Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/4e2c6e-f781-4394-9565-29c752cc5956/1/TANLdK_v5WugWqP50UzSZADfMwo.roa
File: TANLdK_v5WugWqP50UzSZADfMwo.roa (raw, json)
Hash identifier: b+LGU62TvotFpdpZXLc91F6xOtoiAtR9+oIq6bPwu6s=
Subject key identifier: 4C:03:4B:74:AF:EF:E5:6B:A0:5A:A3:F9:D1:4C:D2:64:00:DF:33:0A
Certificate issuer: /CN=474e6d7cebbd08212ca8c8d591ae5a06bc03b978
Certificate serial: 018CC6B93B645EE2A3C4AE4DDA4DBC895473
Authority key identifier: 47:4E:6D:7C:EB:BD:08:21:2C:A8:C8:D5:91:AE:5A:06:BC:03:B9:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R05tfOu9CCEsqMjVka5aBrwDuXg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/4e2c6e-f781-4394-9565-29c752cc5956/1/TANLdK_v5WugWqP50UzSZADfMwo.roa
Signing time: Mon 01 Jan 2024 20:31:17 +0000
ROA not before: Mon 01 Jan 2024 20:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44652
IP address blocks: 185.147.164.0/22 maxlen: 22
2a07:59c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:3b:64:5e:e2:a3:c4:ae:4d:da:4d:bc:89:54:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=474e6d7cebbd08212ca8c8d591ae5a06bc03b978
Validity
Not Before: Jan 1 20:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c034b74afefe56ba05aa3f9d14cd26400df330a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:96:93:85:f6:28:25:9b:89:74:ed:fb:59:68:
83:92:f8:9c:96:d8:8a:98:e3:2c:4e:5a:89:18:69:
12:b1:0d:49:1d:c4:7e:1f:63:2b:19:7b:f0:d3:69:
56:b7:74:25:bf:0e:32:0c:55:5e:b9:9b:78:37:3b:
9e:5d:44:5b:3f:03:d8:1c:e7:73:8f:fb:23:a0:ee:
ab:63:05:df:24:82:a8:d8:3a:9b:e3:31:8e:33:16:
aa:f6:dd:26:dd:5f:ae:60:86:cb:fa:90:58:a3:14:
7a:a0:89:c8:d0:4e:22:1b:f8:6e:32:c5:a8:cd:ec:
82:b7:44:3a:78:37:3e:e4:22:a8:c8:ed:10:2d:2d:
09:b7:91:ce:c6:17:cb:d3:88:1c:ce:df:7d:e6:52:
08:e0:36:90:57:56:8a:9b:9e:65:1e:c5:a6:06:68:
40:ad:a4:3b:e3:f1:3d:f5:3d:0b:6d:10:84:67:d3:
22:24:b6:5e:29:4a:c6:17:04:a0:46:a9:5b:29:36:
f3:2c:43:13:d8:6e:df:54:e7:a9:8a:a4:f7:75:81:
62:da:5a:02:88:a5:43:95:e8:66:25:69:37:d0:f7:
38:7a:05:06:22:50:0a:2e:ed:87:02:bb:c4:5f:6d:
06:18:76:55:9c:ab:99:7e:85:3b:63:cc:ca:a0:aa:
92:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:03:4B:74:AF:EF:E5:6B:A0:5A:A3:F9:D1:4C:D2:64:00:DF:33:0A
X509v3 Authority Key Identifier:
keyid:47:4E:6D:7C:EB:BD:08:21:2C:A8:C8:D5:91:AE:5A:06:BC:03:B9:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R05tfOu9CCEsqMjVka5aBrwDuXg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/4e2c6e-f781-4394-9565-29c752cc5956/1/TANLdK_v5WugWqP50UzSZADfMwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/4e2c6e-f781-4394-9565-29c752cc5956/1/R05tfOu9CCEsqMjVka5aBrwDuXg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.147.164.0/22
