Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/de4d0f-7f8e-4d7e-bbb0-07319c728ca2/1/TtbIgzX0D1mccB5AfAz9kKRn164.roa
File: TtbIgzX0D1mccB5AfAz9kKRn164.roa (raw, json)
Hash identifier: IJec4YaFTrLuROjzMIoAVqQCaKXNzbHE0ZsH6kVssB0=
Subject key identifier: 4E:D6:C8:83:35:F4:0F:59:9C:70:1E:40:7C:0C:FD:90:A4:67:D7:AE
Certificate issuer: /CN=7843a5381dce2877bbc351a684efcecdd613e3aa
Certificate serial: 018CC7270FD1F7B5308430BF480B237E9DB3
Authority key identifier: 78:43:A5:38:1D:CE:28:77:BB:C3:51:A6:84:EF:CE:CD:D6:13:E3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eEOlOB3OKHe7w1GmhO_OzdYT46o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/de4d0f-7f8e-4d7e-bbb0-07319c728ca2/1/TtbIgzX0D1mccB5AfAz9kKRn164.roa
Signing time: Mon 01 Jan 2024 22:31:15 +0000
ROA not before: Mon 01 Jan 2024 22:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200485
IP address blocks: 185.104.156.0/24 maxlen: 24
185.104.159.0/24 maxlen: 24
185.104.156.0/22 maxlen: 22
185.104.158.0/24 maxlen: 24
185.104.157.0/24 maxlen: 24
2a06:4200::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:0f:d1:f7:b5:30:84:30:bf:48:0b:23:7e:9d:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7843a5381dce2877bbc351a684efcecdd613e3aa
Validity
Not Before: Jan 1 22:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ed6c88335f40f599c701e407c0cfd90a467d7ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:b8:5a:18:90:b7:b6:77:47:e8:f5:23:ba:2b:
ec:3f:52:6a:96:4b:bf:38:cc:f3:b1:44:c6:ba:51:
04:4a:ca:fb:94:71:5b:36:a6:05:c9:c2:9d:5d:b5:
ad:cf:cd:d9:23:06:ff:11:b8:6a:3f:38:f4:1c:63:
34:d0:b6:aa:f8:3a:a2:22:bb:b0:d2:63:4c:96:af:
a3:33:59:b2:e4:fa:80:66:84:d0:48:20:7b:bc:7e:
98:75:48:63:2a:37:7e:c8:d6:d9:29:65:12:84:d5:
f3:2a:12:d5:c3:3d:c0:40:24:55:a9:b6:b9:cb:c9:
33:30:a7:b9:9b:e4:80:08:1f:b5:79:d1:4f:63:b4:
e3:fa:cb:1a:e4:9d:aa:de:b3:87:1c:20:71:9e:c6:
d7:e6:dd:c3:56:6f:93:4f:34:e3:70:62:d0:c7:a5:
65:e5:6f:f1:38:f7:d5:32:8e:d6:c1:bf:59:e5:28:
49:09:dc:f4:23:ad:db:fa:25:5b:b7:6e:20:eb:4c:
2d:92:52:e5:73:a9:f1:1a:94:28:30:eb:11:ca:03:
66:b2:55:65:67:06:97:d5:30:57:1a:79:c4:0c:ed:
5c:08:fe:56:3a:7f:0c:79:6a:75:54:5e:c0:b9:b2:
fd:f4:93:07:2e:d1:df:bb:ee:01:a3:64:26:c4:4e:
e4:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:D6:C8:83:35:F4:0F:59:9C:70:1E:40:7C:0C:FD:90:A4:67:D7:AE
X509v3 Authority Key Identifier:
keyid:78:43:A5:38:1D:CE:28:77:BB:C3:51:A6:84:EF:CE:CD:D6:13:E3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eEOlOB3OKHe7w1GmhO_OzdYT46o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/de4d0f-7f8e-4d7e-bbb0-07319c728ca2/1/TtbIgzX0D1mccB5AfAz9kKRn164.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/de4d0f-7f8e-4d7e-bbb0-07319c728ca2/1/eEOlOB3OKHe7w1GmhO_OzdYT46o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.156.0/22
