Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/TkjYBDwn4zzdUH-ut8kX5SFboQI.roa
File: TkjYBDwn4zzdUH-ut8kX5SFboQI.roa (raw, json)
Hash identifier: jyd7cX0Wn9htf6Scaz3TxSlS768AMuy2VQeEA+sX/oE=
Subject key identifier: 4E:48:D8:04:3C:27:E3:3C:DD:50:7F:AE:B7:C9:17:E5:21:5B:A1:02
Certificate issuer: /CN=aa5b471d0ba089d9e9f46c291319674fac8128d0
Certificate serial: 0191126835A7A2CAD3D0DDC1DE1375C57B23
Authority key identifier: AA:5B:47:1D:0B:A0:89:D9:E9:F4:6C:29:13:19:67:4F:AC:81:28:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qltHHQugidnp9GwpExlnT6yBKNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/TkjYBDwn4zzdUH-ut8kX5SFboQI.roa
Signing time: Fri 02 Aug 2024 09:25:04 +0000
ROA not before: Fri 02 Aug 2024 09:25:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213328
IP address blocks: 185.83.124.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:49:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:12:68:35:a7:a2:ca:d3:d0:dd:c1:de:13:75:c5:7b:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa5b471d0ba089d9e9f46c291319674fac8128d0
Validity
Not Before: Aug 2 09:25:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e48d8043c27e33cdd507faeb7c917e5215ba102
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:46:18:e1:2f:dc:c6:56:ac:7b:93:a0:b5:28:
49:eb:fd:18:ec:de:cd:4b:68:a0:4f:e2:d1:ba:74:
2a:c3:1f:31:70:39:2c:ba:8b:df:33:48:a1:4b:ca:
34:7e:58:7f:3d:cc:89:08:3a:cd:84:87:09:64:7a:
e1:eb:57:ff:07:4c:ca:8b:52:f0:f3:be:9f:1b:d9:
86:e6:b1:e0:5e:89:a0:b9:88:c7:d7:be:55:2a:af:
4a:0b:b8:a9:45:37:e7:11:c9:b1:6d:b7:4c:09:24:
5f:b8:42:ad:a4:b2:f7:19:6f:b9:2e:b7:0a:21:db:
90:30:94:f6:1d:5b:cf:a0:d8:6c:cb:4c:1b:23:89:
dc:61:f2:ba:17:cf:b8:30:56:c8:fa:30:0c:0c:fd:
01:5f:0a:0d:08:0b:fe:52:43:ec:93:50:10:f3:7b:
d1:3b:07:ae:cb:24:04:79:0c:78:ea:51:c3:88:5e:
40:2b:87:27:65:b3:f0:0e:3f:95:72:24:cd:ec:c5:
79:af:85:08:36:8d:a0:f2:6c:6c:6e:30:47:ab:be:
4b:bd:15:0d:3d:d2:0f:c1:1c:fa:af:be:03:54:b9:
a2:32:19:2d:b7:b5:f5:b7:58:f7:44:aa:0e:84:50:
7e:be:79:d5:f6:cb:0f:40:37:e2:c2:61:10:98:26:
df:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:48:D8:04:3C:27:E3:3C:DD:50:7F:AE:B7:C9:17:E5:21:5B:A1:02
X509v3 Authority Key Identifier:
keyid:AA:5B:47:1D:0B:A0:89:D9:E9:F4:6C:29:13:19:67:4F:AC:81:28:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qltHHQugidnp9GwpExlnT6yBKNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/TkjYBDwn4zzdUH-ut8kX5SFboQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.124.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:3e:70:bf:a0:c7:93:f1:5a:8a:22:a4:55:cc:5a:9c:d2:04:
