Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/d96da6-12b2-446e-8d99-7cb345e8541a/1/tnkq0ec-a7XriG1bwTR7_aX9S_c.roa
File: tnkq0ec-a7XriG1bwTR7_aX9S_c.roa (raw, json)
Hash identifier: IGtJ9gPc9LwQdtEilGvs+mP8FXvbK1PmUUM/GjqNjn4=
Subject key identifier: B6:79:2A:D1:E7:3E:6B:B5:EB:88:6D:5B:C1:34:7B:FD:A5:FD:4B:F7
Certificate issuer: /CN=e4a714ffc598b15647bbafe2c6460a87eafbcf97
Certificate serial: 018CC8030A06853CC85D51581715039D76E5
Authority key identifier: E4:A7:14:FF:C5:98:B1:56:47:BB:AF:E2:C6:46:0A:87:EA:FB:CF:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KcU_8WYsVZHu6_ixkYKh-r7z5c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/d96da6-12b2-446e-8d99-7cb345e8541a/1/tnkq0ec-a7XriG1bwTR7_aX9S_c.roa
Signing time: Tue 02 Jan 2024 02:31:31 +0000
ROA not before: Tue 02 Jan 2024 02:31:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 193.30.161.0/24 maxlen: 24
193.17.68.0/24 maxlen: 24
193.200.30.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:49:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:03:0a:06:85:3c:c8:5d:51:58:17:15:03:9d:76:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a714ffc598b15647bbafe2c6460a87eafbcf97
Validity
Not Before: Jan 2 02:31:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6792ad1e73e6bb5eb886d5bc1347bfda5fd4bf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:09:98:d6:f4:26:76:56:d9:16:ba:fe:03:fb:
7e:81:59:9c:ec:d8:13:bc:92:41:3e:8c:06:95:e8:
be:0e:c2:3c:ec:80:e7:30:92:3f:64:ac:7a:2e:ed:
0f:df:e9:78:cf:25:cd:3a:f8:c3:15:c7:c0:af:f4:
f3:32:b1:9e:b4:7d:01:c6:22:e7:92:07:5c:3a:c7:
51:0e:e6:da:d8:69:e4:a8:b6:72:e1:04:56:7f:10:
a8:5d:a7:00:a8:34:42:07:ef:61:dc:44:13:ca:00:
72:6c:ae:72:67:df:fa:c7:50:6d:34:7c:7b:c3:1a:
38:6d:a5:f5:b3:e0:a8:da:9a:7f:e5:eb:ef:32:10:
f5:52:fd:a9:66:4e:90:02:65:09:87:fd:f3:39:78:
f4:82:e6:6c:a1:72:37:08:a3:e5:53:73:b3:c2:2f:
8d:0d:29:70:20:d4:83:9f:fd:73:f9:b0:55:d9:d2:
86:c7:73:6c:82:c0:e4:9e:45:33:19:e6:bf:db:5c:
06:4b:dd:40:01:bf:d8:50:b5:29:ba:88:5e:a3:6d:
93:14:ea:51:84:3c:dc:8b:d8:e7:2a:1e:b1:97:b2:
0c:e0:66:31:85:56:1d:97:a8:1a:2e:42:e9:80:97:
61:7e:09:12:52:ba:5b:29:90:0c:5d:34:51:5a:d1:
90:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:79:2A:D1:E7:3E:6B:B5:EB:88:6D:5B:C1:34:7B:FD:A5:FD:4B:F7
X509v3 Authority Key Identifier:
keyid:E4:A7:14:FF:C5:98:B1:56:47:BB:AF:E2:C6:46:0A:87:EA:FB:CF:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KcU_8WYsVZHu6_ixkYKh-r7z5c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/d96da6-12b2-446e-8d99-7cb345e8541a/1/tnkq0ec-a7XriG1bwTR7_aX9S_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/d96da6-12b2-446e-8d99-7cb345e8541a/1/5KcU_8WYsVZHu6_ixkYKh-r7z5c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.68.0/24
