Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/04b91a-e349-40cd-b901-1f13f55d0059/1/TmWiphEZuKOwz8c3F_QlQwnhCuY.roa
File: TmWiphEZuKOwz8c3F_QlQwnhCuY.roa (raw, json)
Hash identifier: ZimKqd9Nd3hH5gJcc/ozgSVbx2t6yDfPdY/1NPNWscE=
Subject key identifier: 4E:65:A2:A6:11:19:B8:A3:B0:CF:C7:37:17:F4:25:43:09:E1:0A:E6
Certificate issuer: /CN=8335444c581161c588ae84be01965bc8e83780b8
Certificate serial: 018CC79339EC0D927570EBB268C50B1AD340
Authority key identifier: 83:35:44:4C:58:11:61:C5:88:AE:84:BE:01:96:5B:C8:E8:37:80:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzVETFgRYcWIroS-AZZbyOg3gLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/04b91a-e349-40cd-b901-1f13f55d0059/1/TmWiphEZuKOwz8c3F_QlQwnhCuY.roa
Signing time: Tue 02 Jan 2024 00:29:23 +0000
ROA not before: Tue 02 Jan 2024 00:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6908
IP address blocks: 185.8.89.0/24 maxlen: 24
185.8.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:48:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:39:ec:0d:92:75:70:eb:b2:68:c5:0b:1a:d3:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8335444c581161c588ae84be01965bc8e83780b8
Validity
Not Before: Jan 2 00:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e65a2a61119b8a3b0cfc73717f4254309e10ae6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:45:78:13:a4:0d:b6:b2:0b:37:59:98:f2:01:
9a:f6:73:b3:db:de:78:60:4e:52:ed:be:9c:ff:8c:
5c:cf:a4:41:42:ac:bb:4a:c9:6c:6c:55:0c:49:28:
03:6e:58:24:25:dc:b0:fb:b5:78:e8:de:1b:91:65:
d0:7b:e3:4b:53:56:2d:08:ad:8b:2d:d6:6a:97:e4:
da:b9:f5:e9:e7:18:7d:a7:19:e9:3a:b7:4a:41:d3:
b8:b2:bc:dd:d0:ae:cb:de:e9:6b:a2:24:8a:bf:90:
00:ac:55:7d:03:73:91:ef:a6:00:2f:87:82:89:99:
3a:b4:3f:17:ad:c3:80:2c:25:e0:6e:e6:88:12:e3:
41:44:30:74:5a:cd:11:0c:b4:dc:cc:38:52:a4:79:
4a:03:74:cc:38:39:58:d2:b5:42:a1:b8:66:ac:89:
bb:71:59:ef:54:6b:d9:d9:e5:20:46:3a:3e:84:07:
4e:53:42:85:64:8d:d9:db:11:4b:ec:50:db:6e:7b:
fd:fb:20:c0:33:88:d5:48:b5:f6:46:89:ad:5e:cc:
05:9c:82:29:18:1d:02:6b:d9:19:27:3f:cd:28:96:
6e:bf:9c:13:b1:8c:5f:53:a7:91:4e:1e:0d:6f:c6:
4d:0f:f7:25:a2:ed:58:46:03:0f:3c:c0:d9:50:ac:
0b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:65:A2:A6:11:19:B8:A3:B0:CF:C7:37:17:F4:25:43:09:E1:0A:E6
X509v3 Authority Key Identifier:
keyid:83:35:44:4C:58:11:61:C5:88:AE:84:BE:01:96:5B:C8:E8:37:80:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzVETFgRYcWIroS-AZZbyOg3gLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/04b91a-e349-40cd-b901-1f13f55d0059/1/TmWiphEZuKOwz8c3F_QlQwnhCuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/04b91a-e349-40cd-b901-1f13f55d0059/1/gzVETFgRYcWIroS-AZZbyOg3gLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.8.89.0/24