IPv6:
2a06:4200::/29
Signature Algorithm: sha256WithRSAEncryption
2d:bb:6a:fa:f1:62:66:fa:36:cc:ea:c5:18:8b:da:de:13:49:
a3:5e:d7:b6:ea:24:a2:58:16:16:80:7f:ac:84:79:9d:2c:fa:
a1:d9:3b:06:81:7e:fa:da:2b:80:bc:bf:3b:f4:c7:27:80:be:
41:11:9a:d2:d9:0c:53:36:de:21:28:6e:eb:77:65:7a:39:ae:
24:d0:0c:e4:99:34:d6:7d:e2:8f:63:a2:96:40:8e:ee:97:5a:
a0:38:8c:fa:f2:10:97:4b:6c:34:fd:db:4a:34:1a:5f:d1:8d:
67:34:5e:16:19:57:db:fb:16:c2:04:c6:67:28:b9:21:9e:5d:
4e:95:b4:ab:d6:8f:7e:29:7c:85:74:73:1d:24:83:b8:9d:0f:
20:00:a5:55:c9:f7:95:89:70:ee:70:6c:54:ff:5f:16:fc:bf:
b4:5f:dc:9f:1c:a9:04:ae:e0:cf:6e:d0:60:e8:ec:65:9e:b3:
b3:df:09:b2:03:d2:b0:ee:9e:73:5c:74:ae:0f:0f:1d:2d:af:
c5:8e:f8:17:c2:21:c9:b9:46:0e:e7:5a:f1:0d:75:36:68:9d:
56:c2:8b:7f:a1:cc:e8:b3:ba:76:24:ad:7c:27:e1:6f:ae:48:
2c:25:18:19:dd:6f:d9:2d:ac:9d:bd:75:ae:e3:ec:84:1e:b9:
89:54:8d:2d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHJw/R97UwhDC/SAsjfp2zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4NDNhNTM4MWRjZTI4NzdiYmMzNTFhNjg0ZWZjZWNkZDYx
M2UzYWEwHhcNMjQwMTAxMjIzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWQ2Yzg4MzM1ZjQwZjU5OWM3MDFlNDA3YzBjZmQ5MGE0NjdkN2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7haGJC3tndH6PUjuivsP1Jqlku/
OMzzsUTGulEESsr7lHFbNqYFycKdXbWtz83ZIwb/EbhqPzj0HGM00Laq+DqiIruw
0mNMlq+jM1my5PqAZoTQSCB7vH6YdUhjKjd+yNbZKWUShNXzKhLVwz3AQCRVqba5
y8kzMKe5m+SACB+1edFPY7Tj+ssa5J2q3rOHHCBxnsbX5t3DVm+TTzTjcGLQx6Vl
5W/xOPfVMo7Wwb9Z5ShJCdz0I63b+iVbt24g60wtklLlc6nxGpQoMOsRygNmslVl
ZwaX1TBXGnnEDO1cCP5WOn8MeWp1VF7AubL99JMHLtHfu+4Bo2QmxE7kYQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE7WyIM19A9ZnHAeQHwM/ZCkZ9euMB8GA1UdIwQY
MBaAFHhDpTgdzih3u8NRpoTvzs3WE+OqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUVPbE9CM09LSGU3dzFHbWhPX096ZFlUNDZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9kZTRkMGYtN2Y4ZS00ZDdlLWJiYjAt
MDczMTljNzI4Y2EyLzEvVHRiSWd6WDBEMW1jY0I1QWZBejlrS1JuMTY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9kZTRkMGYtN2Y4ZS00ZDdlLWJiYjAtMDczMTljNzI4Y2Ey
LzEvZUVPbE9CM09LSGU3dzFHbWhPX096ZFlUNDZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWicMA0E
AgACMAcDBQMqBkIAMA0GCSqGSIb3DQEBCwUAA4IBAQAtu2r68WJm+jbM6sUYi9re
E0mjXte26iSiWBYWgH+shHmdLPqh2TsGgX762iuAvL879McngL5BEZrS2QxTNt4h
KG7rd2V6Oa4k0AzkmTTWfeKPY6KWQI7ul1qgOIz68hCXS2w0/dtKNBpf0Y1nNF4W
GVfb+xbCBMZnKLkhnl1OlbSr1o9+KXyFdHMdJIO4nQ8gAKVVyfeViXDucGxU/18W
/L+0X9yfHKkEruDPbtBg6OxlnrOz3wmyA9Kw7p5zXHSuDw8dLa/FjvgXwiHJuUYO
51rxDXU2aJ1Wwot/oczos7p2JK18J+FvrkgsJRgZ3W/ZLaydvXWu4+yEHrmJVI0t
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:50 2025 by rpki-client