51:a3:b6:2e:75:fa:9d:0b:9c:55:47:06:d7:c9:f3:ba:22:42:
e9:0d:0e:2d:83:9b:9c:0d:31:b8:56:fa:f2:37:44:88:bb:a8:
65:17:93:0b:cc:bd:92:1e:49:b0:58:ab:a6:42:24:06:d7:90:
56:51:4a:8c:4e:e6:f6:79:0b:b8:5f:60:e8:47:d4:f1:c4:63:
07:10:9e:f4:d5:79:0e:43:fd:fa:58:84:ef:ff:b7:aa:a9:7c:
f2:9e:82:b6:2d:d8:7e:67:9d:98:b7:4b:e3:98:a3:37:34:d0:
97:81:18:26:91:2f:6e:bb:53:bb:c1:94:d0:ac:95:17:68:84:
0c:a6:66:8b:c6:07:87:67:11:c8:88:9a:43:bf:80:56:18:86:
35:f9:80:9a:48:1a:14:d3:a0:bf:ac:89:e4:e0:d7:29:4f:b6:
56:bb:8e:e1:20:64:9c:e4:4b:84:bb:6f:e5:92:a1:73:09:8e:
20:fe:94:c9:d3:93:60:c5:54:7a:18:b9:1a:ef:54:b3:b6:ca:
b7:88:bb:f3:95:4e:34:54:da:73:bd:ff:6b:ab:fa:16:86:b9:
40:9f:b9:f3:68:9c:e6:a2:67:23:06:93:47:48:b5:aa:d7:6a:
2d:ed:0a:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZESaDWnosrT0N3B3hN1xXsjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNWI0NzFkMGJhMDg5ZDllOWY0NmMyOTEzMTk2NzRmYWM4
MTI4ZDAwHhcNMjQwODAyMDkyNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTQ4ZDgwNDNjMjdlMzNjZGQ1MDdmYWViN2M5MTdlNTIxNWJhMTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUYY4S/cxlase5OgtShJ6/0Y7N7N
S2igT+LRunQqwx8xcDksuovfM0ihS8o0flh/PcyJCDrNhIcJZHrh61f/B0zKi1Lw
876fG9mG5rHgXomguYjH175VKq9KC7ipRTfnEcmxbbdMCSRfuEKtpLL3GW+5LrcK
IduQMJT2HVvPoNhsy0wbI4ncYfK6F8+4MFbI+jAMDP0BXwoNCAv+UkPsk1AQ83vR
OweuyyQEeQx46lHDiF5AK4cnZbPwDj+VciTN7MV5r4UINo2g8mxsbjBHq75LvRUN
PdIPwRz6r74DVLmiMhktt7X1t1j3RKoOhFB+vnnV9ssPQDfiwmEQmCbfkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE5I2AQ8J+M83VB/rrfJF+UhW6ECMB8GA1UdIwQY
MBaAFKpbRx0LoInZ6fRsKRMZZ0+sgSjQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWx0SEhRdWdpZG5wOUd3cEV4bG5UNnlCS05BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS80YmUwMjctODhlOS00N2UzLWJiODgt
NmYyZTI1MjliZTgyLzEvVGtqWUJEd240enpkVUgtdXQ4a1g1U0Zib1FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS80YmUwMjctODhlOS00N2UzLWJiODgtNmYyZTI1MjliZTgy
LzEvcWx0SEhRdWdpZG5wOUd3cEV4bG5UNnlCS05BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuVN8MA0G
CSqGSIb3DQEBCwUAA4IBAQA6PnC/oMeT8VqKIqRVzFqc0gRRo7YudfqdC5xVRwbX
yfO6IkLpDQ4tg5ucDTG4VvryN0SIu6hlF5MLzL2SHkmwWKumQiQG15BWUUqMTub2
eQu4X2DoR9TxxGMHEJ701XkOQ/36WITv/7eqqXzynoK2Ldh+Z52Yt0vjmKM3NNCX
gRgmkS9uu1O7wZTQrJUXaIQMpmaLxgeHZxHIiJpDv4BWGIY1+YCaSBoU06C/rInk
4NcpT7ZWu47hIGSc5EuEu2/lkqFzCY4g/pTJ05NgxVR6GLka71Sztsq3iLvzlU40
VNpzvf9rq/oWhrlAn7nzaJzmomcjBpNHSLWq12ot7QrU
-----END CERTIFICATE-----
Generated at Wed Apr 23 03:45:05 2025 by rpki-client