Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/19c164-eae7-46bd-a1de-bf29c4188d7e/1/tLZn-zVQURCcmBdNY9h-mA7ROgU.roa
File: tLZn-zVQURCcmBdNY9h-mA7ROgU.roa (raw, json)
Hash identifier: UqJxL7wAkPJ5ztttLVgcbgPGVtypRGD4RZutiNuEA0U=
Subject key identifier: B4:B6:67:FB:35:50:51:10:9C:98:17:4D:63:D8:7E:98:0E:D1:3A:05
Certificate issuer: /CN=01e7c30459356a900dc63369764a754c5c1f3319
Certificate serial: 01909244665B52B1CF2CDC824F6B785E74CE
Authority key identifier: 01:E7:C3:04:59:35:6A:90:0D:C6:33:69:76:4A:75:4C:5C:1F:33:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AefDBFk1apANxjNpdkp1TFwfMxk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/19c164-eae7-46bd-a1de-bf29c4188d7e/1/tLZn-zVQURCcmBdNY9h-mA7ROgU.roa
Signing time: Mon 08 Jul 2024 12:14:34 +0000
ROA not before: Mon 08 Jul 2024 12:14:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48213
IP address blocks: 45.13.172.0/22 maxlen: 22
185.135.236.0/22 maxlen: 22
213.232.226.0/24 maxlen: 24
2a07:980::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:49:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:92:44:66:5b:52:b1:cf:2c:dc:82:4f:6b:78:5e:74:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01e7c30459356a900dc63369764a754c5c1f3319
Validity
Not Before: Jul 8 12:14:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4b667fb355051109c98174d63d87e980ed13a05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:9e:b3:48:93:49:25:33:bd:e2:70:48:78:b7:
3b:e6:45:16:2a:f2:23:94:22:ee:4d:76:f3:92:9f:
e0:13:4c:f2:ac:85:b0:a8:11:1c:12:37:77:ee:73:
ce:14:2b:74:c2:11:39:eb:93:12:66:ee:f9:0f:e3:
06:d2:7c:55:3e:b1:db:7c:86:69:47:79:4b:a6:f0:
7e:e8:c0:72:91:05:b6:71:2d:37:a9:c3:b5:e2:f2:
a1:62:25:45:7a:af:95:9e:f6:f7:5b:5d:71:15:0b:
36:b8:c7:86:b7:1e:9e:40:06:81:82:5b:b7:5b:f6:
c8:e0:2c:87:27:cc:6f:f2:aa:ed:04:35:2a:50:7b:
1e:66:0d:f3:08:0b:a9:2e:9e:e1:13:e0:34:fe:b8:
5a:4a:28:31:b7:a9:4a:b7:2d:99:65:3e:51:41:6b:
de:51:cf:bd:43:2d:ff:08:45:3c:63:f7:4a:aa:61:
59:52:76:e3:ce:56:63:44:f3:63:d8:64:27:fd:a6:
6a:24:09:42:b7:46:5a:d3:ce:3a:32:1a:8f:44:99:
40:ad:de:ca:d2:93:b2:07:c7:df:66:a5:f1:fb:5f:
70:fc:3a:18:dd:ab:df:66:1a:9c:04:78:77:30:9a:
f4:2b:0e:68:b9:56:5b:7e:07:97:96:ff:c0:39:6a:
9e:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:B6:67:FB:35:50:51:10:9C:98:17:4D:63:D8:7E:98:0E:D1:3A:05
X509v3 Authority Key Identifier:
keyid:01:E7:C3:04:59:35:6A:90:0D:C6:33:69:76:4A:75:4C:5C:1F:33:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AefDBFk1apANxjNpdkp1TFwfMxk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/19c164-eae7-46bd-a1de-bf29c4188d7e/1/tLZn-zVQURCcmBdNY9h-mA7ROgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/19c164-eae7-46bd-a1de-bf29c4188d7e/1/AefDBFk1apANxjNpdkp1TFwfMxk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.172.0/22