185.8.91.0/24
Signature Algorithm: sha256WithRSAEncryption
66:35:99:2c:f5:bf:0c:10:7a:c8:ca:a1:db:c4:47:43:12:3b:
c8:da:d5:c6:ed:b7:a6:b3:f1:f0:1f:62:b9:23:d7:72:9d:1f:
a0:34:a5:6b:1b:23:15:78:2d:3c:1f:99:6f:d2:c1:fd:aa:c9:
c2:98:9b:27:90:0a:da:16:af:8a:96:75:63:52:88:5d:25:9a:
b4:c7:e1:b1:30:27:fb:de:08:1e:d0:92:f5:c8:8a:c0:23:f6:
97:c5:1c:3a:b2:58:5d:3c:20:5c:12:bf:73:88:61:52:f7:6f:
96:88:9f:ff:cc:42:06:fa:4e:fe:76:f8:f2:7f:08:0c:d0:9a:
36:77:80:27:86:35:a9:cd:a7:c9:38:df:b8:2a:12:f3:97:48:
4d:18:6e:03:f9:d9:f8:26:35:99:a6:9e:e8:60:57:30:f7:70:
7a:d5:6c:2e:5d:50:a1:e3:e0:ef:61:b3:82:d8:80:8a:b6:b6:
03:dd:27:b2:bf:8b:5f:82:84:46:6f:9d:ac:cf:a4:8d:9b:9c:
5a:5b:60:e5:0f:59:0a:1e:2b:7d:26:9e:a8:e2:ce:ae:74:c1:
51:52:77:24:79:a9:2b:bb:0c:43:28:f6:85:aa:3e:15:ea:04:
3c:14:36:ef:c6:d0:a4:71:0f:19:6f:0e:f1:d6:48:2b:e3:d3:
b1:fd:22:be
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHkznsDZJ1cOuyaMULGtNAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzU0NDRjNTgxMTYxYzU4OGFlODRiZTAxOTY1YmM4ZTgz
NzgwYjgwHhcNMjQwMTAyMDAyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTY1YTJhNjExMTliOGEzYjBjZmM3MzcxN2Y0MjU0MzA5ZTEwYWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0V4E6QNtrILN1mY8gGa9nOz2954
YE5S7b6c/4xcz6RBQqy7SslsbFUMSSgDblgkJdyw+7V46N4bkWXQe+NLU1YtCK2L
LdZql+TaufXp5xh9pxnpOrdKQdO4srzd0K7L3ulroiSKv5AArFV9A3OR76YAL4eC
iZk6tD8XrcOALCXgbuaIEuNBRDB0Ws0RDLTczDhSpHlKA3TMODlY0rVCobhmrIm7
cVnvVGvZ2eUgRjo+hAdOU0KFZI3Z2xFL7FDbbnv9+yDAM4jVSLX2RomtXswFnIIp
GB0Ca9kZJz/NKJZuv5wTsYxfU6eRTh4Nb8ZND/clou1YRgMPPMDZUKwLSwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE5loqYRGbijsM/HNxf0JUMJ4QrmMB8GA1UdIwQY
MBaAFIM1RExYEWHFiK6EvgGWW8joN4C4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pWRVRGZ1JZY1dJcm9TLUFaWmJ5T2czZ0xnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wNGI5MWEtZTM0OS00MGNkLWI5MDEt
MWYxM2Y1NWQwMDU5LzEvVG1XaXBoRVp1S093ejhjM0ZfUWxRd25oQ3VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wNGI5MWEtZTM0OS00MGNkLWI5MDEtMWYxM2Y1NWQwMDU5
LzEvZ3pWRVRGZ1JZY1dJcm9TLUFaWmJ5T2czZ0xnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuQhZAwQA
uQhbMA0GCSqGSIb3DQEBCwUAA4IBAQBmNZks9b8MEHrIyqHbxEdDEjvI2tXG7bem
s/HwH2K5I9dynR+gNKVrGyMVeC08H5lv0sH9qsnCmJsnkAraFq+KlnVjUohdJZq0
x+GxMCf73gge0JL1yIrAI/aXxRw6slhdPCBcEr9ziGFS92+WiJ//zEIG+k7+dvjy
fwgM0Jo2d4AnhjWpzafJON+4KhLzl0hNGG4D+dn4JjWZpp7oYFcw93B61WwuXVCh
4+DvYbOC2ICKtrYD3Seyv4tfgoRGb52sz6SNm5xaW2DlD1kKHit9Jp6o4s6udMFR
UnckeakruwxDKPaFqj4V6gQ8FDbvxtCkcQ8Zbw7x1kgr49Ox/SK+
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:47 2025 by rpki-client