Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/d6a422-3612-45af-83ab-d24b68966e0e/1/Tl_webQ5I-DDAwk6Q7C0T4lb5FI.roa
File: Tl_webQ5I-DDAwk6Q7C0T4lb5FI.roa (raw, json)
Hash identifier: MF9LLchDBDAd+l8ruEGLs1nd4dvQqzLq8td2H9Q2vZ0=
Subject key identifier: 4E:5F:F0:79:B4:39:23:E0:C3:03:09:3A:43:B0:B4:4F:89:5B:E4:52
Certificate issuer: /CN=a15e3f974b5f974656ccf4d45596caad1b9096d4
Certificate serial: 0194258F5C07301ABD26EB0634D3C41633E8
Authority key identifier: A1:5E:3F:97:4B:5F:97:46:56:CC:F4:D4:55:96:CA:AD:1B:90:96:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oV4_l0tfl0ZWzPTUVZbKrRuQltQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/d6a422-3612-45af-83ab-d24b68966e0e/1/Tl_webQ5I-DDAwk6Q7C0T4lb5FI.roa
Signing time: Thu 02 Jan 2025 05:48:59 +0000
ROA not before: Thu 02 Jan 2025 05:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205376
IP address blocks: 185.220.148.0/22 maxlen: 24
185.220.148.0/24 maxlen: 24
185.220.149.0/24 maxlen: 24
185.220.150.0/24 maxlen: 24
185.220.151.0/24 maxlen: 24
2a0b:f840::/29 maxlen: 32
2a0b:f840::/32 maxlen: 32
2a0b:f841::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 01 Feb 2025 09:07:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:5c:07:30:1a:bd:26:eb:06:34:d3:c4:16:33:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a15e3f974b5f974656ccf4d45596caad1b9096d4
Validity
Not Before: Jan 2 05:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4e5ff079b43923e0c303093a43b0b44f895be452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:fc:50:13:1f:3e:34:1a:ae:da:70:11:6c:5f:
1e:05:5c:b6:5c:fc:38:35:c5:bb:71:36:83:fd:e0:
a7:d4:2d:ad:f2:2d:58:69:45:38:13:7b:30:b1:66:
39:89:a4:bd:86:a1:f5:8b:6d:80:9c:ed:4c:a4:d1:
d0:3c:b2:5e:70:de:68:55:02:f6:b0:fc:b9:c9:20:
e6:53:c2:f8:bd:a4:fd:5a:74:7c:6e:1c:3f:4d:61:
ac:62:45:62:b5:28:7f:0d:e9:d3:12:d2:94:96:50:
92:e3:b7:98:b8:da:4b:7a:d4:13:51:a4:99:1d:26:
1d:96:93:c8:ff:ec:8d:b9:ac:5b:19:66:91:d1:40:
22:b0:6d:c3:31:b3:34:a0:66:9e:ac:65:cf:6a:5b:
fe:b1:20:cd:ef:0b:fb:10:b2:5c:05:d5:ea:54:c8:
d9:f5:08:05:a7:22:e2:b5:a3:66:17:cd:34:f4:a6:
8a:ee:22:46:e9:21:fa:ca:a7:fc:60:d1:12:a3:a6:
94:6e:97:1b:6c:8e:97:79:62:d6:06:c2:5a:b2:2a:
3e:09:61:a0:8e:8c:fe:39:15:db:32:66:4b:31:31:
7c:5e:77:6c:88:91:5c:81:d4:31:85:47:06:d7:19:
74:5d:9d:a8:66:80:2a:9e:e8:b2:e2:32:a6:e7:dc:
68:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:5F:F0:79:B4:39:23:E0:C3:03:09:3A:43:B0:B4:4F:89:5B:E4:52
X509v3 Authority Key Identifier:
keyid:A1:5E:3F:97:4B:5F:97:46:56:CC:F4:D4:55:96:CA:AD:1B:90:96:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oV4_l0tfl0ZWzPTUVZbKrRuQltQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/d6a422-3612-45af-83ab-d24b68966e0e/1/Tl_webQ5I-DDAwk6Q7C0T4lb5FI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/d6a422-3612-45af-83ab-d24b68966e0e/1/oV4_l0tfl0ZWzPTUVZbKrRuQltQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.148.0/22