185.135.236.0/22
213.232.226.0/24
IPv6:
2a07:980::/29
Signature Algorithm: sha256WithRSAEncryption
28:38:30:93:82:3f:1e:a2:7e:07:ea:4a:fb:b8:b3:ee:48:92:
98:b7:33:12:f1:a8:3b:b0:34:68:92:80:a9:f9:9b:1c:66:8c:
b7:7b:08:7d:ac:1d:c4:ed:18:63:0a:bb:64:6c:6a:24:4e:ed:
98:1e:3f:2b:ce:4b:3c:63:23:09:c4:8c:65:c0:fb:a3:80:71:
52:bc:f0:da:48:e3:88:83:3e:95:2b:4f:61:c2:bc:c9:f7:52:
23:e9:d1:b0:df:f5:e5:3d:38:c3:b7:be:e2:65:a1:7d:a8:04:
7c:59:0a:06:69:c0:8f:fa:0b:bd:91:e0:47:61:45:a0:2d:f8:
30:c6:0f:67:15:dd:44:79:2d:cd:03:80:e2:28:24:cf:ed:fe:
19:6a:92:3e:cb:42:06:b3:71:bf:67:39:55:98:ae:39:56:49:
da:44:ba:45:8b:26:e4:3d:08:35:ef:69:22:86:25:68:92:c9:
bf:96:3b:4d:91:5b:cc:69:ac:39:b6:9c:e0:ff:2a:36:92:05:
63:e9:e3:dd:a5:dc:49:f9:21:10:2e:07:02:4d:b8:2b:f2:b0:
84:09:83:17:8d:7a:e1:41:2f:1d:3b:f7:42:73:8e:6b:46:0a:
36:b7:1a:41:be:75:50:a1:d5:8d:c7:3a:58:81:e8:ee:18:21:
59:0e:ab:4a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZCSRGZbUrHPLNyCT2t4XnTOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZTdjMzA0NTkzNTZhOTAwZGM2MzM2OTc2NGE3NTRjNWMx
ZjMzMTkwHhcNMjQwNzA4MTIxNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGI2NjdmYjM1NTA1MTEwOWM5ODE3NGQ2M2Q4N2U5ODBlZDEzYTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnp6zSJNJJTO94nBIeLc75kUWKvIj
lCLuTXbzkp/gE0zyrIWwqBEcEjd37nPOFCt0whE565MSZu75D+MG0nxVPrHbfIZp
R3lLpvB+6MBykQW2cS03qcO14vKhYiVFeq+Vnvb3W11xFQs2uMeGtx6eQAaBglu3
W/bI4CyHJ8xv8qrtBDUqUHseZg3zCAupLp7hE+A0/rhaSigxt6lKty2ZZT5RQWve
Uc+9Qy3/CEU8Y/dKqmFZUnbjzlZjRPNj2GQn/aZqJAlCt0Za0846MhqPRJlArd7K
0pOyB8ffZqXx+19w/DoY3avfZhqcBHh3MJr0Kw5ouVZbfgeXlv/AOWqeBQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLS2Z/s1UFEQnJgXTWPYfpgO0ToFMB8GA1UdIwQY
MBaAFAHnwwRZNWqQDcYzaXZKdUxcHzMZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWVmREJGazFhcEFOeGpOcGRrcDFURndmTXhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8xOWMxNjQtZWFlNy00NmJkLWExZGUt
YmYyOWM0MTg4ZDdlLzEvdExabi16VlFVUkNjbUJkTlk5aC1tQTdST2dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8xOWMxNjQtZWFlNy00NmJkLWExZGUtYmYyOWM0MTg4ZDdl
LzEvQWVmREJGazFhcEFOeGpOcGRrcDFURndmTXhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLQ2sAwQC
uYfsAwQA1ejiMA0EAgACMAcDBQMqBwmAMA0GCSqGSIb3DQEBCwUAA4IBAQAoODCT
gj8eon4H6kr7uLPuSJKYtzMS8ag7sDRokoCp+ZscZoy3ewh9rB3E7RhjCrtkbGok
Tu2YHj8rzks8YyMJxIxlwPujgHFSvPDaSOOIgz6VK09hwrzJ91Ij6dGw3/XlPTjD
t77iZaF9qAR8WQoGacCP+gu9keBHYUWgLfgwxg9nFd1EeS3NA4DiKCTP7f4ZapI+
y0IGs3G/ZzlVmK45VknaRLpFiybkPQg172kihiVoksm/ljtNkVvMaaw5tpzg/yo2
kgVj6ePdpdxJ+SEQLgcCTbgr8rCECYMXjXrhQS8dO/dCc45rRgo2txpBvnVQodWN
xzpYgejuGCFZDqtK
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:43 2025 by rpki-client