Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/tHD_CAab3ZIOQs0M9eSeB0tqYLc.roa
File: tHD_CAab3ZIOQs0M9eSeB0tqYLc.roa (raw, json)
Hash identifier: M+UvIx/eNMZnBcdGRM7t9t6RlNwgtg6vyKvj/xnuCD8=
Subject key identifier: B4:70:FF:08:06:9B:DD:92:0E:42:CD:0C:F5:E4:9E:07:4B:6A:60:B7
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 019533EB70D58D153F49C706BD4390E7088D
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/tHD_CAab3ZIOQs0M9eSeB0tqYLc.roa
Signing time: Sun 23 Feb 2025 17:47:02 +0000
ROA not before: Sun 23 Feb 2025 17:47:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212150
IP address blocks: 94.103.187.0/24 maxlen: 24
146.19.21.0/24 maxlen: 24
176.118.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Feb 2025 17:58:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:33:eb:70:d5:8d:15:3f:49:c7:06:bd:43:90:e7:08:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Feb 23 17:47:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b470ff08069bdd920e42cd0cf5e49e074b6a60b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b2:81:d7:b9:eb:1c:cb:a7:6b:44:00:31:d2:
2c:94:98:86:cd:51:02:83:3f:81:4d:b1:39:a6:bf:
ab:49:3b:86:4c:0e:9f:b8:07:22:4a:2d:bb:8b:04:
1b:26:0a:56:ce:3d:de:01:dd:47:ac:0b:07:db:95:
c0:f7:e1:f9:fa:62:6e:15:af:c5:5c:5c:d9:c9:71:
a0:32:af:67:ab:b8:3b:c5:4b:6c:be:05:77:a8:a6:
a8:c7:09:15:cb:83:0c:1a:72:e3:cd:ff:a6:ee:de:
77:e6:33:95:36:6b:66:7b:39:84:a0:cc:a8:cb:d7:
bf:f7:9f:cc:79:d4:2e:90:49:3c:3d:0c:4e:7b:a5:
ff:e5:36:4e:2f:36:c0:c9:c0:c1:de:e7:57:0e:c8:
06:c6:f3:dc:35:e1:3f:4b:90:c8:d3:cc:1e:b5:24:
6e:a3:cf:7d:bd:52:86:f3:6f:4b:f1:be:92:61:ad:
d4:68:96:38:ee:32:e0:cd:ff:a7:d0:4e:e5:65:b0:
9d:c3:b3:30:69:9c:11:56:6c:97:c6:e9:03:8a:f0:
cc:7a:d2:e5:84:23:48:0f:3a:84:fe:f8:b1:02:cf:
a6:2f:b1:e2:fb:7f:bc:e8:73:b1:41:13:93:7d:85:
e6:67:b7:04:17:f3:31:ee:b3:75:94:a3:86:b6:f6:
bf:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:70:FF:08:06:9B:DD:92:0E:42:CD:0C:F5:E4:9E:07:4B:6A:60:B7
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/tHD_CAab3ZIOQs0M9eSeB0tqYLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.103.187.0/24
146.19.21.0/24
176.118.33.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:01:97:e7:33:2c:58:8a:36:b8:9e:bd:72:7d:eb:e6:7d:80:
36:cc:8a:c5:97:93:0e:a1:77:39:b1:68:80:cc:9d:93:e2:63:
24:26:5e:13:c0:0d:9e:4b:8c:cf:66:69:bb:41:01:77:c6:6c:
b4:c0:13:27:e2:41:60:73:5a:b6:7c:5a:02:20:4d:8c:fa:55:
ee:43:df:45:9b:bd:02:5e:1d:48:80:d8:79:36:f8:d8:9b:4c:
46:ea:7f:32:9c:7b:06:b3:4c:e9:23:4f:2f:63:82:ed:c6:a6:
e1:8f:b2:50:6c:b1:a5:5e:f5:45:ad:16:46:0f:10:44:b6:4d:
bc:20:b3:2e:30:ce:d9:b5:74:c7:04:0e:4a:8f:39:d5:64:8f:
12:a2:38:30:95:1d:9f:34:83:1a:27:03:15:6f:fb:2f:13:38:
d3:6b:27:4d:59:29:e7:80:36:ef:4b:57:33:5d:b1:11:e6:4f:
c4:36:6c:47:98:db:1c:98:d2:34:52:45:f6:a2:93:60:31:92:
26:24:1e:76:5b:79:0d:90:e4:f4:f3:d4:cc:ba:4e:fb:f8:10:
2d:20:10:e0:d0:50:e6:4d:04:a9:ac:4a:5c:8f:7d:0b:64:ed:
3b:8e:ec:12:6c:82:f0:02:47:db:d7:52:e2:34:ae:bb:9d:a2:
bb:2e:00:dd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZUz63DVjRU/SccGvUOQ5wiNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwMjIzMTc0NzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDcwZmYwODA2OWJkZDkyMGU0MmNkMGNmNWU0OWUwNzRiNmE2MGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7KB17nrHMuna0QAMdIslJiGzVEC
gz+BTbE5pr+rSTuGTA6fuAciSi27iwQbJgpWzj3eAd1HrAsH25XA9+H5+mJuFa/F
XFzZyXGgMq9nq7g7xUtsvgV3qKaoxwkVy4MMGnLjzf+m7t535jOVNmtmezmEoMyo
y9e/95/MedQukEk8PQxOe6X/5TZOLzbAycDB3udXDsgGxvPcNeE/S5DI08wetSRu
o899vVKG829L8b6SYa3UaJY47jLgzf+n0E7lZbCdw7MwaZwRVmyXxukDivDMetLl
hCNIDzqE/vixAs+mL7Hi+3+86HOxQROTfYXmZ7cEF/Mx7rN1lKOGtva/LwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLRw/wgGm92SDkLNDPXkngdLamC3MB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvdEhEX0NBYWIzWklPUXMwTTllU2VCMHRxWUxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXme7AwQA
khMVAwQAsHYhMA0GCSqGSIb3DQEBCwUAA4IBAQCiAZfnMyxYija4nr1yfevmfYA2
zIrFl5MOoXc5sWiAzJ2T4mMkJl4TwA2eS4zPZmm7QQF3xmy0wBMn4kFgc1q2fFoC
IE2M+lXuQ99Fm70CXh1IgNh5NvjYm0xG6n8ynHsGs0zpI08vY4Ltxqbhj7JQbLGl
XvVFrRZGDxBEtk28ILMuMM7ZtXTHBA5KjznVZI8SojgwlR2fNIMaJwMVb/svEzjT
aydNWSnngDbvS1czXbER5k/ENmxHmNscmNI0UkX2opNgMZImJB52W3kNkOT089TM
uk77+BAtIBDg0FDmTQSprEpcj30LZO07juwSbILwAkfb11LiNK67naK7LgDd
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:12:19 2025 by rpki-client