C9275CE499D1DC7459C88DDE03CB5
Authority key identifier: 62:D1:90:B2:38:D9:7A:F7:90:0B:DC:BD:02:30:4B:78:2F:FC:AF:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YtGQsjjZeveQC9y9AjBLeC_8ryo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/5a337f-c843-45f4-8d99-163fb7003e5d/1/TBlx2rTButfA4fzPca69WXyFyNE.roa
Signing time: Wed 01 Jan 2025 01:48:13 +0000
ROA not before: Wed 01 Jan 2025 01:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25577
IP address blocks: 31.3.208.0/20 maxlen: 20
81.27.64.0/19 maxlen: 19
2001:9d8::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 05 Feb 2025 10:39:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:92:75:ce:49:9d:1d:c7:45:9c:88:dd:e0:3c:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62d190b238d97af7900bdcbd02304b782ffcaf2a
Validity
Not Before: Jan 1 01:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c1971dab4c1bad7c0e1fccf71aebd597c85c8d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:08:e3:09:eb:13:4b:c6:f0:b9:88:b6:82:35:
e6:4b:12:72:43:bd:bf:8d:8d:02:0c:67:17:31:22:
87:c9:e9:df:e5:e9:4d:37:5f:af:76:41:ef:7b:f0:
97:07:21:d4:6b:9a:a3:11:54:d1:59:be:b8:77:f1:
33:5c:ed:30:a8:f0:99:c9:7e:08:6a:2b:68:55:bc:
0f:4c:a6:e1:ed:cf:ba:3c:65:d7:50:ad:2f:a6:4c:
71:5e:35:7e:dc:02:e5:dc:2e:da:78:54:d8:95:e6:
b0:3f:8a:04:55:4c:23:bf:ad:93:d9:bd:27:d7:de:
cc:a6:21:c6:a0:45:0f:5e:27:14:8b:e9:66:a2:28:
75:12:31:59:d0:1f:f9:eb:c2:69:d1:35:17:cf:ed:
2d:0d:db:9a:13:b3:b8:78:1a:0e:e4:b9:11:2c:10:
1e:1d:98:15:87:cd:d5:d5:b5:19:75:b4:1a:a7:c8:
34:ee:5e:ab:31:f9:ee:7e:13:69:e4:df:95:26:28:
50:fa:b5:8c:ff:a9:50:92:04:1a:47:b9:9c:5e:ea:
57:c5:59:5c:e2:a0:c3:30:49:07:43:29:92:66:be:
ab:fc:77:2b:c1:5b:73:d7:99:f7:ca:8c:4d:34:03:
f6:8b:6a:48:d6:5f:45:5e:18:57:86:fc:d2:76:77:
35:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:19:71:DA:B4:C1:BA:D7:C0:E1:FC:CF:71:AE:BD:59:7C:85:C8:D1
X509v3 Authority Key Identifier:
keyid:62:D1:90:B2:38:D9:7A:F7:90:0B:DC:BD:02:30:4B:78:2F:FC:AF:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YtGQsjjZeveQC9y9AjBLeC_8ryo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5a337f-c843-45f4-8d99-163fb7003e5d/1/TBlx2rTButfA4fzPca69WXyFyNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5a337f-c843-45f4-8d99-163fb7003e5d/1/YtGQsjjZeveQC9y9AjBLeC_8ryo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.208.0/20
81.27.64.0/19
IPv6:
2001:9d8::/32
Signature Algorithm: sha256WithRSAEncryption
49:a5:f2:b9:ab:3b:9b:17:2a:84:18:14:a8:a7:af:3d:ac:eb:
9d:71:61:52:1e:54:d4:5e:6b:4f:16:00:7e:9e:36:7b:1c:e1:
6f:a9:a5:b9:02:c5:1d:95:33:d7:31:90:61:c3:67:2f:83:b8:
3c:91:d0:71:47:37:f6:16:d8:98:e5:62:e8:d4:1c:09:9c:ca:
cc:6b:a0:81:30:4f:6e:fc:ba:5a:53:22:d7:da:07:74:50:2a:
90:be:c6:70:c6:3e:a7:83:47:1c:53:e1:d5:2c:04:42:53:44:
74:76:e7:02:dd:eb:40:01:9f:f6:63:e4:19:7e:b9:05:5b:d6:
96:3b:59:f6:f0:b5:10:70:66:e0:94:6d:ea:90:64:92:b2:04:
e1:c1:5b:84:b1:d9:08:4e:be:ff:90:2d:b8:f8:c2:c1:6b:a8:
92:64:10:4b:d7:41:12:a1:35:63:d9:b5:45:17:56:6e:3e:37:
81:90:20:21:e0:d2:f3:5c:e3:6a:1b:70:11:05:e3:03:fe:25:
fd:fa:f0:d9:99:7f:d5:84:6e:32:cb:ca:44:fc:1c:c3:b8:10:
92:03:12:e3:40:a5:4a:1b:78:61:a8:93:21:42:2a:7e:39:02:
12:5b:7a:c2:c2:b2:0a:f4:ca:f1:44:6a:cb:56:72:b1:0d:34:
6b:18:8e:bc
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQfjJJ1zkmdHcdFnIjd4Dy1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZDE5MGIyMzhkOTdhZjc5MDBiZGNiZDAyMzA0Yjc4MmZm
Y2FmMmEwHhcNMjUwMTAxMDE0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzE5NzFkYWI0YzFiYWQ3YzBlMWZjY2Y3MWFlYmQ1OTdjODVjOGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7AjjCesTS8bwuYi2gjXmSxJyQ72/
jY0CDGcXMSKHyenf5elNN1+vdkHve/CXByHUa5qjEVTRWb64d/EzXO0wqPCZyX4I
aitoVbwPTKbh7c+6PGXXUK0vpkxxXjV+3ALl3C7aeFTYleawP4oEVUwjv62T2b0n
197MpiHGoEUPXicUi+lmoih1EjFZ0B/568Jp0TUXz+0tDduaE7O4eBoO5LkRLBAe
HZgVh83V1bUZdbQap8g07l6rMfnufhNp5N+VJihQ+rWM/6lQkgQaR7mcXupXxVlc
4qDDMEkHQymSZr6r/HcrwVtz15n3yoxNNAP2i2pI1l9FXhhXhvzSdnc1NQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEwZcdq0wbrXwOH8z3GuvVl8hcjRMB8GA1UdIwQY
MBaAFGLRkLI42Xr3kAvcvQIwS3gv/K8qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXRHUXNqalpldmVRQzl5OUFqQkxlQ184cnlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81YTMzN2YtYzg0My00NWY0LThkOTkt
MTYzZmI3MDAzZTVkLzEvVEJseDJyVEJ1dGZBNGZ6UGNhNjlXWHlGeU5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81YTMzN2YtYzg0My00NWY0LThkOTktMTYzZmI3MDAzZTVk
LzEvWXRHUXNqalpldmVRQzl5OUFqQkxlQ184cnlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEHwPQAwQF
URtAMA0EAgACMAcDBQAgAQnYMA0GCSqGSIb3DQEBCwUAA4IBAQBJpfK5qzubFyqE
GBSop689rOudcWFSHlTUXmtPFgB+njZ7HOFvqaW5AsUdlTPXMZBhw2cvg7g8kdBx
Rzf2FtiY5WLo1BwJnMrMa6CBME9u/LpaUyLX2gd0UCqQvsZwxj6ng0ccU+HVLARC
U0R0ducC3etAAZ/2Y+QZfrkFW9aWO1n28LUQcGbglG3qkGSSsgThwVuEsdkITr7/
kC24+MLBa6iSZBBL10ESoTVj2bVFF1ZuPjeBkCAh4NLzXONqG3ARBeMD/iX9+vDZ
mX/VhG4yy8pE/BzDuBCSAxLjQKVKG3hhqJMhQip+OQISW3rCwrIK9MrxRGrLVnKx
DTRrGI68
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:13:09 2025 by rpki-client