193.30.161.0/24
193.200.30.0/24
Signature Algorithm: sha256WithRSAEncryption
41:8e:df:76:66:24:30:6c:c9:bf:75:d3:bc:8a:39:9f:e9:1e:
a8:fa:03:1c:1b:ab:f6:57:16:21:ac:3a:fe:31:f9:d6:fd:ec:
c3:34:e7:da:39:c6:58:7c:1c:1c:a1:ad:a3:73:b4:bd:48:8d:
e0:f9:1b:57:33:ce:b7:f0:c4:74:a4:3e:3e:b8:e1:1c:84:2d:
0a:3a:26:0c:b2:0b:9d:82:d7:51:59:3a:63:ac:27:b0:2f:66:
22:4b:d0:04:3f:43:bb:f5:54:28:27:0c:c2:cb:e8:0a:32:76:
82:7f:3b:49:36:fc:99:5d:e2:7a:a0:62:68:9f:1e:13:70:25:
fd:e6:aa:2b:a9:e1:42:80:05:a9:69:f0:99:43:61:54:2b:9a:
63:41:a5:13:ce:30:a0:ec:a8:0f:98:c9:d5:a2:99:ce:d1:9d:
e9:b1:3c:28:cd:fa:2a:c6:a0:e1:37:38:ee:40:92:90:87:bd:
c2:32:53:0a:2b:a6:68:3d:9e:5d:79:35:46:e1:b2:b7:f9:a2:
78:55:ff:7e:ec:2b:bf:25:b9:d5:58:d7:28:2f:0d:29:a5:ee:
20:b3:e4:56:30:8a:9a:59:82:f8:ce:86:79:7d:de:cd:a3:64:
fe:41:5b:b1:17:da:f3:58:ba:df:7e:36:a7:0b:b5:be:cc:ef:
f7:78:c6:bb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIAwoGhTzIXVFYFxUDnXblMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTcxNGZmYzU5OGIxNTY0N2JiYWZlMmM2NDYwYTg3ZWFm
YmNmOTcwHhcNMjQwMTAyMDIzMTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjc5MmFkMWU3M2U2YmI1ZWI4ODZkNWJjMTM0N2JmZGE1ZmQ0YmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwmY1vQmdlbZFrr+A/t+gVmc7NgT
vJJBPowGlei+DsI87IDnMJI/ZKx6Lu0P3+l4zyXNOvjDFcfAr/TzMrGetH0BxiLn
kgdcOsdRDuba2GnkqLZy4QRWfxCoXacAqDRCB+9h3EQTygBybK5yZ9/6x1BtNHx7
wxo4baX1s+Co2pp/5evvMhD1Uv2pZk6QAmUJh/3zOXj0guZsoXI3CKPlU3Ozwi+N
DSlwINSDn/1z+bBV2dKGx3NsgsDknkUzGea/21wGS91AAb/YULUpuoheo22TFOpR
hDzci9jnKh6xl7IM4GYxhVYdl6gaLkLpgJdhfgkSUrpbKZAMXTRRWtGQBwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLZ5KtHnPmu164htW8E0e/2l/Uv3MB8GA1UdIwQY
MBaAFOSnFP/FmLFWR7uv4sZGCofq+8+XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtjVV84V1lzVlpIdTZfaXhrWUtoLXI3ejVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kOTZkYTYtMTJiMi00NDZlLThkOTkt
N2NiMzQ1ZTg1NDFhLzEvdG5rcTBlYy1hN1hyaUcxYndUUjdfYVg5U19jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kOTZkYTYtMTJiMi00NDZlLThkOTktN2NiMzQ1ZTg1NDFh
LzEvNUtjVV84V1lzVlpIdTZfaXhrWUtoLXI3ejVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwRFEAwQA
wR6hAwQAwcgeMA0GCSqGSIb3DQEBCwUAA4IBAQBBjt92ZiQwbMm/ddO8ijmf6R6o
+gMcG6v2VxYhrDr+MfnW/ezDNOfaOcZYfBwcoa2jc7S9SI3g+RtXM8638MR0pD4+
uOEchC0KOiYMsgudgtdRWTpjrCewL2YiS9AEP0O79VQoJwzCy+gKMnaCfztJNvyZ
XeJ6oGJonx4TcCX95qorqeFCgAWpafCZQ2FUK5pjQaUTzjCg7KgPmMnVopnO0Z3p
sTwozfoqxqDhNzjuQJKQh73CMlMKK6ZoPZ5deTVG4bK3+aJ4Vf9+7Cu/JbnVWNco
Lw0ppe4gs+RWMIqaWYL4zoZ5fd7No2T+QVuxF9rzWLrffjanC7W+zO/3eMa7
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:36:37 2025 by rpki-client