IPv6:
2a07:59c0::/29
Signature Algorithm: sha256WithRSAEncryption
49:04:22:0d:b3:a7:67:4e:fc:6e:a7:c1:09:b7:72:44:a0:80:
18:0c:55:d4:32:3a:76:f5:79:7c:5f:76:e0:aa:7e:65:a9:bc:
83:0f:6d:8f:a8:a4:22:b8:3e:79:34:ec:5a:11:fa:32:18:a2:
09:95:80:7a:c3:7d:6c:e0:d9:68:98:13:12:29:cc:64:38:25:
8e:96:b7:9a:5d:3a:bc:71:24:69:46:cf:16:60:02:cd:24:0a:
5d:19:63:1b:5b:33:0a:4e:36:7f:a3:4c:9d:24:cc:2e:62:d5:
7e:75:8c:98:ff:68:e1:ae:fd:d1:f1:ad:8a:cb:a2:e9:0e:eb:
14:e3:0a:55:6d:1a:7b:f1:56:a3:92:9b:8e:1f:0c:57:c2:66:
58:3b:c4:53:53:57:e8:70:55:1e:f7:10:7b:8e:c0:c0:00:9b:
93:bd:56:1e:95:aa:d4:68:f6:0a:7f:4c:d0:46:74:e5:a1:bf:
2e:86:97:22:ab:9a:68:c7:55:62:b8:2b:10:cd:cc:5c:27:c9:
d4:3f:20:6d:c7:b2:fe:75:16:1b:c6:2c:e1:14:86:0e:73:c1:
0e:fa:c2:33:58:0e:ac:71:02:b8:0c:47:f8:91:62:87:51:da:
fe:da:d7:ab:3e:b7:95:a9:f9:80:8d:62:10:4e:09:be:aa:ea:
56:bc:e2:33
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGuTtkXuKjxK5N2k28iVRzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3NGU2ZDdjZWJiZDA4MjEyY2E4YzhkNTkxYWU1YTA2YmMw
M2I5NzgwHhcNMjQwMTAxMjAzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzAzNGI3NGFmZWZlNTZiYTA1YWEzZjlkMTRjZDI2NDAwZGYzMzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJaThfYoJZuJdO37WWiDkvicltiK
mOMsTlqJGGkSsQ1JHcR+H2MrGXvw02lWt3Qlvw4yDFVeuZt4NzueXURbPwPYHOdz
j/sjoO6rYwXfJIKo2Dqb4zGOMxaq9t0m3V+uYIbL+pBYoxR6oInI0E4iG/huMsWo
zeyCt0Q6eDc+5CKoyO0QLS0Jt5HOxhfL04gczt995lII4DaQV1aKm55lHsWmBmhA
raQ74/E99T0LbRCEZ9MiJLZeKUrGFwSgRqlbKTbzLEMT2G7fVOepiqT3dYFi2loC
iKVDlehmJWk30Pc4egUGIlAKLu2HArvEX20GGHZVnKuZfoU7Y8zKoKqS0wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEwDS3Sv7+VroFqj+dFM0mQA3zMKMB8GA1UdIwQY
MBaAFEdObXzrvQghLKjI1ZGuWga8A7l4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjA1dGZPdTlDQ0VzcU1qVmthNWFCcndEdVhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS80ZTJjNmUtZjc4MS00Mzk0LTk1NjUt
MjljNzUyY2M1OTU2LzEvVEFOTGRLX3Y1V3VnV3FQNTBVelNaQURmTXdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS80ZTJjNmUtZjc4MS00Mzk0LTk1NjUtMjljNzUyY2M1OTU2
LzEvUjA1dGZPdTlDQ0VzcU1qVmthNWFCcndEdVhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZOkMA0E
AgACMAcDBQMqB1nAMA0GCSqGSIb3DQEBCwUAA4IBAQBJBCINs6dnTvxup8EJt3JE
oIAYDFXUMjp29Xl8X3bgqn5lqbyDD22PqKQiuD55NOxaEfoyGKIJlYB6w31s4Nlo
mBMSKcxkOCWOlreaXTq8cSRpRs8WYALNJApdGWMbWzMKTjZ/o0ydJMwuYtV+dYyY
/2jhrv3R8a2Ky6LpDusU4wpVbRp78VajkpuOHwxXwmZYO8RTU1focFUe9xB7jsDA
AJuTvVYelarUaPYKf0zQRnTlob8uhpciq5pox1ViuCsQzcxcJ8nUPyBtx7L+dRYb
xizhFIYOc8EO+sIzWA6scQK4DEf4kWKHUdr+2terPreVqfmAjWIQTgm+qupWvOIz
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:16:23 2025 by rpki-client