IPv6:
2a0b:f840::/29
Signature Algorithm: sha256WithRSAEncryption
a7:25:f8:5c:9d:a8:27:b3:f2:fa:61:04:4d:ea:49:ef:35:6f:
61:65:b8:6a:33:12:9d:e6:1f:3f:cb:ce:f2:f2:ff:e9:bc:7f:
e0:ef:43:02:4e:54:f3:a8:83:de:ec:80:f1:2f:3e:01:ba:a6:
3e:34:6b:eb:83:3d:c4:6a:a1:69:ed:c8:38:9d:1b:ca:02:52:
4f:10:09:fb:75:97:fb:88:89:c7:54:44:f8:41:72:8d:e2:3a:
16:1d:fd:be:4a:56:77:0d:43:a3:22:74:5b:a8:97:71:80:d4:
77:6c:94:6a:cc:9b:75:96:89:03:67:e9:b1:cd:8e:73:5c:b8:
c0:f0:c0:46:e0:37:7b:87:2a:6e:ea:a5:90:a9:52:45:b9:4f:
8f:5f:6c:2b:20:ce:23:05:55:4f:d3:fe:b8:b7:e2:14:46:18:
89:15:15:ea:68:07:55:be:02:d1:9c:d5:ec:0f:b2:6f:a0:89:
56:7e:da:78:c8:df:c3:90:9f:fb:c3:7e:c8:53:a1:a4:b7:69:
55:6c:74:d3:1a:d5:4d:75:32:f6:18:e3:c7:e3:e9:e6:0e:0d:
b8:e8:76:2c:f6:a0:88:d2:46:26:b1:b4:20:8c:e4:50:10:78:
05:b1:1d:90:8c:ed:cb:41:0e:10:be:d5:a2:f5:43:50:a5:d4:
c3:c0:ef:19
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlj1wHMBq9JusGNNPEFjPoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNWUzZjk3NGI1Zjk3NDY1NmNjZjRkNDU1OTZjYWFkMWI5
MDk2ZDQwHhcNMjUwMTAyMDU0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTVmZjA3OWI0MzkyM2UwYzMwMzA5M2E0M2IwYjQ0Zjg5NWJlNDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/xQEx8+NBqu2nARbF8eBVy2XPw4
NcW7cTaD/eCn1C2t8i1YaUU4E3swsWY5iaS9hqH1i22AnO1MpNHQPLJecN5oVQL2
sPy5ySDmU8L4vaT9WnR8bhw/TWGsYkVitSh/DenTEtKUllCS47eYuNpLetQTUaSZ
HSYdlpPI/+yNuaxbGWaR0UAisG3DMbM0oGaerGXPalv+sSDN7wv7ELJcBdXqVMjZ
9QgFpyLitaNmF8009KaK7iJG6SH6yqf8YNESo6aUbpcbbI6XeWLWBsJasio+CWGg
joz+ORXbMmZLMTF8XndsiJFcgdQxhUcG1xl0XZ2oZoAqnuiy4jKm59xowwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE5f8Hm0OSPgwwMJOkOwtE+JW+RSMB8GA1UdIwQY
MBaAFKFeP5dLX5dGVsz01FWWyq0bkJbUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1Y0X2wwdGZsMFpXelBUVVZaYktyUnVRbHRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9kNmE0MjItMzYxMi00NWFmLTgzYWIt
ZDI0YjY4OTY2ZTBlLzEvVGxfd2ViUTVJLUREQXdrNlE3QzBUNGxiNUZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9kNmE0MjItMzYxMi00NWFmLTgzYWItZDI0YjY4OTY2ZTBl
LzEvb1Y0X2wwdGZsMFpXelBUVVZaYktyUnVRbHRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudyUMA0E
AgACMAcDBQMqC/hAMA0GCSqGSIb3DQEBCwUAA4IBAQCnJfhcnagns/L6YQRN6knv
NW9hZbhqMxKd5h8/y87y8v/pvH/g70MCTlTzqIPe7IDxLz4BuqY+NGvrgz3EaqFp
7cg4nRvKAlJPEAn7dZf7iInHVET4QXKN4joWHf2+SlZ3DUOjInRbqJdxgNR3bJRq
zJt1lokDZ+mxzY5zXLjA8MBG4Dd7hypu6qWQqVJFuU+PX2wrIM4jBVVP0/64t+IU
RhiJFRXqaAdVvgLRnNXsD7JvoIlWftp4yN/DkJ/7w37IU6Gkt2lVbHTTGtVNdTL2
GOPH4+nmDg246HYs9qCI0kYmsbQgjORQEHgFsR2QjO3LQQ4QvtWi9UNQpdTDwO8Z
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:33:45 2025 by rpki-client